Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security

Similar documents
Cybersecurity: Ongoing Challenges and Increasing Threats (Medium and Large Firm Focus) Wednesday, May 25 10:00 a.m. 11:00 a.m.

Steps to Take Now to be Ready if Your Organization is Breached Thursday, February 22 2:30 p.m. 3:30 p.m.

Fundamentals of Cybersecurity Controls Thursday, February 11 10:00 a.m. 11:00 a.m.

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

Chief Compliance Officer s (CCO s) Role in Cybersecurity Thursday, February 22 10:00 a.m. 11:00 a.m.

Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.

Investigating Insider Threats

Effective Practices for Insider Threats and Third-Party Risk Management Thursday, February 22 10:00 a.m. 11:00 a.m.

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ

NYDFS Cybersecurity Regulations

The Widening Talent Gap: The greatest security challenge of our time

Cybersecurity & Privacy Enhancements

NERC Staff Organization Chart Budget 2019

Qualification Examination Program Restructure and Regulatory Continuing Education (CE) Program Changes Tuesday, October 9 1:00 p.m. 2:00 p.m.

NERC Staff Organization Chart Budget 2017

Cybersecurity and the Board of Directors

NERC Staff Organization Chart Budget 2019

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

NERC Staff Organization Chart Budget 2017

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

Institute of Internal Auditors 2019 CONNECT WITH THE IIA CHICAGO #IIACHI

NERC Staff Organization Chart

NERC Staff Organization Chart Budget 2018

SAILER FINANCIAL, LLC

Cyber Risks, Coverage, and the Board of Directors.

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

Defensible Security DefSec 101

Global Statement of Business Continuity

CYBERSECURITY TRAINING EXERCISE KMU TRAINING CENTER NOVEMBER 7, 2017

Anatomy of a Data Breach: A Practical Guide for Small Law Departments

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

Les joies et les peines de la transformation numérique

John Snare Chair Standards Australia Committee IT/12/4

Cyber 360: The Business Law Update

Financial Regulations, Enforcement & Cybersecurity

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

NY State s Cybersecurity Legislation Requirements for Risk Management, Security of Applications, and the Appointed CISO

M.S. IN INFORMATION ASSURANCE MAJOR: CYBERSECURITY. Graduate Program

Department of Management Services REQUEST FOR INFORMATION

NYDFS Cybersecurity Regulations: What do they mean? What is their impact?

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

Government Resolution No of February 15, Resolution: Advancing National Regulation and Governmental Leadership in Cyber Security

SOC 2 examinations and SOC for Cybersecurity examinations: Understanding the key distinctions

Advising the C-Suite and Boards of Directors on Cybersecurity. February 11, 2015

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

Cybersecurity: Federalism as Defense-in-Depth

Article II - Standards Section V - Continuing Education Requirements

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Standing Together for Financial Industry Resilience Quantum Dawn IV after-action report June 2018

Global Security Consulting Services, compliancy and risk asessment services

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Auditors Oversight Bodies and Auditing and Accounting Standards Setters in Japan. May 2005 Financial Services Agency, Japan

Memphis Chapter. President s Message. This annual event is designed to provide students with a

COMMENTARY. Federal Banking Agencies Propose Enhanced Cyber Risk Management Standards

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers

Government-Industry-Academic Partnerships UW Bothell Cybersecurity Pilot

Solutions Technology, Inc. (STI) Corporate Capability Brief

Update on the Key Initiatives Recommended by NTT Data regarding the Agency Cyber Security Framework

UNITED STATES OFFICE OF PERSONNEL MANAGEMENT

A Global Look at IT Audit Best Practices

IT Audit Process Prof. Liang Yao Week Two IT Audit Function

How Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner

ASSEMBLY, No STATE OF NEW JERSEY. 217th LEGISLATURE INTRODUCED FEBRUARY 4, 2016

UNITED STATES OF AMERICA BEFORE THE FEDERAL COMMUNICATIONS COMMISSION WASHINGTON, DC 20554

Master of Science (MS) in Information Assurance and Cybersecurity with a specialization in. Health Care Security

Hacking and Cyber Espionage

IT Audit Essentials. Date: 10 th 12 th March 2015 Time: 9 am to 5.30 pm Venue: Iverson Associates, Center Point Bandar Utama, Kuala Lumpur

NERC Staff Organization Chart Budget

Sage Data Security Services Directory

Standing Together for Financial Industry Resilience Quantum Dawn 3 After-Action Report. November 19, 2015

DATA BREACH NUTS AND BOLTS

BENEFITS of MEMBERSHIP FOR YOUR INSTITUTION

CISI - International Introduction to Securities & Investment Study Support Training EUROPE MIDDLE EAST & NORTH AFRICA ASIA

Jeff Marron, IT Specialist Security National Institute of Standards and Technology (NIST)

SOC for cybersecurity

Managing Cyber Risk. Robert Entin Executive Vice President Chief Information Officer Vornado Realty Trust

The Policy Forum at AT&T

How Secure is Blockchain? June 6 th, 2017

NYS DFS Cybersecurity Requirements. Stephen Head Senior Manager Risk Advisory Services

Training and Certifying Security Testers Beyond Penetration Testing

DUNS CAGE 5T5C3

2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager

RISK MANAGEMENT Education and Certification

Cyber Security in M&A. Joshua Stone, CIA, CFE, CISA

Venue : Conference Hall, Second Floor YMCA Building Jai Singh Marg, Connaught Place, New Delhi

CYBERSECURITY. The Intersection of Policy and Technology YOU RE HERE TO MAKE A DIFFERENCE ṢM

2018 Government Professional Accounting Seminar

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

NERC Staff Organization Chart 2015 Budget

Electricity Sub-Sector Coordinating Council Charter FINAL DISCUSSION DRAFT 7/9/2013

Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect

Protecting your data. EY s approach to data privacy and information security

J & B Hartigan, Inc. Carrollton VA ABOUT US

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Security and Privacy Governance Program Guidelines

CYBERSECURITY. Protecting Against the Financial, Regulatory and Reputational Impacts of Cyber Attack

300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0

National Policy and Guiding Principles

Cyber and Supply Chain Policy Issues

Transcription:

Plenary Session: Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts Thursday, February 22 3:45 p.m. 4:45 p.m. With recent high-profile data breaches, cybersecurity continues to be a frequent hot topic within the financial services industry. During this session, panelists answer your questions related to the cybersecurity regulatory landscape, insider threats and other important issues. You will hear their perspectives on effective practices and helpful tips they have identified. Moderator: John Brady Vice President and Chief Information Security Officer FINRA Technology, Cyber & Information Security Panelists: Christopher Hetner Senior Cybersecurity Advisor to the Chairman U.S. Securities and Exchange Commission (SEC) Brian Peretti, Esq. Director for the Office of Critical Infrastructure Protection and Compliance Policy U.S. Department of Treasury John Zecca Senior Vice President of MarketWatch, Head of Market Regulation for the U.S. Markets and Chief Regulatory Officer Nasdaq, Inc. 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 1

Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts Panelist Bios: Moderator: John Brady is Vice President in Technology for Cyber and Information Security for FINRA, and is the organization s Chief Information Security Officer (CISO). In this capacity, he is responsible for all aspects of FINRA s information and cyber security programs, as well as ensures compliance with related laws and regulations. He oversees staff focused in four primary information security areas: security architecture and controls, security management tools, application security, and identity management. Mr. Brady, along with counterparts in FINRA s Data Privacy Office, establishes policy and technical controls to ensure information is appropriately protected throughout its lifecycle. He began his career with FINRA more than 10 years ago as the Director of Networks and Firewalls. He then broadened and deepened his technical knowledge by taking on responsibility for server and storage infrastructure, where he led system engineering efforts to expand capacity and performance of Market Regulation systems in response to data volumes growing more than 40 percent year over year. Mr. Brady recently led the establishment, design, and implementation of FINRA s new data centers and the seamless migration of more than 175 applications from an outsourcer to those new data centers. Prior to the commencement of his work with FINRA in October 2002, Mr. Brady was Director of Networks at VeriSign from 2000 to 2002 and Network Solutions from 1998 to 2000. From 1995 to 1998, he built and operated Citibank s Internet Web and email services as Vice President, Internet Services. From 1993 to 1995, Mr. Brady worked for Sun Microsystems as Senior Consultant, where he built integrated network systems for prominent customers. Mr. Brady began his professional career as a member of technical staff at The Aerospace Corporation from 1987 to 1993, designing satellite systems and command and control networks for the Air Force Space Command. Mr. Brady holds a bachelor s degree in Computer and Electrical Engineering from Purdue University of West Lafayette in Indiana, and a master s degree in Industrial Engineering and Operations Research from the University of California at Berkeley. He also is an (ISC)2 Certified Information Systems Security Professional (CISSP). Panelists: Christopher Hetner is Senior Advisor to the Securities and Exchange Commission Chairman on Cybersecurity. In this role he is responsible for leading efforts across the agency to address cybersecurity policy, uplifting the SEC s internal cybersecurity capabilities, engaging with external stakeholders and further enhancing the SEC s mechanisms for assessing broad-based market risk. Mr. Hetner is also a leading member of the US Treasury Financial Banking Information Infrastructure Committee where he provides leadership across a range of cybersecurity programs impacting the financial services sector. Mr. Hetner has more than 25 years of experience in Cybersecurity, Risk Management and Regulatory Compliance. Prior to his current role he led Cybersecurity for the Technology Control Program within the Office of Compliance Inspections and Examinations. He joins the SEC from Ernst and Young (EY) where he led the Wealth and Asset Management Sector Cybersecurity practice. At EY, his team advised and delivered cybersecurity and risk management capabilities across major financial services firms. In addition to leading the practice, Mr. Hetner served as a senior advisor to a wide range of corporate directors and executive management. Prior to joining EY he was the Chief Information Security Officer (CISO) at GE Capital where he was responsible for building and leading the global Cybersecurity program. He led a global organizational cybersecurity uplift that significantly improved GE Capital s risk posture. Prior to GE Capital Mr. Hetner was responsible for leading global information security programs and operations for Citi s Capital Markets and Investment banking unit. Mr. Hetner developed capabilities that transformed how Citi integrated information security into business operations while meeting regulatory compliance requirements. Mr. Hetner holds industry-leading certifications including the CISSP (Certified Information Systems Security Professional), NSA INFOSEC Assessment Certification and CISM (Certified Information Security Manager). He earned a M.S. in Information Assurance cum laude from Norwich University and a B.S in Security Management from John Jay College of Criminal Justice The City University of New York. Brian J. Peretti, Esq., is Director for the Office of Critical Infrastructure Protection and Compliance Policy at the United States Department of the Treasury located in Washington, D.C. At the Department of the Treasury, Mr. Peretti supervises the planning, evaluating and implementation of information security, information assurance, and risk management policies related to critical infrastructure protection, cyber security and 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 2

homeland security. He leads the efforts of the Financial and Banking Information Infrastructure Committee (FBIIC), an interagency organization chartered under the President's Working Group for Financial Markets composed of 18 federal and state financial regulatory agencies. He is the relationship manager to the Departments of Homeland Security, Energy, Transportation, Justice, Defense and the Intelligence Community Homeland Security issues. He represents the Treasury on various interagency groups, including Cyber Interagency Planning Committee (Cyber IPC), the National Cyber Response Coordination Group, and the National CIP R & D draft group. He is the emergency coordinator for the Treasury s Domestic Finance area, where he leads efforts in the areas of business continuity and disaster recovery. He directs the Treasury s effort to implement a Research and Development agenda, created in coordination with the financial services sector, to address technology issues. He has lectured extensively and has authored six books on topics related to financial institutions, including, most recently, co-authoring with Barkley Clark and Mark Hargrave Compliance Guide to Payment Systems: Law and Regulations. Prior to joining the Treasury Department, Mr. Peretti was an associate in Shook, Hardy & Bacon s Corporate Banking and Finance Section in Washington, D.C. Prior to that position, Mr. Peretti was General Counsel for the Wright Patman Congressional Federal Credit Union, which serves the U.S. House of Representatives and associated groups. Mr. Peretti received his bachelor s degree from Rider University cum laude in 1989 and his law degree from American University, Washington College of Law cum laude in 1992. John Zecca is Senior Vice President of MarketWatch and Head of Market Regulation of the U.S. Markets operated by Nasdaq, Inc. He is also chief regulatory officer of several national securities exchanges and served as chairman of Nasdaq s Global Risk Steering Committee until January 2017. In these capacities, he oversees a team of regulatory analysts, programmers and attorneys responsible for maintaining fair and orderly markets and for compliance by Nasdaq s registered broker dealers. He also oversees regulatory services performed by FINRA for Nasdaq s markets. Mr. Zecca previously served as Nasdaq s senior corporate counsel and was responsible for public company compliance and mergers and acquisitions. He is a frequent speaker on market regulation, corporate governance and Sarbanes-Oxley issues. Prior to joining Nasdaq, Mr. Zecca served as legal counsel to an SEC commissioned and in the SEC s Office of General Counsel. He practiced corporate securities law at the firms of Hogan & Hartson (now Hogan Lovells) and Kaye Scholer. He served as law clerk for Hon. John H. Pratt of the United States District Court for the District of Columbia. 2018 Financial Industry Regulatory Authority, Inc. All rights reserved. 3

2018 Cybersecurity Conference February 22 New York, NY Plenary Session: Cybersecurity the Current Regulatory Environment: Insight from Regulators and Industry Experts

Panelists Moderator John Brady, Vice President and Chief Information Security Officer, FINRA Technology, Cyber & Information Security Panelists Christopher Hetner, Senior Cybersecurity Advisor to the Chairman, U.S. Securities and Exchange Commission (SEC) Brian Peretti, Esq., Director for the Office of Critical Infrastructure Protection and Compliance Policy, U.S. Department of Treasury John Zecca, Senior Vice President of MarketWatch, Head of Market Regulation for the U.S. Markets and Chief Regulatory Officer, Nasdaq, Inc. FINRA Cybersecurity Conference 2018 FINRA. All rights reserved. 1

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback