VIP Reception - Monday, October 20, 2014
|5:30 PM – 6:15 PM
||Check In and Networking
|6:15 PM – 6:20 PM
|6:20 PM – 6:25 PM
||Keynote Introduction - Michael C. McCarthy
Michael C. McCarthy, Partner, Member of Firm Governance Committee, Maslon Edelman Borman & Brand, LLP
|6:25 PM – 6:40 PM
||Keynote Speaker —
|6:40 PM – 6:55 PM
||Keynote Speaker — Stewart A. Baker
Stewart A. Baker, Partner, Steptoe & Johnson LLP, Washington DC; Former Assistant Secretary of Homeland Security and Former General Counsel, National Security Agency
|7:05 PM – 7:30 PM
Tuesday, October 21, 2014
||Check-in Begins + Networking Breakfast
|8:15 – 9:15 am
||Opening Remarks - The Ever Changing Threat Landscape
In today’s ever changing threat landscape, you want your IT environment to be secure. We will walk you through various security vectors and how cyber criminals obtain access to your valuable data that can mean disaster for your brand’s reputation. Learn what the latest and most popular threats are and how you can avoid them. Gain knowledge and understanding that one security product can only protect you at specific entry points. In order to create a fortress for your IT environment you will need multiple layers of security defense to keep cyber criminals out.
From managing increased IT workloads that continue to transform the business to adopting new mobile devices and applications that live in the cloud to securing a "borderless" border with an ever-changing threat landscape, IT professionals are faced with a daunting task: Making information readily available while keeping it secure. By adopting an intelligent, information-centric approach to your organization’s data, you can be confident your critical information is secure.
Brought to you by Symantec
|9:15 – 10:10 am
||Keynote - What the Cyber Security Crisis Means for American Business
|10:30 – 11:45 am
||Panel Discussion - Year of the Large Scale Breach “Crimeware as a Service”
Large-scale criminal cyber activity has reached new levels of sophistication with malware vendors providing malicious code for targeted use. This “Crimeware as a Service” provides well-designed, configurable malware complete with customer support and periodic upgrades and bug fixes. The customers for this malicious code are sophisticated criminals, organized crime, and nation states intent on stealing funds and critical intellectual property.
Brad Rossiter, MS, CISSP, CRISC, CISA, Principle Security Architect, Verizon Security Solutions
Lance James, Head of Cyber Intelligence, Deloitte & Touche LLP
|1:15 – 1:30 pm
|1:30 – 2:45 PM
||Panel Discussion - Liability
See a case study and learn first-hand from what one company experienced when they filed for reimbursement following a cyber security incident. Explore ways to approach a Board of Directors with an incident/breach without creating liability for the CEO, directors, or managers. Learn exclusions; triggers organizations do that result in denied coverage.
Moderator: Eran Kahana, Attorney, Maslon Edelman Borman & Brand, LLP
Panelist: L. Keith Burkhardt, Vice President, Kraus-Anderson Insurance
Panelist: Douglas DeGrote, CISO and director of IT Security & Risk Management, Xcel Energy
Panelist: Scott Singer, Chief Security and Information Officer, PaR Systems, Inc.
|3:00 – 4:00 PM
||Keynote - Cyber Security: A Team Effort
Brian Levine, a prosecutor with the Computer Crime and Intellectual Property Section of the U.S. Department of Justice, will discuss recent trends in cybercrime and the current cyber threat environment. He will address how the private sector can work collaboratively with law enforcement to reduce the cyber threat, catch the criminals, and mitigate loss. He will also provide examples of successful strategies to help minimize risk from hackers and insider threats.
Brian L. Levine, Prosecutor, Department of Justice, Computer Crime and Intellectual Property Section (CCIPS)
|4:00 – 6:00 PM
||Opening of Exhibit Area, Reception, Book Signing
Wednesday, October 22, 2014
|7:15 – 8:15 am
As a CEO, how do you develop the next generation of information security leaders who will protect your company from an increasing number of cyber security threats? Currently, many who rise through the information technology ranks have the necessary technical background to succeed but lack awareness of the broader business issues that today's IT leaders must contend with. This panel of current IT executives will discuss the issues they face today and the qualities that will be required for the leaders of tomorrow. They will also explain why business professionals must start to understand that cyber security is not just an IT issue, it is an important factor that needs to be woven into everyday management practices.
Souheil Badran, Senior Vice President and General Manager, Digital River Digital River World Payments
Mike Johnson MSST, CISM, Chief Information Security Officer/Operations Risk Director, Bremer Financial Services, Inc
Dave Notch, Director of Information Protection and Business Resilience, Advisory Services, KPMG
|7:30 – 8:30 am
|9:40 – 10:40 am
||Break in Exhibit Area
|10:40 am– 12:00 PM
Panel Discussion - Beyond Passwords: Something You Have, Something You Know, Something You Are
When a cyber security breach occurs, often one of the first questions asked is, "Did they get any passwords?" The reason is simple: a password is frequently the only thing that stands between criminals and our confidential data, financial information or other sensitive online documents.
For years, passwords have provided a sense of security online, but today the question is whether a password alone is enough. A panel of experts will address that question. Advances in biometrics and security tokens can offer an additional layer of security and are already being embraced by some large financial institutions.
Moderator: Andrew Borene, Attorney, Steptoe & Johnson LLP
Panelist: Brett Beranek, Senior Principle, Solutions Marketing Manager, Nuance Communications, Inc.
Panelist: Jay Meier, Vice President of Corporate Development, BIO-key International, Inc.
Panelist: John Rome, CEO and Co- Founder, Intensity Analytics Corporation
The United States has developed over the years, an incredibly powerful and complex information technology (IT) infrastructure—an infrastructure that is inexorably linked to the economic and national security interests of the Nation. The total dependence on IT infrastructure for mission and business success in both the public and private sectors, including the critical infrastructure, has left the Nation extremely vulnerable to hostile cyber-attacks and other serious threat events, including natural disasters, structural/component failures, and errors of omission and commission. The susceptibility to the cyber threat is a concern for both public and private networks. In light of the current state of the IT infrastructure, it will be important going forward to build an effective response to measurably increase confidence in the IT systems we depend on (public and private) and at the same time, decrease a would-be attacker's confidence in the effectiveness of their capabilities to compromise our systems.
Ron Ross, Fellow, National Institute of Standards and Technology (NIST), Information Technology laboratory, Computer Security Division
|2:15 – 3:30 PM
||Panel Discussion - Cyber Resiliency - Preparing for the Inevitable
Increasingly, cyber security professionals are focusing on cyber resiliency. Even organizations with the best security programs are at risk of being exploited, and must be prepared to respond to the inevitable, successful attack. Cyber resiliency starts with prevention and preparedness, but goes beyond, focusing on how well, and how quickly, an organization can recover from an incident. This idea of cyber resiliency started gaining traction prior to the massive Target breach, but has since gained more attention. The panel will discuss what it means to be resilient, and how organizations can develop comprehensive risk-managed cost-effective resiliency frameworks. These frameworks span the entire enterprise (internal and external stakeholders, including operational, legal, financial, technological, and PR/marketing), and address resiliency from early detection and prevention, to crisis management and rapid recovery.
Moderator: Philip Schenkenberg, J.D., Attorney, Director, and Shareholder, Briggs and Morgan, P.A.
Panelist: Dr. Massoud Amin, Director, Technological Leadership Institute, University of Minnesota
Panelist: Loren Dealy Mahler, Vice President Corporate Communications, MWW Group
Panelist: Jeremy Wunsch, Fouder & CEO, LuciData Inc.
|3:30 – 4:15 PM
||Break in Exhibit Area
It seems that nearly every day, the headlines announce a new security breach impacting yet another company. With such a steady stream of incidents, why do some stories seem to grow legs and drag on long after the incident has occurred, while others are mere blips on the radar? The answer oftentimes has to do with the company’s own reaction. Whether in the strategic development of an incident response plan or in the frantic aftermath of a breach, it’s often easy to overlook the potential damage to your most valuable asset – your corporate reputation. How then can you take steps both before and after to mitigate that impact, even while you’re throwing all your resources at preserving more tangible assets? Loren will walk through key lessons learned from recent high-profile data breaches, and discuss how you can apply them to your own preparation and response planning.
Loren Dealy Mahler, Vice President Corporate Communications, MWW Group
||Post-Event Networking at Beacon Public House