Pre-Event - Monday, October 21
|5:30 PM – 7:30 PM||VIP Reception|
VIP Reception attended by select sponsors, speakers, and industry leaders. The event starts at 5:30 and the program will include high-level networking and keynote presentations.
Day One - Tuesday, October 22 — Setting the Stage
|7:30 AM – 8:00 AM||Registration + Networking Breakfast|
|8:00 AM – 8:20 AM||Welcome + Introduction|
The third annual Cyber Security Summit will kick-off with welcoming all the participants to this groundbreaking event. We will highlight the Summit’s mission to establish a multi-stakeholder consortium that brings together industry, government and academic interests in an effort to improve the state of cyber security on both a domestic and international level, as well as provide an introduction to what the audience can expect for the two-day Summit.
|8:20 AM – 9:15 AM||Implementing The Cyber Security Framework (Keynote)|
Through the recent Executive Order - Improving Critical Infrastructure Cyber Security, the President has tasked the National Institute of Standards and Technology (NIST) to lead the development of a voluntary and scalable cross-sector framework to reduce cyber risks. Summit attendees will receive the latest update on the framework development, set to be published this October, directly from NIST Fellow, Dr. Ron Ross. In addition, Dr. Ross will share federal perspectives on FISMA; the National Cybersecurity Center of Excellence (NCCOE); Security Engineering and Enterprise Architecture initiatives; continuous monitoring; and the advanced persistent threat. This keynote will set the stage for the need for multi-stakeholder solutions for industry and government challenges.
|9:15 AM – 10:30 AM||Threat to the CEOs-Plausible Deniability vs. Safeguarding Shareholder Interests (Panel Discussion)|
As the link between cyber attacks and lost customers, revenue, and profits has become clear in the last year, taking cover in plausible deniability is no longer an option. Boards are ultimately accountable for the health of their organizations thus compelling them to respond with a new business vision – one that incorporates cyber risk realities and allows organizations to align in ways that fully consider cyber threats and their impact on customers, revenues, and profits. Now more than ever, CEO’s must engage their CIO, CISO, and IT professionals to find new ways forward. What is the best way for CIOs and CISOs to engage in the board room? What are the most important cyber security topics that boards need to know about? How can CIOs and CISOs gain CEO and board-level attention? What personal exposure do you and all other officers have? What are the best role allocations to achieve synergy in the C-suite? This panel will explore these questions and more so you can be ready for your increasing role and visibility within your organization.
Sponsored by: Maslon Edelman Borman & Brand, LLP
|10:30 AM – 10:45 AM||Break|
|10:45 AM – 12:00 PM||Increasing Risk Intelligence Up and Down the Enterprise (Panel Discussion)|
We live in an increasingly digitized economy. Consequently, cyber damage can manifest significant physical and economic losses worldwide. However, the connection between cyber disruptions and physical repercussions continues to be underestimated and poor decision making remains - creating an uphill battle for CIOs, CISOs, and Program Managers who desire to align business activities and assets with the ‘true risk’ of cyber. What new risk management strategies can we deploy to drive better decision making throughout all levels of an organization? What is the best way to determine ‘true risk’? How are legal trends impacting ‘true risk’? How should CIOs and CISOs engage in corporate risk councils? What skills and workforce gaps must be filled? Allow our expert panelists to share their perspectives and as you return from the Summit you will be ready to implement new strategies, increase the risk IQ inside your organization, and fully prepare your enterprise for its sustainable future.
Sponsored by: Briggs and Morgan, PA
|12:00 PM – 1:30 PM||Networking Lunch Break in Exhibit Area|
|1:30 PM – 2:30 PM||Healthcare – Security Framework and Solutions (Keynote)|
Digital health is changing the way that doctors and patients interact and health information exchanges are being created to enable access to electronic medical records across organizations. How will this data be secured and protected? How will the systems be secured? The National Cybersecurity Center of Excellence (NCCoE) Deputy Director, Nate Lesser, will share the center’s strategy and business model in relation to the healthcare cases under development. Barry Caplin, Chief Information Security Officer at Fairview Health Services, will share his insights on how cyber security protocols, procedures, and controls have been architected into the Health Information Exchange (HIX) platform.
Keynote introduction by Curt Scarce, Account Executive, AirWatch
Sponsored by: Airwatch
|2:30 PM – 4:00 PM||
Privacy and Security – Two Sides of the Same Coin (Panel Discussion)
Online accounts are being compromised at a dramatic rate and the password is no longer a viable form of authentication for many transactions. Alternative two-factor technologies such as one-time tokens, digital certificates, smart cards, and biometrics present new options to replace the password; however, under what circumstances does stronger authentication strategies encroach too far on privacy? At what point should privacy trump security? What are the economic and legal forces at play? In this panel experts with vastly different views about security and privacy will debate their perspectives so you can form new insights with a 360 degree view, gauge the balance in your own organization, and consider the opportunities created as the pendulum swings.
Sponsored by: Cardinal Stritch University
|4:00 PM – 4:20 PM||Cyber Security – A National Security Perspective|
|4:20 PM – 5:15 PM||Cyber Risk Prioritization and Preparedness — a Global Risk Perspective (Keynote)|
Given the expanding number of well publicized cyber attacks for various motivational reasons on an expanding range of targets, it is hardly surprising to find that cyber risk has significantly ascended in the risk rankings. According to the recently published Lloyd’s Risk Index 2013, cyber risk is now the world’s number three risk, and for North America, it is number two. However, while the C-suite is increasingly recognizing and prioritizing cyber risk, is it being adequately informed in how prepared it is to deal with this risk? Does it know what else it needs to do to ensure that its preparedness is up to the task of managing this complex risk? In this presentation we will examine the findings of Lloyd’s and other surveys and research to address these questions, and in doing so, highlight areas where further remediation is likely to be required, seek to demonstrate how this remediation can also help reduce other risks, and illuminate the consequences of organisations resting on their laurels through ineffective cyber risk management.
Keynote introduction by Chris Lyons, VP of Business Services, Comcast Business, Twin Cities Region
Sponsored by: Comcast Business
|5:15 PM – 6:30 PM||Closing Reception in Exhibit Hall|
Day Two - Wednesday, October 23 — Solutions for Action
|7:00 AM – 8:00 AM||Registration + Networking Breakfast in Exhibit Area|
|8:00 AM – 8:20 AM||Welcome + Day One Review + Day Two Forecast|
|8:20 AM – 9:15 AM||Changing Paradigms of How to Live and Thrive in Cyberspace
Numerous organizations have experienced significant attacks and breaches involving both public and private sectors. Today, the world faces increasingly serious consequences of a cyber-breach within critical infrastructures, including banking and finance, energy, telecommunications, and essential government services. We’ve entered an age of interdependence. This presentation will provide insights into critical areas of cyber security affecting government, industry, and academic leaders throughout world. It will also highlight the progress being made both domestically and internationally through cooperation, including: government, business, and educational imperatives; how to address issues involving cyber war and the possibility of cyber terrorism; and advancements internationally that have been made in areas such as rules for governing cyber conflict, fighting spam to build trust, priority international communications, and improving the reliability of undersea cables that carry 99% of global Internet communications.
Keynote introduction by Walt Swanson, Information Security Manager, Minnesota State Colleges and Universities
Sponsored by: Deloitte & Touche, LLP
|9:15 AM – 10:30 AM||Creating a Better Intelligence Pipeline - Next Generation Threat and Risk Intelligence Sharing (Panel Discussion)|
Sponsored by: PwC
|10:30 AM – 10:45 AM||Break|
|10:45 AM – 12:00 PM||Leveraging the Cloud – Aligning priorities of CFOs, CIOs, and CISOs
Cloud-based applications are often the darling of the CFO and the nemesis of the CISO. How can an organization migrate to the cloud, thus relinquishing control, but still maintain security? Are we sacrificing security and robustness in exchange for other priorities? How do ‘Snowden’ disclosures change the legal and risk nature of cloud decision making and governance? What can proactive cloud providers do to capture the opportunity in the disruption? The panel will explore these topics and more to provide the cutting edge thinking and perspectives you need to shape your own cloud strategies in ways that balance multiple priorities.
|12:00 PM – 1:15 PM||Networking Lunch Break in Exhibit Area|
|1:15 PM – 2:15 PM||The Hidden Risks of Mobile Applications to Your Organization (Keynote)|
From physical breaches to the rise of the internet, the threat from hackers is still relevant and ever increasing. While companies need to remember the basics and remain prepared for the number of physical breaches that occur, in the day of BYOD, mobile applications are becoming a major security threat to organizations and they don’t even know it yet. While many people talk about the potential risks of mobile devices, often the true impact of these risks is not understood. Over the last few years, Stickley has written mobile applications that allow him to hack into users’ online accounts such as online banking, PayPal, and Amazon, and he has designed other apps to attack computers through a home or business network using a simple Wi-Fi connection. In this session, attendees will see real-world examples of how mobile applications can be written to be malicious and explore the damage a skilled criminal can cause. While many of these risks do not have simple fixes, Stickley will provide advice for organizations to reduce their exposure, including what to look for in application settings when downloading new applications to a mobile device, the type of intrusions in the current mobile technology landscape, how to best educate their organization’s internal employees, and best practices and policies for organizations to reduce their risk exposure.
Sponsored by: Atomic Data
|2:15 PM – 3:30 PM||New Ways to Crack the ‘Affordability’ Aspects of Security (Panel Discussion)|
The “cost” of better security has often been the single largest deterrent to achieving better security. We all know there are only two ways to fix this - lower the ‘bottom line’ or increase the ‘top line.’ In this panel you will uncover new strategies that move the dial at both ends. This panel will cover the maturing cyber insurance industry and how it is creating opportunities to significantly lower the cost of security, where insurance stops and what steps must be taken to be insurable, and how to re-think business strategy and planning to integrate cyber in ways that create opportunity, capture larger market share, and even enter new markets.
|3:30 PM – 3:40 PM||Break|
|3:40 PM – 4:40 PM||Cyber Security and the Evolving Role of “On-the-Ground” Response Teams (Keynote)|
Over the past 100 years, as public safety threats have evolved, so have the roles and responsibilities of “on-the-ground” response and recovery teams. Our public safety, homeland security, and emergency management process and procedures are highly robust for responding to public safety emergencies and natural disasters. As Sheriff Stanek will address in his presentation, as the cyber security threat continues to grow, there is a compelling need to reassess our emergency response strategies for a cyber event.
Keynote introduction by Will Brannan, Sr. Sales Engineer, McAfee
Sponsored by: McAfee
|4:40 PM – 5:00 PM||Closing Remarks|