CISO Summit | March 25 - 27, 2018 | Miami, FL, USA

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Sunday, March 25, 2018 - CISO Summit

10:00 am - 2:00 pm

Optional Activities

 

3:00 pm - 4:30 pm

Registration and Greeting

 

4:30 pm - 6:00 pm

Exclusive CXO Keynote/Sponsored Workshop

 

6:00 pm - 7:00 pm

Networking Cocktail Reception

 

6:30 pm - 9:00 pm

VIP Dinner

 

Monday, March 26, 2018 - CISO Summit

8:00 am - 8:45 am

Registration and Networking Breakfast

 

8:50 am - 9:00 am

Welcome Address and Opening Remarks

 

9:00 am - 9:40 am

Keynote Presentation

Digital Transformation: A Journey Not a Destination

There are many forces that are driving companies to continue to transform how they do business. Technological advances such as IoT, AI, machine learning, virtual reality and augmented reality are creating demanding expectations from customers, employees and boards. Adding to the complexity of CIOs and CISOs is the increasing threats to the security of the data that is at the heart of digital transformation. This keynote presentation will focus on the realities that this transformation will never end and it is critical to implement both the mindset and processes to treat digital transformation as a journey...not a destination.

Takeaways: 

  1. It is critical to realize that digital transformation will never end, but will always be unfolding.
  2. CIOs and CISOs must implement processes to ensure that not only their departments are forward thinking, but that their entire company is aware of what new technologies can bring to bear for customers and employees.
 

9:45 am - 10:20 am

Keynote Presentation

Addressing Privacy on a Global Scale

Of all the risk management issues that present themselves to the modern-day CISO, perhaps the most difficult to address is that of privacy. In and of itself, privacy is no different a challenge than protecting any other sensitive information; however, the multi-jurisdictional impacts of the issue due to wildly differing laws between the US and European countries (as well as Canada - another country with strong privacy laws) make this an issue that is often times overwhelming to address. CISOs must work diligently to ensure that their privacy efforts conform with the standards of any jurisdiction with which they might work, where their data might be held and this is an almost overwhelming task.

Takeaways:

  1. Privacy is one of the most challenging issues for any business and CISO to address.
  2. The difference in regulations between and among US, Canadian and European countries (both those in and out of the EU itself) means traversing a fraught landscape.
 

10:20 am - 10:40 am

Morning Networking Coffee Break

 

10:40 am - 11:05 am

Solutions Spotlight

Deep dives into the latest and greatest technology solutions to today's business problems.

 

11:10 am - 11:35 am

Executive Exchange

 

Think Tank

Designing a Digital Workplace: Balancing Security with Effectiveness

Employees are consumers of digital technologies such as IoT, AR and VR. The plethora of mobile devices has enabled them to work where they want and when they want which has raised the bar on employee expectations for tools and capabilities from their employers. In order for companies to retain the best and get the most out of their employees, it is vital to design and continually update the digital workplace. We will discuss the current trends as well as share case studies of successful digital workplace implementations.

Takeaways:

  1. Highly skilled employees will demand a mobile and efficient workplace.  
  2. Keeping these skilled employees fully engaged and passionate about your company is critical to achieving the desired digital transformation.

 

11:15 am - 11:40 am

Executive Exchange

 

Thought Leadership

Machines Are Friends Not Foes: Using Cognitive Computing to Assess Threats

Popular movies, books and television shows typically position advanced technology as a threat to humanity and all we hold dear. Yet cognitive computing technologies such as artificial intelligence (AI), machine learning (ML), natural language processing and augmented reality (AR) are helping CIOs and CISOs make better decisions faster. We will discuss how cognitive computing can help us navigate the acceleration of activity and decisions that we are experiencing on our digital transformation journeys.

Takeaways:

  1. New cognitive computing technologies can be unnerving and difficult to trust.
  2. Used properly, cognitive computing technologies such as AI, ML and AR can provide data to humans in such a way to enable us to better prioritize the decisions we must make and make those decisions more effectively.

 

11:40 am - 12:05 pm

Executive Exchange

 

Thought Leadership

Making Your Way Through the Fog of Cloud Computing

What have we learned from a decade of cloud computing? What are the best practices that we should be taking into account as we take the next step on the digital transformation journey? We will discuss the full range of data center to cloud to hybrid cloud to fog and everything in between.

Takeaways:

  1. Cloud computing has effectively been with us for a decade. There are clear learnings in the last ten years that we should leverage as we implement new solutions.
  2. One size does not fit all. Effective solutions can range from a state of the art data center to a hybrid cloud to a fully implemented cloud solution.

 

12:10 pm - 12:35 pm

Executive Exchange

 

Executive Boardroom

Where Are We on Our Journey? Effective Dashboards for Security Decision Making

How fast are we going? Are we going in the right direction? How much fuel do we have in the tank? These are common questions for those on the move. Companies on a digital transformation journey need effective dashboards to help them understand the myriad data sources screaming for attention. We will discuss best practices for the various types of dashboards that can be used to make the most important decisions for your company.

Takeaways:

  1. Digital Transformation is providing an increasing amount of data to be understood and analyzed in order to make the right decisions.
  2. Effective dashboards are a key tenet of consuming this onslaught of data.

Executive Boardroom

Navigating Security and Risk In a Changing IT Landscape

Agile, DevOps, containers, microservices, the cloud are all seeing increased adoption across the enterprise. However, while there are valid business reasons to embrace these new models, there is potential risk in implementation. Is this change necessary? If so, how can this change be accommodated effectively, safely? This session will cover some common elements of the risk of change - and of not changing - and suggest approaches to minimize risk as you adopt these new technologies.

Takeaways:

  1. The IT landscape will continue to change leading to new processes, new technologies and new "standard" ways of doing IT business.
  2. This changing landscape will present security challenges where you will need to balance the "pain of same" vs the "pain of change".

 

12:40 pm - 1:30 pm

Networking Luncheon

 

1:35 pm - 2:00 pm

Solutions Spotlight

Deep dives into the latest and greatest technology solutions to today's business problems.

 

2:05 pm - 2:35 pm

Executive Exchange

 

Think Tank

Which "Friends" Do I Trust? Realities of 3rd Party Risk

It is not a matter of if, but a matter of when. Organizations, more and more, and are outsourcing business activities to third parties because of cost-savings, revenue opportunities, expertise, etc. Thus, collaborating with our business partners early to select the right third-party vendor(s) with the appropriate security posture is essential, especially for vendors hosting, processing and/or transmitting sensitive/regulatory information, or having access to our IT assets.

Takeaways:

  1. Regardless of the reasons, outsourcing some business functions to a third party seems inevitable in today's world.
  2. It is critical to have a proper vetting procedure of third parties before engaging them as business partners who have access to company systems and data.

 

2:35 pm - 3:00 pm

Executive Exchange

 

Thought Leadership

Can Technology Alone Prevent Phishing Attacks & Breaches?

In a world where we are talking about trusting self-driving cars, will we totally trust self "threat-assessing and action-taking" cybersecurity systems? Is technology enough? What is the human role in both preventing and responding to attacks?

Takeaways:

  1. Employees continue to be one of the leading, if not the leading, entry point for security breaches.
  2. Training about cyber attack approaches such as phishing is important, but using technology can help employees more consistently identify outside forces attempting to harm your company.

 

3:00 pm - 3:10 pm

Afternoon Networking Coffee Break

 

3:15 pm - 3:40 pm

Executive Exchange

 

Think Tank

CISO's Got Talent: Finding, Growing & Retaining the Best People

While new technology and solutions can help CISOs make more, faster and better decisions for an organization, nothing will take the place of a highly talented workforce. CISOs need to be great recruiters of talent but even more importantly growing the skills and capabilities of their team providing engaging and challenging opportunities for people. Competitive compensation is important for retaining great talent but so is a work environment where individual growth and development are front of mind and not an after thought.  

Takeaways:

  1. Highly skilled employees want an environment where they can grow their skills and feel appropriately challenged.
  2. Finding the best people, inside and outside of your company, and then providing a path to individual excellence is a key responsibility of CISOs.

 

3:45 pm - 4:10 pm

Executive Exchange

 

Think Tank

Disrupt or Be Disrupted: The Digital Transformation Journey Has No Parking Lots

The seemingly ever expanding cadre of technological tools available to incumbent industry leaders are also available to myriad start-ups. Start-ups are using these new technologies to disrupt industries of all types, changing how customers think about tried and true industries. Disruption is found on every corner and it is critical for CISOs to lead their organizations in a way that make them as nimble as their competitors.

Takeaways:

  1. Technology enables companies, especially start-ups with no legacy infrastructure, to disrupt industries overnight.
  2. CISOs need to lead their companies in ways that disrupt before they are disrupted by others.

 

4:15 pm - 4:40 pm

Executive Exchange

 

Innovation Partners Showcase

A brief, but compelling review of three new innovative technologies supporting digital transformation.

 

4:45 pm - 5:30 pm

Governing Board Executive Visions

CIOs/CISOs as the Consummate Communicator

Digital transformation is changing how you equip your employees and how your company interacts with customers. It is also changing the role of the CIO and CISO to be a business leader and internal sales leader for transformation. CIOs are now responsible for communicating strategies and recommendations to CxOs, boards and key stakeholders within a company. Join us, during lunch, for a passionate panel discussion with your peers as they share how they are successfully communicating internally to accomplish the company's goals.

Takeaways:

  1. CISOs must be great communicators, not only with their teams, but the rest of the organization.
  2. CISOs must learn the best ways to communicate clarity and urgency with boards and CXOs.

 

5:30 pm - 6:30 pm

Networking Cocktail Reception & Demos

 

6:30 pm - 8:00 pm

Networking Dinner

 

Tuesday, March 27, 2018 - CISO Summit

7:00 am - 8:00 am

Networking Breakfast

 

8:05 am - 8:45 am

Keynote Presentation

CIOs & CISOs: One Foot on the Gas & One Foot on the Brake?

CIOs are facing increasing pressure to guide their companies to rapidly adopt new technologies and solutions to keep their companies competitive in their industry. CISOs are facing increasing pressure to keep their company and its data safe and secure from all threats. Without great vision and cooperation these goals can appear to be at cross purposes.

Takeaways:

  1. CIOs and CISOs are both facing pressures that could seem to be at cross purposes.
  2. CIOs and CISOs must work very closely together to accomplish both their individual organizational goals, but also the overarching company goals to thrive.

 

8:50 am - 9:25 am

Keynote Presentation

Balancing Reactivity & Proactivity in Enterprise Security

As with all things in life, the focus on how to conduct enterprise security ebbs and flows between varying degrees of reactivity and proactivity. In the old school Security 1.0 world, where the focus was almost completely on network security, efforts were in general proactive in nature with firewalls and anti-malware seeking to prevent threats before they even occurred. This did not work so well and so Security 2.0 focused on reactivity, wrapping things like encryption around the data so that even if a breach occurred, the loss would be mitigated. Yet breaches, and losses, continue to occur. So if primarily proactive security does not work, and if primarily reactive security also does not work, how then do we find the right balance between the two to find a security posture that does work?

Takeaways:

  1. Proactive security measures, those that prevent a threat from occurring, are valuable and necessary but have not proven effective.
  2. Reactive security measures, those that mitigate a threat that has occurred, are also valuable but complicated a limit enterprise efficiency and efficacy.
  3. A new approach is needed that blends techniques or finds new approaches whether they be reactive, proactive or both.

 

9:25 am - 9:40 am

Morning Networking Coffee Break

 

9:45 am - 10:10 am

Solutions Spotlight

Deep dives into the latest and greatest technology solutions to today's business problems.

 

10:15 am - 10:40 am

Executive Exchange

 

Think Tank

Security & Compliance, Chicken & Egg. Which Comes First?

Since regulatory (and industry) compliance became a notable thing in the early-mid 2000s it has been intimately linked with information security and often times has been the lever (or hammer) by which enterprises made necessary investments in security. However, being compliant and being secure are not the same thing, and in too many cases, enterprises that were perfectly compliant have been perfectly breached. A new focus is needed; one that respects that while security and compliance are not the same thing, they are working towards the same goal (a reduction in overall enterprise risk exposure) and sees that compliance flows from security.

Takeaways:

  1. While a secure company is likely a compliant company, the same cannot be said of the reverse situation.
  2. Just because compliance has loosened the purse strings does not mean it takes a pre-eminent position on security investments.
  3. Reducing enterprise risk is the goal of both practices, but without appropriate focus on both is a goal that will never be achieved

 

10:45 am - 11:10 am

Executive Exchange

 

Thought Leadership

Identity & the New Age of Enterprise Security

From a technology standpoint, as a society the world of business has gone through two distinct stages in the evolution of its information security focus. The first addressed network-based protection and preventative controls such as firewalls and anti-malware. The second looked at data-centric and detective controls such as encryption and intrusion/extrusion monitoring. Since breaches continue to occur at a record pace, what is needed is clearly a new evolution, one that pushes towards individual focused security through granular user monitoring and management as provided by solutions such as identity and access management (IAM). While IAM is not a new technology field, it is one whose time has come and CISOs need to begin investing in modern-day, light-weight, easy to implement IAM solutions now to stay ahead of the curve and reduce enterprise threats.

Takeaways:

  1. The breach onslaught demonstrates that existing security solutions are incapable of defending current threats.
  2. Enterprises need to begin looking at security from an activity perspective rather than an artifact perspective.

 

11:15 am - 11:40 am

Executive Exchange

 

Think Tank

Diversity in IT

The importance technology plays within an enterprise will only continue to gain momentum as more developers, engineers, and programmers enter the workforce. As these segments continue to grow, so does the diversity of the workforce within the technology field. For a field that is severely constrained by a talent and skills gap, this influx of bodies can only be a good thing. Beyond the basic ability to deliver of identified capabilities a diverse workforce, whether cultural or gender influenced offers a whole that is more than the sum of the parts. Finding ways to drive and increase diversity in IT then should be a key focus for every IT executive.

Takeaways:

  1. Identify the importance behind diversity in technology, opportunities, and capabilities.
  2. Discuss the importance of cultivating diversity at the grass-roots level and building post-secondary programs that drive awareness of and interest in IT.

 

11:45 am - 12:20 pm

Governing Board Executive Visions

CISO as Driver of Digital Disruption

Digital transformation is causing digital disruption. Companies are faced with new competitors using new technologies to change how industries work. The CISO is in the best position to understand the security impacts of both the legacy systems and processes and the opportunities that come with new technologies and capabilities. We will discuss in this panel the best practices for CISOs to be the drivers of digital disruption for their company.

Takeaways:

  1. CIOs are in the best position to know how new technologies and thought processes can help their company be digital disruptors.
  2. Because of this, CISOs should be one of, if not THE, driver of digital disruption for their company.

 

12:20 pm - 12:40 pm

Governing Board Summary

Next Steps on the Digital Transformation Journey

Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CISOs where common issues can be addressed and success stories can be shared.

Takeaways:

  1. Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you.
  2. Sharing stories of success (and failures) is not reserved to a one-day CISO Summit, but should be shared on a regular basis with your peers.

 

12:45 pm - 1:45 pm

Grab and Go Luncheon