ISMG Engage - Chicago/Detroit
Engage June 13, 2023
ISMG Engage Chicago will explore topics from data privacy, Ransomware, Cryptocurrency, End point Protection, the future threat landscape and much more. Following the Keynote Address, our closed door "Deep Dives," moderated by true experts will be innovative in content, interactive, and most of all, incredibly useful to you going forward.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.
Chicago
Name :
Chicago
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Mat Schwartz
Executive Editor
ISMG
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
David Barton
CTO
High Wire Networks
Anna Delaney
Director, ISMG Productions
ISMG
Karen Habercoss
Chief Privacy Officer
U. Chicago Medicine
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
David Pollino
Former CISO
PNC Bank
Michael Novinson
Managing Ediitor
ISMG
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Murad Dikeidek
Head of Information Security
University of Illinois Hospital & Health Sciences System
Shefali Mookencherry
Chief Information Security Officer, System Director of Information Security
Edward-Elmhurst Health
Fred Kwong
VP, Chief Information Security Officer
DeVry University
Tom Field
Chief Executive of Editorial
ISMG
Tom Field
Chief Executive of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Ashley Huntington
Privacy Officer
Cook County Health
Huntington is the compliance officer and interim privacy officer for Cook County Health in Chicago, Illinois. She works closely with healthcare providers and workforce members on multiple compliance issues, including regulatory requirements, compliance audits, research compliance and compliance education. She...
Cody Majerus
Special Agent
U.S. Secret Service
Majerus is a Secret Service special agent assigned to the Electronic Crimes Squad of the Chicago Field Office. He specializes in cyber-related fraud related to businesses and financial institutions. Prior to joining the Secret Service, Majerus held several full-time positions...
Erik Hart
CISO
Cushman & Wakefield
Hart oversees global information security for Cushman & Wakefield, a privately held commercial real estate services firm. He has over 20 years of experience providing information security and business continuity services to various industries and organizations and advises numerous companies...
Bruce Phillips
SVP & Chief Information Security Officer
WEST, a Williston Financial Group company
Phillips is senior vice president and chief information security officer for WEST, a Williston Financial Group company that creates industry-leading technology to streamline and fully integrate the real estate process. He is responsible for the company’s information security practice as...
Mike Rastigue
Cyber Solutions Leader
Crum & Forster
Rastigue leads Crum & Forster’s cyber solutions team, bringing together cyber underwriting, claims and risk engineering. He advises customers on methods to improve their security posture before they have a loss and helps get customers back to business as usual...
Paolo Vallotti
CISO and VP of Operations
Tate and Lyle
CyberEdBoard connects 1,300+ influential practitioners from 71+ countries, who are passionate about advancing cybersecurity best practices, collaboration, and the protection of technology worldwide. Visit www.cyberedboard.io to learn more about our global community and apply for membership consideration.
Ted Kieffer
CISO
AZEK
Kieffer is the chief information security officer for The AZEK Company, a U.S.-based manufacturer of environmentally sustainable outdoor living building products, where he focuses on building pragmatic, forward-looking, business-relevant security programs that manage real risk. He is a 20-year information...
Keith Bergin
Vice President, Cyber Claims
Tokio Marine HCC
Bergin is vice president of cyber liability claims at Tokio Marine HCC. As a cyber risk transfer, incident response and mitigation expert, he has assisted organizations across all industry types throughout their risk-based decision processes and has served the legal,...
View Agenda
Welcome and Keynote Address
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 05:00 PM
  • 05:59 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
Refreshment Break
  • 06:00 PM
  • 06:29 PM
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 06:30 PM
  • 07:29 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration

Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like

  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
Closing Comments
  • 07:30 PM
  • 07:59 PM

ISMG Engage Chicago will explore topics from data privacy, Ransomware, Cryptocurrency, End point Protection, the future threat landscape and much more. Following the Keynote Address, our closed door "Deep Dives," moderated by true experts will be innovative in content, interactive, and most of all, incredibly useful to you going forward.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.

Chicago
Name :
Chicago

Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Mat Schwartz
Executive Editor
ISMG
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
David Barton
CTO
High Wire Networks
Anna Delaney
Director, ISMG Productions
ISMG
Karen Habercoss
Chief Privacy Officer
U. Chicago Medicine
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
David Pollino
Former CISO
PNC Bank
Michael Novinson
Managing Ediitor
ISMG
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Murad Dikeidek
Head of Information Security
University of Illinois Hospital & Health Sciences System
Shefali Mookencherry
Chief Information Security Officer, System Director of Information Security
Edward-Elmhurst Health
Fred Kwong
VP, Chief Information Security Officer
DeVry University
Tom Field
Chief Executive of Editorial
ISMG

Tom Field
Chief Executive of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Ashley Huntington
Privacy Officer
Cook County Health
Huntington is the compliance officer and interim privacy officer for Cook County Health in Chicago, Illinois. She works closely with healthcare providers and workforce members on multiple compliance issues, including regulatory requirements, compliance audits, research compliance and compliance education. She...
Cody Majerus
Special Agent
U.S. Secret Service
Majerus is a Secret Service special agent assigned to the Electronic Crimes Squad of the Chicago Field Office. He specializes in cyber-related fraud related to businesses and financial institutions. Prior to joining the Secret Service, Majerus held several full-time positions...
Erik Hart
CISO
Cushman & Wakefield
Hart oversees global information security for Cushman & Wakefield, a privately held commercial real estate services firm. He has over 20 years of experience providing information security and business continuity services to various industries and organizations and advises numerous companies...
Bruce Phillips
SVP & Chief Information Security Officer
WEST, a Williston Financial Group company
Phillips is senior vice president and chief information security officer for WEST, a Williston Financial Group company that creates industry-leading technology to streamline and fully integrate the real estate process. He is responsible for the company’s information security practice as...
Mike Rastigue
Cyber Solutions Leader
Crum & Forster
Rastigue leads Crum & Forster’s cyber solutions team, bringing together cyber underwriting, claims and risk engineering. He advises customers on methods to improve their security posture before they have a loss and helps get customers back to business as usual...
Paolo Vallotti
CISO and VP of Operations
Tate and Lyle
CyberEdBoard connects 1,300+ influential practitioners from 71+ countries, who are passionate about advancing cybersecurity best practices, collaboration, and the protection of technology worldwide. Visit www.cyberedboard.io to learn more about our global community and apply for membership consideration.
Ted Kieffer
CISO
AZEK
Kieffer is the chief information security officer for The AZEK Company, a U.S.-based manufacturer of environmentally sustainable outdoor living building products, where he focuses on building pragmatic, forward-looking, business-relevant security programs that manage real risk. He is a 20-year information...
Keith Bergin
Vice President, Cyber Claims
Tokio Marine HCC
Bergin is vice president of cyber liability claims at Tokio Marine HCC. As a cyber risk transfer, incident response and mitigation expert, he has assisted organizations across all industry types throughout their risk-based decision processes and has served the legal,...

View Agenda
Welcome and Keynote Address
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 05:00 PM
  • 05:59 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
Refreshment Break
  • 06:00 PM
  • 06:29 PM
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 06:30 PM
  • 07:29 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration

Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like

  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
Closing Comments
  • 07:30 PM
  • 07:59 PM

Speaker Interviews

June 13, 2023

ISMG Engage - Chicago/Detroit