ISMG Engage - DC
Engage April 19, 2023
ISMG Engage DC convenes top Government Officials, industry practitioners and other leaders from public and private entities. The accomplished cadre of speakers are eager to share lessons learned, proven strategies and tried and true tactics in cybersecurity. The experience and perspectives of sixteen federal government agencies will be represented, including: Cybersecurity and Infrastructure Security Agency, U.S. Cyber Command National Security Agency, Federal Communications Commission, Federal Bureau of Investigation, U.S. Secret Service, Department of Justice, and the Federal Communications Commission.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.
Washington, DC
Name :
Washington, DC
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Mat Schwartz
Executive Editor
ISMG
Michael Novinson
Managing Ediitor
ISMG
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Tom Field
Chief Executive of Editorial
ISMG
David Pollino
Former CISO
PNC Bank
Michael Baker
Vice President, IT CISO
DXC Technology
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Anna Delaney
Director, ISMG Productions
ISMG
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Kurt Sanger
Deputy General Counsel
US Cyber Command
Kiersten Todt
Chief of Staff
Cybersecurity and Infrastructure Security Agency (CISA)
Ron Green
Executive Vice President, CSO
Mastercard
EP Mathew
Deputy Chief Information Officer
Defense Intelligence Agency
Edacheril "E.P." Mathew became the deputy CIO of the Defense Intelligence Agency in July 2021, after previously serving as the chief of operations for CIO. He was promoted to the Senior National Intelligence Service in 2019. As chief of operations,...
Hadley Etienne
Supervisory Special Agent
Federal Bureau of Investigation
Supervisory Special Agent Hadley Etienne obtained a Computer and Information Technology Bachelor's of Science degree at Rochester Institute of Technology. Etienne has worked for IBM as a System/Network Administrator and with Susquehanna Investment Group on the American Stock Exchange as...
Mike D'Ambrosio
Managing Director
Liberty Strategic Capital
Michael D’Ambrosio serves as Managing Director for Liberty Strategic Capital, where he focuses primarily on the cybersecurity sector and other investment opportunities with a security dimension. Prior to joining Liberty, Michael D’Ambrosio served as Assistant Director of the Office of...
Stephen Dougherty
Forensic Financial Analyst/Investigator
U.S. Secret Service
Dougherty has over 15 years of investigative experience. He is currently a financial investigator/forensic analyst assigned to the U.S. Secret Service’s Global Investigative Operations Center. As a financial fraud investigator in support of the federal government, Dougherty has played a...
View Agenda
Welcome and Keynote Address
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 05:00 PM
  • 05:59 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
Refreshment Break
  • 06:00 PM
  • 06:29 PM
  • 06:30 PM
  • 07:29 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 06:30 PM
  • 07:29 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
Closing Comments
  • 07:30 PM
  • 07:59 PM

ISMG Engage DC convenes top Government Officials, industry practitioners and other leaders from public and private entities. The accomplished cadre of speakers are eager to share lessons learned, proven strategies and tried and true tactics in cybersecurity. The experience and perspectives of sixteen federal government agencies will be represented, including: Cybersecurity and Infrastructure Security Agency, U.S. Cyber Command National Security Agency, Federal Communications Commission, Federal Bureau of Investigation, U.S. Secret Service, Department of Justice, and the Federal Communications Commission.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.

Washington, DC
Name :
Washington, DC

Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Mat Schwartz
Executive Editor
ISMG
Michael Novinson
Managing Ediitor
ISMG
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Tom Field
Chief Executive of Editorial
ISMG
David Pollino
Former CISO
PNC Bank
Michael Baker
Vice President, IT CISO
DXC Technology
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Anna Delaney
Director, ISMG Productions
ISMG
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Kurt Sanger
Deputy General Counsel
US Cyber Command

Kiersten Todt
Chief of Staff
Cybersecurity and Infrastructure Security Agency (CISA)
Ron Green
Executive Vice President, CSO
Mastercard
EP Mathew
Deputy Chief Information Officer
Defense Intelligence Agency
Edacheril "E.P." Mathew became the deputy CIO of the Defense Intelligence Agency in July 2021, after previously serving as the chief of operations for CIO. He was promoted to the Senior National Intelligence Service in 2019. As chief of operations,...
Hadley Etienne
Supervisory Special Agent
Federal Bureau of Investigation
Supervisory Special Agent Hadley Etienne obtained a Computer and Information Technology Bachelor's of Science degree at Rochester Institute of Technology. Etienne has worked for IBM as a System/Network Administrator and with Susquehanna Investment Group on the American Stock Exchange as...
Mike D'Ambrosio
Managing Director
Liberty Strategic Capital
Michael D’Ambrosio serves as Managing Director for Liberty Strategic Capital, where he focuses primarily on the cybersecurity sector and other investment opportunities with a security dimension. Prior to joining Liberty, Michael D’Ambrosio served as Assistant Director of the Office of...
Stephen Dougherty
Forensic Financial Analyst/Investigator
U.S. Secret Service
Dougherty has over 15 years of investigative experience. He is currently a financial investigator/forensic analyst assigned to the U.S. Secret Service’s Global Investigative Operations Center. As a financial fraud investigator in support of the federal government, Dougherty has played a...

View Agenda
Welcome and Keynote Address
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
  • 05:00 PM
  • 05:59 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 05:00 PM
  • 05:59 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 05:00 PM
  • 05:59 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 05:00 PM
  • 05:59 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 05:00 PM
  • 05:59 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 05:00 PM
  • 05:59 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 05:00 PM
  • 05:59 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 05:00 PM
  • 05:59 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 05:00 PM
  • 05:59 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
  • 05:00 PM
  • 05:59 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
Refreshment Break
  • 06:00 PM
  • 06:29 PM
  • 06:30 PM
  • 07:29 PM
Strategies to Mitigate Risk and Exposure During Your Merger or Acquisition

2021 M&A transactions were up 55% in the U.S. over 2020. And 2022 is on pace to be even bigger. This wave of post-Covid M&A demands that cyber security leaders improve their efficacy. Panelists for this session are seasoned practitioners who are eager to share their experiences from the initial phase during due diligence through day-one integration of the M&A cycle: 

  • Ensure that a subsidiary cannot expose the parent company to cyber risks through the M&A process
  • Be a player and practice due diligence in the M&A process from start to integration
  • Leverage integrated risk assessments and automated smart questionnaires to gain a real-time snapshot into what a company’s cyber risk posture and overall GRC looks like
  • 06:30 PM
  • 07:29 PM
Risk Management for a New Era: Maturity Models and Evolution of Security Programs

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
Incident Response: Are You Prepared for Your Organization's Worst Day?

It's not a matter of "if" the next cyberattack will strike--it's a matter of "when.” The extent of your preparedness is one of the biggest factors determining what that day (and beyond) is going to be like for you and your organization.
 When that day arrives, it’s too late to ask: Who have I prepared? How did I prepared them? What tools do I have at-the-ready? This panel of Industry experts will lend their experiences and lessons learned to unpack those questions as well as navigate us through the following:

  • What threats are most likely to cause the biggest disruption?
  • What are you doing now to protect your environment - and where are your biggest gaps?
  • How can we leverage all of the security controls in our environment for an effective, layered defense?
  • 06:30 PM
  • 07:29 PM
Third-Party Selection and Management: What You Need to Know and Do Before and After You Sign

The need for third-party risk management has never been greater. Even though the risks to your company, customers and partners can be substantial, the processes, methods, and mediums used today are frequently flawed and even potentially misleading. In this panel discussion we dive into:

  • What does the current TPRM risk landscape look like today?
  • What’s working and not working in TPRM?
  • What are the risks and mitigation strategies?
  • Best practices and recommendations for an effective program and what’s needed in the future
  • 06:30 PM
  • 07:29 PM
Cyber Warfare: A New Playbook. How Cyber, Conventional Warfare and Disinformation/MDM Constitute a Unified Playbook

The nature of warfare is changing. As conventional, cyber and information warfare converge into a highly refined and devastating playbook, we need to rethink many aspects of the way we implement defense tactics. This panel of public and private sector experts will dissect:

  • The evolution of Russian tactics-from the annexation of Crimea to the invasion of Ukraine
  • How the Perception War and MDM are taking center stage in modern conflict and shaping world events
  • Why we need an integrated playbook and how should this shape our defensive strategy
  • 06:30 PM
  • 07:29 PM
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world.  This session will illuminate

  • Biggest threats based on trending attacks  
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 06:30 PM
  • 07:29 PM
How to Keep Your Security Programs Proactive in an Ever-Evolving Threat Landscape

Cybersecurity strategies are shifting from a reactive stance to proactive approach. This change gives organizations the ability to be more agile with their security program. In this keynote session, our panel of industry experts will share their experience and insights on:

  • Is it possible to be prepared for the unknown cyber threat?
  • Team retention and talent acquisitions, including strategies for different generations
  • Promoting and driving a security and risk-aware culture
  • Current threat landscape’s most prevalent features-Cloud Security/Attacks, Human Error, Evil Proxy
  • 06:30 PM
  • 07:29 PM
Clouded Judgment: Why Security & Cloud Are Aligned

The perceived conflict between profitability and speed to market versus security is rife in our organizations. Understanding this is important, and combating it is crucial. Cyber security leaders guide and influence the discussion, and thereby mindset, as both are indispensable to business goals. Making cloud secure is our best path forward. What are the necessary building blocks, and how can you create and promote a secure cloud strategy?

  • Discuss key points to win converts to a security mindset
  • Deal with M&As that have existing cloud environments
  • Retool teams and install effective guard rails
  • What role can compliance play?
  • 06:30 PM
  • 07:29 PM
Why Strong Partnerships With Executive Leadership Are Essential for Good Data Governance

A recent nationwide survey 23% of CISOs report to the CEO, while nearly 45% reported into a CIO. With Data Governance ultimately being about people, processes, and technology--the foundation for data governance—are “musts.” In this session, you will hear from practitioners who have actuated strong partnerships with executives. They will share:  

  • Tried and true approaches for getting buy-in and clear ownership 
  • Strategies for breaking down data silos
  • Approaches to find the right balance between flexibility and data governance standards
  • 06:30 PM
  • 07:29 PM
The Future of Ransomware and Evolving Attacks

Adaptations are needed to keep pace with the changing ransomware environment. This panel will address what you should be ready for. They will also debate valid and invalid approaches to minimizing risk -from technology, government and other activities that will influence how organizations can to respond to threats. This panel will:

  • Discuss current trends for ransomware attacks 
  • Look at the impact of the changing environment on insurance premiums
  • Debate whether norms or regulations should dictate payments
  • Address critical strategies and aspects to being successful in defending against attacks       
Closing Comments
  • 07:30 PM
  • 07:59 PM

Speaker Interviews

April 19, 2023

ISMG Engage - DC