ISMG Engage - Finance
Engage February 16, 2023
Kicking off 2023, ISMG Engage Finance addresses the challenges ahead that are constantly evolving and impacting every aspect of our business and personal lives. We will bring together industry leaders and decision-makers to connect and learn from each other’s success, as well as challenges, in an interactive educational environment.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.
The Westin New York at Times Square
Name :
The Westin New York at Times Square
Address :
270 West 43rd Street, New York, New York 10036, USA
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Michael Novinson
Managing Ediitor
ISMG
Tom Field
Chief Executive of Editorial
ISMG
Matanda Doss
Executive Director, Cybersecurity and Technology Controls, Commerical Bank
JP Morgan Chase & Co
David Pollino
Former CISO
PNC Bank
Kolin Whitley
Head of North America Acceptance Risk
VISA
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Anna Delaney
Director, ISMG Productions
ISMG
Arif Hameed
CISO and VP
Munich Re New Ventures
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Mat Schwartz
Executive Editor
ISMG
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Ari Redboard
Head of Legal and Government Affairs
TRM Labs
Samant Nagpal
General Manager and Global Head of Risk
Square
Claire Le Gal
Senior Vice President, Fraud Intelligence, Strategy & Cyber Products
Mastercard
Chris Holden
CISO
Crum & Forster
Greg Kyrytschenko
Deputy CISO
Guardian Life
Kyrytschenko is the deputy CISO leading cybersecurity services for Guardian Life, where he is responsible for ensuring data protection and the availability of Guardian’s information security systems. He is also the BISO at ReedGroup. In his 20 years in information...
Alex Levy
Head of the Information Security Practice, Asset and Wealth Management
Goldman Sachs
Alex leads the Information Security Practice within Asset and Wealth Management at Goldman Sachs, focused on ensuring application security effectiveness, baseline and regulatory control requirements, and the confidentiality and integrity of firm and client data. In this role, he partners...
David Sheidlower
Vice President and Chief Information Security and Privacy Officer
Turner Construction
David Sheidlower, CISSP, CISM, is Vice President and Chief Information Security and Privacy Officer for Turner Construction Company. He has been a security officer in multiple industries including Health Care and Financial Services. He has served on the policy committee...
Mike Wilusz
Head of Solutions Engineering
Stairwell
Kevin Li
CISO
MUFG Securities Americas
John Decker
Chief Technology Officer
Trian Fund Management, L.P.
Aruneesh Salhotra
Head of Application Security
Numuro
David Stern
Managing Director, Chief Information Security Officer
KKR
David Stern joined KKR in 2021 and is the Firm’s Chief Information Security Officer (CISO). Prior to joining KKR, he was CISO at Cantor Fitzgerald, where he was responsible for all aspects of the information security program across their global...
Steve Lenderman
SVP, Executive Director of Global Loss Prevention & Fraud
BM Technologies, Inc (BMTX)
Lenderman brings over 25 years of experience in financial crime prevention. He was previously the Director of Strategic Fraud Prevention at ADP in the global security organization. Before ADP, he was the Fraud Operations Lead for PayPal Business Loans, responsible...
Fawaz Rasheed
Field CISO
VMWARE
Fawaz has more than 20 years of information security and technology leadership experience at global companies in a range of industries, including financial services, healthcare, and manufacturing. He has served in executive level positions, as Global CISO at Northwestern Mutual,...
Vlad Brodsky
Chief Information Security Officer, SVP of IT Operations and Infrastructure
OTC Markets
Aleksandr Zhuk
CISO
SFOX
Gee Rittenhouse
Chief Executive Officer
Skyhigh Security
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...
View Agenda
Welcome & Keynote Address: The Modern CISO Panel: Making Security Priorities Business Priorities
Alex Levy, Head of the Information Security Practice, Asset and Wealth Management , Goldman Sachs
David Stern, Managing Director, Chief Information Security Officer, KKR
Kevin Li, CISO, MUFG Securities Americas

Today, a financial CISO must not only be well versed in security, but also business risk, communications and leadership. Board members are increasingly asking CISOs questions about their budget and their strategy. The evolving role of the CISO means they must focus on shaping their organization’s security posture to suit the needs of the business and the need to grow and expand revenues despite all the threats. Our expert group of CISOs will share their perspectives on being a well-rounded, “modern” CISO and will:

  • Discuss the ways in which they are effectively communicating and translating security speak to board members.
  • Decipher what the biggest challenges are when it comes to building and maintaining a successful security team.
  • Assess the biggest risk factors they are seeing on both the security and financial side of things within their organizations.
Alex Levy
David Stern
Kevin  Li
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 04:59 PM
  • 05:59 PM
  • 05:00 PM
  • 05:59 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
  • 05:00 PM
  • 05:59 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 05:00 PM
  • 05:59 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, Chief Executive Officer, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 05:00 PM
  • 05:59 PM
Fawaz Rasheed
Chris  Holden
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Fawaz Rasheed, Field CISO, VMWARE
Chris Holden, CISO, Crum & Forster

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
Watch a brief video on the topic.
  • 05:00 PM
  • 05:59 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
  • 05:00 PM
  • 05:59 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
Refreshment Break
  • 06:00 PM
  • 06:29 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 06:29 PM
  • 07:29 PM
  • 06:30 PM
  • 07:29 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
  • 06:30 PM
  • 07:29 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
  • 06:30 PM
  • 07:29 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, Chief Executive Officer, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 06:30 PM
  • 07:29 PM
Fawaz Rasheed
Chris  Holden
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Fawaz Rasheed, Field CISO, VMWARE
Chris Holden, CISO, Crum & Forster

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
Watch a brief video on the topic.
  • 06:30 PM
  • 07:29 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 06:30 PM
  • 07:29 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
Closing Comments
  • 07:30 PM
  • 07:59 PM

Kicking off 2023, ISMG Engage Finance addresses the challenges ahead that are constantly evolving and impacting every aspect of our business and personal lives. We will bring together industry leaders and decision-makers to connect and learn from each other’s success, as well as challenges, in an interactive educational environment.
ISMG Engage provides a platform for executives to learn from each other. Join the largest community of security leaders for closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.

The Westin New York at Times Square
Name :
The Westin New York at Times Square
Address :
270 West 43rd Street, New York, New York 10036, USA

Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Michael Novinson
Managing Ediitor
ISMG
Tom Field
Chief Executive of Editorial
ISMG
Matanda Doss
Executive Director, Cybersecurity and Technology Controls, Commerical Bank
JP Morgan Chase & Co
David Pollino
Former CISO
PNC Bank
Kolin Whitley
Head of North America Acceptance Risk
VISA
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Anna Delaney
Director, ISMG Productions
ISMG
Arif Hameed
CISO and VP
Munich Re New Ventures
Jeremy Grant
Managing Director-Technology Business Strategy
Venable LLP
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Mat Schwartz
Executive Editor
ISMG
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Ari Redboard
Head of Legal and Government Affairs
TRM Labs
Samant Nagpal
General Manager and Global Head of Risk
Square
Claire Le Gal
Senior Vice President, Fraud Intelligence, Strategy & Cyber Products
Mastercard

Chris Holden
CISO
Crum & Forster
Greg Kyrytschenko
Deputy CISO
Guardian Life
Kyrytschenko is the deputy CISO leading cybersecurity services for Guardian Life, where he is responsible for ensuring data protection and the availability of Guardian’s information security systems. He is also the BISO at ReedGroup. In his 20 years in information...
Alex Levy
Head of the Information Security Practice, Asset and Wealth Management
Goldman Sachs
Alex leads the Information Security Practice within Asset and Wealth Management at Goldman Sachs, focused on ensuring application security effectiveness, baseline and regulatory control requirements, and the confidentiality and integrity of firm and client data. In this role, he partners...
David Sheidlower
Vice President and Chief Information Security and Privacy Officer
Turner Construction
David Sheidlower, CISSP, CISM, is Vice President and Chief Information Security and Privacy Officer for Turner Construction Company. He has been a security officer in multiple industries including Health Care and Financial Services. He has served on the policy committee...
Mike Wilusz
Head of Solutions Engineering
Stairwell
Kevin Li
CISO
MUFG Securities Americas
John Decker
Chief Technology Officer
Trian Fund Management, L.P.
Aruneesh Salhotra
Head of Application Security
Numuro
David Stern
Managing Director, Chief Information Security Officer
KKR
David Stern joined KKR in 2021 and is the Firm’s Chief Information Security Officer (CISO). Prior to joining KKR, he was CISO at Cantor Fitzgerald, where he was responsible for all aspects of the information security program across their global...
Steve Lenderman
SVP, Executive Director of Global Loss Prevention & Fraud
BM Technologies, Inc (BMTX)
Lenderman brings over 25 years of experience in financial crime prevention. He was previously the Director of Strategic Fraud Prevention at ADP in the global security organization. Before ADP, he was the Fraud Operations Lead for PayPal Business Loans, responsible...
Fawaz Rasheed
Field CISO
VMWARE
Fawaz has more than 20 years of information security and technology leadership experience at global companies in a range of industries, including financial services, healthcare, and manufacturing. He has served in executive level positions, as Global CISO at Northwestern Mutual,...
Vlad Brodsky
Chief Information Security Officer, SVP of IT Operations and Infrastructure
OTC Markets
Aleksandr Zhuk
CISO
SFOX
Gee Rittenhouse
Chief Executive Officer
Skyhigh Security
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...

View Agenda
Welcome & Keynote Address: The Modern CISO Panel: Making Security Priorities Business Priorities
Alex Levy, Head of the Information Security Practice, Asset and Wealth Management , Goldman Sachs
David Stern, Managing Director, Chief Information Security Officer, KKR
Kevin Li, CISO, MUFG Securities Americas

Today, a financial CISO must not only be well versed in security, but also business risk, communications and leadership. Board members are increasingly asking CISOs questions about their budget and their strategy. The evolving role of the CISO means they must focus on shaping their organization’s security posture to suit the needs of the business and the need to grow and expand revenues despite all the threats. Our expert group of CISOs will share their perspectives on being a well-rounded, “modern” CISO and will:

  • Discuss the ways in which they are effectively communicating and translating security speak to board members.
  • Decipher what the biggest challenges are when it comes to building and maintaining a successful security team.
  • Assess the biggest risk factors they are seeing on both the security and financial side of things within their organizations.
Alex Levy
David Stern
Kevin  Li
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 04:59 PM
  • 05:59 PM
  • 05:00 PM
  • 05:59 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
  • 05:00 PM
  • 05:59 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 05:00 PM
  • 05:59 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, Chief Executive Officer, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 05:00 PM
  • 05:59 PM
Fawaz Rasheed
Chris  Holden
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Fawaz Rasheed, Field CISO, VMWARE
Chris Holden, CISO, Crum & Forster

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
Watch a brief video on the topic.
  • 05:00 PM
  • 05:59 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
  • 05:00 PM
  • 05:59 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
Refreshment Break
  • 06:00 PM
  • 06:29 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 06:29 PM
  • 07:29 PM
  • 06:30 PM
  • 07:29 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
  • 06:30 PM
  • 07:29 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
  • 06:30 PM
  • 07:29 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, Chief Executive Officer, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 06:30 PM
  • 07:29 PM
Fawaz Rasheed
Chris  Holden
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Fawaz Rasheed, Field CISO, VMWARE
Chris Holden, CISO, Crum & Forster

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
Watch a brief video on the topic.
  • 06:30 PM
  • 07:29 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 06:30 PM
  • 07:29 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
Closing Comments
  • 07:30 PM
  • 07:59 PM

Speaker Interviews

February 16, 2023

ISMG Engage - Finance