ISMG Engage - Finance
Engage February 16, 2023
Kicking off 2023, ISMG Engage Finance addresses the challenges ahead that are constantly evolving and impacting every aspect of our business and personal lives. We will bring together industry leaders and decision-makers to connect and learn from each other’s success, as well as challenges, in an interactive educational environment.
ISMG Engage provides an in-person opportunity for executives to learn from each other and network. Join the largest community of security leaders for on-site, closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.
The Westin New York at Times Square
Name :
The Westin New York at Times Square
Address :
270 West 43rd Street, New York, New York 10036, USA
Open in maps
Tom Field
Chief Executive of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Greg Kyrytschenko
Deputy CISO
Guardian Life
Kyrytschenko is the deputy CISO leading cybersecurity services for Guardian Life, where he is responsible for ensuring data protection and the availability of Guardian’s information security systems. He is also the BISO at ReedGroup. In his 20 years in information...
Alex Levy
Chief Information Security Officer, Asset and Wealth Management
Goldman Sachs
Alex leads the Information Security Practice within Asset and Wealth Management at Goldman Sachs, focused on ensuring application security effectiveness, baseline and regulatory control requirements, and the confidentiality and integrity of firm and client data. In this role, he partners...
David Sheidlower
Vice President and Chief Information Security and Privacy Officer
Turner Construction
David Sheidlower, CISSP, CISM, is Vice President and Chief Information Security and Privacy Officer for Turner Construction Company. He has been a security officer in multiple industries including Health Care and Financial Services. He has served on the policy committee...
Mike Wilusz
Head of Solutions Engineering
Stairwell
Kevin Li
CISO
MUFG Securities Americas
John Decker
Chief Technology Officer
Trian Fund Management, L.P.
Aruneesh Salhotra
Head of Application Security
Numuro
David Stern
Managing Director, Chief Information Security Officer
KKR
David Stern joined KKR in 2021 and is the Firm’s Chief Information Security Officer (CISO). Prior to joining KKR, he was CISO at Cantor Fitzgerald, where he was responsible for all aspects of the information security program across their global...
Steve Lenderman
SVP, Executive Director of Global Loss Prevention & Fraud
BM Technologies, Inc (BMTX)
Lenderman brings over 25 years of experience in financial crime prevention. He was previously the Director of Strategic Fraud Prevention at ADP in the global security organization. Before ADP, he was the Fraud Operations Lead for PayPal Business Loans, responsible...
Fawaz Rasheed
Field CISO
VMware
Fawaz has more than 20 years of information security and technology leadership experience at global companies in a range of industries, including financial services, healthcare, and manufacturing. He has served in executive level positions, as Global CISO at Northwestern Mutual,...
Vlad Brodsky
Chief Information Security Officer, SVP of IT Operations and Infrastructure
OTC Markets
Aleksandr Zhuk
CISO
SFOX
Gee Rittenhouse
CEO
Skyhigh Security
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...
View Agenda
Welcome to ISMG Engage - Finance

CLICK HERE TO VIEW THE EVENT BROCHURE

  • 03:55 PM
  • 07:59 PM
Keynote Address: The Modern CISO Panel: Making Security Priorities Business Priorities
Alex Levy, Chief Information Security Officer, Asset and Wealth Management, Goldman Sachs
David Stern, Managing Director, Chief Information Security Officer, KKR
Kevin Li, CISO, MUFG Securities Americas

Today, a financial CISO must not only be well versed in security, but also business risk, communications and leadership. Board members are increasingly asking CISOs questions about their budget and their strategy. The evolving role of the CISO means they must focus on shaping their organization’s security posture to suit the needs of the business and the need to grow and expand revenues despite all the threats. Our expert group of CISOs will share their perspectives on being a well-rounded, “modern” CISO and will:

  • Discuss the ways in which they are effectively communicating and translating security speak to board members.
  • Decipher what the biggest challenges are when it comes to building and maintaining a successful security team.
  • Assess the biggest risk factors they are seeing on both the security and financial side of things within their organizations.
Alex Levy
David Stern
Kevin Li
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 04:59 PM
  • 05:59 PM
  • 05:00 PM
  • 05:59 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
  • 05:00 PM
  • 05:59 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 05:00 PM
  • 05:59 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, CEO, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 05:00 PM
  • 05:59 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
  • 05:00 PM
  • 05:59 PM
Tom Field
Fawaz Rasheed
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Tom Field, Chief Executive of Editorial, ISMG
Fawaz Rasheed, Field CISO, VMware

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
  • 05:00 PM
  • 05:59 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
Refreshment Break
  • 06:00 PM
  • 06:29 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 06:29 PM
  • 07:29 PM
  • 06:30 PM
  • 07:29 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
  • 06:30 PM
  • 07:29 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, CEO, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 06:30 PM
  • 07:29 PM
Fawaz Rasheed
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Fawaz Rasheed, Field CISO, VMware

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
  • 06:30 PM
  • 07:29 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
  • 06:30 PM
  • 07:29 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 06:30 PM
  • 07:29 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
Closing Comments
  • 07:30 PM
  • 07:59 PM

Kicking off 2023, ISMG Engage Finance addresses the challenges ahead that are constantly evolving and impacting every aspect of our business and personal lives. We will bring together industry leaders and decision-makers to connect and learn from each other’s success, as well as challenges, in an interactive educational environment.
ISMG Engage provides an in-person opportunity for executives to learn from each other and network. Join the largest community of security leaders for on-site, closed-door ’Deep Dive’ discussions designed to provide engaging insight on the latest threats, technology and solutions to apply in your place of work.

The Westin New York at Times Square
Name :
The Westin New York at Times Square
Address :
270 West 43rd Street, New York, New York 10036, USA
Open in maps

Tom Field
Chief Executive of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Greg Kyrytschenko
Deputy CISO
Guardian Life
Kyrytschenko is the deputy CISO leading cybersecurity services for Guardian Life, where he is responsible for ensuring data protection and the availability of Guardian’s information security systems. He is also the BISO at ReedGroup. In his 20 years in information...
Alex Levy
Chief Information Security Officer, Asset and Wealth Management
Goldman Sachs
Alex leads the Information Security Practice within Asset and Wealth Management at Goldman Sachs, focused on ensuring application security effectiveness, baseline and regulatory control requirements, and the confidentiality and integrity of firm and client data. In this role, he partners...
David Sheidlower
Vice President and Chief Information Security and Privacy Officer
Turner Construction
David Sheidlower, CISSP, CISM, is Vice President and Chief Information Security and Privacy Officer for Turner Construction Company. He has been a security officer in multiple industries including Health Care and Financial Services. He has served on the policy committee...
Mike Wilusz
Head of Solutions Engineering
Stairwell
Kevin Li
CISO
MUFG Securities Americas
John Decker
Chief Technology Officer
Trian Fund Management, L.P.
Aruneesh Salhotra
Head of Application Security
Numuro
David Stern
Managing Director, Chief Information Security Officer
KKR
David Stern joined KKR in 2021 and is the Firm’s Chief Information Security Officer (CISO). Prior to joining KKR, he was CISO at Cantor Fitzgerald, where he was responsible for all aspects of the information security program across their global...
Steve Lenderman
SVP, Executive Director of Global Loss Prevention & Fraud
BM Technologies, Inc (BMTX)
Lenderman brings over 25 years of experience in financial crime prevention. He was previously the Director of Strategic Fraud Prevention at ADP in the global security organization. Before ADP, he was the Fraud Operations Lead for PayPal Business Loans, responsible...
Fawaz Rasheed
Field CISO
VMware
Fawaz has more than 20 years of information security and technology leadership experience at global companies in a range of industries, including financial services, healthcare, and manufacturing. He has served in executive level positions, as Global CISO at Northwestern Mutual,...
Vlad Brodsky
Chief Information Security Officer, SVP of IT Operations and Infrastructure
OTC Markets
Aleksandr Zhuk
CISO
SFOX
Gee Rittenhouse
CEO
Skyhigh Security
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...

View Agenda
Welcome to ISMG Engage - Finance

CLICK HERE TO VIEW THE EVENT BROCHURE

  • 03:55 PM
  • 07:59 PM
Keynote Address: The Modern CISO Panel: Making Security Priorities Business Priorities
Alex Levy, Chief Information Security Officer, Asset and Wealth Management, Goldman Sachs
David Stern, Managing Director, Chief Information Security Officer, KKR
Kevin Li, CISO, MUFG Securities Americas

Today, a financial CISO must not only be well versed in security, but also business risk, communications and leadership. Board members are increasingly asking CISOs questions about their budget and their strategy. The evolving role of the CISO means they must focus on shaping their organization’s security posture to suit the needs of the business and the need to grow and expand revenues despite all the threats. Our expert group of CISOs will share their perspectives on being a well-rounded, “modern” CISO and will:

  • Discuss the ways in which they are effectively communicating and translating security speak to board members.
  • Decipher what the biggest challenges are when it comes to building and maintaining a successful security team.
  • Assess the biggest risk factors they are seeing on both the security and financial side of things within their organizations.
Alex Levy
David Stern
Kevin Li
  • 04:00 PM
  • 04:44 PM
Networking Break
  • 04:45 PM
  • 04:59 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 04:59 PM
  • 05:59 PM
  • 05:00 PM
  • 05:59 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
  • 05:00 PM
  • 05:59 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 05:00 PM
  • 05:59 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, CEO, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 05:00 PM
  • 05:59 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
  • 05:00 PM
  • 05:59 PM
Tom Field
Fawaz Rasheed
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Tom Field, Chief Executive of Editorial, ISMG
Fawaz Rasheed, Field CISO, VMware

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
  • 05:00 PM
  • 05:59 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
Refreshment Break
  • 06:00 PM
  • 06:29 PM
Deep Dive Discussions: Topic-Based Intimate Sessions

Meet with security industry leaders in a boardroom setting to converse with peers and gain insight into leading security trends and technology. Participate in one of the following topic-based closed door Deep Dive Discussions.

  • Proposed SEC Regulations for Financial Institutions
  • Impact of AI Tools on InfoSec
  • Uncovering Advanced Persistent Threats
  • Data Loss Prevention
  • Modernizing the SOC
  • The CISO Role: From Burnout to Thriving

 


  • 06:29 PM
  • 07:29 PM
  • 06:30 PM
  • 07:29 PM
Vlad Brodsky
Deep Dive: What will the influences of AI tools such as ChatGPT be on InfoSec?
Vlad Brodsky, Chief Information Security Officer, SVP of IT Operations and Infrastructure, OTC Markets

ChatGPT makes some big promises, the biggest of course "shape the future of technology".  With its synthetic intelligence ChatGPT has already been used to write malware, research papers, create marketing campaigns and much more.

During this interactive Deep Dive you will:

  • Explore the impact of ChatGPT on Enterprise cyber security plans and strategy.
  • Evaluate how other AI tools, such as VALL-E from Microsoft (tools that can synthesize someone's voice from a 3 second sample) will impact security.
  • Discuss what actions, if any, participants have taken thus far in response to the new potential attack vectors resulting from these new tools.
  • 06:30 PM
  • 07:29 PM
David Sheidlower
Gee Rittenhouse
Deep Dive: Ensure Data Loss Prevention Across Your FSI Organization
David Sheidlower, Vice President and Chief Information Security and Privacy Officer, Turner Construction
Gee Rittenhouse, CEO, Skyhigh Security

Security is a data protection problem within FSI organizations. Security teams have recognized this and responded by deploying sophisticated point solutions to secure confidential data wherever it resides. Unfortunately, today’s data is everywhere and, consequently, this requires FSI organizations to stitch disparate technologies together to produce a comprehensive solution. Although complex, there are some tangible strategies that can be implemented to ensure DLP is met. 

During this Interactive Deep Dive discussion, our expert speakers and deep dive attendees will examine these strategies, as well as:

  • Discuss how a top-down approach focusing on the data itself can potentially simplify data security
  • Assess the role of zero trust expansion in the way data is used rather than how it is accessed
  • 06:30 PM
  • 07:29 PM
Fawaz Rasheed
Deep Dive: How to Modernize Your SOC (Without Blowing it Up)
Fawaz Rasheed, Field CISO, VMware

Is XDR the latest marketing buzzword, or does it actually modernize the SOC as promised?  During this session we will discuss XDR's place in your security program and weigh the following questions:

  • Is there added ROI in centralizing your security stack?
  • Is there a risk to centralizing you security stack around a single vendor?
  • Does XDR enable SOC's to move past opening and closing tickets and better enable threat hunting.
  • 06:30 PM
  • 07:29 PM
Mike Wilusz
Steve Lenderman
Deep Dive: How files are a grossly overlooked signal to uncover APTs, supply chain, and other sophisticated attacks
Mike Wilusz, Head of Solutions Engineering, Stairwell
Steve Lenderman, SVP, Executive Director of Global Loss Prevention & Fraud, BM Technologies, Inc (BMTX)

There has been a significant sophistication in metadata, behavioral data, network data, etc., with the exception of where malware actually lives - in files. What happens when you go to the source and look for malware in the actual binaries? APT, supply chain attacks and vulnerabilities become easier to detect and respond to, ultimately, strengthen security posture. 

This interactive deep dive will explore ways to mitigate these vulnerabilities as well as:

  • Dissect how adversaries evade the most common signals
  • Discuss ways  in which your own data can rapidly detect threats
  • Determine how files can be the ultimate incident response dataset
  • 06:30 PM
  • 07:29 PM
Aleksandr Zhuk
Deep Dive: CISO ZEN: From Burnout to Thriving and Enjoying your CISO Role
Aleksandr Zhuk, CISO, SFOX

Information Security leaders face numerous challenges in their roles, including high stress levels and demands that can lead to burnout. Research has shown that the average tenure of a CISO is only 1.5-2 years, and that a disproportionate number of Information Security leaders turn to substance abuse to cope with the stress. This session is designed to help CISOs and Information Security leaders overcome these challenges and build resilience. 

During this interactive session you will discuss:

  • The root causes of stress in Information Security leadership
  • Strategies for managing stress and finding balance in the role
  • Techniques for prioritizing responsibilities and avoiding burnout
  • Building resilience and cultivating a healthy coping mechanism
  • What it takes personal and professionally for CISO’s to become a  CISO Zen Master.
  • 06:30 PM
  • 07:29 PM
Fred Harris
Deep Dive: Staying Ahead of the Curve: Understanding the Impact of the Upcoming Changes to SEC Cybersecurity Regulations
Fred Harris, Head of Cyber Risk, Societe Generale

The Securities and Exchange Commission (SEC) has proposed amendments to the 17 CFR regulations and  NYDFS has proposed sweeping changes to their Part 500 Cybersecurity Regulations. These proposed changes aim to address the evolving threat of cyberattacks and enhance the readiness of market participants to prevent, detect and respond to cybersecurity incidents. The proposed regulations aim to improve information security, incident response, and risk management processes for market participants, and strengthen the overall cybersecurity posture of the securities market. In this interactive deep dive session you can join the conversation to discuss:

  • Strategies to build a repeatable and sustainable program to manage regulatory changes and minimize the impact on your organizations.  
  • Determine the impact the changes will have on your organization
Closing Comments
  • 07:30 PM
  • 07:59 PM

Speaker Interviews

Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Critical Infrastructure Security Summit Preview - Grant Schneider on Water, Power and Financial Services
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Cryptocurrency's significant year with landmark arrests, an executive order, and outrageous fraud schemes.
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a Cyberattack
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a Cyberattack
Importance of Medical Ethics in Cybersecurity - Christopher Frenz on Patient Care After a...
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity Operating Model
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity Operating Model
Transforming an Organization's Security Culture - CISO Bobby Ford on Building a New Cybersecurity...
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where is CISO Role Headed?
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where is CISO Role Headed?
Profiles in Leadership: Rob Hornbuckle, CISO, Allegiant - Beyond Security, More Than Business: Where...
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship With the Board
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship With the Board
Profiles in Leadership: Selim Aissi, IMT (Ellie Mae) - Perspectives on the CISO Relationship...
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision of U.K.’s New Self-Regulatory Body
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision of U.K.’s New Self-Regulatory Body
UK Cyber Security Council to Tackle Education, Standards - Dr. Claudia Natanson Describes Vision...
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients for a Mature Program
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients for a Mature Program
Data Risk Governance: The BISO's Perspective - Patrick Benoit of CBRE on Necessary Ingredients...
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of Threats, Technology and Leadership
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of Threats, Technology and Leadership
CISO Spotlight: Troels Oerting, World Economic Forum - Veteran Cybersecurity Leader on Evolution of...
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing Hospitals Without Borders
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing Hospitals Without Borders
Driving Healthcare Innovation With a Security Mindset - ChristianaCare CISO Anahi Santiago on Securing...
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as Head of SEI’s CERT Division
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as Head of SEI’s CERT Division
Touhill: What It Takes to Be Resilient - Ex-Federal CISO Starts New Role as...
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State of the Industry and Technologies to Watch
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State of the Industry and Technologies to Watch
Art Coviello: 'It's a Roaring '20s for Technology' - RSA's Former CEO on State...
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was 'Most Secure Election of My Career'
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was 'Most Secure Election of My Career'
Election Security: Lessons Learned from 2020 - FBI's Elvis Chan on Why This Was...
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020 and Opportunities in the Year Ahead
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020 and Opportunities in the Year Ahead
CISO Spotlight: Marene Allison, Johnson & Johnson - Reflections on Seismic Change in 2020...
Do You Need a Human OS Upgrade? - CISO of World Health Organization on Multilayered Defense Strategies
Do You Need a Human OS Upgrade? - CISO of World Health Organization on Multilayered Defense Strategies
Do You Need a Human OS Upgrade? - CISO of World Health Organization on...
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity Succeeds CISO Jim Routh
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity Succeeds CISO Jim Routh
Ariel Weintraub Takes Charge of Cybersecurity at MassMutual - New Head of Enterprise Cybersecurity...
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust': An Outdated Model? - Cyjax CISO Ian Thornton-Trump Offers a Critique
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John Kindervag, on How Conversation, Industry Have Evolved
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John Kindervag, on How Conversation, Industry Have Evolved
Zero Trust: 'What Are You Trying to Protect?' - Father of Zero Trust, John...
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management Progress
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management Progress
Better Identity Coalition: A Project Update - Jeremy Grant, Coalition Coordinator, Discusses Identity Management...
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM Techniques
Changing Authentication for Employees - Navy Federal Credit Union’s Thomas Malta on Applying CIAM...
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is Broken, and It’s Time for a Change’
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is Broken, and It’s Time for a Change’
Equifax CISO Jamil Farshchi on SolarWinds and Supply Chains - ‘Supply Chain Security Is...
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM for Remote Workforce
The Critical Role of Dynamic Authentication - Wells Fargo's Sridhar Sidhu on Redefining IAM...
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps
NIST's Ron Ross: 'The Adversary Lives in the Cracks' - SolarWinds Breach Calls Attention...

February 16, 2023

ISMG Engage - Finance

© 2023 Information Security Media Group, Corp.
Privacy & GDPR Statement  |  CCPA: Do Not Sell My Personal Data
Summits Engage Roundtables Faculty About Contact Us