Mission Critical: Securing Critical Infrastructure, Connected Devices, and Crypto & Payments
Virtual Summit December 13 - 15, 2022
CyberEdBoard is the premier community of 1500+ CISOs and industry experts in the fields of security and IT. CyberEdBoard strategically connects influential practitioners, academics and organizational leaders who are passionate about advancing cybersecurity best practices, collaboration and the protection of technology worldwide. The intelligence and real-world analysis acquired through member interactions, not only strengthens the security of member organizations, but the cybersecurity ecosystem as a whole.

CyberEdBoard members from around the world have influenced and shaped the agenda, based on their insights from interviews, blogs, executive analysis of trends, breaches and almost daily attacks on their respective organizations.

Our Summit will bring top industry thought leaders together to discuss the best strategies for keeping your organization secure. Our expert group of speakers will take this one step further by providing true, tangible takeaways for optimal cyber resiliency for you and your organization.

The focus of this Summit we will be centered around 3 critical and complex areas of concern. While each area has its own set of unique challenges, each was chosen for their interconnections with almost every other area of concern within cybersecurity.

Critical Infrastructure is where security hits home- we are dependent on our infrastructure for so many facets of our daily lives. Critical functions of our societal dependencies such as water, power, transportation and financial services are a part of Critical Infrastructure, and last year we saw the strength of this dependency first-hand through the Colonial Pipeline incident.

Payments today can move in a permissionless, decentralized world, across borders, peer-to-peer and can be innovated upon at the speed of the internet and software to suit a specific need. The explosion of digital assets moved from a bitcoin-only world to a multiverse of alt-coins, stablecoins, central bank digital currencies (CBDCs), non-fungible tokens (NFTs), and decentralized finance (DeFi). The rapid expansion of the cryptoverse and its mainstream adoption by traditional financial institutions, investors and payments companies is causing a material shift in how we think about the future of finance.

Connected Devices are transforming how we conduct every aspect of business. Experts expect the number of connected devices to reach 75.44 billion by 2025, indicating a fivefold increase in only a decade. These sessions will cover medical device security, growing cybersecurity issues associated with enterprise IoT, growing attack surface, modernizing IT and OT, and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Alexander Vitruk
Senior Litigation Associate
Baker & Hostetler LLP
At BakerHostetler in Seattle, Vitruk defends and advises companies in complex litigation, with an increased focus on data privacy and cybersecurity matters. He has managed cases through all phases of litigation and arbitration and has secured positive outcomes for clients...
Craig Barrett
VP Cybersecurity
Kinder Morgan, Inc.
Craig Barrett is an experienced critical infrastructure executive with a demonstrated history of working in the information technology and services industry. Craig is skilled in cybersecurity, IT/OT network architecture, firewalls, network Engineering, IT/OT network security, and various operating systems. Craig...
Anna Delaney
Director, ISMG Productions
ISMG
Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Chuck Makarian
CISO
PACAAR
Rob Suarez
VP & CISO
BD (Becton, Dickinson & Company)
Roberto (Rob) Suárez is a cybersecurity and privacy professional in the medical device and healthcare IT industry. At BD, Rob serves as Chief Information Security Officer and strategic leader for information security. In this role Rob is responsible for developing...
Tari Schreider
Strategic Advisor
Aite-Novarica Group – Cybersecurity Practice
Schreider is a strategic adviser at Aite-Novarica specializing in cybersecurity, information assurance, security program architecture and maturity improvement. He has more than 40 years of experience in security, privacy and recovery management. Before joining Aite-Novarica, he was a distinguished technologist...
Cherilyn Pascoe
Senior Technology Policy Advisor
National Institute of Standards and Technology (NIST)
Cherilyn Pascoe is Senior Technology Policy Advisor at the National Institute of Standards and Technology (NIST), U.S. Department of Commerce. She advises NIST leadership on technology policy and strategy, including cybersecurity, privacy, and artificial intelligence. She also leads the NIST...
Roger Caslow
CISO
Hampton Roads Sanitation District
Roger Caslow has worked in the security field for over 20 years. He has insider threat/counterintelligence, ICS, physical, operational, and cybersecurity expertise. He is proficient at working with cross-functional teams in developing and building technical, governance, compliance, and risk assessment...
Paris Stringfellow
Director of Sustainability
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Paris Stringfellow is the Director of Sustainability for the Cybersecurity Manufacturing Innovation Institute (CyManII). She leads the TrustWorks-aaS division and is responsible for providing translative education and services to US manufacturers. She holds a PhD in Industrial Engineering and...
Charles Blackmore
Marine Transportation Specialist (Cyber)
United States Coast Guard
Charles Blackmore currently serves as a Marine Transportation System Specialist – Cyber at the US Coast Guard’s Office of Port & Facility Compliance where he is responsible for the development of guidance, doctrine, and policy used throughout the Marine Transportation...
Errol Weiss
CSO
Health Information Sharing and Analysis Center
Errol Weiss joined Health-ISAC in April 2019 as its first Chief Security Officer and created a threat intelligence analysis center in Titusville, Florida that provides members with meaningful and actionable threat intelligence relevant for IT and infosec professionals in the...
Virginia Wright
Energy-Cyber Portfolio Manager
Idaho National Laboratory
Virginia “Ginger” Wright is the Energy Cybersecurity Portfolio Manager for Idaho National Laboratory’s Cybercore division within its National and Homeland Security directorate. She leads programs focused on cybersecurity and resilience of critical infrastructure for DOE, DARPA and other government agencies...
Mara Winn
Deputy Director, Preparedness, Policy and Risk Analysis
CESER, U.S. DOE
Mara Winn is the Deputy Director for the Preparedness, Policy, and Risk Analysis (PPRA) division of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER). In this role, Winn leads the division in supporting energy sector security and resilience...
Eric Lorber
Principal, Financial Crimes Unit
PWC
Eric is a Principal in the Cyber, Risk & Regulatory practice at PwC, where he advises global financial institutions, corporates, and fintech firms on issues related to sanctions and anti-money laundering/combating the financing of terrorism (AML/CFT) compliance. He has helped...
Deborah Baxley
Partner
PayGility Advisors
Deborah Baxley is an international mobile/cards payment/FinTech consultant, and a recognized expert in the industry, creator of growth strategies for new and existing markets with more than 20 years’ experience consulting to cards and payment companies. Managed and delivered over...
Claire Le Gal
Sr. VP, Fraud Intelligence, Strategy & Cyber Products
Mastercard
Le Gal is senior vice president, responsible for the fraud intelligence, strategy and cyber products team in the Cyber and Intelligence Solutions division at Mastercard. She is responsible for a variety of global functions, including fraud reporting and analytics, cybersecurity...
Erin West
Deputy District Attorney
Santa Clara County, California
Erin West is a national leader in the investigation and prosecution of cryptocurrency crimes. Ms. West has spent 24 years as a Deputy District Attorney in Santa Clara County, California, and has special expertise in high tech, hate crimes and...
Michael Baker
Vice President, IT CISO
DXC Technology
Baker brings over 20 years of experience in the field across cyber leadership, talent development, risk management, audit and compliance, both as a CISO and a consultant. He is currently vice president and CISO at GDIT, serving within the Office...
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Troy Leach has spent more than 25 years educating on and advocating for the advancement of responsible technology to improve the quality of living and parity for all. Currently Mr. Leach is the Chief Strategy Officer for the non-profit, Cloud...
Bo Berlas
CISO
U.S. General Services Administration
Bo Berlas is the Chief Information Security Officer (CISO) at the U.S. General Services Administration (GSA) where he leads cybersecurity strategy, policy, operations, and implementation of the agency security program. He has over 21 years of combined Information Technology and...
James DeLuccia
Product Security Chief
Honeywell
James leads the security market strategy for global products across Honeywell on Azure and Amazon. In combination with this role, James is responsible for leading, generating, and commercializing cybersecurity market benefits and independent offerings. Author of two books, the most...
Kevin Fu
Associate Professor, IEEE Fellow, Dr. Dwight E. Harken Memorial Lecturer Founder of the Archimedes Center for Healthcare and Device Security
University of Michigan
Keith O'Sullivan
SVP. IT Risk & Chief Information Security Officer
Standard Industries
O'Sullivan is currently the CISO and senior vice president of IT risk at Standard Industries, where he developed a sophisticated information security strategy for Standard and its operating companies. As CISO, his security leadership supports innovative DevSecOps models, threat-focused offensive...
Lisa Tuttle
CISO
SPX Corporation
Lisa Tuttle has served as an executive leader of global organizations, managing technology teams with her engaging enthusiasm and unique combination of information security, privacy, legal, compliance, project management and business management expertise. As CISO of SPX Corporation, she provides...
Matanda Doss
Executive Director, Cybersecurity and Technology Controls, Commercial Bank
JPMorgan Chase & Co.
Matanda Doss is an Executive Director for the J.P. Morgan Chase, Commercial Banking Cybersecurity and Technology Controls organization. He has 25 years of technology experience, across software development, ecommerce, mobile applications, data security and financial systems. Matanda serves as an...
Steve King
Managing Director, Cybersecurity Marketing Advisory Services
CyberTheory
Steve King has served in senior leadership roles in technology development and deployment for the past 25 years. He is an author, lecturer and serial startup founder, including three successful exits in cybersecurity, and served for six years as the...
Howard Grimes
CEO
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Howard Grimes is a noted research scientist and author with 25 years of success in directing complex university and National Laboratory research programs and entrepreneurial start-up initiatives. Currently, Dr. Grimes serves as the Chief Executive Officer for the Cybersecurity...
Nick Parham
Marine Transportation System Cybersecurity Coordinator
United States Coast Guard Atlantic Area Command
Mr. Nick Parham currently serves as the Marine Transportation System (MTS) Cybersecurity Coordinator responsible for development and execution of Coast Guard cybersecurity regulations and policies impacting MTS stakeholders operating in the Atlantic Area. The area of responsibility encompasses all inland...
Elvis Chan
Asst. Special Agent in Charge San Francisco Division, Cyber Branch
FBI
Chan manages a squad responsible for investigating national security cyber matters. He is a decorated agent who is recognized within the Intelligence Community as a cyberterrorism expert. SSA Chan was the lead agent on significant cyber investigations and managed joint...
Mike Manrod
CISO
Grand Canyon Education, Inc.
Mike presently serves as the Chief Information Security Officer for Grand Canyon Education, responsible for leading the security team and formulating the vision and strategy for protecting students, staff, and information assets across the enterprise. Previous experiences include serving as...
Puesh Kumar
Director, Office of Cybersecurity, Energy Security, and Emergency Response
U.S. DOE
Kumar leads DOE’s mission to address cyber, physical, and natural hazards and threats to the U.S. energy infrastructure. Kumar has over 15 years of experience in grid modernization, cybersecurity, and emergency response within the energy sector. Most recently, Kumar was...
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ari Redbord is the head of legal and government affairs at TRM Labs, the blockchain intelligence company. Prior to joining TRM, he was the senior adviser to the deputy secretary and the undersecretary for terrorism and financial intelligence at the...
Caroline Hill
Director of Global Policy and Regulatory Strategy
Circle
Hill is the Director for Global Policy and Regulatory Strategy at Circle. Prior to joining Circle, Caroline led the U.S. Treasury Department’s efforts to develop and implement policies to counter money laundering and terrorist financing in Africa and the Western...
Mike Timoney
Vice President - Secure Payments
Federal Reserve Bank of Boston
Timoney is Vice President of Secure Payments at the Federal Reserve Bank of Boston. Timoney has responsibility to understand the payments and fraud landscape and identify areas where security must be improved. He is responsible for the design, development, and...
Samant Nagpal
General Manager and Global Head of Risk
Square
Nagpal has two decades of experience in risk and payments. As the head of risk at Square, he is responsible for managing credit, fraud and chargeback risk and for building seller/merchant-facing risk products that help sellers manage their own risk-reward...
Shawn Bradstreet
Special Agent in Charge, San Francisco Field Office
U.S. Secret Service
Shawn Bradstreet is a federal law enforcement special agent with over 25 years of experience with the U.S. Secret Service. Mr. Bradstreet is a Senior Executive Service Leader in Northern California and leads four field offices. He currently oversees the...
John Yeoh
Global Vice President of Research
Cloud Security Alliance
With over 15 years of experience in research and technology, John excels at executive-level leadership, relationship management, and strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next...
James Hitchcock
Vice President, Fraud Mitigation
American Bankers Association
Jim Hitchcock is the Vice President for Fraud Mitigation at ABA and serves as the association’s primary expert on fraud mitigation activities and programs. In this role, he identifies and tracks key fraud topics and trends, runs banker committees focused...
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Karen Boyer has over 20 years of diverse banking experience with over 15 in the realm of Fraud. She is currently Vice President of Financial Crimes and Fraud Intelligence, at People’s United Bank, a regional bank in the Northeast with...
Lana DeMaria
Director, Data Privacy
Alaska Airlines
Lana is a motivated and results-oriented leader with international experience (deploying impactful programs, landing global projects, and establishing connections with brilliant people in the US, Russia, India, Canada, Ireland, South Africa, Singapore, Argentina, Egypt, Czech Republic). Lana is experienced in...
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
John Kindervag is the "Father of Zero Trust," who as an analyst at Forrester invented the term and defined the reference architecture for a network whose five basic principles defined the notion of Zero Trust. He is also the co-founder...
Denny Prvu
Global Director of Identity & Access Management
RBC
Denny Prvu has worked around the world in the public and private sectors as a strategist, architect and communicator on identity, security and privacy topics for over 20 years. He has worked on standards and made active contributions in areas...
Kristi Wilson
Senior Fraud Manager, Special Investigations
T-Mobile
Wilson is a telecommunications industry professional with 15+years in fraud detection, mitigation, and criminal analytics. Kristi’s passion for Fraud began early in her career as an investigator for Commerce Bank, headquartered in Kansas City, MO. The last 10 years have...
Ben Deering
Director for Cybersecurity and Operations Policy
The White House
A. Ben Deering is the Director for Cybersecurity and Operations Policy at the National Security Council. Ben previously served as the Critical Infrastructure Pillar Coordinator at the Office of the Director of National Intelligence (ODNI), on a joint duty assignment...
Grant Schnieder
Senior Director for Cybersecurity Services (Former U.S. federal CISO)
Venable LLP
Schneider is the senior director for Cybersecurity Services at Venable LLP. Prior to Venable, Schneider served as the U.S. federal CISO, the U.S. deputy federal CISO and as senior director for Cybersecurity Policy on the White House National Security Council....
Jerry Cochran
Deputy CIO – Cybersecurity & DigitalOps
Pacific Northwest National Laboratory
Cochran serves as Pacific Northwest National Laboratory’s deputy chief information officer and division director of the Cybersecurity and DigitalOps Division, Computing and IT Directorate. He oversees cybersecurity, the office of the CISO, enterprise IT engineering and operations. Cochran also leads...
Chris Carter
Information Security Analyst
Port of Vancouver, USA
Chris Carter joined the Port of Vancouver USA in May 2015 and now serves in the role of Information Security Analyst. His responsibilities include establishing and maintaining secure information technology networks and supporting the port’s IT infrastructure. Chris also provides...
Erik Decker
VP & CISO
Intermountain Healthcare
Erik Decker is the Vice President and Chief Information Security Officer for Intermountain Healthcare, a multi-state integrated delivery network based in Salt Lake City, Utah. Erik has 22 years of experience within Information Technology, with 15 years focused on Information...
Armando Seay
Founder
Maryland Innovation & Security Institute
Armando Seay is a Co-founder and Director for the Maryland Innovation and Security Institute (MISI). Armando is also a Director and Technical Program Director for MISI’s DreamPort cyber solutions accelerator. Armando leads the critical infrastructure cybersecurity team, tech outreach and...
Manny Cancel
SVP and CEO
E-ISAC
Cancel became NERC senior vice president and chief executive officer of the Electricity Information Sharing and Analysis Center (E-ISAC) in January 2020. He is responsible for the management and oversight of the E-ISAC and leads security operations and information sharing,...
Alex Zerden
Founder and Principal
Capitol Peak Strategies
Alex has published extensively on issues involving AML/CFT, economic sanctions, digital assets, anti-corruption, cybersecurity, and FinTech, including with the American Banker, Atlantic Council, Brookings Institution, Center for American Progress, Center for Strategic and International Studies, and New York University School...
Peter Tapling
Board Member
U.S. Faster Payments Council
Tapling is an innovator and adviser in security, risk, authentication and payments. He is a board member of the U.S. Faster Payments Council and was a steering committee member of the Federal Reserve Secure Payments Task Force. Tapling was founder...
Lawrence Scheinert
Associate Director, Compliance and Enforcement, Office of Foreign Assets Control (OFAC)
U.S. Department of the Treasury
Lawrence Scheinert is the Associate Director for Compliance and Enforcement at the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC). In this role, he oversees OFAC’s enforcement, compliance, and private sector outreach programs. Mr. Scheinert previously served as a...
Cody Carbone
VP of Policy
Chamber of Digital Commerce
Edison Alvarez
Director, Information Security – Cybersecurity Governance
BD (Becton, Dickinson & Company)
Ron Ross
Fellow
NIST
View Agenda
Welcome to the Mission Critical: Securing Critical Infrastructure, Connected Devices, and Crypto & Payments Summit!
  • 08:30 AM
  • 04:59 PM
Building an IoT Security Roadmap
Bo Berlas, CISO, U.S. General Services Administration

As CISO of GSA, the largest real estate company in the world, Bo Berlas monitors, manages and secures thousands of devices. With over 21 years of combined information technology and cybersecurity experience spanning both private industry and the federal government, Bo shares details of how he developed an IoT/OT security roadmap, the challenges he has faced in the process, and how he approaches segmentation, supply chain management and device testing. 

In this fireside chat Bo Berlas, CISO, GSA will discuss:

  • Developing an IoT/OT security roadmap - successes and challenges 
  • Techniques to achieve visibility 
  • Supply chain risk management
  • Software and hardware device testing 
Bo Berlas
  • 09:00 AM
  • 09:29 AM
The 2023 SBOM, Bombshell! Are you Compliant?
Grant Schnieder, Senior Director for Cybersecurity Services (Former U.S. federal CISO), Venable LLP
James DeLuccia, Product Security Chief, Honeywell
Michael Baker, Vice President, IT CISO, DXC Technology

A Software Bill of Materials (“SBOM”) has been identified by the cybersecurity community as a key aspect of modern cybersecurity, including software security and supply chain security. . E.O. 14028 declares that “the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is, and to the consequences we will incur if that trust is misplaced.

In this session our panel of experts will explore and debate:

  • Sharing and Exchanging SBOMs—Moving SBOMs and related metadata across the software supply chain
  • Implementation —SBOM implementation will be driven by a range of accessible and constructive tools and enabling applications, both open source and commercial in nature.
  • Can you write your own SBOM
Grant Schnieder
James DeLuccia
Michael Baker
  • 09:30 AM
  • 09:59 AM
Leveraging Threat Intelligence to Protect Critical Infrastructure
Ben Deering, Director for Cybersecurity and Operations Policy, The White House

Cyber threat intelligence is focused on the ability to understand the current and potential future threats facing an organization or system. Some public and private sector organizations focus on collecting and analyzing the information necessary to develop cyber threat intelligence. Leveraging this intelligence to protect critical infrastructure systems can significantly enhance the ability to successfully defend against cyber-attacks. However, there are often challenges with getting this information to the right person and knowing what defense steps to take. These challenges can range from the fact that cyber threat intelligence is always sensitive and often classified, meaning it is closely held by a small group; or it is too vague to be of any practical use. This session will: 

  • Recognize the obstacles and solutions to implementing cyber threat intelligence
  • Discuss challenges of getting information to the right person 
  • Leverage existing intelligence and analysis to protect critical infrastructure systems
Ben Deering
  • 10:00 AM
  • 10:29 AM
  • 10:30 AM
  • 10:59 AM
General Session
Kevin Fu
Edison Alvarez
Medical Device Cybersecurity: Top Priorities
Kevin Fu, Associate Professor, IEEE Fellow, Dr. Dwight E. Harken Memorial Lecturer Founder of the Archimedes Center for Healthcare and Device Security, University of Michigan
Edison Alvarez, Director, Information Security – Cybersecurity Governance, BD (Becton, Dickinson & Company)

The cybersecurity threats and challenges involving medical devices just keep growing, potentially putting patient safety, data confidentiality and security at risk. This session will explore ways healthcare CISO and their teams can better address issues, including:

  • The differences between IT cybersecurity versus OT cybersecurity in dealing with medical devices;
  • How healthcare delivery organizations can prioritize and put into action recommendations contained in guidance materials, vulnerability alerts, white papers and other documents pertaining to medical device cybersecurity;
  • Top medical device lessons emerging from ransomware and other disruptive cyberattacks that have been hitting the healthcare sector;
  • The importance of medical device SBOMs – as well as dealing with the challenges that SBOMs create for some entities.
  • 10:30 AM
  • 10:59 AM
Track A
Cherilyn  Pascoe
NIST Cybersecurity Framework 2.0: Latest Updates Unpacked
Cherilyn Pascoe, Senior Technology Policy Advisor, National Institute of Standards and Technology (NIST)

The National Institute of Standards and Technology is updating the Cybersecurity Framework to keep pace with the evolving cybersecurity risks, standards, and technology landscape.  The NIST Cybersecurity Framework, originally developed for critical infrastructure sectors, is now viewed as foundational to securing organizations of all sectors and sizes around the world.  Join this session to learn about the update process, including areas of focus, for the Cybersecurity Framework 2.0, as well as share your feedback about the use and potential improvements to the Framework.  

  • 11:30 AM
  • 11:59 AM
General Session
Karen Boyer
Kristi Wilson
How is Mobile Phone Fraud Evolving - and What Can We Do About It?
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
Kristi Wilson, Senior Fraud Manager, Special Investigations, T-Mobile

An acceleration in the pace of digital transformation has undoubtedly seen many consumers adopting mobile banking. However, criminals have also adapted to this new environment and have accordingly evolved their tactics in the form of increasingly sophisticated and targeted account takeover attacks. So how can we improve our detection and mitigation techniques to thwart fraudsters and protect consumers?

This expert panel will share insights and strategies, including:

  • How the past two-plus COVID years have changed the face of fraud;
  • The evolution of unauthorised mobile porting, SIM swapping and account takeover fraud;
  • How the industry can adopt stronger authentication methods such as FIDO.
  • 11:30 AM
  • 11:59 AM
Track A
Steve King
Grant Schnieder
Roger Caslow
Why It’s Essential to Operationalize a Cybersecurity Framework for Critical Infrastructure
Steve King, Managing Director, Cybersecurity Marketing Advisory Services, CyberTheory
Grant Schnieder, Senior Director for Cybersecurity Services (Former U.S. federal CISO), Venable LLP
Roger Caslow, CISO, Hampton Roads Sanitation District

There are many options to choose from when selecting a framework for your cybersecurity program and typically your choice comes down to your industry vertical. We will have a discussion on the most commonly used enterprise level frameworks, what is needed to adopt them and how they provide benefit to your organization. Our expert panel will:

  • Evaluate some of the best practices for structural alignment with capabilities and solutions, and which security controls are needed for audit
  • Analyze how to align IT with OT, as well as the overarching organizational strategy needs and roadmaps
  • Discuss ways to not only support governance structure internally, but also ensure regulation and other external requirements are met
  • 11:30 AM
  • 11:59 AM
Track B
Ari Redbord
Caroline Hill
Eric Lorber
Alex Zerden
Crypto's Promise: The Use of Digital Assets for Economic Prosperity
Ari Redbord, Head of Legal and Government Affairs, TRM Labs
Caroline Hill, Director of Global Policy and Regulatory Strategy, Circle
Eric Lorber, Principal, Financial Crimes Unit, PWC
Alex Zerden, Founder and Principal, Capitol Peak Strategies

The promise of cryptocurrency, cross border value transfer at the speed of the internet, presents tremendous challenges for businesses and policy makers alike. However, according to our panel of experts, these challenges are far outweighed by the opportunities cryptocurrency provides. 

Our expert panel will discuss the most notable crypto insights, and will:

  • Discuss the ways in which crypto can address some of the most pressing global humanitarian needs
  • Debate whether or not crypto can actually democratize finance and the overall banking industry
  • Analyze the ways in which crypto is creating a new “internet of money” and the opportunities that it allows for accordingly
  • 12:00 PM
  • 12:29 PM
General Session
Interactive Session - Coming Soon!








  • 12:00 PM
  • 12:29 PM
Track A
Howard Grimes
Paris Stringfellow
Jerry  Cochran
Collaborative Cyber Defense: Just a Promise or a Practical Reality?
Howard Grimes, CEO, Cybersecurity Manufacturing Innovation Institute (CyManII)
Paris Stringfellow, Director of Sustainability, Cybersecurity Manufacturing Innovation Institute (CyManII)
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory

Cyber defense is increasingly becoming more important to the federal government’s overarching administrative agenda. There is an important need from the various organizations (CISA, DOE CESER, etc.), to incentivize the transition from collaboration, to cooperation within these distinct entities.

This panel will cover these strategies and will:

  • Discuss ways to collaborate across public/private as well as intra- and inter-sector entities to thwart and stay ahead of adversaries targeting critical infrastructures
  • Debate whether or not the 20-year evolution of cyber information/threat sharing is still working, and, if not, how can it be improved
  • Assess the opportunities for mutual aid and defense from the government to various sectors
  • 12:00 PM
  • 12:29 PM
Track B
Mike Timoney
Deborah Baxley
Peter Tapling
Faster Payments Fraud: How Can We Outpace the Criminals?
Mike Timoney, Vice President - Secure Payments, Federal Reserve Bank of Boston
Deborah Baxley, Partner, PayGility Advisors
Peter Tapling, Board Member, U.S. Faster Payments Council

As banks, merchants and individuals continue to adopt faster payments, fraud is outpacing fraud prevention. How are patterns of fraudulent activity in faster payments different to traditional payment methods? How are the fraud actors collaborating within their fraud community? What are the technologies and controls we need to mitigate this criminality? 

Our expert panel will share insights and strategies that will: 

  • Discuss the faster payments fraud landscape
  • Assess the technologies and controls needed to mitigate this criminality
  • Evaluate how can we improve information sharing and collaboration efforts
  • 12:30 PM
  • 12:59 PM
General Session
Troy Leach
John Yeoh
Securing the People in Our Streets through the Interconnections of Technology
Troy Leach, Chief Strategy Officer, Cloud Security Alliance
John Yeoh, Global Vice President of Research, Cloud Security Alliance

Technology has enabled humans to do more than we ever have before. Intelligent systems have reached our cars, bikes, scooters, and skateboards for use in navigation, streaming services, safety, and more. Controlled by critical ingredients, the smart city ecosystem ensures that we are protecting our most valuable assets, the human. Troy Leach, our expert speaker, will share his insights on how technology is being used for everyday living and safety and will:

  • Highlight the edge networks, application management systems and highway infrastructure that support our day-to-day living and security
  • Discuss the most innovative technology stacks to reach new capabilities
  • Assess how security must be addressed to keep our data, lives, and streets safe
  • 12:30 PM
  • 12:59 PM
Track A
Nick Parham
Chris Carter
Charles Blackmore
Regulating and Being Regulated: A Public-Private Partnership at the Ports 
Nick Parham, Marine Transportation System Cybersecurity Coordinator, United States Coast Guard Atlantic Area Command
Chris Carter, Information Security Analyst, Port of Vancouver, USA
Charles Blackmore, Marine Transportation Specialist (Cyber), United States Coast Guard

In the wake of the terrorist attacks from September 11, the Maritime Transportation Security Act (MTSA) was implemented across the commercial shipping industry in the United States. With the rise and evolving threat of cybersecurity attacks during the past decade, the Coast Guard has worked with public and private partnerships at America's ports to leverage the MTSA and enhance cybersecurity mitigation and resiliency at these ports. The industries operating in America's ports are critical components of multiple supply chains and often fall into multiple critical infrastructure categories. 

Key takeaways include actionable insights to:  

  • Leverage existing partnerships within ports to address cybersecurity vulnerabilities
  • Take action within an existing regulatory framework to address cybersecurity vulnerabilities
  • Facilitate information sharing and analysis to bridge the public/private communication gap
  • 12:30 PM
  • 12:59 PM
Track B
Troy Leach
Ari Redbord
The Global State of Crypto: Regulations and Challenges on the Horizon
Troy Leach, Chief Strategy Officer, Cloud Security Alliance
Ari Redbord, Head of Legal and Government Affairs, TRM Labs

From brazen crypto fraud schemes to landmark arrests and an historic executive order, 2022 has been a watershed year for cryptocurrency. But how are global entities both using and regulating crypto, and what is the global outlook/influence?

Join government/crypto expert Ari Redbord for an entertaining and informative look at global governments’ approach to crypto, where he will:

  • Analyze the global investigatory practices being used to reduce crypto crime
  • Discuss the global legislation that is being implemented, and how this impacts the cybersecurity space
  • Assess the impact of major legislations, such as Biden's Executive Order, as well as other notable global policies affecting the crypto space
  • 01:00 PM
  • 01:29 PM
General Session
Tari Schreider
Attack Surface Management: Avoiding Device Whack-a-Mole
Tari Schreider, Strategic Advisor, Aite-Novarica Group – Cybersecurity Practice

Chief information security officers (CISOs) face unseen and unmanaged assets, resulting in poor asset hygiene and exploitable areas of an IT estate. Various cybersecurity solutions attempt to discover computing assets, but few are equipped to identify today’s expansive and complex attack surfaces

  • 01:00 PM
  • 01:29 PM
Track A
Ron Ross
Interactive Session- Cyber Resiliency by Design
Ron Ross, Fellow, NIST

During this live interactive session, attendees will have the opportunity to engage with NIST Fellow Ron Ross.

Ross will dive into the recently-revised NIST Special Publication 800-160, Volume 2, Revision 1, Developing Cyber-Resilient Systems: A Systems Security Engineering Approach. His current project is helping to update Volume 1, as well as 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. 

His primary interests: System and cyber resiliency and the importance of implementing well-established design principles for trustworthy secure systems.

In this exclusive live session, Ross will take questions directly from Summit attendees and speak about topics such as:

  • Gaps in building cyber resiliency by design
  • NIST's revised and pending guidance
  • The CISO's burden in overseeing cyber risk and how it can be eased
  • 01:00 PM
  • 01:29 PM
Track B
Lawrence Scheinert
OFAC on Crypto Sanctions Compliance
Lawrence Scheinert, Associate Director, Compliance and Enforcement, Office of Foreign Assets Control (OFAC), U.S. Department of the Treasury

Virtual currencies are beginning to play an increasingly prominent role in the global economy. The growing prevalence of virtual currency as a payment method, likewise brings greater exposure to sanctions risks—like the risk that a sanctioned person or a person in a jurisdiction subject to sanctions might be involved in a virtual currency transaction. Accordingly, the virtual currency industry, including technology companies, exchangers, administrators, miners, wallet providers, and users, plays an increasingly critical role in preventing sanctioned persons from exploiting virtual currencies to evade sanctions and undermine U.S. foreign policy and national security interests.

In this Exclusive Session with Lawrence Scheinert, Associate Director, Compliance and Enforcement, Office of Foreign Assets Control (OFAC) at U.S. Department of the Treasury he will:

  • Identify who must comply with OFAC sanctions and why
  • Discuss the consequences of noncompliance and the implications of this on cybersecurity practitioners 
  • Analyze how to “block” virtual currency"
  • 01:30 PM
  • 01:59 PM
General Session
Matanda Doss
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk
Matanda Doss, Executive Director, Cybersecurity and Technology Controls, Commercial Bank, JPMorgan Chase & Co.

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world. This session will illuminate

  • Biggest threats based on trending attacks 
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 01:30 PM
  • 01:59 PM
Track A
Elvis  Chan
Election Security: What Did We Learn From the Mid-term Elections
Elvis Chan, Asst. Special Agent in Charge San Francisco Division, Cyber Branch, FBI

Since 2016, election security has emerged as one of the newest and most urgent aspects of critical infrastructure protection. And Elvis Chan of the FBI's San Francisco office has been at the forefront of assessing and mitigating election security threats. In this session, Chan will:

  • Address the latest threats to election integrity
  • Explain the stepped-up effort of the U.S. government in general and FBI in particular
  • Describe the shifting cyber threat landscape post-Russia's invasion of Ukraine


  • 01:30 PM
  • 01:59 PM
Track B
Claire Le Gal
Mastercard's Claire Le Gal on Responding to the New 'Fraud Universe'
Claire Le Gal, Sr. VP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

If we have learned anything from digital transformation, it's that fraud now comes in multiple forms across multiple vectors - simultaneously. And for financial services organizations to be able to spot and stop these schemes requires tearing down silos and building new partnerships like never before.

Claire Le Gal, a 26-year Mastercard veteran, shares exclusive insights, in which she will:

  • Analyze the emerging fraud trends, and take a deep dive into the reasons why they are so challenging to detect
  • Discuss strategies that inhibit fraudsters and make it harder for them to succeed
  • Shed light on what constitutes a fraud fusion centers, and the ways in which they offer cross-enterprise collaboration that needs to occur
  • 02:00 PM
  • 02:29 PM
General Session
Lana DeMaria
Alexander Vitruk
Biometrics and IoT- The Golden Ticket of Security?
Lana DeMaria, Director, Data Privacy, Alaska Airlines
Alexander Vitruk, Senior Litigation Associate, Baker & Hostetler LLP

Governments and industries in the private sector are ever interested in using biometrics for automatically identify or authenticate people. Biometrics definitely appear like the “golden key” of security – it’s much harder to spoof an iris scan or fingerprint than a password! However, collection of biometric data also comes with its share of unique risks. 

Come to this session to learn how Alaska Airlines has embraced the use of biometrics to streamline and improve the guest experience without compromising guest privacy and security of their data.

  • 02:00 PM
  • 02:29 PM
Track A
Erik  Decker
Errol Weiss
Health Sector Progress: Collaborations and Public Partnership
Erik Decker, VP & CISO, Intermountain Healthcare
Errol Weiss, CSO, Health Information Sharing and Analysis Center

Healthcare is among the most targeted critical infrastructure sectors. How are healthcare sector entities - and their CISOs and security teams - working with their peers, industry competitors, government agencies and information sharing organizations to help fend off the rising cyberthreats striking from so many different directions? This session will:

  • Spotlight Information sharing and other collaborative healthcare sector cybersecurity efforts – where progress is being made
  • Identify cybersecurity resources for the private and public health sectors, and what else is still much needed
  • Explore ways healthcare organizations and their security leadership can become more proactive in addressing sector cyber threats and risks


  • 02:00 PM
  • 02:29 PM
Track B
Ari Redbord
Alex Zerden
Eric Lorber
Caroline Hill
Interactive Session
Ari Redbord, Head of Legal and Government Affairs, TRM Labs
Alex Zerden, Founder and Principal, Capitol Peak Strategies
Eric Lorber, Principal, Financial Crimes Unit, PWC
Caroline Hill, Director of Global Policy and Regulatory Strategy, Circle

Join us for this exclusive, live and interactive video session. Our expert group of industry thought leaders will continue the conversation from their session earlier in the day - “Crypto's Promise: The Use of Digital Assets for Economic Prosperity.” Don’t miss out on your chance to ask these experts all of your pressing Crypto questions. Do you share their passion for Crypto, and believe that it can address humanitarian needs or do think it is the down fall of civilization? What does the FTX Bankruptcy mean for the rest of the industry? We look forward to this live conversation, see you there!

  • 02:30 PM
  • 02:59 PM
Track A
Armando Seay
Roger Caslow
Mike  Manrod
Lessons Relearned From the Russian Invasion of Ukraine, the Cybersecurity Threat Reality and Defense
Armando Seay, Founder, Maryland Innovation & Security Institute
Roger Caslow, CISO, Hampton Roads Sanitation District
Mike Manrod, CISO, Grand Canyon Education, Inc.

Since the late 90’s, our critical infrastructure has been under documented attack from various APTs, groups affiliated with nation states to include Russia. Russia’s directed cyber-attacks on the Ukraine are well documented, as is the intended blast radius to include the US and allies, which has been ramped up since the February 2022 invasion of the Ukraine. So how do we defend our critical infrastructure from this now and into the future? Our cybersecurity advice has not changed, merely has evolved to associate advice given for IT to also include OT and IoT basic hygienic solutions. Expect to learn key practices from our session, in which our panel of experts will:

  • Discuss incident response plans that can proactively defend your organization against a number of potential threats
  • Assess the best strategies to build a defensible architecture, and ensure network security is properly monitored in the process
  • Look at the most effective vulnerability and patch management testing methods
  • 02:30 PM
  • 02:59 PM
Track B
Troy Leach
Samant Nagpal
The Critical Role of Compliance & Collaboration in Crypto and Payments
Troy Leach, Chief Strategy Officer, Cloud Security Alliance
Samant Nagpal, General Manager and Global Head of Risk, Square

Establishing trust within industry guidelines for crypto and other payments is crucial, but how is this trust truly built? Our expert speakers will take a deep dive into best practices for transparency, in which they will:

  • Discuss the increasing importance of third-party transparency
  • Analyze how the industry is trying to streamline the many different requests for guidance
  • Evaluate emerging solutions that allow for the most effective scalability
  • 03:00 PM
  • 03:29 PM
Track A
Grant Schnieder
Jerry  Cochran
Virginia Wright
Puesh Kumar
The State of Critical Infrastructure Resilience
Grant Schnieder, Senior Director for Cybersecurity Services (Former U.S. federal CISO), Venable LLP
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Virginia Wright, Energy-Cyber Portfolio Manager, Idaho National Laboratory
Puesh Kumar, Director, Office of Cybersecurity, Energy Security, and Emergency Response, U.S. DOE

If you talk to the energy sector, they will weave resilience into their cybersecurity discussions. For example, the electric, oil and gas, transportation, water and telecommunications sectors will look at cyber differently than health or financial sectors. Generally, the water, electric, and oil and gas sectors have more similarities and interdependencies than any other Critical Infrastructure sector combined. Our panel will shed light on some of the most effective cross-sector resilience strategies and will: 

  • Discuss the best ways to adopt a framework and best communications and operational methods to achieve this
  • Analyze the performance of scenario-based risk assessments to better help inform business continuity plans
  • Assess the broader regulatory and operational requirements that guide these critical business decisions
  • 03:00 PM
  • 03:29 PM
Track B
Karen Boyer
James Hitchcock
The Challenge of Zelle Fraud
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
James Hitchcock, Vice President, Fraud Mitigation, American Bankers Association

Fast, convenient … free! It's not surprising that Zelle is America's most popular payment app. The peer-to-peer (P2P) payment service, created by a consortium of major US banks, lets users transfer funds directly between bank accounts at no charge. Unfortunately it's also proven popular with the fraudsters. Through well-crafted social engineering techniques, criminals are successfully duping consumers to make fraudulent transactions. How can we tackle the new challenge of P2P payment fraud?

This expert panel will share insights and strategies, where they will:

  • Analyze the Zelle scams and other social engineering trends, and their impact on the overall payment fraud landscape
  • Discuss the challenges for banks, consumers and regulators
  • Evaluate best practices to prevent and reduce the impact of impersonation fraud
  • 03:30 PM
  • 03:59 PM
Track A
Mara Winn
Manny Cancel
Energy Sector: Drill Down Best Practices for Preemption and Resilience
Mara Winn, Deputy Director, Preparedness, Policy and Risk Analysis, CESER, U.S. DOE
Manny Cancel, SVP and CEO, E-ISAC

The energy sector puts significant resources into building systems that are resilient. These efforts have traditionally been focused on capacity building and preparing for potential natural disasters. The challenge of resilience changes when preparing for and recovering from a cyber-attack that may not be limited to a particular geographic area.  This discussion will

  • Address practices that ensure energy resilience in the digital age
  • Identify systems and processes required to mitigate risk across the industry
  • Provide insights on how energy companies can work better with others across the value chain to improve cybersecurity
  • 03:30 PM
  • 03:59 PM
Track B
Cody Carbone
How the Future of U.S. Crypto Regulation Will Impact Your Organization
Cody Carbone, VP of Policy, Chamber of Digital Commerce

Crypto has been one of the top buzz words across all industries in 2022- from some of the most high-profile crimes involving crypto, to President Biden's historic executive order- but what does this actually mean for CISOs when it comes to their day-to-day security measures and implementation? This session will address what your organization should be cognizant of in the crypto regulatory landscape going into 2023. Join Cody Carbone, former Commissioner at U.S. Commodity Futures Trading Commission and the Chief Policy Officer at the Chamber of Digital Commerce, where he will:

  • Assess 2023 predictions for the U.S. crypto regulations and their impacts on the private sector
  • Discuss the latest updates and takeaways from the Biden administration’s crypto strategy report
  • Analyze how businesses can best prepare for future regulation and adapt accordingly
Crypto and Crime: How to Detect and Protect Your Organization
Ari Redbord, Head of Legal and Government Affairs, TRM Labs
Erin West, Deputy District Attorney, Santa Clara County, California
Shawn Bradstreet, Special Agent in Charge, San Francisco Field Office, U.S. Secret Service

"The same qualities that make crypto a force for good- decentralized cross border value transfer at the speed of the internet - also make it susceptible to illicit actors who want to move large amounts of funds quickly. While, in recent years, we have seen a proliferation of scams and fraud - from pig butchering to discord hacks, wash trading to rug pulls - we have also seen law savvy law enforcement and prosecutors at the state and federal level meet the challenge with new tools and expertise. Our panel of expert crypto investigators will:

  • Discuss the latest in investigating crypto- specialized units, tools, training and the most notable types of cases 
  • Evaluate the trends and major typologies that are most prominent today 
  • Assess what are the biggest challenges today in crypto investigations, as well what is on the horizon in the future investigative space
  • Discuss the importance of public/private partnerships in reducing crypto illicit actors across the board
Ari Redbord
Erin West
Shawn Bradstreet
  • 04:00 PM
  • 04:29 PM
On Demand

All content from Day 1 will be available on demand on Day 2 and 3, Wednesday, December 14th and Thursday, December 15th. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 12:00 AM
  • 11:58 PM

CyberEdBoard is the premier community of 1500+ CISOs and industry experts in the fields of security and IT. CyberEdBoard strategically connects influential practitioners, academics and organizational leaders who are passionate about advancing cybersecurity best practices, collaboration and the protection of technology worldwide. The intelligence and real-world analysis acquired through member interactions, not only strengthens the security of member organizations, but the cybersecurity ecosystem as a whole.

CyberEdBoard members from around the world have influenced and shaped the agenda, based on their insights from interviews, blogs, executive analysis of trends, breaches and almost daily attacks on their respective organizations.

Our Summit will bring top industry thought leaders together to discuss the best strategies for keeping your organization secure. Our expert group of speakers will take this one step further by providing true, tangible takeaways for optimal cyber resiliency for you and your organization.

The focus of this Summit we will be centered around 3 critical and complex areas of concern. While each area has its own set of unique challenges, each was chosen for their interconnections with almost every other area of concern within cybersecurity.

Critical Infrastructure is where security hits home- we are dependent on our infrastructure for so many facets of our daily lives. Critical functions of our societal dependencies such as water, power, transportation and financial services are a part of Critical Infrastructure, and last year we saw the strength of this dependency first-hand through the Colonial Pipeline incident.

Payments today can move in a permissionless, decentralized world, across borders, peer-to-peer and can be innovated upon at the speed of the internet and software to suit a specific need. The explosion of digital assets moved from a bitcoin-only world to a multiverse of alt-coins, stablecoins, central bank digital currencies (CBDCs), non-fungible tokens (NFTs), and decentralized finance (DeFi). The rapid expansion of the cryptoverse and its mainstream adoption by traditional financial institutions, investors and payments companies is causing a material shift in how we think about the future of finance.

Connected Devices are transforming how we conduct every aspect of business. Experts expect the number of connected devices to reach 75.44 billion by 2025, indicating a fivefold increase in only a decade. These sessions will cover medical device security, growing cybersecurity issues associated with enterprise IoT, growing attack surface, modernizing IT and OT, and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Alexander Vitruk
Senior Litigation Associate
Baker & Hostetler LLP
At BakerHostetler in Seattle, Vitruk defends and advises companies in complex litigation, with an increased focus on data privacy and cybersecurity matters. He has managed cases through all phases of litigation and arbitration and has secured positive outcomes for clients...
Craig Barrett
VP Cybersecurity
Kinder Morgan, Inc.
Craig Barrett is an experienced critical infrastructure executive with a demonstrated history of working in the information technology and services industry. Craig is skilled in cybersecurity, IT/OT network architecture, firewalls, network Engineering, IT/OT network security, and various operating systems. Craig...
Anna Delaney
Director, ISMG Productions
ISMG
Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Chuck Makarian
CISO
PACAAR
Rob Suarez
VP & CISO
BD (Becton, Dickinson & Company)
Roberto (Rob) Suárez is a cybersecurity and privacy professional in the medical device and healthcare IT industry. At BD, Rob serves as Chief Information Security Officer and strategic leader for information security. In this role Rob is responsible for developing...
Tari Schreider
Strategic Advisor
Aite-Novarica Group – Cybersecurity Practice
Schreider is a strategic adviser at Aite-Novarica specializing in cybersecurity, information assurance, security program architecture and maturity improvement. He has more than 40 years of experience in security, privacy and recovery management. Before joining Aite-Novarica, he was a distinguished technologist...
Cherilyn Pascoe
Senior Technology Policy Advisor
National Institute of Standards and Technology (NIST)
Cherilyn Pascoe is Senior Technology Policy Advisor at the National Institute of Standards and Technology (NIST), U.S. Department of Commerce. She advises NIST leadership on technology policy and strategy, including cybersecurity, privacy, and artificial intelligence. She also leads the NIST...
Roger Caslow
CISO
Hampton Roads Sanitation District
Roger Caslow has worked in the security field for over 20 years. He has insider threat/counterintelligence, ICS, physical, operational, and cybersecurity expertise. He is proficient at working with cross-functional teams in developing and building technical, governance, compliance, and risk assessment...
Paris Stringfellow
Director of Sustainability
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Paris Stringfellow is the Director of Sustainability for the Cybersecurity Manufacturing Innovation Institute (CyManII). She leads the TrustWorks-aaS division and is responsible for providing translative education and services to US manufacturers. She holds a PhD in Industrial Engineering and...
Charles Blackmore
Marine Transportation Specialist (Cyber)
United States Coast Guard
Charles Blackmore currently serves as a Marine Transportation System Specialist – Cyber at the US Coast Guard’s Office of Port & Facility Compliance where he is responsible for the development of guidance, doctrine, and policy used throughout the Marine Transportation...
Errol Weiss
CSO
Health Information Sharing and Analysis Center
Errol Weiss joined Health-ISAC in April 2019 as its first Chief Security Officer and created a threat intelligence analysis center in Titusville, Florida that provides members with meaningful and actionable threat intelligence relevant for IT and infosec professionals in the...
Virginia Wright
Energy-Cyber Portfolio Manager
Idaho National Laboratory
Virginia “Ginger” Wright is the Energy Cybersecurity Portfolio Manager for Idaho National Laboratory’s Cybercore division within its National and Homeland Security directorate. She leads programs focused on cybersecurity and resilience of critical infrastructure for DOE, DARPA and other government agencies...
Mara Winn
Deputy Director, Preparedness, Policy and Risk Analysis
CESER, U.S. DOE
Mara Winn is the Deputy Director for the Preparedness, Policy, and Risk Analysis (PPRA) division of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER). In this role, Winn leads the division in supporting energy sector security and resilience...
Eric Lorber
Principal, Financial Crimes Unit
PWC
Eric is a Principal in the Cyber, Risk & Regulatory practice at PwC, where he advises global financial institutions, corporates, and fintech firms on issues related to sanctions and anti-money laundering/combating the financing of terrorism (AML/CFT) compliance. He has helped...
Deborah Baxley
Partner
PayGility Advisors
Deborah Baxley is an international mobile/cards payment/FinTech consultant, and a recognized expert in the industry, creator of growth strategies for new and existing markets with more than 20 years’ experience consulting to cards and payment companies. Managed and delivered over...
Claire Le Gal
Sr. VP, Fraud Intelligence, Strategy & Cyber Products
Mastercard
Le Gal is senior vice president, responsible for the fraud intelligence, strategy and cyber products team in the Cyber and Intelligence Solutions division at Mastercard. She is responsible for a variety of global functions, including fraud reporting and analytics, cybersecurity...
Erin West
Deputy District Attorney
Santa Clara County, California
Erin West is a national leader in the investigation and prosecution of cryptocurrency crimes. Ms. West has spent 24 years as a Deputy District Attorney in Santa Clara County, California, and has special expertise in high tech, hate crimes and...
Michael Baker
Vice President, IT CISO
DXC Technology
Baker brings over 20 years of experience in the field across cyber leadership, talent development, risk management, audit and compliance, both as a CISO and a consultant. He is currently vice president and CISO at GDIT, serving within the Office...
Troy Leach
Chief Strategy Officer
Cloud Security Alliance
Troy Leach has spent more than 25 years educating on and advocating for the advancement of responsible technology to improve the quality of living and parity for all. Currently Mr. Leach is the Chief Strategy Officer for the non-profit, Cloud...
Bo Berlas
CISO
U.S. General Services Administration
Bo Berlas is the Chief Information Security Officer (CISO) at the U.S. General Services Administration (GSA) where he leads cybersecurity strategy, policy, operations, and implementation of the agency security program. He has over 21 years of combined Information Technology and...
James DeLuccia
Product Security Chief
Honeywell
James leads the security market strategy for global products across Honeywell on Azure and Amazon. In combination with this role, James is responsible for leading, generating, and commercializing cybersecurity market benefits and independent offerings. Author of two books, the most...
Kevin Fu
Associate Professor, IEEE Fellow, Dr. Dwight E. Harken Memorial Lecturer Founder of the Archimedes Center for Healthcare and Device Security
University of Michigan
Keith O'Sullivan
SVP. IT Risk & Chief Information Security Officer
Standard Industries
O'Sullivan is currently the CISO and senior vice president of IT risk at Standard Industries, where he developed a sophisticated information security strategy for Standard and its operating companies. As CISO, his security leadership supports innovative DevSecOps models, threat-focused offensive...
Lisa Tuttle
CISO
SPX Corporation
Lisa Tuttle has served as an executive leader of global organizations, managing technology teams with her engaging enthusiasm and unique combination of information security, privacy, legal, compliance, project management and business management expertise. As CISO of SPX Corporation, she provides...
Matanda Doss
Executive Director, Cybersecurity and Technology Controls, Commercial Bank
JPMorgan Chase & Co.
Matanda Doss is an Executive Director for the J.P. Morgan Chase, Commercial Banking Cybersecurity and Technology Controls organization. He has 25 years of technology experience, across software development, ecommerce, mobile applications, data security and financial systems. Matanda serves as an...
Steve King
Managing Director, Cybersecurity Marketing Advisory Services
CyberTheory
Steve King has served in senior leadership roles in technology development and deployment for the past 25 years. He is an author, lecturer and serial startup founder, including three successful exits in cybersecurity, and served for six years as the...
Howard Grimes
CEO
Cybersecurity Manufacturing Innovation Institute (CyManII)
Dr. Howard Grimes is a noted research scientist and author with 25 years of success in directing complex university and National Laboratory research programs and entrepreneurial start-up initiatives. Currently, Dr. Grimes serves as the Chief Executive Officer for the Cybersecurity...
Nick Parham
Marine Transportation System Cybersecurity Coordinator
United States Coast Guard Atlantic Area Command
Mr. Nick Parham currently serves as the Marine Transportation System (MTS) Cybersecurity Coordinator responsible for development and execution of Coast Guard cybersecurity regulations and policies impacting MTS stakeholders operating in the Atlantic Area. The area of responsibility encompasses all inland...
Elvis Chan
Asst. Special Agent in Charge San Francisco Division, Cyber Branch
FBI
Chan manages a squad responsible for investigating national security cyber matters. He is a decorated agent who is recognized within the Intelligence Community as a cyberterrorism expert. SSA Chan was the lead agent on significant cyber investigations and managed joint...
Mike Manrod
CISO
Grand Canyon Education, Inc.
Mike presently serves as the Chief Information Security Officer for Grand Canyon Education, responsible for leading the security team and formulating the vision and strategy for protecting students, staff, and information assets across the enterprise. Previous experiences include serving as...
Puesh Kumar
Director, Office of Cybersecurity, Energy Security, and Emergency Response
U.S. DOE
Kumar leads DOE’s mission to address cyber, physical, and natural hazards and threats to the U.S. energy infrastructure. Kumar has over 15 years of experience in grid modernization, cybersecurity, and emergency response within the energy sector. Most recently, Kumar was...
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ari Redbord is the head of legal and government affairs at TRM Labs, the blockchain intelligence company. Prior to joining TRM, he was the senior adviser to the deputy secretary and the undersecretary for terrorism and financial intelligence at the...
Caroline Hill
Director of Global Policy and Regulatory Strategy
Circle
Hill is the Director for Global Policy and Regulatory Strategy at Circle. Prior to joining Circle, Caroline led the U.S. Treasury Department’s efforts to develop and implement policies to counter money laundering and terrorist financing in Africa and the Western...
Mike Timoney
Vice President - Secure Payments
Federal Reserve Bank of Boston
Timoney is Vice President of Secure Payments at the Federal Reserve Bank of Boston. Timoney has responsibility to understand the payments and fraud landscape and identify areas where security must be improved. He is responsible for the design, development, and...
Samant Nagpal
General Manager and Global Head of Risk
Square
Nagpal has two decades of experience in risk and payments. As the head of risk at Square, he is responsible for managing credit, fraud and chargeback risk and for building seller/merchant-facing risk products that help sellers manage their own risk-reward...
Shawn Bradstreet
Special Agent in Charge, San Francisco Field Office
U.S. Secret Service
Shawn Bradstreet is a federal law enforcement special agent with over 25 years of experience with the U.S. Secret Service. Mr. Bradstreet is a Senior Executive Service Leader in Northern California and leads four field offices. He currently oversees the...
John Yeoh
Global Vice President of Research
Cloud Security Alliance
With over 15 years of experience in research and technology, John excels at executive-level leadership, relationship management, and strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next...
James Hitchcock
Vice President, Fraud Mitigation
American Bankers Association
Jim Hitchcock is the Vice President for Fraud Mitigation at ABA and serves as the association’s primary expert on fraud mitigation activities and programs. In this role, he identifies and tracks key fraud topics and trends, runs banker committees focused...
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Karen Boyer has over 20 years of diverse banking experience with over 15 in the realm of Fraud. She is currently Vice President of Financial Crimes and Fraud Intelligence, at People’s United Bank, a regional bank in the Northeast with...
Lana DeMaria
Director, Data Privacy
Alaska Airlines
Lana is a motivated and results-oriented leader with international experience (deploying impactful programs, landing global projects, and establishing connections with brilliant people in the US, Russia, India, Canada, Ireland, South Africa, Singapore, Argentina, Egypt, Czech Republic). Lana is experienced in...
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
John Kindervag is the "Father of Zero Trust," who as an analyst at Forrester invented the term and defined the reference architecture for a network whose five basic principles defined the notion of Zero Trust. He is also the co-founder...
Denny Prvu
Global Director of Identity & Access Management
RBC
Denny Prvu has worked around the world in the public and private sectors as a strategist, architect and communicator on identity, security and privacy topics for over 20 years. He has worked on standards and made active contributions in areas...
Kristi Wilson
Senior Fraud Manager, Special Investigations
T-Mobile
Wilson is a telecommunications industry professional with 15+years in fraud detection, mitigation, and criminal analytics. Kristi’s passion for Fraud began early in her career as an investigator for Commerce Bank, headquartered in Kansas City, MO. The last 10 years have...
Ben Deering
Director for Cybersecurity and Operations Policy
The White House
A. Ben Deering is the Director for Cybersecurity and Operations Policy at the National Security Council. Ben previously served as the Critical Infrastructure Pillar Coordinator at the Office of the Director of National Intelligence (ODNI), on a joint duty assignment...
Grant Schnieder
Senior Director for Cybersecurity Services (Former U.S. federal CISO)
Venable LLP
Schneider is the senior director for Cybersecurity Services at Venable LLP. Prior to Venable, Schneider served as the U.S. federal CISO, the U.S. deputy federal CISO and as senior director for Cybersecurity Policy on the White House National Security Council....
Jerry Cochran
Deputy CIO – Cybersecurity & DigitalOps
Pacific Northwest National Laboratory
Cochran serves as Pacific Northwest National Laboratory’s deputy chief information officer and division director of the Cybersecurity and DigitalOps Division, Computing and IT Directorate. He oversees cybersecurity, the office of the CISO, enterprise IT engineering and operations. Cochran also leads...
Chris Carter
Information Security Analyst
Port of Vancouver, USA
Chris Carter joined the Port of Vancouver USA in May 2015 and now serves in the role of Information Security Analyst. His responsibilities include establishing and maintaining secure information technology networks and supporting the port’s IT infrastructure. Chris also provides...
Erik Decker
VP & CISO
Intermountain Healthcare
Erik Decker is the Vice President and Chief Information Security Officer for Intermountain Healthcare, a multi-state integrated delivery network based in Salt Lake City, Utah. Erik has 22 years of experience within Information Technology, with 15 years focused on Information...
Armando Seay
Founder
Maryland Innovation & Security Institute
Armando Seay is a Co-founder and Director for the Maryland Innovation and Security Institute (MISI). Armando is also a Director and Technical Program Director for MISI’s DreamPort cyber solutions accelerator. Armando leads the critical infrastructure cybersecurity team, tech outreach and...
Manny Cancel
SVP and CEO
E-ISAC
Cancel became NERC senior vice president and chief executive officer of the Electricity Information Sharing and Analysis Center (E-ISAC) in January 2020. He is responsible for the management and oversight of the E-ISAC and leads security operations and information sharing,...
Alex Zerden
Founder and Principal
Capitol Peak Strategies
Alex has published extensively on issues involving AML/CFT, economic sanctions, digital assets, anti-corruption, cybersecurity, and FinTech, including with the American Banker, Atlantic Council, Brookings Institution, Center for American Progress, Center for Strategic and International Studies, and New York University School...
Peter Tapling
Board Member
U.S. Faster Payments Council
Tapling is an innovator and adviser in security, risk, authentication and payments. He is a board member of the U.S. Faster Payments Council and was a steering committee member of the Federal Reserve Secure Payments Task Force. Tapling was founder...
Lawrence Scheinert
Associate Director, Compliance and Enforcement, Office of Foreign Assets Control (OFAC)
U.S. Department of the Treasury
Lawrence Scheinert is the Associate Director for Compliance and Enforcement at the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC). In this role, he oversees OFAC’s enforcement, compliance, and private sector outreach programs. Mr. Scheinert previously served as a...
Cody Carbone
VP of Policy
Chamber of Digital Commerce
Edison Alvarez
Director, Information Security – Cybersecurity Governance
BD (Becton, Dickinson & Company)
Ron Ross
Fellow
NIST

View Agenda
Welcome to the Mission Critical: Securing Critical Infrastructure, Connected Devices, and Crypto & Payments Summit!
  • 08:30 AM
  • 04:59 PM
Building an IoT Security Roadmap
Bo Berlas, CISO, U.S. General Services Administration

As CISO of GSA, the largest real estate company in the world, Bo Berlas monitors, manages and secures thousands of devices. With over 21 years of combined information technology and cybersecurity experience spanning both private industry and the federal government, Bo shares details of how he developed an IoT/OT security roadmap, the challenges he has faced in the process, and how he approaches segmentation, supply chain management and device testing. 

In this fireside chat Bo Berlas, CISO, GSA will discuss:

  • Developing an IoT/OT security roadmap - successes and challenges 
  • Techniques to achieve visibility 
  • Supply chain risk management
  • Software and hardware device testing 
Bo Berlas
  • 09:00 AM
  • 09:29 AM
The 2023 SBOM, Bombshell! Are you Compliant?
Grant Schnieder, Senior Director for Cybersecurity Services (Former U.S. federal CISO), Venable LLP
James DeLuccia, Product Security Chief, Honeywell
Michael Baker, Vice President, IT CISO, DXC Technology

A Software Bill of Materials (“SBOM”) has been identified by the cybersecurity community as a key aspect of modern cybersecurity, including software security and supply chain security. . E.O. 14028 declares that “the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is, and to the consequences we will incur if that trust is misplaced.

In this session our panel of experts will explore and debate:

  • Sharing and Exchanging SBOMs—Moving SBOMs and related metadata across the software supply chain
  • Implementation —SBOM implementation will be driven by a range of accessible and constructive tools and enabling applications, both open source and commercial in nature.
  • Can you write your own SBOM
Grant Schnieder
James DeLuccia
Michael Baker
  • 09:30 AM
  • 09:59 AM
Leveraging Threat Intelligence to Protect Critical Infrastructure
Ben Deering, Director for Cybersecurity and Operations Policy, The White House

Cyber threat intelligence is focused on the ability to understand the current and potential future threats facing an organization or system. Some public and private sector organizations focus on collecting and analyzing the information necessary to develop cyber threat intelligence. Leveraging this intelligence to protect critical infrastructure systems can significantly enhance the ability to successfully defend against cyber-attacks. However, there are often challenges with getting this information to the right person and knowing what defense steps to take. These challenges can range from the fact that cyber threat intelligence is always sensitive and often classified, meaning it is closely held by a small group; or it is too vague to be of any practical use. This session will: 

  • Recognize the obstacles and solutions to implementing cyber threat intelligence
  • Discuss challenges of getting information to the right person 
  • Leverage existing intelligence and analysis to protect critical infrastructure systems
Ben Deering
  • 10:00 AM
  • 10:29 AM
  • 10:30 AM
  • 10:59 AM
General Session
Kevin Fu
Edison Alvarez
Medical Device Cybersecurity: Top Priorities
Kevin Fu, Associate Professor, IEEE Fellow, Dr. Dwight E. Harken Memorial Lecturer Founder of the Archimedes Center for Healthcare and Device Security, University of Michigan
Edison Alvarez, Director, Information Security – Cybersecurity Governance, BD (Becton, Dickinson & Company)

The cybersecurity threats and challenges involving medical devices just keep growing, potentially putting patient safety, data confidentiality and security at risk. This session will explore ways healthcare CISO and their teams can better address issues, including:

  • The differences between IT cybersecurity versus OT cybersecurity in dealing with medical devices;
  • How healthcare delivery organizations can prioritize and put into action recommendations contained in guidance materials, vulnerability alerts, white papers and other documents pertaining to medical device cybersecurity;
  • Top medical device lessons emerging from ransomware and other disruptive cyberattacks that have been hitting the healthcare sector;
  • The importance of medical device SBOMs – as well as dealing with the challenges that SBOMs create for some entities.
  • 10:30 AM
  • 10:59 AM
Track A
Cherilyn  Pascoe
NIST Cybersecurity Framework 2.0: Latest Updates Unpacked
Cherilyn Pascoe, Senior Technology Policy Advisor, National Institute of Standards and Technology (NIST)

The National Institute of Standards and Technology is updating the Cybersecurity Framework to keep pace with the evolving cybersecurity risks, standards, and technology landscape.  The NIST Cybersecurity Framework, originally developed for critical infrastructure sectors, is now viewed as foundational to securing organizations of all sectors and sizes around the world.  Join this session to learn about the update process, including areas of focus, for the Cybersecurity Framework 2.0, as well as share your feedback about the use and potential improvements to the Framework.  

  • 11:30 AM
  • 11:59 AM
General Session
Karen Boyer
Kristi Wilson
How is Mobile Phone Fraud Evolving - and What Can We Do About It?
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
Kristi Wilson, Senior Fraud Manager, Special Investigations, T-Mobile

An acceleration in the pace of digital transformation has undoubtedly seen many consumers adopting mobile banking. However, criminals have also adapted to this new environment and have accordingly evolved their tactics in the form of increasingly sophisticated and targeted account takeover attacks. So how can we improve our detection and mitigation techniques to thwart fraudsters and protect consumers?

This expert panel will share insights and strategies, including:

  • How the past two-plus COVID years have changed the face of fraud;
  • The evolution of unauthorised mobile porting, SIM swapping and account takeover fraud;
  • How the industry can adopt stronger authentication methods such as FIDO.
  • 11:30 AM
  • 11:59 AM
Track A
Steve King
Grant Schnieder
Roger Caslow
Why It’s Essential to Operationalize a Cybersecurity Framework for Critical Infrastructure
Steve King, Managing Director, Cybersecurity Marketing Advisory Services, CyberTheory
Grant Schnieder, Senior Director for Cybersecurity Services (Former U.S. federal CISO), Venable LLP
Roger Caslow, CISO, Hampton Roads Sanitation District

There are many options to choose from when selecting a framework for your cybersecurity program and typically your choice comes down to your industry vertical. We will have a discussion on the most commonly used enterprise level frameworks, what is needed to adopt them and how they provide benefit to your organization. Our expert panel will:

  • Evaluate some of the best practices for structural alignment with capabilities and solutions, and which security controls are needed for audit
  • Analyze how to align IT with OT, as well as the overarching organizational strategy needs and roadmaps
  • Discuss ways to not only support governance structure internally, but also ensure regulation and other external requirements are met
  • 11:30 AM
  • 11:59 AM
Track B
Ari Redbord
Caroline Hill
Eric Lorber
Alex Zerden
Crypto's Promise: The Use of Digital Assets for Economic Prosperity
Ari Redbord, Head of Legal and Government Affairs, TRM Labs
Caroline Hill, Director of Global Policy and Regulatory Strategy, Circle
Eric Lorber, Principal, Financial Crimes Unit, PWC
Alex Zerden, Founder and Principal, Capitol Peak Strategies

The promise of cryptocurrency, cross border value transfer at the speed of the internet, presents tremendous challenges for businesses and policy makers alike. However, according to our panel of experts, these challenges are far outweighed by the opportunities cryptocurrency provides. 

Our expert panel will discuss the most notable crypto insights, and will:

  • Discuss the ways in which crypto can address some of the most pressing global humanitarian needs
  • Debate whether or not crypto can actually democratize finance and the overall banking industry
  • Analyze the ways in which crypto is creating a new “internet of money” and the opportunities that it allows for accordingly
  • 12:00 PM
  • 12:29 PM
General Session
Interactive Session - Coming Soon!








  • 12:00 PM
  • 12:29 PM
Track A
Howard Grimes
Paris Stringfellow
Jerry  Cochran
Collaborative Cyber Defense: Just a Promise or a Practical Reality?
Howard Grimes, CEO, Cybersecurity Manufacturing Innovation Institute (CyManII)
Paris Stringfellow, Director of Sustainability, Cybersecurity Manufacturing Innovation Institute (CyManII)
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory

Cyber defense is increasingly becoming more important to the federal government’s overarching administrative agenda. There is an important need from the various organizations (CISA, DOE CESER, etc.), to incentivize the transition from collaboration, to cooperation within these distinct entities.

This panel will cover these strategies and will:

  • Discuss ways to collaborate across public/private as well as intra- and inter-sector entities to thwart and stay ahead of adversaries targeting critical infrastructures
  • Debate whether or not the 20-year evolution of cyber information/threat sharing is still working, and, if not, how can it be improved
  • Assess the opportunities for mutual aid and defense from the government to various sectors
  • 12:00 PM
  • 12:29 PM
Track B
Mike Timoney
Deborah Baxley
Peter Tapling
Faster Payments Fraud: How Can We Outpace the Criminals?
Mike Timoney, Vice President - Secure Payments, Federal Reserve Bank of Boston
Deborah Baxley, Partner, PayGility Advisors
Peter Tapling, Board Member, U.S. Faster Payments Council

As banks, merchants and individuals continue to adopt faster payments, fraud is outpacing fraud prevention. How are patterns of fraudulent activity in faster payments different to traditional payment methods? How are the fraud actors collaborating within their fraud community? What are the technologies and controls we need to mitigate this criminality? 

Our expert panel will share insights and strategies that will: 

  • Discuss the faster payments fraud landscape
  • Assess the technologies and controls needed to mitigate this criminality
  • Evaluate how can we improve information sharing and collaboration efforts
  • 12:30 PM
  • 12:59 PM
General Session
Troy Leach
John Yeoh
Securing the People in Our Streets through the Interconnections of Technology
Troy Leach, Chief Strategy Officer, Cloud Security Alliance
John Yeoh, Global Vice President of Research, Cloud Security Alliance

Technology has enabled humans to do more than we ever have before. Intelligent systems have reached our cars, bikes, scooters, and skateboards for use in navigation, streaming services, safety, and more. Controlled by critical ingredients, the smart city ecosystem ensures that we are protecting our most valuable assets, the human. Troy Leach, our expert speaker, will share his insights on how technology is being used for everyday living and safety and will:

  • Highlight the edge networks, application management systems and highway infrastructure that support our day-to-day living and security
  • Discuss the most innovative technology stacks to reach new capabilities
  • Assess how security must be addressed to keep our data, lives, and streets safe
  • 12:30 PM
  • 12:59 PM
Track A
Nick Parham
Chris Carter
Charles Blackmore
Regulating and Being Regulated: A Public-Private Partnership at the Ports 
Nick Parham, Marine Transportation System Cybersecurity Coordinator, United States Coast Guard Atlantic Area Command
Chris Carter, Information Security Analyst, Port of Vancouver, USA
Charles Blackmore, Marine Transportation Specialist (Cyber), United States Coast Guard

In the wake of the terrorist attacks from September 11, the Maritime Transportation Security Act (MTSA) was implemented across the commercial shipping industry in the United States. With the rise and evolving threat of cybersecurity attacks during the past decade, the Coast Guard has worked with public and private partnerships at America's ports to leverage the MTSA and enhance cybersecurity mitigation and resiliency at these ports. The industries operating in America's ports are critical components of multiple supply chains and often fall into multiple critical infrastructure categories. 

Key takeaways include actionable insights to:  

  • Leverage existing partnerships within ports to address cybersecurity vulnerabilities
  • Take action within an existing regulatory framework to address cybersecurity vulnerabilities
  • Facilitate information sharing and analysis to bridge the public/private communication gap
  • 12:30 PM
  • 12:59 PM
Track B
Troy Leach
Ari Redbord
The Global State of Crypto: Regulations and Challenges on the Horizon
Troy Leach, Chief Strategy Officer, Cloud Security Alliance
Ari Redbord, Head of Legal and Government Affairs, TRM Labs

From brazen crypto fraud schemes to landmark arrests and an historic executive order, 2022 has been a watershed year for cryptocurrency. But how are global entities both using and regulating crypto, and what is the global outlook/influence?

Join government/crypto expert Ari Redbord for an entertaining and informative look at global governments’ approach to crypto, where he will:

  • Analyze the global investigatory practices being used to reduce crypto crime
  • Discuss the global legislation that is being implemented, and how this impacts the cybersecurity space
  • Assess the impact of major legislations, such as Biden's Executive Order, as well as other notable global policies affecting the crypto space
  • 01:00 PM
  • 01:29 PM
General Session
Tari Schreider
Attack Surface Management: Avoiding Device Whack-a-Mole
Tari Schreider, Strategic Advisor, Aite-Novarica Group – Cybersecurity Practice

Chief information security officers (CISOs) face unseen and unmanaged assets, resulting in poor asset hygiene and exploitable areas of an IT estate. Various cybersecurity solutions attempt to discover computing assets, but few are equipped to identify today’s expansive and complex attack surfaces

  • 01:00 PM
  • 01:29 PM
Track A
Ron Ross
Interactive Session- Cyber Resiliency by Design
Ron Ross, Fellow, NIST

During this live interactive session, attendees will have the opportunity to engage with NIST Fellow Ron Ross.

Ross will dive into the recently-revised NIST Special Publication 800-160, Volume 2, Revision 1, Developing Cyber-Resilient Systems: A Systems Security Engineering Approach. His current project is helping to update Volume 1, as well as 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. 

His primary interests: System and cyber resiliency and the importance of implementing well-established design principles for trustworthy secure systems.

In this exclusive live session, Ross will take questions directly from Summit attendees and speak about topics such as:

  • Gaps in building cyber resiliency by design
  • NIST's revised and pending guidance
  • The CISO's burden in overseeing cyber risk and how it can be eased
  • 01:00 PM
  • 01:29 PM
Track B
Lawrence Scheinert
OFAC on Crypto Sanctions Compliance
Lawrence Scheinert, Associate Director, Compliance and Enforcement, Office of Foreign Assets Control (OFAC), U.S. Department of the Treasury

Virtual currencies are beginning to play an increasingly prominent role in the global economy. The growing prevalence of virtual currency as a payment method, likewise brings greater exposure to sanctions risks—like the risk that a sanctioned person or a person in a jurisdiction subject to sanctions might be involved in a virtual currency transaction. Accordingly, the virtual currency industry, including technology companies, exchangers, administrators, miners, wallet providers, and users, plays an increasingly critical role in preventing sanctioned persons from exploiting virtual currencies to evade sanctions and undermine U.S. foreign policy and national security interests.

In this Exclusive Session with Lawrence Scheinert, Associate Director, Compliance and Enforcement, Office of Foreign Assets Control (OFAC) at U.S. Department of the Treasury he will:

  • Identify who must comply with OFAC sanctions and why
  • Discuss the consequences of noncompliance and the implications of this on cybersecurity practitioners 
  • Analyze how to “block” virtual currency"
  • 01:30 PM
  • 01:59 PM
General Session
Matanda Doss
Little Device Big Threat! - IoT Attacks, Vulnerabilities and Prolific Risk
Matanda Doss, Executive Director, Cybersecurity and Technology Controls, Commercial Bank, JPMorgan Chase & Co.

The Internet of Things (IoT) is expanding at a dramatic rate. As we connect our devices to more and more aspects of our daily lives, we are creating a roadmap for invasive listening, hacking and business disruption. Join us to learn more about where IoT is headed and how you can stay safe while still reaping the benefits of a digital world. This session will illuminate

  • Biggest threats based on trending attacks 
  • Challenges of IoT security based on common vulnerabilities
  • Vulnerabilities caused by new technologies
  • Strategies for securing huge attack surfaces
  • Regulatory and compliance issues rising from third-party partnerships
  • 01:30 PM
  • 01:59 PM
Track A
Elvis  Chan
Election Security: What Did We Learn From the Mid-term Elections
Elvis Chan, Asst. Special Agent in Charge San Francisco Division, Cyber Branch, FBI

Since 2016, election security has emerged as one of the newest and most urgent aspects of critical infrastructure protection. And Elvis Chan of the FBI's San Francisco office has been at the forefront of assessing and mitigating election security threats. In this session, Chan will:

  • Address the latest threats to election integrity
  • Explain the stepped-up effort of the U.S. government in general and FBI in particular
  • Describe the shifting cyber threat landscape post-Russia's invasion of Ukraine


  • 01:30 PM
  • 01:59 PM
Track B
Claire Le Gal
Mastercard's Claire Le Gal on Responding to the New 'Fraud Universe'
Claire Le Gal, Sr. VP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

If we have learned anything from digital transformation, it's that fraud now comes in multiple forms across multiple vectors - simultaneously. And for financial services organizations to be able to spot and stop these schemes requires tearing down silos and building new partnerships like never before.

Claire Le Gal, a 26-year Mastercard veteran, shares exclusive insights, in which she will:

  • Analyze the emerging fraud trends, and take a deep dive into the reasons why they are so challenging to detect
  • Discuss strategies that inhibit fraudsters and make it harder for them to succeed
  • Shed light on what constitutes a fraud fusion centers, and the ways in which they offer cross-enterprise collaboration that needs to occur
  • 02:00 PM
  • 02:29 PM
General Session
Lana DeMaria
Alexander Vitruk
Biometrics and IoT- The Golden Ticket of Security?
Lana DeMaria, Director, Data Privacy, Alaska Airlines
Alexander Vitruk, Senior Litigation Associate, Baker & Hostetler LLP

Governments and industries in the private sector are ever interested in using biometrics for automatically identify or authenticate people. Biometrics definitely appear like the “golden key” of security – it’s much harder to spoof an iris scan or fingerprint than a password! However, collection of biometric data also comes with its share of unique risks. 

Come to this session to learn how Alaska Airlines has embraced the use of biometrics to streamline and improve the guest experience without compromising guest privacy and security of their data.

  • 02:00 PM
  • 02:29 PM
Track A
Erik  Decker
Errol Weiss
Health Sector Progress: Collaborations and Public Partnership
Erik Decker, VP & CISO, Intermountain Healthcare
Errol Weiss, CSO, Health Information Sharing and Analysis Center

Healthcare is among the most targeted critical infrastructure sectors. How are healthcare sector entities - and their CISOs and security teams - working with their peers, industry competitors, government agencies and information sharing organizations to help fend off the rising cyberthreats striking from so many different directions? This session will:

  • Spotlight Information sharing and other collaborative healthcare sector cybersecurity efforts – where progress is being made
  • Identify cybersecurity resources for the private and public health sectors, and what else is still much needed
  • Explore ways healthcare organizations and their security leadership can become more proactive in addressing sector cyber threats and risks


  • 02:00 PM
  • 02:29 PM
Track B
Ari Redbord
Alex Zerden
Eric Lorber
Caroline Hill
Interactive Session
Ari Redbord, Head of Legal and Government Affairs, TRM Labs
Alex Zerden, Founder and Principal, Capitol Peak Strategies
Eric Lorber, Principal, Financial Crimes Unit, PWC
Caroline Hill, Director of Global Policy and Regulatory Strategy, Circle

Join us for this exclusive, live and interactive video session. Our expert group of industry thought leaders will continue the conversation from their session earlier in the day - “Crypto's Promise: The Use of Digital Assets for Economic Prosperity.” Don’t miss out on your chance to ask these experts all of your pressing Crypto questions. Do you share their passion for Crypto, and believe that it can address humanitarian needs or do think it is the down fall of civilization? What does the FTX Bankruptcy mean for the rest of the industry? We look forward to this live conversation, see you there!

  • 02:30 PM
  • 02:59 PM
Track A
Armando Seay
Roger Caslow
Mike  Manrod
Lessons Relearned From the Russian Invasion of Ukraine, the Cybersecurity Threat Reality and Defense
Armando Seay, Founder, Maryland Innovation & Security Institute
Roger Caslow, CISO, Hampton Roads Sanitation District
Mike Manrod, CISO, Grand Canyon Education, Inc.

Since the late 90’s, our critical infrastructure has been under documented attack from various APTs, groups affiliated with nation states to include Russia. Russia’s directed cyber-attacks on the Ukraine are well documented, as is the intended blast radius to include the US and allies, which has been ramped up since the February 2022 invasion of the Ukraine. So how do we defend our critical infrastructure from this now and into the future? Our cybersecurity advice has not changed, merely has evolved to associate advice given for IT to also include OT and IoT basic hygienic solutions. Expect to learn key practices from our session, in which our panel of experts will:

  • Discuss incident response plans that can proactively defend your organization against a number of potential threats
  • Assess the best strategies to build a defensible architecture, and ensure network security is properly monitored in the process
  • Look at the most effective vulnerability and patch management testing methods
  • 02:30 PM
  • 02:59 PM
Track B
Troy Leach
Samant Nagpal
The Critical Role of Compliance & Collaboration in Crypto and Payments
Troy Leach, Chief Strategy Officer, Cloud Security Alliance
Samant Nagpal, General Manager and Global Head of Risk, Square

Establishing trust within industry guidelines for crypto and other payments is crucial, but how is this trust truly built? Our expert speakers will take a deep dive into best practices for transparency, in which they will:

  • Discuss the increasing importance of third-party transparency
  • Analyze how the industry is trying to streamline the many different requests for guidance
  • Evaluate emerging solutions that allow for the most effective scalability
  • 03:00 PM
  • 03:29 PM
Track A
Grant Schnieder
Jerry  Cochran
Virginia Wright
Puesh Kumar
The State of Critical Infrastructure Resilience
Grant Schnieder, Senior Director for Cybersecurity Services (Former U.S. federal CISO), Venable LLP
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Virginia Wright, Energy-Cyber Portfolio Manager, Idaho National Laboratory
Puesh Kumar, Director, Office of Cybersecurity, Energy Security, and Emergency Response, U.S. DOE

If you talk to the energy sector, they will weave resilience into their cybersecurity discussions. For example, the electric, oil and gas, transportation, water and telecommunications sectors will look at cyber differently than health or financial sectors. Generally, the water, electric, and oil and gas sectors have more similarities and interdependencies than any other Critical Infrastructure sector combined. Our panel will shed light on some of the most effective cross-sector resilience strategies and will: 

  • Discuss the best ways to adopt a framework and best communications and operational methods to achieve this
  • Analyze the performance of scenario-based risk assessments to better help inform business continuity plans
  • Assess the broader regulatory and operational requirements that guide these critical business decisions
  • 03:00 PM
  • 03:29 PM
Track B
Karen Boyer
James Hitchcock
The Challenge of Zelle Fraud
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
James Hitchcock, Vice President, Fraud Mitigation, American Bankers Association

Fast, convenient … free! It's not surprising that Zelle is America's most popular payment app. The peer-to-peer (P2P) payment service, created by a consortium of major US banks, lets users transfer funds directly between bank accounts at no charge. Unfortunately it's also proven popular with the fraudsters. Through well-crafted social engineering techniques, criminals are successfully duping consumers to make fraudulent transactions. How can we tackle the new challenge of P2P payment fraud?

This expert panel will share insights and strategies, where they will:

  • Analyze the Zelle scams and other social engineering trends, and their impact on the overall payment fraud landscape
  • Discuss the challenges for banks, consumers and regulators
  • Evaluate best practices to prevent and reduce the impact of impersonation fraud
  • 03:30 PM
  • 03:59 PM
Track A
Mara Winn
Manny Cancel
Energy Sector: Drill Down Best Practices for Preemption and Resilience
Mara Winn, Deputy Director, Preparedness, Policy and Risk Analysis, CESER, U.S. DOE
Manny Cancel, SVP and CEO, E-ISAC

The energy sector puts significant resources into building systems that are resilient. These efforts have traditionally been focused on capacity building and preparing for potential natural disasters. The challenge of resilience changes when preparing for and recovering from a cyber-attack that may not be limited to a particular geographic area.  This discussion will

  • Address practices that ensure energy resilience in the digital age
  • Identify systems and processes required to mitigate risk across the industry
  • Provide insights on how energy companies can work better with others across the value chain to improve cybersecurity
  • 03:30 PM
  • 03:59 PM
Track B
Cody Carbone
How the Future of U.S. Crypto Regulation Will Impact Your Organization
Cody Carbone, VP of Policy, Chamber of Digital Commerce

Crypto has been one of the top buzz words across all industries in 2022- from some of the most high-profile crimes involving crypto, to President Biden's historic executive order- but what does this actually mean for CISOs when it comes to their day-to-day security measures and implementation? This session will address what your organization should be cognizant of in the crypto regulatory landscape going into 2023. Join Cody Carbone, former Commissioner at U.S. Commodity Futures Trading Commission and the Chief Policy Officer at the Chamber of Digital Commerce, where he will:

  • Assess 2023 predictions for the U.S. crypto regulations and their impacts on the private sector
  • Discuss the latest updates and takeaways from the Biden administration’s crypto strategy report
  • Analyze how businesses can best prepare for future regulation and adapt accordingly
Crypto and Crime: How to Detect and Protect Your Organization
Ari Redbord, Head of Legal and Government Affairs, TRM Labs
Erin West, Deputy District Attorney, Santa Clara County, California
Shawn Bradstreet, Special Agent in Charge, San Francisco Field Office, U.S. Secret Service

"The same qualities that make crypto a force for good- decentralized cross border value transfer at the speed of the internet - also make it susceptible to illicit actors who want to move large amounts of funds quickly. While, in recent years, we have seen a proliferation of scams and fraud - from pig butchering to discord hacks, wash trading to rug pulls - we have also seen law savvy law enforcement and prosecutors at the state and federal level meet the challenge with new tools and expertise. Our panel of expert crypto investigators will:

  • Discuss the latest in investigating crypto- specialized units, tools, training and the most notable types of cases 
  • Evaluate the trends and major typologies that are most prominent today 
  • Assess what are the biggest challenges today in crypto investigations, as well what is on the horizon in the future investigative space
  • Discuss the importance of public/private partnerships in reducing crypto illicit actors across the board
Ari Redbord
Erin West
Shawn Bradstreet
  • 04:00 PM
  • 04:29 PM
On Demand

All content from Day 1 will be available on demand on Day 2 and 3, Wednesday, December 14th and Thursday, December 15th. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 12:00 AM
  • 11:58 PM

Speaker Interviews

December 13 - 15, 2022

Mission Critical: Securing Critical Infrastructure, Connected Devices, and Crypto & Payments