Highlight Topics
- Using AI to Combat Cyber Threats
- Leveraging Cyber Insurance Coverage
- Upskilling Cybersecurity Teams
- Navigating Compliance Landscapes
- Advanced Supply Chain Security Strategies
Menu
The Cybersecurity Summit: North America Midwest offers a pivotal day of advanced cybersecurity learning and dialogue, featuring interactive sessions like a Solution Room Workshop tackling real-world challenges and a tabletop exercise led by the US Secret Service focused on deep fakes. Engage in transformative defense strategies utilizing AI to combat cyber threats, and explore topics including cyber insurance coverage, compliance strategies, metric utilization, and supply chain security protection.
Crafted with precision, our agenda cuts through the noise of the cybersecurity world, offering a day rich in enlightening discussions and hands-on collaboration. Here, the forefront of cybersecurity thought converges, promising to equip professionals with the tools needed to navigate today’s challenges and tomorrow’s opportunities. This event is a must-attend for CISOs and cybersecurity leaders aiming to deepen their understanding and enhance organizational agility in the ever-evolving landscape of cybersecurity.
View our ISMG Event Experience video to see what your peers are saying about their participation.
200 N Columbus Dr
Chicago, IL 60601
ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats
Gain unparalleled insight from a member of the Congressional AI Taskforce – don’t miss our exclusive Keynote Address with Illinois Congressman Bill Foster, covering technology, governance, and artificial intelligence.
ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats
Congressman Foster will discuss:
• How Congress, through bipartisan collaboration, is navigating the promises and complexities of AI’s transformative use cases.
• The strategic initiatives outlined by the Taskforce, including guiding principles and forward-looking recommendations.
• Bipartisan policy proposals developed in consultation with key committees of jurisdiction.
Join us for a thought-provoking discussion that explores the intersection of technology, governance, and the expanding use of artificial intelligence across public and private sectors alike.
Bill Foster, Illinois Congressman
This session focuses on how security leaders can utilize AI technologies to enhance defense capabilities, showcasing AI’s dual potential as both a tool for attackers and a powerful ally in cybersecurity.
Key insights include leveraging machine learning for predictive threat detection, employing AI-driven behavioral analytics to identify subtle anomalies in network activity, and leverage emerging capabilities to improve system robustness. The session aims to provide a strategic blueprint for integrating AI into cybersecurity frameworks, thereby not only countering AI-exploited threats but also setting a new standard for proactive defense.
Key Takeaways:
– Predictive Threat Detection: Implement the optimal AI strategy to forecast and neutralize threats before they manifest, drastically reducing the potential impact of cyberattacks.
– Anomaly Detection through Behavioral Analytics: Utilize AI to monitor network behavior continuously, enabling the detection of deviations that signify potential security breaches, enhancing the speed and accuracy of response.
– Collaborative Data Initiatives: An exploration of the significance of data sharing across organizational boundaries, emphasizing the collective strength derived from collaborative defense efforts.
This session will empower cybersecurity professionals with actionable strategies for leveraging AI to build more resilient and adaptive security infrastructures, ensuring preparedness against the ever-evolving landscape of AI-exploited cyber threats.
Bradley Schaufenbuel, CISO, Paychex
Peter Tapling, Board Member, US Faster Payments Council
Rich Campagna, SVP, Product Management, NextGen Firewall, Palo Alto Networks
Daniel Kendzior, Global Data & Artificial Intelligence Security Leader for Accenture
Similar to emergency response situations, security incidents require teams to communicate calmly and intentionally to mitigate risk. But every day, security practitioners face high-stakes attacks that can lead to surging adrenaline, emotional reactions and communication breakdowns – slowing down the incident response cycle and potentially harming organizations – and people – in the process. Remaining calm, gathering the right context to make informed decisions, following processes and communicating actions can lead to better, faster outcomes for all involved.
In this discussion, hear leadership strategies for building effective security teams from Expel senior solutions architect and volunteer first responder Tyler Zito. Join this session for a conversation on the unexpected cybersecurity lessons Zito has gleaned from spending six years as an Alpine Rescue Team volunteer and how to turn those lessons into actionable strategies for improving communication – and security operations – in your organization.
Tyler Zito, Senior Solutions Architect, Expel
Arron Harrell, Senior Solutions Architect, Picus Security
Panelists will provide a roadmap for CISOs seeking to fully leverage cyber insurance to safeguard their security, while clarifying its scope and debunking common misconceptions that challenge its effectiveness and sustainability
The discussion will explore the key factors that insurers consider during the underwriting process, illustrating how companies can effectively align their cyber insurance strategy with broader risk management objectives. Special attention will be paid to the strategic benefits of pre-breach services such as risk assessments and vulnerability scans, and post-breach services like incident response and claims support, which are pivotal in minimizing the impact of security incidents.
Key Takeaways:
Keith Bergin, Vice President, Corporate Claims, Tokio Marine HCC
Brent Deterding, CISO, Afni, Inc.
Organizations spend more than $30 million to combat threats, but traditional methods of identifying, authenticating and authorizing users are fraught with vulnerabilities. It’s time for a more secure and user-friendly model. Join Ping Identity to learn how PingOne Neo, our decentralized identity solution, prevents fraud by proofing and verifying digital identity securely in a shareable way.
David Gwizdala, Senior Solution Engineer, Ping Identity
Data privacy is no longer just a legal obligation; it is a crucial component of customer trust and corporate integrity. This session explores how security leaders can evolve their security programs to not only meet but exceed the changing regulatory and contractual demands, turning compliance into a strategic advantage.
This session will empower information security leaders to enhance their compliance strategies, embedding regulatory success deep into the fabric of their security practices. As regulations like GDPR, CCPA, and HIPAA continue to evolve, ensuring compliance is critical not just for avoiding penalties but for safeguarding your organization’s reputation and fostering durable relationships based on transparency and trust.
In this detailed discussion, attendees will gain insights into:
– Collaborative Compliance Strategies: How CISOs can effectively collaborate with legal and compliance teams to stay ahead of evolving data protection laws and maintain continuous compliance.
– Robust Data Governance: Setting up comprehensive data governance frameworks that control the lifecycle of data, from collection to deletion, ensuring alignment with regulatory requirements.
– Proactive Compliance Audits and Assessments: The importance of regular audits and assessments to verify adherence to data protection statutes, thereby mitigating risks and refining security posture.
– Employee Training and Engagement: Developing ongoing training programs for employees to understand data privacy best practices and their critical role in protecting sensitive information.
Karen Habercoss, Chief Privacy Officer, UChicago Medicine
Rajesh David, VP, Global CISO, Molex
Most breaches are due to defects in design or code; thus, the only way to truly address the issue is to design and build more secure solutions. In this presentation, Tim Chick discusses how security is an integral aspect of the entire software lifecycle because of following deliberate engineering practices focused on reducing security risks using software assurance techniques.
Tim Chick, Systems Team Technical Manager, Cyber Security Foundations
Directorate; CERT Division, Carnegie Mellon University Software Engineering
Institute
This session will delve into the multifaceted nature of cybersecurity metrics that go beyond mere performance indicators, focusing on how these metrics can be effectively employed to demonstrate strategic maturity, justify security investments, and guide decision-making processes.
This session aims to empower information security practitioners to think expansively about the metrics they track. By integrating these diverse measures, leaders can provide a more comprehensive view of their security operations, advocate more effectively for necessary resources, and implement strategic improvements that align with both security needs and business goals. Join us to explore how you can extend your metric horizon to craft a robust narrative of cyber maturity that supports sustained organizational success.
Key discussion points will include:
– Threat Hunting and Monitoring: Evaluating the effectiveness of proactive security measures and their impact on risk mitigation.
– Education and Awareness Programs: Metrics that measure the change in organizational behavior and culture towards security, highlighting the importance of continuous education.
– Communicating Value to Leadership: How to translate cybersecurity investments into business-centric metrics that resonate with executive stakeholders, demonstrating ROI and aligning security goals with business objectives.
– Staffing and Upskilling: Analyzing staff competency and training metrics to bolster security, including turnover rates, training effectiveness, and skill gaps.
– Innovation in Metric Application: Exploring emerging metrics and how they can offer deeper insights into security posture, such as user behavior analytics and the integration of AI in security protocols.
Erik Hart, CISO, Cushman & Wakefield
Karen Habercoss, Chief Privacy Officer, UChicago Medicine
Kenneth Townsend, CISO, Ingredion Inc
Patrick Dunphy, Head of Cybersecurity, Omron
This interactive session is meticulously crafted to mimic a sophisticated cyberattack. It aims to bolster strategic response capabilities and enhance operational readiness against the backdrop of advanced cyberthreats. The focal point of this exercise is a strategically crafted deepfake incident targeting a corporate executive, weaving together elements of social engineering, financial fraud, and the challenges posed by emerging technological threats.
What you will gain from this experience:
Tim Gallo, Head of Global Solutions Architects, Google
Brian Cockrill, United States Secret Service
Supply chain security isn’t just about protecting your own assets—it’s about safeguarding the integrity of every component that contributes to your products or services.
In an era where business operations are extensively interconnected, understanding that each interaction and transaction within the supply chain can pose potential risks is crucial to maintaining the overall security framework of your organization. This session will concretely analyze the many dimensions of supply chain security, emphasizing the necessity of a holistic security approach to prevent, detect, and mitigate threats that could jeopardize organizational operations.
This session will provide participants with the insights needed to construct a robust framework for supply chain security, ensuring that preventive and reactive measures align with the complex realities of modern supply chains. Join us to explore strategic approaches that can fortify your organization’s defenses beyond the immediate boundaries of your enterprise.
Key strategies to be explored include:
– Conducting thorough vendor risk assessments to evaluate the security posture of suppliers and third-party vendors.
– Implementing supply chain security controls such as code signing, software integrity verification, and secure boot mechanisms.
– Establishing clear contractual agreements and service level agreements that include explicit security requirements for vendors.
– How best to monitor supply chains for signs of compromise or suspicious activity, such as unauthorized code modifications or supply chain attacks.
– Fostering collaboration and information sharing with industry partners and government agencies to address supply chain security threats collectively.
Todd Covert, CISO, National General, Allstate
Erik Decker, CISO, Intermountain Health
Bruce Phillips, SVP, CISO, MyHome, a Williston Financial Group Company
Jessie Gibbons, Technical Director, Skybox Security
Addressing the cybersecurity skills shortage is not merely about recruiting personnel; it involves a strategic approach to building a resilient, skilled workforce capable of staying ahead of emerging threats in our digital age. This session will explore multifaceted strategies designed to cultivate a robust cybersecurity workforce, thereby strengthening organizational defenses and enhancing the overall security posture.
Join us in this critical conversation as we delve into effective strategies that not only address the immediate skills shortage but also lay the groundwork for a future-proof cybersecurity workforce.
This session is designed to empower leaders to unlock the full potential of their cybersecurity teams through strategic development and inclusive practices.
Panelists will share impactful approaches to nurturing and retaining top cybersecurity talent, including:
– Investment in Workforce Development: Launching targeted training programs, certifications, and apprenticeship opportunities to develop the next generation of cybersecurity experts.
– Career Advancement Pathways: Creating clear, accessible pathways for career growth to retain top talent and motivate continual professional development.
– Cultivating a Learning Culture: Encouraging a workplace environment that prioritizes continuous learning, skill development, and mentorship, fostering a knowledgeable and adaptable security team.
– Diversity and Inclusion Initiatives: Broadening the recruitment spectrum to include diverse backgrounds, thereby enriching the cybersecurity field with varied perspectives and innovative approaches.
– Strategic Educational Partnerships: Collaborating with academia, industry groups, and government bodies to promote widespread cybersecurity education and practical training initiatives.
Shefali Mookencherry, CISO, Chief Privacy Officer, University of Illinois Chicago
Todd Covert, CISO, National General, Allstate
Kenneth Townsend, CISO, Ingredion Inc.
RSVP here to attend our events. You can opt for multiple or individual tickets.
NOTE: All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.
Engage offers Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.
Future Events
@ISMG_News #ISMGEngage