June 20, 2024

Cybersecurity Summit:
North America Midwest

9:00 AM CT - 4:30 PM CT | Chicago, IL

Event Overview

The Cybersecurity Summit: North America Midwest offers a pivotal day of advanced cybersecurity learning and dialogue, featuring interactive sessions like a Solution Room Workshop tackling real-world challenges and a tabletop exercise led by the US Secret Service focused on deep fakes. Engage in transformative defense strategies utilizing AI to combat cyber threats, and explore topics including cyber insurance coverage, compliance strategies, metric utilization, and supply chain security protection.

Crafted with precision, our agenda cuts through the noise of the cybersecurity world, offering a day rich in enlightening discussions and hands-on collaboration. Here, the forefront of cybersecurity thought converges, promising to equip professionals with the tools needed to navigate today’s challenges and tomorrow’s opportunities. This event is a must-attend for CISOs and cybersecurity leaders aiming to deepen their understanding and enhance organizational agility in the ever-evolving landscape of cybersecurity.

View our ISMG Event Experience video to see what your peers are saying about their participation. 

Venue

Fairmont Chicago Millennium Park

200 N Columbus Dr


Chicago, IL 60601

Highlight Topics

  • Using AI to Combat Cyber Threats
  • Leveraging Cyber Insurance Coverage
  • Upskilling Cybersecurity Teams
  • Navigating Compliance Landscapes
  • Advanced Supply Chain Security Strategies

Speakers

Thought Leaders on Stage and Leading Deep Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats 

Keynote Speaker

Illinois Congressman Bill Foster

Gain unparalleled insight from a member of the Congressional AI Taskforce – don’t miss our exclusive Keynote Address with Illinois Congressman Bill Foster, covering technology, governance, and artificial intelligence. 

bill-foster-original

Brent Deterding

CISO, Afni, Inc.

Bradley Schaufenbuel

Vice President and Chief Information Security Officer, Paychex

Kenneth Townsend

CISO, Ingredion Inc.

Erik Hart

CISO, Cushman & Wakefield

Bruce Phillips

SVP, CISO, MyHome, a Williston Financial Group Company

Peter Tapling

Board Member, US Faster Payments Council

Karen Habercoss

Chief Privacy Officer, UChicago Medicine

Rajesh David

VP, Global CISO, Molex

Shefali Mookencherry

Chief Information Security Officer; Chief Privacy Officer, University of Illinois at Chicago

Todd Covert

CISO, National General, Allstate

Keith Bergin

Vice President, Corporate Claims, Tokio Marine HCC

Erik Decker

CISO, Intermountain Health

Speakers

Thought Leaders on Stage and Leading Deep Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in Cybersecurity passionate about the latest tools and technology to defend against threats 

Agenda

You can now view or download a PDF version of the attendee guide.

Registration & Breakfast

Opening Comments

Bill Foster

Illinois Congressman

Congressman Bill Foster on AI's Regulatory Future

Congressman Foster will discuss:

• How Congress, through bipartisan collaboration, is navigating the promises and complexities of AI’s transformative use cases.
• The strategic initiatives outlined by the Taskforce, including guiding principles and forward-looking recommendations.
• Bipartisan policy proposals developed in consultation with key committees of jurisdiction.

Join us for a thought-provoking discussion that explores the intersection of technology, governance, and the expanding use of artificial intelligence across public and private sectors alike.

Bill Foster, Illinois Congressman

Bradley Schaufenbuel

CISO, Paychex

Peter Tapling

Board Member, US Faster Payments Council

Rich Campagna

SVP, Product Management, NextGen Firewall, Palo Alto Networks

Daniel Kendzior

Global Data & Artificial Intelligence Security Leader, Accenture

Transformative Defense: Utilizing AI to Combat Cyber Threats

This session focuses on how security leaders can utilize AI technologies to enhance defense capabilities, showcasing AI’s dual potential as both a tool for attackers and a powerful ally in cybersecurity.

Key insights include leveraging machine learning for predictive threat detection, employing AI-driven behavioral analytics to identify subtle anomalies in network activity, and leverage emerging capabilities to improve system robustness. The session aims to provide a strategic blueprint for integrating AI into cybersecurity frameworks, thereby not only countering AI-exploited threats but also setting a new standard for proactive defense.

Key Takeaways:

Predictive Threat Detection: Implement the optimal AI strategy to forecast and neutralize threats before they manifest, drastically reducing the potential impact of cyberattacks.

Anomaly Detection through Behavioral Analytics: Utilize AI to monitor network behavior continuously, enabling the detection of deviations that signify potential security breaches, enhancing the speed and accuracy of response.

Collaborative Data Initiatives: An exploration of the significance of data sharing across organizational boundaries, emphasizing the collective strength derived from collaborative defense efforts.

This session will empower cybersecurity professionals with actionable strategies for leveraging AI to build more resilient and adaptive security infrastructures, ensuring preparedness against the ever-evolving landscape of AI-exploited cyber threats.

Bradley Schaufenbuel, CISO, Paychex

Peter Tapling, Board Member, US Faster Payments Council

Rich Campagna, SVP, Product Management, NextGen Firewall, Palo Alto Networks

Daniel Kendzior, Global Data & Artificial Intelligence Security Leader for Accenture

Tyler Zito

Senior Solutions Architect, Expel

Improving Security Operations Through Better Communication: Insights From a First Responder

Similar to emergency response situations, security incidents require teams to communicate calmly and intentionally to mitigate risk. But every day, security practitioners face high-stakes attacks that can lead to surging adrenaline, emotional reactions and communication breakdowns – slowing down the incident response cycle and potentially harming organizations – and people – in the process. Remaining calm, gathering the right context to make informed decisions, following processes and communicating actions can lead to better, faster outcomes for all involved. 

In this discussion, hear leadership strategies for building effective security teams from Expel senior solutions architect and volunteer first responder Tyler Zito. Join this session for a conversation on the unexpected cybersecurity lessons Zito has gleaned from spending six years as an Alpine Rescue Team volunteer and how to turn those lessons into actionable strategies for improving communication – and security operations – in your organization.

Tyler Zito, Senior Solutions Architect, Expel

Networking & Exhibition Break

Keith Bergin

Vice President, Corporate Claims, Tokio Marine HCC

Brent Deterding

CISO, Afni, Inc.

Mastering Cyber Insurance: Leveraging Coverage for Enhanced Security Strategy

Panelists will provide a roadmap for CISOs seeking to fully leverage cyber insurance to safeguard their security, while clarifying its scope and debunking common misconceptions that challenge its effectiveness and sustainability

The discussion will explore the key factors that insurers consider during the underwriting process, illustrating how companies can effectively align their cyber insurance strategy with broader risk management objectives. Special attention will be paid to the strategic benefits of pre-breach services such as risk assessments and vulnerability scans, and post-breach services like incident response and claims support, which are pivotal in minimizing the impact of security incidents.

Key Takeaways:

  • Comprehensive Risk Management: Understand how to utilize cyber insurance as a tool for comprehensive risk management, integrating both pre-breach and post-breach services to enhance your cybersecurity posture.
  • Underwriting Insights for CISOs: Gain deep insights into the underwriting process, focusing on what insurers assess to help CISOs better prepare their organizations for favorable coverage.
  • Navigating Market and Regulatory Changes: Explore how shifts in the cyber insurance market and regulatory landscape affect policy offerings and coverage strategies, empowering CISOs to make informed decisions.
  • Optimization of Insurance Procurement: Learn strategies to streamline the cyber insurance acquisition process, improving how your organization approaches risk transfer and coverage optimization.

Keith Bergin, Vice President, Corporate Claims, Tokio Marine HCC

Brent Deterding, CISO, Afni, Inc.

David Gwizdala

Senior Solution Engineer, Ping Identity

Fight Deepfakes and Fraud With Decentralized Identity

Organizations spend more than $30 million to combat threats, but traditional methods of identifying, authenticating and authorizing users are fraught with vulnerabilities. It’s time for a more secure and user-friendly model. Join Ping Identity to learn how PingOne Neo, our decentralized identity solution, prevents fraud by proofing and verifying digital identity securely in a shareable way.

David Gwizdala, Senior Solution Engineer, Ping Identity

Karen Habercoss

Chief Privacy Officer, UChicago Medicine

Rajesh David

VP, Global CISO, Molex

Traversing the Compliance Maze: Strategies for Regulatory Success

Data privacy is no longer just a legal obligation; it is a crucial component of customer trust and corporate integrity. This session explores how security leaders can evolve their security programs to not only meet but exceed the changing regulatory and contractual demands, turning compliance into a strategic advantage.

This session will empower information security leaders to enhance their compliance strategies, embedding regulatory success deep into the fabric of their security practices. As regulations like GDPR, CCPA, and HIPAA continue to evolve, ensuring compliance is critical not just for avoiding penalties but for safeguarding your organization’s reputation and fostering durable relationships based on transparency and trust.

In this detailed discussion, attendees will gain insights into:

Collaborative Compliance Strategies: How CISOs can effectively collaborate with legal and compliance teams to stay ahead of evolving data protection laws and maintain continuous compliance.

Robust Data Governance: Setting up comprehensive data governance frameworks that control the lifecycle of data, from collection to deletion, ensuring alignment with regulatory requirements.

Proactive Compliance Audits and Assessments: The importance of regular audits and assessments to verify adherence to data protection statutes, thereby mitigating risks and refining security posture.

Employee Training and Engagement: Developing ongoing training programs for employees to understand data privacy best practices and their critical role in protecting sensitive information.

Karen Habercoss, Chief Privacy Officer, UChicago Medicine

Rajesh David, VP, Global CISO, Molex

Tim Chick

Systems Team Technical Manager, Cyber Security Foundations Directorate; CERT Division, Carnegie Mellon University Software Engineering Institute

Secure Systems Don’t Happen by Accident

Most breaches are due to defects in design or code; thus, the only way to truly address the issue is to design and build more secure solutions. In this presentation, Tim Chick discusses how security is an integral aspect of the entire software lifecycle because of following deliberate engineering practices focused on reducing security risks using software assurance techniques.

Tim Chick, Systems Team Technical Manager, Cyber Security Foundations

Directorate; CERT Division, Carnegie Mellon University Software Engineering

Institute

Lunch & Exhibition

Erik Hart

CISO, Cushman & Wakefield

Karen Habercoss

Chief Privacy Officer, UChicago Medicine

Kenneth Townsend

CISO, Ingredion Inc

Patrick Dunphy

Head of Cybersecurity, Omron

Broadening the Scope: Comprehensive Metric Utilization for a Mature Security Posture

This session will delve into the multifaceted nature of cybersecurity metrics that go beyond mere performance indicators, focusing on how these metrics can be effectively employed to demonstrate strategic maturity, justify security investments, and guide decision-making processes.

This session aims to empower information security practitioners to think expansively about the metrics they track. By integrating these diverse measures, leaders can provide a more comprehensive view of their security operations, advocate more effectively for necessary resources, and implement strategic improvements that align with both security needs and business goals. Join us to explore how you can extend your metric horizon to craft a robust narrative of cyber maturity that supports sustained organizational success.

Key discussion points will include:
Threat Hunting and Monitoring: Evaluating the effectiveness of proactive security measures and their impact on risk mitigation.
Education and Awareness Programs: Metrics that measure the change in organizational behavior and culture towards security, highlighting the importance of continuous education.
Communicating Value to Leadership: How to translate cybersecurity investments into business-centric metrics that resonate with executive stakeholders, demonstrating ROI and aligning security goals with business objectives.
Staffing and Upskilling: Analyzing staff competency and training metrics to bolster security, including turnover rates, training effectiveness, and skill gaps.
Innovation in Metric Application: Exploring emerging metrics and how they can offer deeper insights into security posture, such as user behavior analytics and the integration of AI in security protocols.

Erik Hart, CISO, Cushman & Wakefield

Karen Habercoss, Chief Privacy Officer, UChicago Medicine

Kenneth Townsend, CISO, Ingredion Inc

Patrick Dunphy, Head of Cybersecurity, Omron 

Tim Gallo

Head of Global Solutions Architects, Google

Brian Cockrill

United States Secret Service

Deepfakes, Real Stakes: Unmasking Cyber Deception in a High-Stakes Interactive Tabletop Simulation

This interactive session is meticulously crafted to mimic a sophisticated cyberattack. It aims to bolster strategic response capabilities and enhance operational readiness against the backdrop of advanced cyberthreats. The focal point of this exercise is a strategically crafted deepfake incident targeting a corporate executive, weaving together elements of social engineering, financial fraud, and the challenges posed by emerging technological threats.

What you will gain from this experience:

  • Enhanced Organizational Readiness: To critically assess and improve organizational preparedness in response to intricate cyber incidents involving deepfake technology and social engineering.
  • Interagency Collaboration and Knowledge Exchange: To strengthen the partnership and information sharing between the Secret Service and leaders in the private sector cybersecurity community.
  • Strategic Response Development: To create all-encompassing incident response strategies that cover legal, technical and communicational facets, while also identifying and rectifying weaknesses in existing cybersecurity policies and governance.

Tim Gallo, Head of Global Solutions Architects, Google

Brian Cockrill, United States Secret Service

Networking & Exhibition Break

Todd Covert

CISO, National General, Allstate

Erik Decker

CISO, Intermountain Health

Bruce Phillips

SVP, CISO, MyHome, a Williston Financial Group Company

Beyond the Firewall: Elevating Protection Through Advanced Supply Chain Security Strategies

Supply chain security isn’t just about protecting your own assets—it’s about safeguarding the integrity of every component that contributes to your products or services.

In an era where business operations are extensively interconnected, understanding that each interaction and transaction within the supply chain can pose potential risks is crucial to maintaining the overall security framework of your organization. This session will concretely analyze the many dimensions of supply chain security, emphasizing the necessity of a holistic security approach to prevent, detect, and mitigate threats that could jeopardize organizational operations.

This session will provide participants with the insights needed to construct a robust framework for supply chain security, ensuring that preventive and reactive measures align with the complex realities of modern supply chains. Join us to explore strategic approaches that can fortify your organization’s defenses beyond the immediate boundaries of your enterprise.

Key strategies to be explored include:           

– Conducting thorough vendor risk assessments to evaluate the security posture of suppliers and third-party vendors.

– Implementing supply chain security controls such as code signing, software integrity verification, and secure boot mechanisms.

– Establishing clear contractual agreements and service level agreements that include explicit security requirements for vendors.

– How best to monitor supply chains for signs of compromise or suspicious activity, such as unauthorized code modifications or supply chain attacks.

– Fostering collaboration and information sharing with industry partners and government agencies to address supply chain security threats collectively.

Todd Covert, CISO, National General, Allstate

Erik Decker, CISO, Intermountain Health

Bruce Phillips, SVP, CISO, MyHome, a Williston Financial Group Company

Jessie Gibbons

Technical Director, Skybox Security

Continuous Threat Exposure Management

Jessie Gibbons, Technical Director, Skybox Security

Shefali Mookencherry

CISO, Chief Privacy Officer, University of Illinois at Chicago

Todd Covert

CISO, National General, Allstate

Kenneth Townsend

CISO, Ingredion Inc.

Unlocking Potential: Strategies for Overcoming the Cybersecurity Skills Shortage

Addressing the cybersecurity skills shortage is not merely about recruiting personnel; it involves a strategic approach to building a resilient, skilled workforce capable of staying ahead of emerging threats in our digital age. This session will explore multifaceted strategies designed to cultivate a robust cybersecurity workforce, thereby strengthening organizational defenses and enhancing the overall security posture.

Join us in this critical conversation as we delve into effective strategies that not only address the immediate skills shortage but also lay the groundwork for a future-proof cybersecurity workforce.

This session is designed to empower leaders to unlock the full potential of their cybersecurity teams through strategic development and inclusive practices.

Panelists will share impactful approaches to nurturing and retaining top cybersecurity talent, including:
– Investment in Workforce Development: Launching targeted training programs, certifications, and apprenticeship opportunities to develop the next generation of cybersecurity experts.
– Career Advancement Pathways: Creating clear, accessible pathways for career growth to retain top talent and motivate continual professional development.
– Cultivating a Learning Culture: Encouraging a workplace environment that prioritizes continuous learning, skill development, and mentorship, fostering a knowledgeable and adaptable security team.
– Diversity and Inclusion Initiatives: Broadening the recruitment spectrum to include diverse backgrounds, thereby enriching the cybersecurity field with varied perspectives and innovative approaches.
– Strategic Educational Partnerships: Collaborating with academia, industry groups, and government bodies to promote widespread cybersecurity education and practical training initiatives.

Shefali Mookencherry, CISO, Chief Privacy Officer, University of Illinois Chicago

Todd Covert, CISO, National General, Allstate

Kenneth Townsend, CISO, Ingredion Inc.

Closing Comments

Sponsors

Register

RSVP here to attend our events. You can opt for multiple or individual tickets.

NOTE:  All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.

The Summit Experience

CPE Credits

Engage offers Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.

Future Events

October 4-6, 2024

CISO Engage: Offsite, Jaisalmer

October 23, 2024

The Elastic and Google Cloud GenAI Roadshow London: Explore the Next Generation of AI-Driven Search and Insight

October 29-30, 2024

Virtual Government Cybersecurity Summit

October 10, 2024

Simplifying Security: Understanding SASE Fundamentals

October 24, 2024

The Elastic and Google Cloud GenAI Roadshow Seattle: Explore the Next Generation of AI-Driven Search and Insight

Future Events

October 4-6, 2024

CISO Engage: Offsite, Jaisalmer

October 10, 2024

Simplifying Security: Understanding SASE Fundamentals

October 23, 2024

The Elastic and Google Cloud GenAI Roadshow London: Explore the Next Generation of AI-Driven Search and Insight