North America West Summit
In-Person Summit May 23, 2023
ISMG Summits feature carefully curated agendas delivering a Keynote Address from an Industry Luminary, Case-Based Learning, Networking and more. The Summits are geo-targeted, industry-specific, and topic-driven events designed for security leaders.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Meydenbauer Centre
Name :
Meydenbauer Centre
Address :
11100 NE 6th St, Bellevue, WA 98004, USA
Eric Sanchez
CISO
Kyowa Kirin Pharmaceutical
Sanchez spent 12 years at the Central Intelligence Agency developing and executing global cyber operations. He was regularly called upon by the director of operations to architect, lead and execute unconventional cyber operations against adversary executive leadership and other national...
Aravind Swaminathan
Global Co-Chair Cybersecurity and Data Privacy
Orrick, Herrington & Sutcliffe LLP
As a strategic cybersecurity advisor, Aravind partners with clients to proactively plan for a crisis and develop strategies to improve resiliency, respond efficiently and effectively, protect their business and brand, and defend them in the onslaught of litigation and enforcement...
Varsha Agarwal
Head of Information Security
Prosper Marketplace
Agarwal currently serves as the head of information security at Prosper Marketplace. She oversees all aspects of information security and privacy to support and enable business goals and objectives, manage risks with proactive security strategies and deliver on regulatory, legal...
Jeannie Warner
Director of Product Marketing
Exabeam
Jeannie is an information security professional with over twenty years in infrastructure operations/security starting her career in the trenches working in various Unix helpdesk and network operations centers. She started in Security Operations for IBM MSS and quickly rose through...
Peter Klimek
Director of Technology, Office of the CTO
Imperva
Peter Klimek is a Director of Technology within the Office of the CTO at Imperva. With nearly 5 years of experience working with Imperva, Peter specializes in emerging technology and threat vectors while helping organizations secure cloud native applications and...
Ryan Parr
Sr Solutions Architect
Infoblox
Ryan is a Sr. Solutions Architect with Infoblox supporting the largest PNW accounts. I have been with Infoblox for 6 years with 25+ years in the industry working various technical roles.
Jerry Cochran
Deputy CIO – Cybersecurity & DigitalOps
Pacific Northwest National Laboratory
Cochran serves as Pacific Northwest National Laboratory’s deputy chief information officer and division director of the Cybersecurity and DigitalOps Division, Computing and IT Directorate. He oversees cybersecurity, the office of the CISO, enterprise IT engineering and operations. Cochran also leads...
Scott Roberts
CISO
Coinbase Cloud
Scott Roberts is the CISO for Coinbase Cloud, the gateway to Web3 for both developers and users at Coinbase. Scott leads the security, risk, compliance and privacy practices. He previously held the role of Director of Android and Pixel Security...
Sean Murphy
CISO and SVP
BECU
Murphy is an accomplished cybersecurity executive with more than 20 years of experience in IT and a decade of experience leading information security and risk management in highly regulated industries and fast-paced organizations. As a senior vice president and chief...
Eric Anderson
Director of Enterprise Security
Adobe
Eric Anderson is the Director of the Enterprise Security team at Adobe, where he is a strategic leader driving proactive cybersecurity for the enterprise including security reference architecture, zero-trust architecture, identity and access management, and endpoint security. His team is...
Stephen Dougherty
Forensic Financial Analyst/Investigator
U.S. Secret Service
Dougherty has over 15 years of investigative experience. He is currently a financial investigator/forensic analyst assigned to the U.S. Secret Service’s Global Investigative Operations Center. As a financial fraud investigator in support of the federal government, Dougherty has played a...
Brian Sevchek
Supervisory Special Agent, Private and Public Sector Outreach for Cyber Security
US Secret Service
Mr. Sevchek brings over sixteen (16) years of experience with the Secret Service, including eight (8) years working cyber enabled fraud investigations in the San Jose, California Resident Office. After six (6) years of Protective Assignments with the Counter Assault...
Joshua HIllsbery
CISO
Washington Department of Revenue
Joshua Hillsbery is the Chief Information Security Officer (CISO) for the Washington State Department of Revenue. Josh oversees the Department’s cybersecurity, data privacy, and incident response programs. In this role, Josh maintains the Department’s Governance, Risk, and Compliance (GRC) framework,...
Ralph Johnson
State CISO
Washington Technology Solutions (WaTech)
Michael Bray
CISO
The Vancouver Clinic
Michael Bray is a seasoned cybersecurity expert and the Chief Information Security Officer for The Vancouver Clinic. It is the largest independent, physician-owned medical group in the Pacific Northwest. With over 20 years of experience in the financial and healthcare...
Mark Bowling
Chief Risk and Information Security Officer
ExtraHop
Mark Bowling is the Chief Risk, Security, and Information Security Officer for ExtraHop Networks. Mark is responsible for all aspects of operational risk for ExtraHop, as well as responsible for all aspects of security, to include facility, personnel, and physical...
Yoshiko Marinko
Special Agent
US Secret Service
Brian Shea
BISO
Salesforce
Shea is an IT executive with 29 years of experience in IT operations and support, security, compliance, risk management and technology innovation. Currently, he is a business information security officer, or BISO, supporting multiple business units at Salesforce, delivering security...
View Agenda
Visionary Leadership: Insights from State CISO Ralph Johnson
Ralph Johnson, State CISO, Washington Technology Solutions (WaTech)

In this dynamic and engaging session, Ralph Johnson will take you on a journey through his distinguished career as a CISO and share his unique perspective on the transformation of cybersecurity. From his early days in technology management to his current role as the State CISO of Washington state's Washington Technology Solutions, Ralph has encountered a multitude of challenges and learned valuable lessons along the way.


Through his insightful anecdotes and experiences, Ralph will provide a fresh perspective on how to tackle security on a state-wide scale, navigate the transition from technology management to leadership, and embrace the evolving landscape of cybersecurity. He will share specific examples and actionable takeaways that you can apply to your own security practices, making this session a must-attend for anyone in the cybersecurity field.

Don't miss this opportunity to learn from one of the most respected and accomplished CISOs in the industry. Join us for an inspiring and informative session that will leave you with a deeper understanding of the transformation of cybersecurity and how you can succeed in this ever-changing landscape.

In this session, he will discuss 

  • How he tackled security on a state-wide scale, 
  • Navigated the transition from technology management to leadership, and the 
  • Lessons he learned over his 18-year career as a CISO
Ralph  Johnson
  • 09:00 AM
  • 09:29 AM
Trust No One: Building a Seamless Path to Zero-Trust Networking
Eric Anderson, Director of Enterprise Security, Adobe

Achieving a balance between stringent security requirements and a pleasant user experience can be challenging, as failure to do so may result in user dissatisfaction. We also need to ensure we are doing our best to effectively reduce risk at every possible touchpoint in our user and device ecosystem. In this fireside chat, Adobe's Director of Enterprise Security Eric Anderson will discuss the benefits of adopting a zero-trust approach to network security as well as share his perspectives on its evolution as we continuously adapt our strategies to match the changing threat landscape.

Eric Anderson
  • 09:30 AM
  • 09:59 AM
How to Build an Insider Threat Program
Jeannie Warner, Director of Product Marketing , Exabeam

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

This presentation will explore:

  • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
  • Four attributes of a successful insider threat program
  • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster 
  • An automated investigation experience that replaces manual routines and effectively guides new insider threat teams
Jeannie Warner
  • 10:00 AM
  • 10:29 AM
Networking and Exhibition Break
  • 10:30 AM
  • 10:59 AM
Solution Room Secret Service Panel- Latest Trends in BEC
Yoshiko Marinko, Special Agent, US Secret Service
Stephen Dougherty, Forensic Financial Analyst/Investigator, U.S. Secret Service
Yoshiko Marinko
Stephen Dougherty
  • 11:00 AM
  • 11:19 AM
Anatomy of a Business Email Compromise Attack and their Mutations (And why they continue to be successful today)
Eric Sanchez, CISO, Kyowa Kirin Pharmaceutical
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Scott Roberts, CISO, Coinbase Cloud
Joshua HIllsbery, CISO, Washington Department of Revenue
Varsha Agarwal, Head of Information Security, Prosper Marketplace
Sean Murphy, CISO and SVP, BECU
Michael Bray, CISO , The Vancouver Clinic
Brian Shea, BISO, Salesforce

Solution Room

1 Hour workshop Presented by the United States Secret Service

What is a Solution Room?

The Solution Room is a highly engaging and interactive conference session that aims to provide cybersecurity leaders with peer-to-peer support and subject matter expertise to tackle their most pressing challenges. Through a combination of small group discussions, expert moderators, and support from U.S. Secret Service Agents, attendees will work through the lifecycle of a Business Email Compromise (BEC) attack.

What does participation in the Solution Room look like?

To enhance your learning experience, we invite you to join one of the ten tables for this collaborative session. Each table will be moderated by a knowledgeable CyberEdBoard member, and a U.S. Secret Service Agent will be present to provide valuable insights into law enforcement partnerships during a compromise. 

To kick off the session, Tom Field, Senior Vice President of Editorial at ISMG, will set the stage with a fictitious Business Email Compromise (BEC) scenario. Each group will receive identical sets of questions and work collaboratively to find the answers. As the exercise progresses, new information will be revealed, adding unexpected twists and turns to the scenario. Through this dynamic approach, participants will be challenged to apply critical thinking skills and work as a cohesive team to effectively respond to the evolving situation. Our goal is to provide a stimulating and engaging learning experience that equips you with the skills and knowledge needed to handle real-world BEC scenarios.

Partnering with the US Secret Service 

The U.S. Secret Service brings extensive experience and expertise in investigating and preventing BEC attacks, and participants will have the unique opportunity to learn from the experts during the workshop. They will gain a deeper understanding of the anatomy of a BEC attack, including its mutations, and how to identify, disrupt, and prosecute cybercriminals involved in such schemes.

The Solution Room offers a valuable learning experience for cybersecurity leaders seeking to enhance their knowledge and skills in combating BEC attacks.

Eric Sanchez
Jerry Cochran
Scott Roberts
Joshua  HIllsbery
Varsha Agarwal
Sean Murphy
Michael Bray
Brian Shea
  • 11:20 AM
  • 12:19 PM
Lunch and Exhibition Break
  • 12:20 PM
  • 01:04 PM
Considering DNS in your Security Stack
Ryan Parr, Sr Solutions Architect, Infoblox

During this Infoblox showcase, Sr. Solutions Architect Ryan Parr will go over the importance of DNS and why it should be considered in your Security Stack.

Ryan Parr
  • 01:05 PM
  • 01:14 PM
Innovation and Collaboration: Unlocking the Potential of the Modern CISO
Sean Murphy, CISO and SVP, BECU
Michael Bray, CISO , The Vancouver Clinic
Joshua HIllsbery, CISO, Washington Department of Revenue
Scott Roberts, CISO, Coinbase Cloud

The "modern" CISO must take advantage of every opportunity to strengthen their organization's defenses. With potentially slower business activity, CISOs have the chance to improve existing security programs and sharpen their communications to effectively translate security-speak to management decision makers.

In this session, our expert group of CISOs will share their perspectives on what lies ahead and how to communicate budget needs and the evolving threat environment to management. They will assess the opportunities in a "down cycle" to improve existing programs, discuss effective communication to decision makers in management, and decipher the biggest challenges for building and maintaining a successful security team.

Attendees will gain insights into the latest best practices for cybersecurity, learn strategies for communicating security needs to management, and hear from experienced CISOs on how to build and maintain successful security teams. This session is a must-attend for any CISO, security professional, or business leader looking to strengthen their organization's defenses in the face of evolving cyber threats.

Sean Murphy
Michael Bray
Joshua  HIllsbery
Scott Roberts
  • 01:15 PM
  • 01:44 PM
Prepare and Protect: The Evolving API Threat Landscape
Peter Klimek, Director of Technology, Office of the CTO, Imperva

As APIs increase in volume, they are becoming an even more valuable target for cybercriminals. Not only do they offer a pathway for hackers to access vast amounts of sensitive data, but security teams often struggle to keep up with the pace of API development in their organization. This session will offer the three most common risks businesses face when deploying APIs and the strategies security teams can use to stay ahead.

  • Discover the most common API attacks Imperva sees across its cloud security network and how to defend against them
  • Learn how to uncover deprecated APIs and other common API implementation pitfalls
  • Hear ways to protect your mobile APIs from fraud and abuse 
Peter Klimek
  • 01:45 PM
  • 02:14 PM
Detecting the Bear: Why Detection Matters
Mark Bowling, Chief Risk and Information Security Officer, ExtraHop

What do network intrusions and wild bears have in common? They can be hard to spot and if you don’t see them coming, you can have a very bad day. 

Join ExtraHop Chief Risk, Security, and Information Security Officer Mark Bowling to discuss the importance of detection and perception in your security environment, including an interactive fireside chat with ISMG's Tom Field.


Mark Bowling
  • 02:15 PM
  • 02:44 PM
Networking and Exhibition Break
  • 02:45 PM
  • 02:59 PM
Cyber Blame Game: Navigating Legal Liability Before and After a Breach- Fireside Chat
Aravind Swaminathan, Global Co-Chair Cybersecurity and Data Privacy, Orrick, Herrington & Sutcliffe LLP

Join us for this interactive session for Chief Information Security Officers (CISOs) and their teams to discuss the increased legal scrutiny they face following significant breaches. After a company discovers a cyberattack on its network, the finger-pointing begins. The CEO blames the chief information security officer (CISO). The CISO blames the financial officers for not setting aside enough money for cyber defenses. The chief information officer begins to look for a scapegoat further down the supply chain. Maybe they fire a low-level employee who made a mistake or point to a vulnerability within a third-party vendor’s security system. Or, if the incident took place in the cloud, is the cloud provider or the data owner at fault?

Individual liability for cyber incidents is also evolving, with potential legal issues arising from failure to report incidents. While executives and boards of directors have largely gone unscathed in the legal aftermath of a cyber incident, this is not always true for CISO’s and their teams.

In this session, we will cover:

  • The common blame game that occurs within companies after a cyberattack, and the importance of identifying who is legally liable.
  • The Business Judgment Rule and how it may protect high-level executives and boards of directors from liability in cases of poor or unwise decisions made in good faith using appropriate procedures.
  • The potential designation of CISOs as the "designated felon" in some cases of cyber incidents, and how they can protect themselves from legal and financial consequences through employment contract considerations.
  • The evolving individual liability for cyber incidents, and the potential legal issues arising from failure to report incidents.
  • The various insurance policies that CISOs must consider, such as cyber and Directors and Officers (D&O) insurance, to address their concerns about insurance coverage, and the obstacles they face in obtaining adequate coverage.
Aravind Swaminathan
  • 03:00 PM
  • 03:19 PM
Cyber Blame Game: Navigating Legal Liability Before and After a Breach- Interactive Q&A
Aravind Swaminathan, Global Co-Chair Cybersecurity and Data Privacy, Orrick, Herrington & Sutcliffe LLP
Varsha Agarwal, Head of Information Security, Prosper Marketplace

Join us for this interactive session for Chief Information Security Officers (CISOs) and their teams to discuss the increased legal scrutiny they face following significant breaches. After a company discovers a cyberattack on its network, the finger-pointing begins. The CEO blames the chief information security officer (CISO). The CISO blames the financial officers for not setting aside enough money for cyber defenses. The chief information officer begins to look for a scapegoat further down the supply chain. Maybe they fire a low-level employee who made a mistake or point to a vulnerability within a third-party vendor’s security system. Or, if the incident took place in the cloud, is the cloud provider or the data owner at fault?

Individual liability for cyber incidents is also evolving, with potential legal issues arising from failure to report incidents. While executives and boards of directors have largely gone unscathed in the legal aftermath of a cyber incident, this is not always true for CISO’s and their teams.

In this session, we will cover:

  • The common blame game that occurs within companies after a cyberattack, and the importance of identifying who is legally liable.
  • The Business Judgment Rule and how it may protect high-level executives and boards of directors from liability in cases of poor or unwise decisions made in good faith using appropriate procedures.
  • The potential designation of CISOs as the "designated felon" in some cases of cyber incidents, and how they can protect themselves from legal and financial consequences through employment contract considerations.
  • The evolving individual liability for cyber incidents, and the potential legal issues arising from failure to report incidents.
  • The various insurance policies that CISOs must consider, such as cyber and Directors and Officers (D&O) insurance, to address their concerns about insurance coverage, and the obstacles they face in obtaining adequate coverage.
Aravind Swaminathan
Varsha Agarwal
  • 03:20 PM
  • 03:59 PM
Closing Comments
  • 04:00 PM
  • 04:14 PM

ISMG Summits feature carefully curated agendas delivering a Keynote Address from an Industry Luminary, Case-Based Learning, Networking and more. The Summits are geo-targeted, industry-specific, and topic-driven events designed for security leaders.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Meydenbauer Centre
Name :
Meydenbauer Centre
Address :
11100 NE 6th St, Bellevue, WA 98004, USA

Eric Sanchez
CISO
Kyowa Kirin Pharmaceutical
Sanchez spent 12 years at the Central Intelligence Agency developing and executing global cyber operations. He was regularly called upon by the director of operations to architect, lead and execute unconventional cyber operations against adversary executive leadership and other national...
Aravind Swaminathan
Global Co-Chair Cybersecurity and Data Privacy
Orrick, Herrington & Sutcliffe LLP
As a strategic cybersecurity advisor, Aravind partners with clients to proactively plan for a crisis and develop strategies to improve resiliency, respond efficiently and effectively, protect their business and brand, and defend them in the onslaught of litigation and enforcement...
Varsha Agarwal
Head of Information Security
Prosper Marketplace
Agarwal currently serves as the head of information security at Prosper Marketplace. She oversees all aspects of information security and privacy to support and enable business goals and objectives, manage risks with proactive security strategies and deliver on regulatory, legal...
Jeannie Warner
Director of Product Marketing
Exabeam
Jeannie is an information security professional with over twenty years in infrastructure operations/security starting her career in the trenches working in various Unix helpdesk and network operations centers. She started in Security Operations for IBM MSS and quickly rose through...
Peter Klimek
Director of Technology, Office of the CTO
Imperva
Peter Klimek is a Director of Technology within the Office of the CTO at Imperva. With nearly 5 years of experience working with Imperva, Peter specializes in emerging technology and threat vectors while helping organizations secure cloud native applications and...
Ryan Parr
Sr Solutions Architect
Infoblox
Ryan is a Sr. Solutions Architect with Infoblox supporting the largest PNW accounts. I have been with Infoblox for 6 years with 25+ years in the industry working various technical roles.
Jerry Cochran
Deputy CIO – Cybersecurity & DigitalOps
Pacific Northwest National Laboratory
Cochran serves as Pacific Northwest National Laboratory’s deputy chief information officer and division director of the Cybersecurity and DigitalOps Division, Computing and IT Directorate. He oversees cybersecurity, the office of the CISO, enterprise IT engineering and operations. Cochran also leads...
Scott Roberts
CISO
Coinbase Cloud
Scott Roberts is the CISO for Coinbase Cloud, the gateway to Web3 for both developers and users at Coinbase. Scott leads the security, risk, compliance and privacy practices. He previously held the role of Director of Android and Pixel Security...
Sean Murphy
CISO and SVP
BECU
Murphy is an accomplished cybersecurity executive with more than 20 years of experience in IT and a decade of experience leading information security and risk management in highly regulated industries and fast-paced organizations. As a senior vice president and chief...
Eric Anderson
Director of Enterprise Security
Adobe
Eric Anderson is the Director of the Enterprise Security team at Adobe, where he is a strategic leader driving proactive cybersecurity for the enterprise including security reference architecture, zero-trust architecture, identity and access management, and endpoint security. His team is...
Stephen Dougherty
Forensic Financial Analyst/Investigator
U.S. Secret Service
Dougherty has over 15 years of investigative experience. He is currently a financial investigator/forensic analyst assigned to the U.S. Secret Service’s Global Investigative Operations Center. As a financial fraud investigator in support of the federal government, Dougherty has played a...
Brian Sevchek
Supervisory Special Agent, Private and Public Sector Outreach for Cyber Security
US Secret Service
Mr. Sevchek brings over sixteen (16) years of experience with the Secret Service, including eight (8) years working cyber enabled fraud investigations in the San Jose, California Resident Office. After six (6) years of Protective Assignments with the Counter Assault...
Joshua HIllsbery
CISO
Washington Department of Revenue
Joshua Hillsbery is the Chief Information Security Officer (CISO) for the Washington State Department of Revenue. Josh oversees the Department’s cybersecurity, data privacy, and incident response programs. In this role, Josh maintains the Department’s Governance, Risk, and Compliance (GRC) framework,...
Ralph Johnson
State CISO
Washington Technology Solutions (WaTech)
Michael Bray
CISO
The Vancouver Clinic
Michael Bray is a seasoned cybersecurity expert and the Chief Information Security Officer for The Vancouver Clinic. It is the largest independent, physician-owned medical group in the Pacific Northwest. With over 20 years of experience in the financial and healthcare...
Mark Bowling
Chief Risk and Information Security Officer
ExtraHop
Mark Bowling is the Chief Risk, Security, and Information Security Officer for ExtraHop Networks. Mark is responsible for all aspects of operational risk for ExtraHop, as well as responsible for all aspects of security, to include facility, personnel, and physical...
Yoshiko Marinko
Special Agent
US Secret Service
Brian Shea
BISO
Salesforce
Shea is an IT executive with 29 years of experience in IT operations and support, security, compliance, risk management and technology innovation. Currently, he is a business information security officer, or BISO, supporting multiple business units at Salesforce, delivering security...

View Agenda
Visionary Leadership: Insights from State CISO Ralph Johnson
Ralph Johnson, State CISO, Washington Technology Solutions (WaTech)

In this dynamic and engaging session, Ralph Johnson will take you on a journey through his distinguished career as a CISO and share his unique perspective on the transformation of cybersecurity. From his early days in technology management to his current role as the State CISO of Washington state's Washington Technology Solutions, Ralph has encountered a multitude of challenges and learned valuable lessons along the way.


Through his insightful anecdotes and experiences, Ralph will provide a fresh perspective on how to tackle security on a state-wide scale, navigate the transition from technology management to leadership, and embrace the evolving landscape of cybersecurity. He will share specific examples and actionable takeaways that you can apply to your own security practices, making this session a must-attend for anyone in the cybersecurity field.

Don't miss this opportunity to learn from one of the most respected and accomplished CISOs in the industry. Join us for an inspiring and informative session that will leave you with a deeper understanding of the transformation of cybersecurity and how you can succeed in this ever-changing landscape.

In this session, he will discuss 

  • How he tackled security on a state-wide scale, 
  • Navigated the transition from technology management to leadership, and the 
  • Lessons he learned over his 18-year career as a CISO
Ralph  Johnson
  • 09:00 AM
  • 09:29 AM
Trust No One: Building a Seamless Path to Zero-Trust Networking
Eric Anderson, Director of Enterprise Security, Adobe

Achieving a balance between stringent security requirements and a pleasant user experience can be challenging, as failure to do so may result in user dissatisfaction. We also need to ensure we are doing our best to effectively reduce risk at every possible touchpoint in our user and device ecosystem. In this fireside chat, Adobe's Director of Enterprise Security Eric Anderson will discuss the benefits of adopting a zero-trust approach to network security as well as share his perspectives on its evolution as we continuously adapt our strategies to match the changing threat landscape.

Eric Anderson
  • 09:30 AM
  • 09:59 AM
How to Build an Insider Threat Program
Jeannie Warner, Director of Product Marketing , Exabeam

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

This presentation will explore:

  • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
  • Four attributes of a successful insider threat program
  • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster 
  • An automated investigation experience that replaces manual routines and effectively guides new insider threat teams
Jeannie Warner
  • 10:00 AM
  • 10:29 AM
Networking and Exhibition Break
  • 10:30 AM
  • 10:59 AM
Solution Room Secret Service Panel- Latest Trends in BEC
Yoshiko Marinko, Special Agent, US Secret Service
Stephen Dougherty, Forensic Financial Analyst/Investigator, U.S. Secret Service
Yoshiko Marinko
Stephen Dougherty
  • 11:00 AM
  • 11:19 AM
Anatomy of a Business Email Compromise Attack and their Mutations (And why they continue to be successful today)
Eric Sanchez, CISO, Kyowa Kirin Pharmaceutical
Jerry Cochran, Deputy CIO – Cybersecurity & DigitalOps, Pacific Northwest National Laboratory
Scott Roberts, CISO, Coinbase Cloud
Joshua HIllsbery, CISO, Washington Department of Revenue
Varsha Agarwal, Head of Information Security, Prosper Marketplace
Sean Murphy, CISO and SVP, BECU
Michael Bray, CISO , The Vancouver Clinic
Brian Shea, BISO, Salesforce

Solution Room

1 Hour workshop Presented by the United States Secret Service

What is a Solution Room?

The Solution Room is a highly engaging and interactive conference session that aims to provide cybersecurity leaders with peer-to-peer support and subject matter expertise to tackle their most pressing challenges. Through a combination of small group discussions, expert moderators, and support from U.S. Secret Service Agents, attendees will work through the lifecycle of a Business Email Compromise (BEC) attack.

What does participation in the Solution Room look like?

To enhance your learning experience, we invite you to join one of the ten tables for this collaborative session. Each table will be moderated by a knowledgeable CyberEdBoard member, and a U.S. Secret Service Agent will be present to provide valuable insights into law enforcement partnerships during a compromise. 

To kick off the session, Tom Field, Senior Vice President of Editorial at ISMG, will set the stage with a fictitious Business Email Compromise (BEC) scenario. Each group will receive identical sets of questions and work collaboratively to find the answers. As the exercise progresses, new information will be revealed, adding unexpected twists and turns to the scenario. Through this dynamic approach, participants will be challenged to apply critical thinking skills and work as a cohesive team to effectively respond to the evolving situation. Our goal is to provide a stimulating and engaging learning experience that equips you with the skills and knowledge needed to handle real-world BEC scenarios.

Partnering with the US Secret Service 

The U.S. Secret Service brings extensive experience and expertise in investigating and preventing BEC attacks, and participants will have the unique opportunity to learn from the experts during the workshop. They will gain a deeper understanding of the anatomy of a BEC attack, including its mutations, and how to identify, disrupt, and prosecute cybercriminals involved in such schemes.

The Solution Room offers a valuable learning experience for cybersecurity leaders seeking to enhance their knowledge and skills in combating BEC attacks.

Eric Sanchez
Jerry Cochran
Scott Roberts
Joshua  HIllsbery
Varsha Agarwal
Sean Murphy
Michael Bray
Brian Shea
  • 11:20 AM
  • 12:19 PM
Lunch and Exhibition Break
  • 12:20 PM
  • 01:04 PM
Considering DNS in your Security Stack
Ryan Parr, Sr Solutions Architect, Infoblox

During this Infoblox showcase, Sr. Solutions Architect Ryan Parr will go over the importance of DNS and why it should be considered in your Security Stack.

Ryan Parr
  • 01:05 PM
  • 01:14 PM
Innovation and Collaboration: Unlocking the Potential of the Modern CISO
Sean Murphy, CISO and SVP, BECU
Michael Bray, CISO , The Vancouver Clinic
Joshua HIllsbery, CISO, Washington Department of Revenue
Scott Roberts, CISO, Coinbase Cloud

The "modern" CISO must take advantage of every opportunity to strengthen their organization's defenses. With potentially slower business activity, CISOs have the chance to improve existing security programs and sharpen their communications to effectively translate security-speak to management decision makers.

In this session, our expert group of CISOs will share their perspectives on what lies ahead and how to communicate budget needs and the evolving threat environment to management. They will assess the opportunities in a "down cycle" to improve existing programs, discuss effective communication to decision makers in management, and decipher the biggest challenges for building and maintaining a successful security team.

Attendees will gain insights into the latest best practices for cybersecurity, learn strategies for communicating security needs to management, and hear from experienced CISOs on how to build and maintain successful security teams. This session is a must-attend for any CISO, security professional, or business leader looking to strengthen their organization's defenses in the face of evolving cyber threats.

Sean Murphy
Michael Bray
Joshua  HIllsbery
Scott Roberts
  • 01:15 PM
  • 01:44 PM
Prepare and Protect: The Evolving API Threat Landscape
Peter Klimek, Director of Technology, Office of the CTO, Imperva

As APIs increase in volume, they are becoming an even more valuable target for cybercriminals. Not only do they offer a pathway for hackers to access vast amounts of sensitive data, but security teams often struggle to keep up with the pace of API development in their organization. This session will offer the three most common risks businesses face when deploying APIs and the strategies security teams can use to stay ahead.

  • Discover the most common API attacks Imperva sees across its cloud security network and how to defend against them
  • Learn how to uncover deprecated APIs and other common API implementation pitfalls
  • Hear ways to protect your mobile APIs from fraud and abuse 
Peter Klimek
  • 01:45 PM
  • 02:14 PM
Detecting the Bear: Why Detection Matters
Mark Bowling, Chief Risk and Information Security Officer, ExtraHop

What do network intrusions and wild bears have in common? They can be hard to spot and if you don’t see them coming, you can have a very bad day. 

Join ExtraHop Chief Risk, Security, and Information Security Officer Mark Bowling to discuss the importance of detection and perception in your security environment, including an interactive fireside chat with ISMG's Tom Field.


Mark Bowling
  • 02:15 PM
  • 02:44 PM
Networking and Exhibition Break
  • 02:45 PM
  • 02:59 PM
Cyber Blame Game: Navigating Legal Liability Before and After a Breach- Fireside Chat
Aravind Swaminathan, Global Co-Chair Cybersecurity and Data Privacy, Orrick, Herrington & Sutcliffe LLP

Join us for this interactive session for Chief Information Security Officers (CISOs) and their teams to discuss the increased legal scrutiny they face following significant breaches. After a company discovers a cyberattack on its network, the finger-pointing begins. The CEO blames the chief information security officer (CISO). The CISO blames the financial officers for not setting aside enough money for cyber defenses. The chief information officer begins to look for a scapegoat further down the supply chain. Maybe they fire a low-level employee who made a mistake or point to a vulnerability within a third-party vendor’s security system. Or, if the incident took place in the cloud, is the cloud provider or the data owner at fault?

Individual liability for cyber incidents is also evolving, with potential legal issues arising from failure to report incidents. While executives and boards of directors have largely gone unscathed in the legal aftermath of a cyber incident, this is not always true for CISO’s and their teams.

In this session, we will cover:

  • The common blame game that occurs within companies after a cyberattack, and the importance of identifying who is legally liable.
  • The Business Judgment Rule and how it may protect high-level executives and boards of directors from liability in cases of poor or unwise decisions made in good faith using appropriate procedures.
  • The potential designation of CISOs as the "designated felon" in some cases of cyber incidents, and how they can protect themselves from legal and financial consequences through employment contract considerations.
  • The evolving individual liability for cyber incidents, and the potential legal issues arising from failure to report incidents.
  • The various insurance policies that CISOs must consider, such as cyber and Directors and Officers (D&O) insurance, to address their concerns about insurance coverage, and the obstacles they face in obtaining adequate coverage.
Aravind Swaminathan
  • 03:00 PM
  • 03:19 PM
Cyber Blame Game: Navigating Legal Liability Before and After a Breach- Interactive Q&A
Aravind Swaminathan, Global Co-Chair Cybersecurity and Data Privacy, Orrick, Herrington & Sutcliffe LLP
Varsha Agarwal, Head of Information Security, Prosper Marketplace

Join us for this interactive session for Chief Information Security Officers (CISOs) and their teams to discuss the increased legal scrutiny they face following significant breaches. After a company discovers a cyberattack on its network, the finger-pointing begins. The CEO blames the chief information security officer (CISO). The CISO blames the financial officers for not setting aside enough money for cyber defenses. The chief information officer begins to look for a scapegoat further down the supply chain. Maybe they fire a low-level employee who made a mistake or point to a vulnerability within a third-party vendor’s security system. Or, if the incident took place in the cloud, is the cloud provider or the data owner at fault?

Individual liability for cyber incidents is also evolving, with potential legal issues arising from failure to report incidents. While executives and boards of directors have largely gone unscathed in the legal aftermath of a cyber incident, this is not always true for CISO’s and their teams.

In this session, we will cover:

  • The common blame game that occurs within companies after a cyberattack, and the importance of identifying who is legally liable.
  • The Business Judgment Rule and how it may protect high-level executives and boards of directors from liability in cases of poor or unwise decisions made in good faith using appropriate procedures.
  • The potential designation of CISOs as the "designated felon" in some cases of cyber incidents, and how they can protect themselves from legal and financial consequences through employment contract considerations.
  • The evolving individual liability for cyber incidents, and the potential legal issues arising from failure to report incidents.
  • The various insurance policies that CISOs must consider, such as cyber and Directors and Officers (D&O) insurance, to address their concerns about insurance coverage, and the obstacles they face in obtaining adequate coverage.
Aravind Swaminathan
Varsha Agarwal
  • 03:20 PM
  • 03:59 PM
Closing Comments
  • 04:00 PM
  • 04:14 PM

Speaker Interviews

May 23, 2023

North America West Summit