Northeast US Summit
Hybrid Summit June 21 - 22, 2022
This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Address :
New York, NY, USA
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ari Redbord is the head of legal and government affairs at TRM Labs, the blockchain intelligence company. Prior to joining TRM, he was the senior adviser to the deputy secretary and the undersecretary for terrorism and financial intelligence at the...
Chris Nicodemo
Sr. Global Director of Information Security
Freewheel, a Comcast Company
Nicodemo leads in cybersecurity, DevSecOps and corporate security by bringing smart processes and people together to establish effective security in complex environments. He enables fast-moving organizations to confidently elevate their security posture and meet the growing compliance requirements. With a...
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Karen Boyer has over 20 years of diverse banking experience with over 15 in the realm of Fraud. She is currently Vice President of Financial Crimes and Fraud Intelligence, at People’s United Bank, a regional bank in the Northeast with...
Michael Baker
Vice President and CISO
General Dynamics Information Technology
Baker brings over 20 years of experience in the field across cyber leadership, talent development, risk management, audit and compliance, both as a CISO and a consultant. He is currently vice president and CISO at GDIT, serving within the Office...
Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Denise Anderson
President and CEO
Health Information Sharing & Analysis Center
Anderson is president and CEO of the Health Information Sharing and Analysis Center, or H-ISAC. Prior to H-ISAC, she was a vice president of FS-ISAC, where for almost nine years she helped the ISAC grow and achieve its successful status...
Jonathan Blackman
CISSP, Technical Solutions Architect
Cisco
Jonathan has large enterprise IT Security experience working at companies such as Merck, Deutsche Bank and Pfizer as well as technical sales at leading security vendors. In his role at Cisco, he evangelizes how companies can implement security without impacting...
Tim Wade
Deputy Chief Technology Officer
Vectra
Tim Wade is the Deputy Chief Technology Officer of Vectra and is an advocate for thoughtful protections of individual privacy, fairness, and liberty in our modern digital world. Previously, he held the position of Head of Application and Information Security...
Peter Casson
Cyber Branch Assistant and Special Agent-in-Charge
FBI
Anna Delaney
Executive Editor
ISMG
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...
Keith O'Sullivan
SVP. IT Risk & Chief Information Security Officer
Standard Industries
O'Sullivan is currently the CISO and senior vice president of IT risk at Standard Industries, where he developed a sophisticated information security strategy for Standard and its operating companies. As CISO, his security leadership supports innovative DevSecOps models, threat-focused offensive...
Patty Ryan
Sr. Director, Chief Information Security Officer
Ortho Clinical Diagnostics
As Ortho Clinical Diagnostic’s Chief Information Security Officer, Patty Ryan is responsible for defining the firm’s global Information Security strategy, roadmap and operating infrastructure. Partnering globally with IT, Compliance, Commercial, Regulatory, Legal, Quality, R&D and Strategic Marketing resources, she ensures...
Jason Cook
Technical Sales Director
Rubrik
As technical sales director, Cook is responsible for major accounts at Rubrik. He has been with the company for over four years and has experience in consulting, sales, project management and information technology.
Murtaza Hafizji
Sr. Cyber Security Strategist
BugCrowd
Murtaza Hafizji, Sr. Cyber Security Strategist at Bugcrowd, loves to help customers effectively address their toughest information security challenges. Murtaza has been in the cybersecurity industry for over 10+ years. Murtaza loves to travel and has been to more than...
Josh Dorion
Security Architect, reCAPTCHA Enterprise
Google Cloud Security
Dorion has over a decade of experience working in a fast-paced and challenging IT environment, primarily with a focus on customer support and systems administration. He was previously with Chronicle as an independent company within Alphabet before the acquisition.
Vince Lau
Senior Director Product Marketing
Infinipoint
Vince Lau is the Senior Director of Product Marketing at Infinipoint, with over two decades of marketing and security experience helping various industries/clients manage cybersecurity risks. Vince has also worked for other notable security vendors, including Imperva, ThreatMetrix, Tigera, Anomali,...
Kevin McCleary
Assistant Special Agent in Charge, Criminal Investigative Division
United States Secret Service
Having began his career with the U.S. Secret Service in 1999, McCleary is currently assigned to the National Cyber-Forensics & Training Alliance's New York satellite office as the USSS Criminal Investigative Division's detailee. The NCFTA is a non-profit organization founded...
Chris Wysopal
Chief Technology Officer
Veracode
Wysopal is responsible for the company's software security analysis capabilities. In 2008 he was named one of InfoWorld's Top 25 CTO's and one of the 100 most influential people in IT by eWeek. One of the original vulnerability researchers and...
Chris Holden
CISO
Crum & Forster
As CISO for Crum & Forster, Holden is responsible for maintaining the day-to-day security of the organization's information systems and data while adhering to regulatory requirements. He started his career as a forensics analyst for Hewlett-Packard’s global cybersecurity team, where...
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
John Kindervag is the "Father of Zero Trust," who as an analyst at Forrester invented the term and defined the reference architecture for a network whose five basic principles defined the notion of Zero Trust. He is also the co-founder...
Lisa Sotto
Partner
Hunton Andrews Kurth LLP
Sotto is partner at Hunton Andrews Kurth. She has been named among The National Law Journal’s “100 Most Influential Lawyers”. Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New...
Rocco Grillo
Managing Director, Global Cyber Risk & Incident Response Investigations
Alvarez & Marsal
Rocco Grillo currently serves as a Managing Director with Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice. He focuses on leading multi disciplinary teams who provide cyber risk and incident response services to clients globally. He has...
Danny Jenkins
CEO
ThreatLocker
James Hitchcock
Vice President, Fraud Mitigation
American Bankers Association
Chris Pierson
Founder and CEO
BlackCloak
Dr. Chris Pierson is the Founder & CEO of BlackCloak, a leader in digital executive protection for corporate executives, high-profile and high-net-worth individuals and their families. Chris has been on the front lines of cybersecurity and privacy in both the...
Greg Kyrytschenko
Deputy CISO
Guardian Life
Kyrytschenko is the deputy CISO leading cybersecurity services for Guardian Life, where he is responsible for ensuring data protection and the availability of Guardian’s information security systems. He is also the BISO at ReedGroup. In his 20 years in information...
Brendan "Casey" McGee
Assistant to the Special Agent in Charge
United States Secret Service
With over 21 years of federal law enforcement experience, ATSAIC McGee leads U.S. Secret Service (USSS) efforts to increase public and private partnership in the investigation of complex transnational criminal investigations involving the use of digital assets. In an executive...
View Agenda
Threat Intelligence and the Dark Web
Michael Baker, Vice President and CISO, General Dynamics Information Technology
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries
Peter Casson, Cyber Branch Assistant and Special Agent-in-Charge , FBI
Michael Baker
Keith O'Sullivan
Peter Casson
  • 09:10 AM
  • 09:39 AM
Track A: Software Security: How to Prioritize, Measure and Convey It To the Board
Chris Wysopal, Chief Technology Officer, Veracode

Amidst the shifting threat landscape, cloud migration and ongoing digital transformation, software security is often low or even last on the list of priorities for security leaders to address.
Yet, with the recent executive order on cybersecurity, and as headlines continue to feature high-profile breaches, board members at organizations across all industries are taking notice. Even though there are often designated technical experts on boards, there is now an increased awareness around cybersecurity - especially software security - even among the traditionally business-oriented members.

So, it’s important to prioritize software security and to tailor messages to the business functions so that they too can understand the organization's risk posture. But communicating about software security to the board can be particularly challenging because of the ways that it differs from other security solutions. You don’t install a software security tool and count the breaches getting deflected; you change the way you develop software by building security in from the start. This is a significant pivot from traditional, reactive ways of thinking about security.

Security professionals are often faced with the following questions: How do we determine and justify the required resources for a software security program? How do we ensure - and prove - that development teams are adopting software security practices? Is our software security operating effectively? And how do we prove that?

Join this session, Software Security: How to Prioritize, Measure and Convey it to the Board, to get best practices on how to explain and report on a software security program for an executive audience.

Talking points include:

  • How have you approached the software security challenge – and where is it among your strategic priorities?
  • How do you make the successful business case for a software security program?
  • With a program in place, how do you ensure your developers are following your standards?
  • How do you measure the success of your program?
  • How do you communicate the metrics to your board and senior management?
Chris Wysopal
  • 09:45 AM
  • 10:14 AM
  • 10:20 AM
  • 10:34 AM
Track A
Danny Jenkins
Track A: Zero Trust for Applications
Danny Jenkins, CEO, ThreatLocker

The Zero Trust framework is based on the principle of "never trust, always verify." Join us to learn about Zero Trust, how to adopt it for applications, and the technologies you need to take control of your environment in the fight against ransomware.

  • 10:20 AM
  • 10:34 AM
Track B
Jonathan Blackman
Track B: To CERT or Not to CERT: Establishing Trust Without Certificates
Jonathan Blackman, CISSP, Technical Solutions Architect, Cisco

Critical resources need defense in depth beyond validating identity. Certificates provided a method to establish this trust. It is time to remove the calendar reminder for our certificate renewal. Duo’s Device Health Application can verify enrollment into corporate management systems without deploying certificates. Learn how this is done with some common asset management solutions.

Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 10:35 AM
  • 10:49 AM
  • 10:50 AM
  • 11:19 AM
Track A
Lisa Sotto
Ari Redbord
Track A: Navigating the New Digital Battlefield
Lisa Sotto, Partner, Hunton Andrews Kurth LLP
Ari Redbord, Head of Legal and Government Affairs, TRM Labs

Multiple-extortion ransomware, cryptocurrency exchange hacks - these are hallmarks of the new digital battlefield, and the navigation - and negotiations - are more critical than ever. In this panel discussion, two steeped cybercrime experts discuss the legal, privacy and security aspects of real-world situations including:

  • Weapons of choice in the new digital battlefield
  • The emerging role of cryptocurrency in cybercrime
  • Incident response: Step by step when the response clock starts
  • 10:50 AM
  • 11:19 AM
Track B
Keith O'Sullivan
Track B: What is Web3?
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries
  • 11:25 AM
  • 11:54 AM
Track A
Murtaza Hafizji
Track A: Evolving Your Security Strategy to the Challenges of 2022
Murtaza Hafizji, Sr. Cyber Security Strategist, BugCrowd

The cyber-threat landscape continued to evolve and expand in 2021, with attackers finding new vulnerabilities and ways to infiltrate organizations. There was also a significant rise in supply chain attacks in the past year, meaning 100s or even 1000s of organizations are at risk of being breached because of a security flaw in a single third party. In this environment, security teams must shift to a risk-based approach, prioritizing the most important areas of their organization. They should also not be afraid to seek outside help, leveraging the growing number of highly skilled white hat hackers to discover unique types of vulnerabilities across their network.


In this session, Hafizji will discuss:

  • The evolving threat landscape and expected trends for 2022
  • The importance of adopting a risk-based approach
  • The growth of crowdsourced security and how it works
  • 11:25 AM
  • 11:54 AM
Track B
Tim Wade
Track B: Artificial Intelligence: Let the Buyer Beware
Tim Wade, Deputy Chief Technology Officer, Vectra

Arming and unleashing your inner skeptic

Hype surrounding Artificial Intelligence is everywhere and AI-ification of everything is well underway – from beverages to pet care – with few signs indicating that the hype wave has crested. But despite the obviously transformative effects that Artificial Intelligence has had across numerous industries and verticals, the value of informed skepticism shouldn’t be discounted. In fact, now more than ever, it is critical that grounded skepticism take a front row seat on this topic when discussions are aimed at enterprise technology and security executives.

Join us as Vectra AI, a leader in enterprise security, addresses both the hype and the opportunity at a practical altitude necessary for strategic decision makers to feel confident harnessing their inner skeptic to achieve better outcomes for the enterprise.

Audience members will walk away with the following:

  • Foundational perspective necessary to sort hype from transformation
  • A practical approach to focusing on AI outcomes
  • An appreciation for the AI-risks on the horizon
Don't Pay the Ransom
Jason Cook, Technical Sales Director, Rubrik

A ransomware attack strikes every 11 seconds.

Despite thick firewalls, the bad guys will get through. Some businesses pay the ransom but most want to recover, so they don’t let the bad guys win.

A payout isn't the only way out.

If hackers exploit your backups, you pay the ransom. If your backups survive, you need to know what to recover and how long it will take. If you don't, you pay the ransom. But even with a decryption key, recovery takes days or weeks and the hackers may not return all the data.

Recovery from a clean backup is the only way to beat hackers. Data managed by Rubrik can’t be encrypted after the fact. Once ingested, no external or internal operation can modify it. So, your data is immune to ransomware. Since data can’t be overwritten, even infected data ingested by Rubrik can’t infect existing files/folders.

We'll discuss how to:

  • Analyze backup metadata for unusual behavior;
  • Quickly identify what data was encrypted and where it lives;
  • Locate PII that may have been exposed to a data exfiltration attack;
  • Automatically protect new workloads and lock retention to prohibit deletion of backup data. 
Jason Cook
  • 12:00 PM
  • 12:29 PM
Lunch
  • 12:30 PM
  • 01:14 PM
A Conversation with the U.S. Secret Service
Kevin McCleary, Assistant Special Agent in Charge, Criminal Investigative Division, United States Secret Service
Brendan "Casey" McGee, Assistant to the Special Agent in Charge, United States Secret Service
Kevin McCleary
Brendan "Casey" McGee
  • 01:15 PM
  • 01:44 PM
  • 01:50 PM
  • 02:04 PM
Track A
Chris Pierson
Track A: Executives' Personal Digital Lives are the Soft-Underbelly of Enterprise Security
Chris Pierson, Founder and CEO, BlackCloak

Security leaders do heroic work protecting their people, processes and technology from cyberattack. However, there is one significant gap in enterprise security that CISOs cannot protect, even if they wanted to: the personal digital lives of the C-Suite, Board Members, and senior executives. Join BlackCloak CEO Dr. Chris Pierson as he speaks about the growing problem of cybercriminals attacking executives’ personal lives to attack the company, and why CISOs have limited options to mitigate this risk.

  • 01:50 PM
  • 02:04 PM
Track B
Vince Lau
Track B: Apply Device Identity for True Zero Trust Access
Vince Lau, Senior Director Product Marketing, Infinipoint

Zero Trust reference architectures prioritize granular security controls for user devices to protect critical data and services. This includes requirements like continuous device security posture checks, adaptive access controls and end-user self remediation. Infinipoint will discuss how to use device identity to enable a true Zero Trust Access posture for any identity provider and any service.

Mandatory Cyber Incident Reporting – Lessons Learned
Rocco Grillo, Managing Director, Global Cyber Risk & Incident Response Investigations, Alvarez & Marsal
Greg Kyrytschenko, Deputy CISO, Guardian Life
Rocco Grillo
Greg Kyrytschenko
  • 02:10 PM
  • 02:39 PM
Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 02:45 PM
  • 02:59 PM
Zero Trust Townhall
  • 03:00 PM
  • 03:29 PM
Fraud and Nefarious Use of Modern Money
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
James Hitchcock, Vice President, Fraud Mitigation, American Bankers Association
Karen Boyer
James Hitchcock
  • 03:35 PM
  • 04:04 PM
Has the War Accelerated or Stalled your Cyber Plan?
Fred Harris, Head of Cyber Risk, Societe Generale
Chris Holden, CISO, Crum & Forster
Patty Ryan, Sr. Director, Chief Information Security Officer, Ortho Clinical Diagnostics
Fred Harris
Chris Holden
Patty Ryan
  • 04:10 PM
  • 04:39 PM
Closing Comments
  • 04:40 PM
  • 04:59 PM
Cocktail Reception
  • 05:30 PM
  • 06:29 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM EST on Day 2, Wednesday, June 22. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Address :
New York, NY, USA

Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ari Redbord is the head of legal and government affairs at TRM Labs, the blockchain intelligence company. Prior to joining TRM, he was the senior adviser to the deputy secretary and the undersecretary for terrorism and financial intelligence at the...
Chris Nicodemo
Sr. Global Director of Information Security
Freewheel, a Comcast Company
Nicodemo leads in cybersecurity, DevSecOps and corporate security by bringing smart processes and people together to establish effective security in complex environments. He enables fast-moving organizations to confidently elevate their security posture and meet the growing compliance requirements. With a...
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Karen Boyer has over 20 years of diverse banking experience with over 15 in the realm of Fraud. She is currently Vice President of Financial Crimes and Fraud Intelligence, at People’s United Bank, a regional bank in the Northeast with...
Michael Baker
Vice President and CISO
General Dynamics Information Technology
Baker brings over 20 years of experience in the field across cyber leadership, talent development, risk management, audit and compliance, both as a CISO and a consultant. He is currently vice president and CISO at GDIT, serving within the Office...
Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Denise Anderson
President and CEO
Health Information Sharing & Analysis Center
Anderson is president and CEO of the Health Information Sharing and Analysis Center, or H-ISAC. Prior to H-ISAC, she was a vice president of FS-ISAC, where for almost nine years she helped the ISAC grow and achieve its successful status...
Jonathan Blackman
CISSP, Technical Solutions Architect
Cisco
Jonathan has large enterprise IT Security experience working at companies such as Merck, Deutsche Bank and Pfizer as well as technical sales at leading security vendors. In his role at Cisco, he evangelizes how companies can implement security without impacting...
Tim Wade
Deputy Chief Technology Officer
Vectra
Tim Wade is the Deputy Chief Technology Officer of Vectra and is an advocate for thoughtful protections of individual privacy, fairness, and liberty in our modern digital world. Previously, he held the position of Head of Application and Information Security...
Peter Casson
Cyber Branch Assistant and Special Agent-in-Charge
FBI
Anna Delaney
Executive Editor
ISMG
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...
Keith O'Sullivan
SVP. IT Risk & Chief Information Security Officer
Standard Industries
O'Sullivan is currently the CISO and senior vice president of IT risk at Standard Industries, where he developed a sophisticated information security strategy for Standard and its operating companies. As CISO, his security leadership supports innovative DevSecOps models, threat-focused offensive...
Patty Ryan
Sr. Director, Chief Information Security Officer
Ortho Clinical Diagnostics
As Ortho Clinical Diagnostic’s Chief Information Security Officer, Patty Ryan is responsible for defining the firm’s global Information Security strategy, roadmap and operating infrastructure. Partnering globally with IT, Compliance, Commercial, Regulatory, Legal, Quality, R&D and Strategic Marketing resources, she ensures...
Jason Cook
Technical Sales Director
Rubrik
As technical sales director, Cook is responsible for major accounts at Rubrik. He has been with the company for over four years and has experience in consulting, sales, project management and information technology.
Murtaza Hafizji
Sr. Cyber Security Strategist
BugCrowd
Murtaza Hafizji, Sr. Cyber Security Strategist at Bugcrowd, loves to help customers effectively address their toughest information security challenges. Murtaza has been in the cybersecurity industry for over 10+ years. Murtaza loves to travel and has been to more than...
Josh Dorion
Security Architect, reCAPTCHA Enterprise
Google Cloud Security
Dorion has over a decade of experience working in a fast-paced and challenging IT environment, primarily with a focus on customer support and systems administration. He was previously with Chronicle as an independent company within Alphabet before the acquisition.
Vince Lau
Senior Director Product Marketing
Infinipoint
Vince Lau is the Senior Director of Product Marketing at Infinipoint, with over two decades of marketing and security experience helping various industries/clients manage cybersecurity risks. Vince has also worked for other notable security vendors, including Imperva, ThreatMetrix, Tigera, Anomali,...
Kevin McCleary
Assistant Special Agent in Charge, Criminal Investigative Division
United States Secret Service
Having began his career with the U.S. Secret Service in 1999, McCleary is currently assigned to the National Cyber-Forensics & Training Alliance's New York satellite office as the USSS Criminal Investigative Division's detailee. The NCFTA is a non-profit organization founded...
Chris Wysopal
Chief Technology Officer
Veracode
Wysopal is responsible for the company's software security analysis capabilities. In 2008 he was named one of InfoWorld's Top 25 CTO's and one of the 100 most influential people in IT by eWeek. One of the original vulnerability researchers and...
Chris Holden
CISO
Crum & Forster
As CISO for Crum & Forster, Holden is responsible for maintaining the day-to-day security of the organization's information systems and data while adhering to regulatory requirements. He started his career as a forensics analyst for Hewlett-Packard’s global cybersecurity team, where...
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
John Kindervag is the "Father of Zero Trust," who as an analyst at Forrester invented the term and defined the reference architecture for a network whose five basic principles defined the notion of Zero Trust. He is also the co-founder...
Lisa Sotto
Partner
Hunton Andrews Kurth LLP
Sotto is partner at Hunton Andrews Kurth. She has been named among The National Law Journal’s “100 Most Influential Lawyers”. Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New...
Rocco Grillo
Managing Director, Global Cyber Risk & Incident Response Investigations
Alvarez & Marsal
Rocco Grillo currently serves as a Managing Director with Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice. He focuses on leading multi disciplinary teams who provide cyber risk and incident response services to clients globally. He has...
Danny Jenkins
CEO
ThreatLocker
James Hitchcock
Vice President, Fraud Mitigation
American Bankers Association
Chris Pierson
Founder and CEO
BlackCloak
Dr. Chris Pierson is the Founder & CEO of BlackCloak, a leader in digital executive protection for corporate executives, high-profile and high-net-worth individuals and their families. Chris has been on the front lines of cybersecurity and privacy in both the...
Greg Kyrytschenko
Deputy CISO
Guardian Life
Kyrytschenko is the deputy CISO leading cybersecurity services for Guardian Life, where he is responsible for ensuring data protection and the availability of Guardian’s information security systems. He is also the BISO at ReedGroup. In his 20 years in information...
Brendan "Casey" McGee
Assistant to the Special Agent in Charge
United States Secret Service
With over 21 years of federal law enforcement experience, ATSAIC McGee leads U.S. Secret Service (USSS) efforts to increase public and private partnership in the investigation of complex transnational criminal investigations involving the use of digital assets. In an executive...

View Agenda
Threat Intelligence and the Dark Web
Michael Baker, Vice President and CISO, General Dynamics Information Technology
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries
Peter Casson, Cyber Branch Assistant and Special Agent-in-Charge , FBI
Michael Baker
Keith O'Sullivan
Peter Casson
  • 09:10 AM
  • 09:39 AM
Track A: Software Security: How to Prioritize, Measure and Convey It To the Board
Chris Wysopal, Chief Technology Officer, Veracode

Amidst the shifting threat landscape, cloud migration and ongoing digital transformation, software security is often low or even last on the list of priorities for security leaders to address.
Yet, with the recent executive order on cybersecurity, and as headlines continue to feature high-profile breaches, board members at organizations across all industries are taking notice. Even though there are often designated technical experts on boards, there is now an increased awareness around cybersecurity - especially software security - even among the traditionally business-oriented members.

So, it’s important to prioritize software security and to tailor messages to the business functions so that they too can understand the organization's risk posture. But communicating about software security to the board can be particularly challenging because of the ways that it differs from other security solutions. You don’t install a software security tool and count the breaches getting deflected; you change the way you develop software by building security in from the start. This is a significant pivot from traditional, reactive ways of thinking about security.

Security professionals are often faced with the following questions: How do we determine and justify the required resources for a software security program? How do we ensure - and prove - that development teams are adopting software security practices? Is our software security operating effectively? And how do we prove that?

Join this session, Software Security: How to Prioritize, Measure and Convey it to the Board, to get best practices on how to explain and report on a software security program for an executive audience.

Talking points include:

  • How have you approached the software security challenge – and where is it among your strategic priorities?
  • How do you make the successful business case for a software security program?
  • With a program in place, how do you ensure your developers are following your standards?
  • How do you measure the success of your program?
  • How do you communicate the metrics to your board and senior management?
Chris Wysopal
  • 09:45 AM
  • 10:14 AM
  • 10:20 AM
  • 10:34 AM
Track A
Danny Jenkins
Track A: Zero Trust for Applications
Danny Jenkins, CEO, ThreatLocker

The Zero Trust framework is based on the principle of "never trust, always verify." Join us to learn about Zero Trust, how to adopt it for applications, and the technologies you need to take control of your environment in the fight against ransomware.

  • 10:20 AM
  • 10:34 AM
Track B
Jonathan Blackman
Track B: To CERT or Not to CERT: Establishing Trust Without Certificates
Jonathan Blackman, CISSP, Technical Solutions Architect, Cisco

Critical resources need defense in depth beyond validating identity. Certificates provided a method to establish this trust. It is time to remove the calendar reminder for our certificate renewal. Duo’s Device Health Application can verify enrollment into corporate management systems without deploying certificates. Learn how this is done with some common asset management solutions.

Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 10:35 AM
  • 10:49 AM
  • 10:50 AM
  • 11:19 AM
Track A
Lisa Sotto
Ari Redbord
Track A: Navigating the New Digital Battlefield
Lisa Sotto, Partner, Hunton Andrews Kurth LLP
Ari Redbord, Head of Legal and Government Affairs, TRM Labs

Multiple-extortion ransomware, cryptocurrency exchange hacks - these are hallmarks of the new digital battlefield, and the navigation - and negotiations - are more critical than ever. In this panel discussion, two steeped cybercrime experts discuss the legal, privacy and security aspects of real-world situations including:

  • Weapons of choice in the new digital battlefield
  • The emerging role of cryptocurrency in cybercrime
  • Incident response: Step by step when the response clock starts
  • 10:50 AM
  • 11:19 AM
Track B
Keith O'Sullivan
Track B: What is Web3?
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries
  • 11:25 AM
  • 11:54 AM
Track A
Murtaza Hafizji
Track A: Evolving Your Security Strategy to the Challenges of 2022
Murtaza Hafizji, Sr. Cyber Security Strategist, BugCrowd

The cyber-threat landscape continued to evolve and expand in 2021, with attackers finding new vulnerabilities and ways to infiltrate organizations. There was also a significant rise in supply chain attacks in the past year, meaning 100s or even 1000s of organizations are at risk of being breached because of a security flaw in a single third party. In this environment, security teams must shift to a risk-based approach, prioritizing the most important areas of their organization. They should also not be afraid to seek outside help, leveraging the growing number of highly skilled white hat hackers to discover unique types of vulnerabilities across their network.


In this session, Hafizji will discuss:

  • The evolving threat landscape and expected trends for 2022
  • The importance of adopting a risk-based approach
  • The growth of crowdsourced security and how it works
  • 11:25 AM
  • 11:54 AM
Track B
Tim Wade
Track B: Artificial Intelligence: Let the Buyer Beware
Tim Wade, Deputy Chief Technology Officer, Vectra

Arming and unleashing your inner skeptic

Hype surrounding Artificial Intelligence is everywhere and AI-ification of everything is well underway – from beverages to pet care – with few signs indicating that the hype wave has crested. But despite the obviously transformative effects that Artificial Intelligence has had across numerous industries and verticals, the value of informed skepticism shouldn’t be discounted. In fact, now more than ever, it is critical that grounded skepticism take a front row seat on this topic when discussions are aimed at enterprise technology and security executives.

Join us as Vectra AI, a leader in enterprise security, addresses both the hype and the opportunity at a practical altitude necessary for strategic decision makers to feel confident harnessing their inner skeptic to achieve better outcomes for the enterprise.

Audience members will walk away with the following:

  • Foundational perspective necessary to sort hype from transformation
  • A practical approach to focusing on AI outcomes
  • An appreciation for the AI-risks on the horizon
Don't Pay the Ransom
Jason Cook, Technical Sales Director, Rubrik

A ransomware attack strikes every 11 seconds.

Despite thick firewalls, the bad guys will get through. Some businesses pay the ransom but most want to recover, so they don’t let the bad guys win.

A payout isn't the only way out.

If hackers exploit your backups, you pay the ransom. If your backups survive, you need to know what to recover and how long it will take. If you don't, you pay the ransom. But even with a decryption key, recovery takes days or weeks and the hackers may not return all the data.

Recovery from a clean backup is the only way to beat hackers. Data managed by Rubrik can’t be encrypted after the fact. Once ingested, no external or internal operation can modify it. So, your data is immune to ransomware. Since data can’t be overwritten, even infected data ingested by Rubrik can’t infect existing files/folders.

We'll discuss how to:

  • Analyze backup metadata for unusual behavior;
  • Quickly identify what data was encrypted and where it lives;
  • Locate PII that may have been exposed to a data exfiltration attack;
  • Automatically protect new workloads and lock retention to prohibit deletion of backup data. 
Jason Cook
  • 12:00 PM
  • 12:29 PM
Lunch
  • 12:30 PM
  • 01:14 PM
A Conversation with the U.S. Secret Service
Kevin McCleary, Assistant Special Agent in Charge, Criminal Investigative Division, United States Secret Service
Brendan "Casey" McGee, Assistant to the Special Agent in Charge, United States Secret Service
Kevin McCleary
Brendan "Casey" McGee
  • 01:15 PM
  • 01:44 PM
  • 01:50 PM
  • 02:04 PM
Track A
Chris Pierson
Track A: Executives' Personal Digital Lives are the Soft-Underbelly of Enterprise Security
Chris Pierson, Founder and CEO, BlackCloak

Security leaders do heroic work protecting their people, processes and technology from cyberattack. However, there is one significant gap in enterprise security that CISOs cannot protect, even if they wanted to: the personal digital lives of the C-Suite, Board Members, and senior executives. Join BlackCloak CEO Dr. Chris Pierson as he speaks about the growing problem of cybercriminals attacking executives’ personal lives to attack the company, and why CISOs have limited options to mitigate this risk.

  • 01:50 PM
  • 02:04 PM
Track B
Vince Lau
Track B: Apply Device Identity for True Zero Trust Access
Vince Lau, Senior Director Product Marketing, Infinipoint

Zero Trust reference architectures prioritize granular security controls for user devices to protect critical data and services. This includes requirements like continuous device security posture checks, adaptive access controls and end-user self remediation. Infinipoint will discuss how to use device identity to enable a true Zero Trust Access posture for any identity provider and any service.

Mandatory Cyber Incident Reporting – Lessons Learned
Rocco Grillo, Managing Director, Global Cyber Risk & Incident Response Investigations, Alvarez & Marsal
Greg Kyrytschenko, Deputy CISO, Guardian Life
Rocco Grillo
Greg Kyrytschenko
  • 02:10 PM
  • 02:39 PM
Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 02:45 PM
  • 02:59 PM
Zero Trust Townhall
  • 03:00 PM
  • 03:29 PM
Fraud and Nefarious Use of Modern Money
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
James Hitchcock, Vice President, Fraud Mitigation, American Bankers Association
Karen Boyer
James Hitchcock
  • 03:35 PM
  • 04:04 PM
Has the War Accelerated or Stalled your Cyber Plan?
Fred Harris, Head of Cyber Risk, Societe Generale
Chris Holden, CISO, Crum & Forster
Patty Ryan, Sr. Director, Chief Information Security Officer, Ortho Clinical Diagnostics
Fred Harris
Chris Holden
Patty Ryan
  • 04:10 PM
  • 04:39 PM
Closing Comments
  • 04:40 PM
  • 04:59 PM
Cocktail Reception
  • 05:30 PM
  • 06:29 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM EST on Day 2, Wednesday, June 22. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

Speaker Interviews

June 21 - 22, 2022

Northeast US Summit