Northeast US Summit
Hybrid Summit June 21 - 22, 2022
This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
Convene
Name :
Convene
Address :
151 West 42nd Street, New York, NY, USA
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ari Redbord is the head of legal and government affairs at TRM Labs, the blockchain intelligence company. Prior to joining TRM, he was the senior adviser to the deputy secretary and the undersecretary for terrorism and financial intelligence at the...
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...
Keith O'Sullivan
SVP. IT Risk & Chief Information Security Officer
Standard Industries
O'Sullivan is currently the CISO and senior vice president of IT risk at Standard Industries, where he developed a sophisticated information security strategy for Standard and its operating companies. As CISO, his security leadership supports innovative DevSecOps models, threat-focused offensive...
Rocco Grillo
Managing Director, Global Cyber Risk & Incident Response Investigations
Alvarez & Marsal
Rocco Grillo currently serves as a Managing Director with Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice. He focuses on leading multi disciplinary teams who provide cyber risk and incident response services to clients globally. He has...
Murtaza Hafizji
Sr. Cyber Security Strategist
BugCrowd
Murtaza Hafizji, Sr. Cyber Security Strategist at Bugcrowd, loves to help customers effectively address their toughest information security challenges. Murtaza has been in the cybersecurity industry for over 10+ years. Murtaza loves to travel and has been to more than...
Chris Pierson
Founder and CEO
BlackCloak
Pierson is the founder and CEO of BlackCloak, a leader in digital executive protection for corporate executives, high-profile and high-net-worth individuals and their families. He has been on the front lines of cybersecurity and privacy in both the public and...
Kevin McCleary
Assistant Special Agent in Charge, Criminal Investigative Division
United States Secret Service, New York Field Office
Kevin McCleary is an Assistant Special Agent in Charge (ASAIC) in the U.S. Secret Service (USSS) New York Field Office, where he where he oversees initiatives to combat the global cyber threat and transnational criminal organizations. Prior to his current...
Gulrez Jamadar
Managing Director - Citigroup, ICG Global Head- IT Risk and Controls
Citi
Jeffrey Sherman
Associate Vice President Sales - BigFix North America
HCL Software
Sherman has worked in technology sales for Enterprise Security Solutions for the past 25 years. Currently, he manages the growing HCL BigFix Sales team for the East Region. Over the past 20 years, Sherman has developed a working knowledge of...
Jeff Williams
Supervisory Special Agent, New York Field Office Cyber Branch
Federal Bureau of Investigation
Jeffrey Williams has been a Special Agent with the Federal Bureau of Investigation (FBI) since March 2010; he is currently assigned to the FBI’s New York Field Office. In this capacity he investigates violations of the laws of the United...
Anna Delaney
Executive Editor
ISMG
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
John Kindervag is the "Father of Zero Trust," who as an analyst at Forrester invented the term and defined the reference architecture for a network whose five basic principles defined the notion of Zero Trust. He is also the co-founder...
Lisa Sotto
Partner
Hunton Andrews Kurth LLP
Sotto is partner at Hunton Andrews Kurth. She has been named among The National Law Journal’s “100 Most Influential Lawyers”. Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New...
Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
James Hitchcock
Vice President, Fraud Mitigation
American Bankers Association
Tim Wade
Deputy Chief Technology Officer
Vectra
Wade is the deputy chief technology officer at Vectra and is an advocate for thoughtful protections of individual privacy, fairness and liberty in our modern digital world. Previously, he was head of application and information security at Bridgepoint Education Inc....
B. Casey McGee
Assistant to the Special Agent in Charge
U.S. Secret Service, New York Field Office
With over 22 years of federal law enforcement experience, Assistant to the Special Agent in Charge (ATSAIC) McGee leads U.S. Secret Service (USSS) efforts to increase public and private partnership in the investigation of complex transnational criminal investigations involving the...
Peter Chestna
North American CISO
Checkmarx
Chestna serves as the CISO of North America at Checkmarx, where he provides customers and prospects with practical advice for building successful application security programs. Bringing more than 15 years of direct AppSec practitioner experience, Pete has held roles ranging...
Brenden Doyle
PreSales Systems Engineer
Quantum Corporation
Brenden Doyle is Quantum's Senior Solutions Engineer based in the northeastern US. Brenden has more than 20 years experience designing solutions for data and cyber protection for large enterprises and other customers that rely on their data to drive their...
Michael Novison
ISMG
Chris Holden
CISO
Crum & Forster
As CISO for Crum & Forster, Holden is responsible for maintaining the day-to-day security of the organization's information systems and data while adhering to regulatory requirements. He started his career as a forensics analyst for Hewlett-Packard’s global cybersecurity team, where...
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Karen Boyer has over 20 years of diverse banking experience with over 15 in the realm of Fraud. She is currently Vice President of Financial Crimes and Fraud Intelligence, at People’s United Bank, a regional bank in the Northeast with...
Patty Ryan
Sr. Director, Chief Information Security Officer
Ortho Clinical Diagnostics
As Ortho Clinical Diagnostic’s chief information security officer, Ryan is responsible for defining the firm’s global information security strategy, road map and operating infrastructure. Partnering globally with IT, compliance, commercial, regulatory, legal, quality, R & D and strategic marketing resources,...
Denise Anderson
President and CEO
Health Information Sharing & Analysis Center
Anderson is president and CEO of the Health Information Sharing and Analysis Center, or H-ISAC. Prior to H-ISAC, she was a vice president of FS-ISAC, where for almost nine years she helped the ISAC grow and achieve its successful status...
Josh Dorion
Security Architect, reCAPTCHA Enterprise
Google Cloud Security
Dorion has over a decade of experience working in a fast-paced and challenging IT environment, primarily with a focus on customer support and systems administration. He was previously with Chronicle as an independent company within Alphabet before the acquisition.
Peter Casson
Cyber Branch Assistant and Special Agent-in-Charge
FBI
Chris Wysopal
Chief Technology Officer
Veracode
Wysopal is responsible for the company's software security analysis capabilities. In 2008 he was named one of InfoWorld's Top 25 CTO's and one of the 100 most influential people in IT by eWeek. One of the original vulnerability researchers and...
Claire Le Gal
Sr. VP, Fraud Intelligence, Strategy & Cyber Products
Mastercard
Le Gal is senior vice president, responsible for the fraud intelligence, strategy and cyber products team in the Cyber and Intelligence Solutions division at Mastercard. She is responsible for a variety of global functions, including fraud reporting and analytics, cybersecurity...
Ryan Bowman
Senior Solutions Engineer
ThreatLocker
Kevin Patrick
Technical Solutions Architect
Cisco
Patrick works with some of Cisco’s largest customers to identify security solutions customized to their needs. He comes from a background in solution engineering and leading a support organization and has spent the last three years at Duo helping customers...
View Agenda
Threat Intelligence and the Dark Web
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries
Jeff Williams, Supervisory Special Agent, New York Field Office Cyber Branch, Federal Bureau of Investigation

In the age of the ubiquitous data breach, it is important for enterprises to know what information is circulating about them - and their customers - within cybercriminal circles. That comes down to knowing what is on the dark web - but how can you do that?

In this session, a banking security leader and an FBI agent detail:

  • What the dark web is - and is not; 
  • How to gain useful and complete information and apply it; 
  • The pros and cons of going solo vs. hiring a service.
Keith O'Sullivan
Jeff Williams
  • 09:10 AM
  • 09:39 AM
  • 09:45 AM
  • 10:14 AM
Track A
Peter Chestna
Track A: Vulnerability Program: Work Queue or Landfill?
Peter Chestna, North American CISO, Checkmarx

New code turns into tech debt the moment it’s committed. If you don’t fix known issues - security or otherwise - on the way in, they usually don’t get fixed.

The ecosystem makes it worse. New architectures and design patterns are developed, frequently making your shiny new code an antique. Cloud vendors create innovations that alter the definition and scope of an application. Open-source libraries are updated and released constantly, sometimes with additional functionality, sometimes with security fixes and sometimes with malicious code.

Let’s face it. Software ages like milk, not wine. Are you keeping up or falling behind? Do you spend more time deploying fixes or dealing with exceptions to policy? It’s time for a change. Here's what you will learn:

  • What the vulnerability landscape looks like currently; 
  • The factors from both security and development that are contributing to the problem; 
  • Steps to take to get better. 

To learn more about Checkmarx, click here to visit our booth to chat with a representative.

  • 09:45 AM
  • 10:14 AM
Track B
Jeffrey Sherman
Track B: Crushing the Gap Between Vulnerability Identification and Remediation
Jeffrey Sherman, Associate Vice President Sales - BigFix North America, HCL Software

How can you bring security and IT teams together to reduce friction and dramatically improve vulnerability remediation? To help you address this challenge, Jeff Sherman from the HCL BigFix team, will share his experiences doing just that at major US enterprises.

To learn more about HCL BigFix, click here to visit our booth to chat with a representative.

  • 10:20 AM
  • 10:34 AM
Track A
Chris Pierson
Track A: Executives' Personal Digital Lives are the Soft-Underbelly of Enterprise Security
Chris Pierson, Founder and CEO, BlackCloak

Security leaders do heroic work protecting their people, processes and technology from cyberattack. However, there is one significant gap in enterprise security that CISOs cannot protect, even if they wanted to: the personal digital lives of the C-Suite, Board Members, and senior executives. Join BlackCloak CEO Dr. Chris Pierson as he speaks about the growing problem of cybercriminals attacking executives’ personal lives to attack the company, and why CISOs have limited options to mitigate this risk.

To learn more about BlackCloak, click here to visit our booth to chat with a representative.

  • 10:20 AM
  • 10:34 AM
Track B
Kevin Patrick
Track B: To CERT or Not to CERT: Establishing Trust Without Certificates
Kevin Patrick, Technical Solutions Architect, Cisco

Critical resources need defense in depth beyond validating identity. Certificates provided a method to establish this trust. It is time to remove the calendar reminder for our certificate renewal. Duo’s Device Health Application can verify enrollment into corporate management systems without deploying certificates. Learn how this is done with some common asset management solutions.

To learn more about Cisco/Duo, click here to visit our booth to chat with a representative.

Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 10:35 AM
  • 10:54 AM
  • 10:50 AM
  • 11:19 AM
Track A
Lisa Sotto
Ari Redbord
Track A: Navigating the New Digital Battlefield
Lisa Sotto, Partner, Hunton Andrews Kurth LLP
Ari Redbord, Head of Legal and Government Affairs, TRM Labs

Multiple-extortion ransomware, cryptocurrency exchange hacks - these are hallmarks of the new digital battlefield, and the navigation - and negotiations - are more critical than ever. In this panel discussion, two steeped cybercrime experts discuss the legal, privacy and security aspects of real-world situations including:

  • Weapons of choice in the new digital battlefield
  • The emerging role of cryptocurrency in cybercrime
  • Incident response: Step by step when the response clock starts
  • 10:50 AM
  • 11:19 AM
Track B
Keith O'Sullivan
Track B: What is Web3?
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries

Are you ready for version 3.0 of the internet and it's implications on security and privacy? In this session Keith will discuss the new iteration of "the web" based on blockchain technology, token based economics and decentralization. He will define what web3 is and kick start your thought process around how this all will be a benefit to security and privacy professionals. In this session Keith will go over: 

  • What is web3 and history of web1 and 2 
  • Define some components of web3: Blockchain, smart contracts, NFTs, DAO, etc) 
  • Security concerns 
  • Security and Privacy Benefits 
  • 11:25 AM
  • 11:54 AM
Track A
Murtaza Hafizji
Track A: Evolving Your Security Strategy to the Challenges of 2022
Murtaza Hafizji, Sr. Cyber Security Strategist, BugCrowd

The cyber-threat landscape continued to evolve and expand in 2021, with attackers finding new vulnerabilities and ways to infiltrate organizations. There was also a significant rise in supply chain attacks in the past year, meaning 100s or even 1000s of organizations are at risk of being breached because of a security flaw in a single third party. In this environment, security teams must shift to a risk-based approach, prioritizing the most important areas of their organization. They should also not be afraid to seek outside help, leveraging the growing number of highly skilled white hat hackers to discover unique types of vulnerabilities across their network.


In this session, Hafizji will discuss:

  • The evolving threat landscape and expected trends for 2022
  • The importance of adopting a risk-based approach
  • The growth of crowdsourced security and how it works

To learn more about BugCrowd, click here to visit our booth to chat with a representative.

  • 11:25 AM
  • 11:54 AM
Track B
Tim Wade
Track B: Artificial Intelligence: Let the Buyer Beware
Tim Wade, Deputy Chief Technology Officer, Vectra

Arming and unleashing your inner skeptic

Hype surrounding artificial intelligence is everywhere, and the AI-ification of everything from beverages to pet care is well underway, with few signs indicating that the hype wave has crested. But despite the obviously transformative effects that artificial intelligence has had across numerous industries and verticals, the value of informed skepticism shouldn’t be discounted. In fact, now more than ever, it is critical that grounded skepticism take a front-row seat for discussions aimed at enterprise technology and security executives.

Join us as Vectra AI, a leader in enterprise security, addresses both the hype and the opportunity at a practical altitude necessary for strategic decision-makers to feel confident about harnessing their inner skeptic to achieve better outcomes for the enterprise.  

Audience members will walk away with the following:

  • The foundational perspective necessary to sort hype from transformation;
  • A practical approach to focusing on AI outcomes; 
  • An appreciation for the AI risks on the horizon.

To learn more about Vectra, click here to visit our booth to chat with a representative.

Software Security: How to Prioritize, Measure and Convey It To the Board
Chris Wysopal, Chief Technology Officer, Veracode

Amid the shifting threat landscape, cloud migration and ongoing digital transformation, software security is often low on a security leader's list of priorities.

But the cybersecurity executive order and continuing high-profile breaches have increased awareness around cybersecurity - especially for software - among the members of the board at organizations, making it important for security leaders to communicate to them about the organization's risk posture.

But software security solutions differ from other security solutions: You don’t install a tool; you have to build security in from the start.

This session covers the following questions that security leaders want answered:

  • How do you approach the software security challenge, and where is it among your priorities? 
  • How do you make the successful business case for a software security program? 
  • With a program in place, how do you ensure your developers are following your standards? 
  • How do you measure the success of your program? 
  • How do you communicate the metrics to your board and senior management? 

To learn more about Veracode, click here to visit our booth to chat with a representative.

Chris Wysopal
  • 12:00 PM
  • 12:29 PM
Lunch & Networking Break
  • 12:30 PM
  • 01:14 PM
Zero Trust Town Hall Teaser
John Kindervag, Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow, ON2IT Cybersecurity
John Kindervag
  • 01:15 PM
  • 01:29 PM
  • 01:35 PM
  • 02:19 PM
Track A
Kevin McCleary
B. Casey McGee
Track A: Digital Assets & Cryptocurrency Investigations
Kevin McCleary, Assistant Special Agent in Charge, Criminal Investigative Division, United States Secret Service, New York Field Office
B. Casey McGee, Assistant to the Special Agent in Charge, U.S. Secret Service, New York Field Office

In this presentation and fireside chat, Brendan “Casey” McGee and Kevin McCleary of the U.S. Secret Service will describe the present situation between cryptocurrency and crime, outline some of the emerging trends related to crypto enabled fraud and what the private sector can do to prevent and protect itself from these types of criminal activity.

Join Brendan “Casey” McGee, Assistant to the Special Agent in Charge, United States Secret Service and Kevin McCleary, Assistant to the Special Agent in Charge, Criminal Investigative Division, United States Secret Service to learn about;

  • History of USSS payments systems investigations;
  • Crypto enabled fraud trends and cases;
  • Proactive defense strategies to combat digital fraud.
  • 01:35 PM
  • 02:19 PM
Track B
Fred Harris
Chris Holden
Track B: Has the Russia-Ukraine War Accelerated or Stalled your Cyber Plan?
Fred Harris, Head of Cyber Risk, Societe Generale
Chris Holden, CISO, Crum & Forster

Ask any cybersecurity team for nightmare scenarios, and one of the top answers you'll hear is this: having to fend off an attack by a well-resourced nation-state. Now, since Russia has invaded Ukraine, the likelihood of such attacks, or collateral damage, continues to escalate.

Governments across the globe have issued alerts to organizations to take steps to reduce the likelihood of damage and maximize resilience. As a result, how much has the war accelerated or hindered enterprises' security plans?

This expert panel will share insights and strategies, including:

  • How security teams are responding to heightened threat activity; 
  • How to maintain cyber resilience in wartime; 
  • What potential disruptions to prepare for as the war continues.
  • 02:25 PM
  • 02:39 PM
Track A
Ryan Bowman
Track A: Zero Trust for Applications
Ryan Bowman, Senior Solutions Engineer, ThreatLocker

The Zero Trust framework is based on the principle of "never trust, always verify." Join us to learn about Zero Trust, how to adopt it for applications, and the technologies you need to take control of your environment in the fight against ransomware.

To learn more about ThreatLocker, click here to visit our booth to chat with a representative. 

  • 02:25 PM
  • 02:39 PM
Track B
Brenden Doyle
Track B: Build a Cyber-Resilient Infrastructure with Strong Air Gapped Protection
Brenden Doyle, PreSales Systems Engineer, Quantum Corporation

Ransomware and other forms of cyber-attacks are becoming more sophisticated, and new attacks are reported every week.  Every organization needs to strengthen their cyber-defenses with the strongest air-gapped solution possible.  In this session, learn about the latest advances from Quantum for creating immutable data vaults, including the Quantum Ransom Block solution which is the only air-gapped solution that creates a true physical barrier between your data and your network.  We will also cover best practices and recommendations for minimizing your risk.

To learn more about Quantum, click here to visit our booth to chat with a representative.

Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 02:40 PM
  • 02:58 PM
Building Business and Cyber Resilience - the Art of the Possible
Rocco Grillo, Managing Director, Global Cyber Risk & Incident Response Investigations, Alvarez & Marsal
Gulrez Jamadar, Managing Director - Citigroup, ICG Global Head- IT Risk and Controls, Citi

The U.S. financial services sector has new, mandatory breach reporting guidelines, and the SEC has a new proposal covering cyber risk disclosure and governance. Meanwhile, the pace of ransomware, supply chain attacks and other headline-generating incidents is unabated.

In this session, two New York-based cybersecurity leaders will discuss the merger of business and cyber resilience - and why this puts new demands on CISOs.

Rocco Grillo
Gulrez Jamadar
  • 02:55 PM
  • 03:24 PM
The Challenge of P2P Payment Fraud
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
James Hitchcock, Vice President, Fraud Mitigation, American Bankers Association

Fast, convenient … free! It's not surprising that Zelle is America's most popular payment app. The peer-to-peer (P2P) payment service, created by a consortium of major US banks, lets users transfer funds directly between bank accounts at no charge. Unfortunately it's also proven popular with the fraudsters. Through well-crafted social engineering techniques, criminals are successfully duping consumers to make fraudulent transactions.

How can we tackle the new challenge of P2P payment fraud?

This expert panel will share insights and strategies, including:

  • The Zelle scam and other social engineering trends;
  • The challenges for banks, consumers and regulators;
  • Best practices to prevent and reduce the impact of impersonation fraud.
Karen Boyer
James Hitchcock
  • 03:30 PM
  • 03:59 PM
Zero Trust Town Hall with John Kindervag
John Kindervag, Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow, ON2IT Cybersecurity

It's been 12 years since ex-Forrester analyst John Kindervag created the concept and term "zero trust," and it's now been one year since President Biden issued a cybersecurity Executive Order with zero trust as its foundation. How has the framework matured - and why do so many people still continue to misunderstand and misapply it?

Join this exclusive town hall meeting for your chance to talk directly with Kindervag about:

  • What zero trust is - and is not
  • How to develop your own roadmap
  • Impact of the executive order beyond federal government
John Kindervag
  • 04:05 PM
  • 04:34 PM
Mastercard's Claire Le Gal on Responding to the New 'Fraud Universe'
Claire Le Gal, Sr. VP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

If we have learned anything from digital transformation, it's that fraud now comes in multiple forms across multiple vectors - simultaneously. And for financial services organizations to be able to spot and stop these schemes requires tearing down silos and building new partnerships like never before.

Claire Le Gal, a 26-year Mastercard veteran, shares exclusive insight on:

  • Emerging fraud trends - and why they are so challenging to detect
  • How we can make it harder for the fraudsters to succeed
  • Why fraud fusion centers are only the start of the cross-enterprise collaboration that needs to occur
Claire Le Gal
  • 04:40 PM
  • 05:09 PM
Closing Comments
  • 05:10 PM
  • 05:14 PM
Cocktail Reception
  • 05:15 PM
  • 06:14 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM EST on Day 2, Wednesday, June 22. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Convene
Name :
Convene
Address :
151 West 42nd Street, New York, NY, USA

Ari Redbord
Head of Legal and Government Affairs
TRM Labs
Ari Redbord is the head of legal and government affairs at TRM Labs, the blockchain intelligence company. Prior to joining TRM, he was the senior adviser to the deputy secretary and the undersecretary for terrorism and financial intelligence at the...
Fred Harris
Head of Cyber Risk
Societe Generale
Harris is the head of cybersecurity risk, data risk and IT risk at Societe Generale Americas. He has more than 30 years of technology and cybersecurity experience in the financial services industry. Before joining SG, Harris served in a similar...
Keith O'Sullivan
SVP. IT Risk & Chief Information Security Officer
Standard Industries
O'Sullivan is currently the CISO and senior vice president of IT risk at Standard Industries, where he developed a sophisticated information security strategy for Standard and its operating companies. As CISO, his security leadership supports innovative DevSecOps models, threat-focused offensive...
Rocco Grillo
Managing Director, Global Cyber Risk & Incident Response Investigations
Alvarez & Marsal
Rocco Grillo currently serves as a Managing Director with Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice. He focuses on leading multi disciplinary teams who provide cyber risk and incident response services to clients globally. He has...
Murtaza Hafizji
Sr. Cyber Security Strategist
BugCrowd
Murtaza Hafizji, Sr. Cyber Security Strategist at Bugcrowd, loves to help customers effectively address their toughest information security challenges. Murtaza has been in the cybersecurity industry for over 10+ years. Murtaza loves to travel and has been to more than...
Chris Pierson
Founder and CEO
BlackCloak
Pierson is the founder and CEO of BlackCloak, a leader in digital executive protection for corporate executives, high-profile and high-net-worth individuals and their families. He has been on the front lines of cybersecurity and privacy in both the public and...
Kevin McCleary
Assistant Special Agent in Charge, Criminal Investigative Division
United States Secret Service, New York Field Office
Kevin McCleary is an Assistant Special Agent in Charge (ASAIC) in the U.S. Secret Service (USSS) New York Field Office, where he where he oversees initiatives to combat the global cyber threat and transnational criminal organizations. Prior to his current...
Gulrez Jamadar
Managing Director - Citigroup, ICG Global Head- IT Risk and Controls
Citi
Jeffrey Sherman
Associate Vice President Sales - BigFix North America
HCL Software
Sherman has worked in technology sales for Enterprise Security Solutions for the past 25 years. Currently, he manages the growing HCL BigFix Sales team for the East Region. Over the past 20 years, Sherman has developed a working knowledge of...
Jeff Williams
Supervisory Special Agent, New York Field Office Cyber Branch
Federal Bureau of Investigation
Jeffrey Williams has been a Special Agent with the Federal Bureau of Investigation (FBI) since March 2010; he is currently assigned to the FBI’s New York Field Office. In this capacity he investigates violations of the laws of the United...
Anna Delaney
Executive Editor
ISMG
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
John Kindervag is the "Father of Zero Trust," who as an analyst at Forrester invented the term and defined the reference architecture for a network whose five basic principles defined the notion of Zero Trust. He is also the co-founder...
Lisa Sotto
Partner
Hunton Andrews Kurth LLP
Sotto is partner at Hunton Andrews Kurth. She has been named among The National Law Journal’s “100 Most Influential Lawyers”. Sotto chairs Hunton Andrews Kurth’s top-ranked Global Privacy and Cybersecurity practice and is the managing partner of the firm’s New...
Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
James Hitchcock
Vice President, Fraud Mitigation
American Bankers Association
Tim Wade
Deputy Chief Technology Officer
Vectra
Wade is the deputy chief technology officer at Vectra and is an advocate for thoughtful protections of individual privacy, fairness and liberty in our modern digital world. Previously, he was head of application and information security at Bridgepoint Education Inc....
B. Casey McGee
Assistant to the Special Agent in Charge
U.S. Secret Service, New York Field Office
With over 22 years of federal law enforcement experience, Assistant to the Special Agent in Charge (ATSAIC) McGee leads U.S. Secret Service (USSS) efforts to increase public and private partnership in the investigation of complex transnational criminal investigations involving the...
Peter Chestna
North American CISO
Checkmarx
Chestna serves as the CISO of North America at Checkmarx, where he provides customers and prospects with practical advice for building successful application security programs. Bringing more than 15 years of direct AppSec practitioner experience, Pete has held roles ranging...
Brenden Doyle
PreSales Systems Engineer
Quantum Corporation
Brenden Doyle is Quantum's Senior Solutions Engineer based in the northeastern US. Brenden has more than 20 years experience designing solutions for data and cyber protection for large enterprises and other customers that rely on their data to drive their...
Michael Novison
ISMG
Chris Holden
CISO
Crum & Forster
As CISO for Crum & Forster, Holden is responsible for maintaining the day-to-day security of the organization's information systems and data while adhering to regulatory requirements. He started his career as a forensics analyst for Hewlett-Packard’s global cybersecurity team, where...
Karen Boyer
SVP Financial Crimes, Fraud Intelligence
M&T Bank
Karen Boyer has over 20 years of diverse banking experience with over 15 in the realm of Fraud. She is currently Vice President of Financial Crimes and Fraud Intelligence, at People’s United Bank, a regional bank in the Northeast with...
Patty Ryan
Sr. Director, Chief Information Security Officer
Ortho Clinical Diagnostics
As Ortho Clinical Diagnostic’s chief information security officer, Ryan is responsible for defining the firm’s global information security strategy, road map and operating infrastructure. Partnering globally with IT, compliance, commercial, regulatory, legal, quality, R & D and strategic marketing resources,...
Denise Anderson
President and CEO
Health Information Sharing & Analysis Center
Anderson is president and CEO of the Health Information Sharing and Analysis Center, or H-ISAC. Prior to H-ISAC, she was a vice president of FS-ISAC, where for almost nine years she helped the ISAC grow and achieve its successful status...
Josh Dorion
Security Architect, reCAPTCHA Enterprise
Google Cloud Security
Dorion has over a decade of experience working in a fast-paced and challenging IT environment, primarily with a focus on customer support and systems administration. He was previously with Chronicle as an independent company within Alphabet before the acquisition.
Peter Casson
Cyber Branch Assistant and Special Agent-in-Charge
FBI
Chris Wysopal
Chief Technology Officer
Veracode
Wysopal is responsible for the company's software security analysis capabilities. In 2008 he was named one of InfoWorld's Top 25 CTO's and one of the 100 most influential people in IT by eWeek. One of the original vulnerability researchers and...
Claire Le Gal
Sr. VP, Fraud Intelligence, Strategy & Cyber Products
Mastercard
Le Gal is senior vice president, responsible for the fraud intelligence, strategy and cyber products team in the Cyber and Intelligence Solutions division at Mastercard. She is responsible for a variety of global functions, including fraud reporting and analytics, cybersecurity...
Ryan Bowman
Senior Solutions Engineer
ThreatLocker
Kevin Patrick
Technical Solutions Architect
Cisco
Patrick works with some of Cisco’s largest customers to identify security solutions customized to their needs. He comes from a background in solution engineering and leading a support organization and has spent the last three years at Duo helping customers...

View Agenda
Threat Intelligence and the Dark Web
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries
Jeff Williams, Supervisory Special Agent, New York Field Office Cyber Branch, Federal Bureau of Investigation

In the age of the ubiquitous data breach, it is important for enterprises to know what information is circulating about them - and their customers - within cybercriminal circles. That comes down to knowing what is on the dark web - but how can you do that?

In this session, a banking security leader and an FBI agent detail:

  • What the dark web is - and is not; 
  • How to gain useful and complete information and apply it; 
  • The pros and cons of going solo vs. hiring a service.
Keith O'Sullivan
Jeff Williams
  • 09:10 AM
  • 09:39 AM
  • 09:45 AM
  • 10:14 AM
Track A
Peter Chestna
Track A: Vulnerability Program: Work Queue or Landfill?
Peter Chestna, North American CISO, Checkmarx

New code turns into tech debt the moment it’s committed. If you don’t fix known issues - security or otherwise - on the way in, they usually don’t get fixed.

The ecosystem makes it worse. New architectures and design patterns are developed, frequently making your shiny new code an antique. Cloud vendors create innovations that alter the definition and scope of an application. Open-source libraries are updated and released constantly, sometimes with additional functionality, sometimes with security fixes and sometimes with malicious code.

Let’s face it. Software ages like milk, not wine. Are you keeping up or falling behind? Do you spend more time deploying fixes or dealing with exceptions to policy? It’s time for a change. Here's what you will learn:

  • What the vulnerability landscape looks like currently; 
  • The factors from both security and development that are contributing to the problem; 
  • Steps to take to get better. 

To learn more about Checkmarx, click here to visit our booth to chat with a representative.

  • 09:45 AM
  • 10:14 AM
Track B
Jeffrey Sherman
Track B: Crushing the Gap Between Vulnerability Identification and Remediation
Jeffrey Sherman, Associate Vice President Sales - BigFix North America, HCL Software

How can you bring security and IT teams together to reduce friction and dramatically improve vulnerability remediation? To help you address this challenge, Jeff Sherman from the HCL BigFix team, will share his experiences doing just that at major US enterprises.

To learn more about HCL BigFix, click here to visit our booth to chat with a representative.

  • 10:20 AM
  • 10:34 AM
Track A
Chris Pierson
Track A: Executives' Personal Digital Lives are the Soft-Underbelly of Enterprise Security
Chris Pierson, Founder and CEO, BlackCloak

Security leaders do heroic work protecting their people, processes and technology from cyberattack. However, there is one significant gap in enterprise security that CISOs cannot protect, even if they wanted to: the personal digital lives of the C-Suite, Board Members, and senior executives. Join BlackCloak CEO Dr. Chris Pierson as he speaks about the growing problem of cybercriminals attacking executives’ personal lives to attack the company, and why CISOs have limited options to mitigate this risk.

To learn more about BlackCloak, click here to visit our booth to chat with a representative.

  • 10:20 AM
  • 10:34 AM
Track B
Kevin Patrick
Track B: To CERT or Not to CERT: Establishing Trust Without Certificates
Kevin Patrick, Technical Solutions Architect, Cisco

Critical resources need defense in depth beyond validating identity. Certificates provided a method to establish this trust. It is time to remove the calendar reminder for our certificate renewal. Duo’s Device Health Application can verify enrollment into corporate management systems without deploying certificates. Learn how this is done with some common asset management solutions.

To learn more about Cisco/Duo, click here to visit our booth to chat with a representative.

Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 10:35 AM
  • 10:54 AM
  • 10:50 AM
  • 11:19 AM
Track A
Lisa Sotto
Ari Redbord
Track A: Navigating the New Digital Battlefield
Lisa Sotto, Partner, Hunton Andrews Kurth LLP
Ari Redbord, Head of Legal and Government Affairs, TRM Labs

Multiple-extortion ransomware, cryptocurrency exchange hacks - these are hallmarks of the new digital battlefield, and the navigation - and negotiations - are more critical than ever. In this panel discussion, two steeped cybercrime experts discuss the legal, privacy and security aspects of real-world situations including:

  • Weapons of choice in the new digital battlefield
  • The emerging role of cryptocurrency in cybercrime
  • Incident response: Step by step when the response clock starts
  • 10:50 AM
  • 11:19 AM
Track B
Keith O'Sullivan
Track B: What is Web3?
Keith O'Sullivan, SVP. IT Risk & Chief Information Security Officer, Standard Industries

Are you ready for version 3.0 of the internet and it's implications on security and privacy? In this session Keith will discuss the new iteration of "the web" based on blockchain technology, token based economics and decentralization. He will define what web3 is and kick start your thought process around how this all will be a benefit to security and privacy professionals. In this session Keith will go over: 

  • What is web3 and history of web1 and 2 
  • Define some components of web3: Blockchain, smart contracts, NFTs, DAO, etc) 
  • Security concerns 
  • Security and Privacy Benefits 
  • 11:25 AM
  • 11:54 AM
Track A
Murtaza Hafizji
Track A: Evolving Your Security Strategy to the Challenges of 2022
Murtaza Hafizji, Sr. Cyber Security Strategist, BugCrowd

The cyber-threat landscape continued to evolve and expand in 2021, with attackers finding new vulnerabilities and ways to infiltrate organizations. There was also a significant rise in supply chain attacks in the past year, meaning 100s or even 1000s of organizations are at risk of being breached because of a security flaw in a single third party. In this environment, security teams must shift to a risk-based approach, prioritizing the most important areas of their organization. They should also not be afraid to seek outside help, leveraging the growing number of highly skilled white hat hackers to discover unique types of vulnerabilities across their network.


In this session, Hafizji will discuss:

  • The evolving threat landscape and expected trends for 2022
  • The importance of adopting a risk-based approach
  • The growth of crowdsourced security and how it works

To learn more about BugCrowd, click here to visit our booth to chat with a representative.

  • 11:25 AM
  • 11:54 AM
Track B
Tim Wade
Track B: Artificial Intelligence: Let the Buyer Beware
Tim Wade, Deputy Chief Technology Officer, Vectra

Arming and unleashing your inner skeptic

Hype surrounding artificial intelligence is everywhere, and the AI-ification of everything from beverages to pet care is well underway, with few signs indicating that the hype wave has crested. But despite the obviously transformative effects that artificial intelligence has had across numerous industries and verticals, the value of informed skepticism shouldn’t be discounted. In fact, now more than ever, it is critical that grounded skepticism take a front-row seat for discussions aimed at enterprise technology and security executives.

Join us as Vectra AI, a leader in enterprise security, addresses both the hype and the opportunity at a practical altitude necessary for strategic decision-makers to feel confident about harnessing their inner skeptic to achieve better outcomes for the enterprise.  

Audience members will walk away with the following:

  • The foundational perspective necessary to sort hype from transformation;
  • A practical approach to focusing on AI outcomes; 
  • An appreciation for the AI risks on the horizon.

To learn more about Vectra, click here to visit our booth to chat with a representative.

Software Security: How to Prioritize, Measure and Convey It To the Board
Chris Wysopal, Chief Technology Officer, Veracode

Amid the shifting threat landscape, cloud migration and ongoing digital transformation, software security is often low on a security leader's list of priorities.

But the cybersecurity executive order and continuing high-profile breaches have increased awareness around cybersecurity - especially for software - among the members of the board at organizations, making it important for security leaders to communicate to them about the organization's risk posture.

But software security solutions differ from other security solutions: You don’t install a tool; you have to build security in from the start.

This session covers the following questions that security leaders want answered:

  • How do you approach the software security challenge, and where is it among your priorities? 
  • How do you make the successful business case for a software security program? 
  • With a program in place, how do you ensure your developers are following your standards? 
  • How do you measure the success of your program? 
  • How do you communicate the metrics to your board and senior management? 

To learn more about Veracode, click here to visit our booth to chat with a representative.

Chris Wysopal
  • 12:00 PM
  • 12:29 PM
Lunch & Networking Break
  • 12:30 PM
  • 01:14 PM
Zero Trust Town Hall Teaser
John Kindervag, Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow, ON2IT Cybersecurity
John Kindervag
  • 01:15 PM
  • 01:29 PM
  • 01:35 PM
  • 02:19 PM
Track A
Kevin McCleary
B. Casey McGee
Track A: Digital Assets & Cryptocurrency Investigations
Kevin McCleary, Assistant Special Agent in Charge, Criminal Investigative Division, United States Secret Service, New York Field Office
B. Casey McGee, Assistant to the Special Agent in Charge, U.S. Secret Service, New York Field Office

In this presentation and fireside chat, Brendan “Casey” McGee and Kevin McCleary of the U.S. Secret Service will describe the present situation between cryptocurrency and crime, outline some of the emerging trends related to crypto enabled fraud and what the private sector can do to prevent and protect itself from these types of criminal activity.

Join Brendan “Casey” McGee, Assistant to the Special Agent in Charge, United States Secret Service and Kevin McCleary, Assistant to the Special Agent in Charge, Criminal Investigative Division, United States Secret Service to learn about;

  • History of USSS payments systems investigations;
  • Crypto enabled fraud trends and cases;
  • Proactive defense strategies to combat digital fraud.
  • 01:35 PM
  • 02:19 PM
Track B
Fred Harris
Chris Holden
Track B: Has the Russia-Ukraine War Accelerated or Stalled your Cyber Plan?
Fred Harris, Head of Cyber Risk, Societe Generale
Chris Holden, CISO, Crum & Forster

Ask any cybersecurity team for nightmare scenarios, and one of the top answers you'll hear is this: having to fend off an attack by a well-resourced nation-state. Now, since Russia has invaded Ukraine, the likelihood of such attacks, or collateral damage, continues to escalate.

Governments across the globe have issued alerts to organizations to take steps to reduce the likelihood of damage and maximize resilience. As a result, how much has the war accelerated or hindered enterprises' security plans?

This expert panel will share insights and strategies, including:

  • How security teams are responding to heightened threat activity; 
  • How to maintain cyber resilience in wartime; 
  • What potential disruptions to prepare for as the war continues.
  • 02:25 PM
  • 02:39 PM
Track A
Ryan Bowman
Track A: Zero Trust for Applications
Ryan Bowman, Senior Solutions Engineer, ThreatLocker

The Zero Trust framework is based on the principle of "never trust, always verify." Join us to learn about Zero Trust, how to adopt it for applications, and the technologies you need to take control of your environment in the fight against ransomware.

To learn more about ThreatLocker, click here to visit our booth to chat with a representative. 

  • 02:25 PM
  • 02:39 PM
Track B
Brenden Doyle
Track B: Build a Cyber-Resilient Infrastructure with Strong Air Gapped Protection
Brenden Doyle, PreSales Systems Engineer, Quantum Corporation

Ransomware and other forms of cyber-attacks are becoming more sophisticated, and new attacks are reported every week.  Every organization needs to strengthen their cyber-defenses with the strongest air-gapped solution possible.  In this session, learn about the latest advances from Quantum for creating immutable data vaults, including the Quantum Ransom Block solution which is the only air-gapped solution that creates a true physical barrier between your data and your network.  We will also cover best practices and recommendations for minimizing your risk.

To learn more about Quantum, click here to visit our booth to chat with a representative.

Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 02:40 PM
  • 02:58 PM
Building Business and Cyber Resilience - the Art of the Possible
Rocco Grillo, Managing Director, Global Cyber Risk & Incident Response Investigations, Alvarez & Marsal
Gulrez Jamadar, Managing Director - Citigroup, ICG Global Head- IT Risk and Controls, Citi

The U.S. financial services sector has new, mandatory breach reporting guidelines, and the SEC has a new proposal covering cyber risk disclosure and governance. Meanwhile, the pace of ransomware, supply chain attacks and other headline-generating incidents is unabated.

In this session, two New York-based cybersecurity leaders will discuss the merger of business and cyber resilience - and why this puts new demands on CISOs.

Rocco Grillo
Gulrez Jamadar
  • 02:55 PM
  • 03:24 PM
The Challenge of P2P Payment Fraud
Karen Boyer, SVP Financial Crimes, Fraud Intelligence, M&T Bank
James Hitchcock, Vice President, Fraud Mitigation, American Bankers Association

Fast, convenient … free! It's not surprising that Zelle is America's most popular payment app. The peer-to-peer (P2P) payment service, created by a consortium of major US banks, lets users transfer funds directly between bank accounts at no charge. Unfortunately it's also proven popular with the fraudsters. Through well-crafted social engineering techniques, criminals are successfully duping consumers to make fraudulent transactions.

How can we tackle the new challenge of P2P payment fraud?

This expert panel will share insights and strategies, including:

  • The Zelle scam and other social engineering trends;
  • The challenges for banks, consumers and regulators;
  • Best practices to prevent and reduce the impact of impersonation fraud.
Karen Boyer
James Hitchcock
  • 03:30 PM
  • 03:59 PM
Zero Trust Town Hall with John Kindervag
John Kindervag, Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow, ON2IT Cybersecurity

It's been 12 years since ex-Forrester analyst John Kindervag created the concept and term "zero trust," and it's now been one year since President Biden issued a cybersecurity Executive Order with zero trust as its foundation. How has the framework matured - and why do so many people still continue to misunderstand and misapply it?

Join this exclusive town hall meeting for your chance to talk directly with Kindervag about:

  • What zero trust is - and is not
  • How to develop your own roadmap
  • Impact of the executive order beyond federal government
John Kindervag
  • 04:05 PM
  • 04:34 PM
Mastercard's Claire Le Gal on Responding to the New 'Fraud Universe'
Claire Le Gal, Sr. VP, Fraud Intelligence, Strategy & Cyber Products, Mastercard

If we have learned anything from digital transformation, it's that fraud now comes in multiple forms across multiple vectors - simultaneously. And for financial services organizations to be able to spot and stop these schemes requires tearing down silos and building new partnerships like never before.

Claire Le Gal, a 26-year Mastercard veteran, shares exclusive insight on:

  • Emerging fraud trends - and why they are so challenging to detect
  • How we can make it harder for the fraudsters to succeed
  • Why fraud fusion centers are only the start of the cross-enterprise collaboration that needs to occur
Claire Le Gal
  • 04:40 PM
  • 05:09 PM
Closing Comments
  • 05:10 PM
  • 05:14 PM
Cocktail Reception
  • 05:15 PM
  • 06:14 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM EST on Day 2, Wednesday, June 22. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

Speaker Interviews

June 21 - 22, 2022

Northeast US Summit