Southwest US Summit
Hybrid Summit October 25 - 26, 2022
This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.
David Pollino
Former CISO
PNC Bank
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Jeremy Grant
Managing Director, Technology Business Strategy
Venable LLP
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP
Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Matt Aldridge
Principal Solutions Consultant
Carbonite + Webroot, OpenText Security Solutions
Aldridge is a cybersecurity veteran with over 25 years of experience. In 2014, he moved to Webroot to work with new customers and partners across EMEA and beyond. He is focused on the integration of BrightCloud Threat Intelligence services and...
Tom Kellermann
Chief Cybersecurity Officer
VMware Carbon Black
Prior to joining Carbon Black, Tom was the CEO and founder of Strategic Cyber Ventures. On January 19, 2017 Tom was appointed the Wilson Center's Global Fellow for Cyber Policy in 2017. Tom previously held the positions of Chief Cybersecurity...
Mike Manrod
CISO
Grand Canyon Education, Inc.
Anna Delaney
Director, ISMG Productions
ISMG
Jay Schiavo
VP, Product Management
Entrust
Schiavo is the vice president of products for the Entrust Certificate Solutions product segment, including PKI, public SSL and digital signing. An industry pioneer and global leader in identity-based digital security, he has been serving the industry since 2004 and...
Shannon Lawson
CISO
City of Phoenix
Lester Godsey
CISO
Maricopa County
Lester Godsey is the Chief Information Security and Privacy Officer for Maricopa County, AZ, the fourth most populous county in the United States. With over twenty-six years of higher education and local government IT experience, Godsey was selected as one...
Rashmi Sahay
Vice President, IT & Cyber Risk Leader
Bank of the West/BNP Paribas
Michael Novinson
Managing Ediitor
ISMG
Scott Gillis
District Sales Manager
Exabeam
Gillis is a cybersecurity industry leader with over 20 years of experience in the IT industry, specializing in creating and leading hyper-performing teams to achieve key company metrics and KPIs. He is widely known across the industry as a successful...
Troy Leach
Security Executive in Residence
Cloud Security Alliance
Troy Leach has spent more than 25 years educating on and advocating for the advancement of responsible technology to improve the quality of living and parity for all. Currently Mr. Leach is the Security Executive in Residence for the non-profit,...
Matanda Doss
Executive Director, Cybersecurity and Technology Controls, Commercial Bank
JPMorgan Chase & Co.
View Agenda
Identity and the Open Banking Revolution

A banking revolution is underway in the form of a new financial transparency. A focus on third-party access and straightforward payment options is forcing compliance and regulation mandates on a global scale. The critical technology for this shift is the open API. What does this mean for service providers worldwide?

In this session, attendees will learn about the importance of securing customer identity, protecting APIs and enforcing authentication.

  • 09:00 AM
  • 09:39 AM
How Organizations Can Differentiate Themselves with Modern Strong Authentication

Organizations often struggle with perceived commoditization among customers, but organizations can set themselves apart by offering strong security. Fraud associated with account takeover is largely driven by weak authentication, such as usernames and passwords, security questions and mobile-based authentication - OTP, SMS and push notifications. Modern strong authentication offers end customers highest-assurance security along with ease of use and can create meaningful differentiation and value to drive new customer acquisition and customer retention. Attend this panel discussion to hear the current challenges related to authentication and best practices to implement moving forward.

  • 09:45 AM
  • 10:14 AM
Your Digital Transformation is Being Sabotaged

Digital transformation promises business growth by providing value to customers by leveraging emerging technologies and supporting skills for new business models. At its core, data-driven decisions are the lifeblood of digital transformation. When data is poisoned, stolen and misused for malicious intent, progress slows, resulting in poor customer experience and satisfaction.

In this session, we will explore how sophisticated bot attacks are contaminating top digital transformation trends related to automation, data analytics and application architectures that should be part of every security strategy to solve in 2022.

  • 10:20 AM
  • 10:49 AM
Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 10:50 AM
  • 11:04 AM
Threat Watch 2022: Shifts and Trends Shaping our World
Matt Aldridge, Principal Solutions Consultant, Carbonite + Webroot, OpenText Security Solutions

We've looked into our crystal ball to predict the types of threats and potential cybersecurity weaknesses businesses can anticipate and prepare for in 2022. The changes in how we work and do business that arose during 2020 paved the way for new vulnerabilities in 2021, offering attackers unrestricted possibilities to exploit security flaws. Criminals targeted organizations of all sizes and took advantage of a lack of cyber resilience and cybersecurity infrastructure. We anticipate that in 2022 these hacks will only continue to grow and damage all types of organisations. Therefore, it's pivotal to learn how to reduce risks and defend your business from existing and future threats.

Matt Aldridge
  • 11:05 AM
  • 11:19 AM
Protecting Business with Converged Crypto Management
Jay Schiavo, VP, Product Management, Entrust

Digital transformation is everywhere, and it's a driver of business success. As businesses digitally transform, they must protect the ever-growing number of applications, devices, servers and data across their hybrid cloud infrastructure from sophisticated malicious threats and maintain regulatory compliance. Cryptography – secrets, certificates, and keys – protects information and communications so that only the people, systems and devices who need to access it can read and process it.

According to Gartner’s David Mahdi, “Cryptography is critical infrastructure … providing the trust in data that is required for digital business.” Yet organizational silos, multiple security solutions and changing standards make discovering and managing crypto difficult, putting organizations at risk of high-profile breaches, failed compliance audits, legal liability and business outages. 

Jay Schiavo
  • 11:25 AM
  • 11:54 AM
Absolute Musts in Your Incident Response Plan: Those Who Fail to Plan – Fail

If SolarWinds and Kaseya didn't put it to the test, then Log4j did. Your incident response plan: When was it last updated or tested? Does it account for today's latest ransomware and supply chain threats? Does it meet the latest regulatory demands for incident reporting?

Join this panel of seasoned cybersecurity experts for lively discussion of incident response planning, including:

  • The shift from response to resilience;
  • Preparing for the latest threats;
  • How to work best with regulators and law enforcement agencies.
  • 12:00 PM
  • 12:29 PM
Lunch & Networking Break
  • 12:30 PM
  • 01:14 PM
Why SOCs Fail - The Maturity Model Required for Cyber Resilience
Scott Gillis, District Sales Manager, Exabeam

Billions of dollars are spent annually to set up security programs and operation centers across every industry and yet, according to Risk Based Security, 3,932 breaches were publicly reported in 2020 alone. Why are security programs failing? Learn how the current operating model contributes to that failure and how a simple maturity model based on outcomes and use cases can make your organization more cyber resilient.

Scott Gillis
  • 01:15 PM
  • 01:29 PM
Ransomware Stole My Job!

Ransomware has dominated the headlines for the past few years. But much of the long-term human and career devastation resulting from ransomware attacks remains untold and possibly buried out of view.

In this exclusive session, we will unpack a real-world example of how a ransomware incident led to numerous layoffs and discuss with one such individual their journey from ransomware incident to pink slip, during an event you may have read about in the media. Names and details of the incident have been changed to protect the innocent and, at times, the guilty.

  • 01:35 PM
  • 01:54 PM
Modern Bank Heists: What You Need to Know About the Latest Fraud Trends – and the Fraudsters
Tom Kellermann, Chief Cybersecurity Officer, VMware Carbon Black

It is clear that fraud threats are trending far beyond traditional account takeover. Large banking institutions are no longer the only place where e-criminals can steal money. Any company that uses any type of online banking system (virtually 100% of companies) can be hacked via new routes including payment card fraud and synthetic IDs. With so many emerging angles cybercriminals are taking, how do you ensure you have an omni-channel strategy to cover them all?

Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the latest Modern Bank Heists survey conducted by VMware Carbon Black.

Tom  Kellermann
  • 02:00 PM
  • 02:29 PM
Secure Cloud Infrastructure - Identity First

Cloud infrastructure is extremely complex, with thousands of workloads and data resources, service and human identities, and policies and configurations. With so many moving parts, it’s nearly impossible to clearly see or understand what is going on in your AWS, Azure and GCP environments - let alone control it. Efforts are exacerbated by the rapid pace of development, shortages in cloud expertise, and the number of stakeholders.

Ultimately the most important questions are: Is my data exposed? Who can access it? Only with clear, contextual, actionable risk insight into all identities, configurations and resources can you begin to grasp effective access and the risk to your data. Find out how an identity-first approach to cloud security can help you reduce your cloud attack surface and blast radius - and stay compliant.

  • 02:35 PM
  • 03:04 PM
Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 03:05 PM
  • 03:19 PM
Fast and Furious Attacks: Using AI to Surgically Respond

Fast-moving cyberattacks can strike at any time, and security teams are often unable to react quickly enough. Join to learn how Autonomous Response takes targeted action to stop in-progress attacks without disrupting your business. The discussion includes real-world threat finds.

Explore today’s threats and challenges and learn how advances in AI have been leveraged to allow for very surgical actions to be taken autonomously - where humans can no longer react fast enough.

  • 03:25 PM
  • 03:54 PM
Are You Ready for XDR?

Is XDR a technology or a capability? Is there one reference architecture, or is there a set of capabilities that define Extended Detection and Response? Gaining a better understanding of threat actor activity requires telemetry and analysis from multiple tools combined with advanced analysis capability. XDR promises to increase detection fidelity and reduce containment and response times while automating and orchestrating key security processes. But is your organization ready to adopt XDR? Do you have the necessary components and capability to be truly effective with XDR? Join our discussion to learn what it takes to begin a journey to XDR and assess your readiness.

  • 04:00 PM
  • 04:29 PM
Cocktail Reception
  • 04:30 PM
  • 05:29 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM EST on Day 2, Wednesday, October 26th. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

This hybrid summit's agenda will cover Zero Trust, IAM, Ransomware, Privacy, Fraud, Payments, IoT, Cryptocurrency, End Point Protection, Cloud Security and more.
ISMG's agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

David Pollino
Former CISO
PNC Bank
Ari Redbord
Head of Legal and Government Affairs
TRM Labs
John Kindervag
Creator of Zero Trust, Senior Vice President, Cybersecurity Strategy, ON2IT Group Fellow
ON2IT Cybersecurity
Jeremy Grant
Managing Director, Technology Business Strategy
Venable LLP
Grant Schneider
Senior Director for Cybersecurity services ( Former U.S. federal CISO)
Venable LLP

Tom Field
SVP of Editorial
ISMG
Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world,...
Matt Aldridge
Principal Solutions Consultant
Carbonite + Webroot, OpenText Security Solutions
Aldridge is a cybersecurity veteran with over 25 years of experience. In 2014, he moved to Webroot to work with new customers and partners across EMEA and beyond. He is focused on the integration of BrightCloud Threat Intelligence services and...
Tom Kellermann
Chief Cybersecurity Officer
VMware Carbon Black
Prior to joining Carbon Black, Tom was the CEO and founder of Strategic Cyber Ventures. On January 19, 2017 Tom was appointed the Wilson Center's Global Fellow for Cyber Policy in 2017. Tom previously held the positions of Chief Cybersecurity...
Mike Manrod
CISO
Grand Canyon Education, Inc.
Anna Delaney
Director, ISMG Productions
ISMG
Jay Schiavo
VP, Product Management
Entrust
Schiavo is the vice president of products for the Entrust Certificate Solutions product segment, including PKI, public SSL and digital signing. An industry pioneer and global leader in identity-based digital security, he has been serving the industry since 2004 and...
Shannon Lawson
CISO
City of Phoenix
Lester Godsey
CISO
Maricopa County
Lester Godsey is the Chief Information Security and Privacy Officer for Maricopa County, AZ, the fourth most populous county in the United States. With over twenty-six years of higher education and local government IT experience, Godsey was selected as one...
Rashmi Sahay
Vice President, IT & Cyber Risk Leader
Bank of the West/BNP Paribas
Michael Novinson
Managing Ediitor
ISMG
Scott Gillis
District Sales Manager
Exabeam
Gillis is a cybersecurity industry leader with over 20 years of experience in the IT industry, specializing in creating and leading hyper-performing teams to achieve key company metrics and KPIs. He is widely known across the industry as a successful...
Troy Leach
Security Executive in Residence
Cloud Security Alliance
Troy Leach has spent more than 25 years educating on and advocating for the advancement of responsible technology to improve the quality of living and parity for all. Currently Mr. Leach is the Security Executive in Residence for the non-profit,...
Matanda Doss
Executive Director, Cybersecurity and Technology Controls, Commercial Bank
JPMorgan Chase & Co.

View Agenda
Identity and the Open Banking Revolution

A banking revolution is underway in the form of a new financial transparency. A focus on third-party access and straightforward payment options is forcing compliance and regulation mandates on a global scale. The critical technology for this shift is the open API. What does this mean for service providers worldwide?

In this session, attendees will learn about the importance of securing customer identity, protecting APIs and enforcing authentication.

  • 09:00 AM
  • 09:39 AM
How Organizations Can Differentiate Themselves with Modern Strong Authentication

Organizations often struggle with perceived commoditization among customers, but organizations can set themselves apart by offering strong security. Fraud associated with account takeover is largely driven by weak authentication, such as usernames and passwords, security questions and mobile-based authentication - OTP, SMS and push notifications. Modern strong authentication offers end customers highest-assurance security along with ease of use and can create meaningful differentiation and value to drive new customer acquisition and customer retention. Attend this panel discussion to hear the current challenges related to authentication and best practices to implement moving forward.

  • 09:45 AM
  • 10:14 AM
Your Digital Transformation is Being Sabotaged

Digital transformation promises business growth by providing value to customers by leveraging emerging technologies and supporting skills for new business models. At its core, data-driven decisions are the lifeblood of digital transformation. When data is poisoned, stolen and misused for malicious intent, progress slows, resulting in poor customer experience and satisfaction.

In this session, we will explore how sophisticated bot attacks are contaminating top digital transformation trends related to automation, data analytics and application architectures that should be part of every security strategy to solve in 2022.

  • 10:20 AM
  • 10:49 AM
Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 10:50 AM
  • 11:04 AM
Threat Watch 2022: Shifts and Trends Shaping our World
Matt Aldridge, Principal Solutions Consultant, Carbonite + Webroot, OpenText Security Solutions

We've looked into our crystal ball to predict the types of threats and potential cybersecurity weaknesses businesses can anticipate and prepare for in 2022. The changes in how we work and do business that arose during 2020 paved the way for new vulnerabilities in 2021, offering attackers unrestricted possibilities to exploit security flaws. Criminals targeted organizations of all sizes and took advantage of a lack of cyber resilience and cybersecurity infrastructure. We anticipate that in 2022 these hacks will only continue to grow and damage all types of organisations. Therefore, it's pivotal to learn how to reduce risks and defend your business from existing and future threats.

Matt Aldridge
  • 11:05 AM
  • 11:19 AM
Protecting Business with Converged Crypto Management
Jay Schiavo, VP, Product Management, Entrust

Digital transformation is everywhere, and it's a driver of business success. As businesses digitally transform, they must protect the ever-growing number of applications, devices, servers and data across their hybrid cloud infrastructure from sophisticated malicious threats and maintain regulatory compliance. Cryptography – secrets, certificates, and keys – protects information and communications so that only the people, systems and devices who need to access it can read and process it.

According to Gartner’s David Mahdi, “Cryptography is critical infrastructure … providing the trust in data that is required for digital business.” Yet organizational silos, multiple security solutions and changing standards make discovering and managing crypto difficult, putting organizations at risk of high-profile breaches, failed compliance audits, legal liability and business outages. 

Jay Schiavo
  • 11:25 AM
  • 11:54 AM
Absolute Musts in Your Incident Response Plan: Those Who Fail to Plan – Fail

If SolarWinds and Kaseya didn't put it to the test, then Log4j did. Your incident response plan: When was it last updated or tested? Does it account for today's latest ransomware and supply chain threats? Does it meet the latest regulatory demands for incident reporting?

Join this panel of seasoned cybersecurity experts for lively discussion of incident response planning, including:

  • The shift from response to resilience;
  • Preparing for the latest threats;
  • How to work best with regulators and law enforcement agencies.
  • 12:00 PM
  • 12:29 PM
Lunch & Networking Break
  • 12:30 PM
  • 01:14 PM
Why SOCs Fail - The Maturity Model Required for Cyber Resilience
Scott Gillis, District Sales Manager, Exabeam

Billions of dollars are spent annually to set up security programs and operation centers across every industry and yet, according to Risk Based Security, 3,932 breaches were publicly reported in 2020 alone. Why are security programs failing? Learn how the current operating model contributes to that failure and how a simple maturity model based on outcomes and use cases can make your organization more cyber resilient.

Scott Gillis
  • 01:15 PM
  • 01:29 PM
Ransomware Stole My Job!

Ransomware has dominated the headlines for the past few years. But much of the long-term human and career devastation resulting from ransomware attacks remains untold and possibly buried out of view.

In this exclusive session, we will unpack a real-world example of how a ransomware incident led to numerous layoffs and discuss with one such individual their journey from ransomware incident to pink slip, during an event you may have read about in the media. Names and details of the incident have been changed to protect the innocent and, at times, the guilty.

  • 01:35 PM
  • 01:54 PM
Modern Bank Heists: What You Need to Know About the Latest Fraud Trends – and the Fraudsters
Tom Kellermann, Chief Cybersecurity Officer, VMware Carbon Black

It is clear that fraud threats are trending far beyond traditional account takeover. Large banking institutions are no longer the only place where e-criminals can steal money. Any company that uses any type of online banking system (virtually 100% of companies) can be hacked via new routes including payment card fraud and synthetic IDs. With so many emerging angles cybercriminals are taking, how do you ensure you have an omni-channel strategy to cover them all?

Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the latest Modern Bank Heists survey conducted by VMware Carbon Black.

Tom  Kellermann
  • 02:00 PM
  • 02:29 PM
Secure Cloud Infrastructure - Identity First

Cloud infrastructure is extremely complex, with thousands of workloads and data resources, service and human identities, and policies and configurations. With so many moving parts, it’s nearly impossible to clearly see or understand what is going on in your AWS, Azure and GCP environments - let alone control it. Efforts are exacerbated by the rapid pace of development, shortages in cloud expertise, and the number of stakeholders.

Ultimately the most important questions are: Is my data exposed? Who can access it? Only with clear, contextual, actionable risk insight into all identities, configurations and resources can you begin to grasp effective access and the risk to your data. Find out how an identity-first approach to cloud security can help you reduce your cloud attack surface and blast radius - and stay compliant.

  • 02:35 PM
  • 03:04 PM
Exhibits & Networking Break

Enhance your Summit experience by visiting the Sponsors’ Interactive Booths. Chat with Representatives at each Booth, access valuable resources, schedule a demo and more!

  • 03:05 PM
  • 03:19 PM
Fast and Furious Attacks: Using AI to Surgically Respond

Fast-moving cyberattacks can strike at any time, and security teams are often unable to react quickly enough. Join to learn how Autonomous Response takes targeted action to stop in-progress attacks without disrupting your business. The discussion includes real-world threat finds.

Explore today’s threats and challenges and learn how advances in AI have been leveraged to allow for very surgical actions to be taken autonomously - where humans can no longer react fast enough.

  • 03:25 PM
  • 03:54 PM
Are You Ready for XDR?

Is XDR a technology or a capability? Is there one reference architecture, or is there a set of capabilities that define Extended Detection and Response? Gaining a better understanding of threat actor activity requires telemetry and analysis from multiple tools combined with advanced analysis capability. XDR promises to increase detection fidelity and reduce containment and response times while automating and orchestrating key security processes. But is your organization ready to adopt XDR? Do you have the necessary components and capability to be truly effective with XDR? Join our discussion to learn what it takes to begin a journey to XDR and assess your readiness.

  • 04:00 PM
  • 04:29 PM
Cocktail Reception
  • 04:30 PM
  • 05:29 PM
Day 2 Agenda

All content from Day 1 will be available on demand from 9 AM - 5 PM EST on Day 2, Wednesday, October 26th. Don’t miss the chance to log-in and consume any content you may not have had the chance to see at your own convenience.

  • 09:00 AM
  • 04:59 PM

Speaker Interviews

October 25 - 26, 2022

Southwest US Summit