“Excellent information sharing and networking.”
Gary Toretti, CISO, Sabre Corporation
“Best one-on-one with both peers and solution providers. Also, perfect for one day of packed content.”
Kevin McMahon, Sr. VP & Chief Compliance Officer, Calpine Corp.
“I was honored to participate and the candid discussions with senior security professionals were refreshing and informative.”
Eric Yancy, Information Security Officer, GetThere
Morning Keynote, Karan Saberwal, Director of Cybersecurity, Assessments, Risk & Compliance at Discover Financial Services, kicked off the Summit with his perspectives on the state of the industry and cyber security trends. Conducting his own survey with security executives across the country, Karan highlighted some of the areas that the industry is not doing well such as simplifying security: Password and Usability, Risk Management: Liability and risk-of-breach exceed affordability, Planning: Continuously failing to justify investments and Execution: Budgeting, Resource Allocation, and Skilled Staff. Karan also highlighted from a risk perspective to most companies, cyber incidences (cybercrime, breaches and IT failures), now ranks as #3 behind business interruption and market volatility. He wrapped up his keynote with insights on future challenges for the industry, including: IoT will be bigger than the user threat, New Technologies, Shortage of qualified skills in security and External Threat Sophistication. If you attended the program and interested in speaking further with Karan about his presentation, please send an email to firstname.lastname@example.org and we will get you connected.
In the executive briefing, “Speed Of Business Is Breaking Security – Automate Or Die,” Steve Opfer, Enterprise Sales Director at CloudPassage, Silver Sponsor, provided insight into how today’s rapid delivery of IT is upsetting the ability of security organizations to maintain and extend their controls into the modern infrastructure. This briefing focused on solution approaches to the key challenges around visibility, threat isolation, compliance and automation.
In the interview session, “Conversations with Execs in the Corner Office,” Aman Raheja, U.S. Chief Information Security Officer at BMO Financial Group, spoke on how he plans to deliver increasing value to his organization, what it will take to get there, and what he expects to accomplish. Aman shared insights into the talent shortage, security awareness among employees, and ensuring his organization is in synch with the business.
In the presentation, “The Industry Need for Cloud Generation Security, Brian Kenyon, Senior Vice President & Chief Strategy Officer at Blue Coat Systems, Platinum Sponsor, shared insights into challenges dealing with the infrastructure used by attackers to gain information and the rise of encrypted traffic, which is now considered common ground for both the good and the bad guys. For ensuring safe passage of data to the cloud, Brian highlighted the need to ensure control over the evolving network and protection of next-generation endpoints through device agnostic protection. Download the Presentation
Attendees had the opportunity for a little networking time during the morning break.
Getting high marks on attendee surveys, Mark Peters,Director, Automotive Business at Security Innovation,presented on the impending advancements in the connected car. He reviewed security concerns, the immense challenges in developing the massive systems, protecting data from being hacked, and the never ending privacy concerns. Mark brought to light key examples of the challenges…an S-Class Mercedes Benz, contains 100 million lines of code, accounting for 50% of the development price of the vehicle, versus only 7+ million lines of code on the 787 Dreamliner.
In the session, “Securing Rogue File Sharing – Your Most Vulnerable Data Leak Threat Vector,” Brian Winter,Regional Sales Manager at Accellion, Gold Sponsor, discussed best practices for secure file sharing. Brian shared insights into the latest advancements in secure file sharing and collaboration, best practices for providing security without compromising productivity and how to leverage investments in existing content systems.
In the interactive discussion “Game Changers – Driving Innovation,” security executives discussed new technologies they will need for the future and how security awareness programs will need to evolve to engage employees.
Neil Farquharson, Technology Evangelist for ZixCorp, Gold Sponsor presented on “Email Security.” Neil shared insights into the latest and challenges they are seeing and how organizations are solving their most pressing secure email challenges.
Guests enjoyed a relaxing lunch and continued the conversations that were started during the morning sessions.
After lunch, Natasha Taymourian, Consulting Systems Engineer with OpenDNS, now a part of Cisco, Silver Sponsor provided an executive briefing on “Security Beyond the Firewall.” Natasha discussed the need for a predictive security intelligence program in order that CISOs can prevent, contain and be informed of targeted attacks. She also shared insights into identifying adversarial patterns once they’ve entered the network and how security approaches can leverage data to prevent attacks before they happen.
The Executive Roundtables received excellent feedback from the Summit attendees, including “valuable peer-to-peer discussions,” and “great way to round out the afternoon.” The roundtables were facilitated by Stan Thompson, Senior Director, Risk & Control with Experian, Adam Page, CISO & Director of Application Serviceswith NorthShore University HealthSystem, Kevin Wixted, Director, Information Security with DLA Piper, Shaoping Zhou, Information Security Officer with Topco Associates, and Joe Gaczewski, Information Security Program Manager, with William Blair & Company.
Brian Henger, Regional Vice President of Malwarebytes, Gold Sponsor, presented on “Psychological Warfare: How Cyber Criminals Mess With People’s Minds.” Brian shared insights into how cyber criminals are now investing more time and resources in advertising and psychology than technologies to gain access to data, the underlying social engineering tactics to gain access and solutions to consider to protect against these tactics.
In the Afternoon Keynote, Jamey Cummings, Senior Client Partner, Co-Leader Global Cybersecurity Practice at Korn Ferry, spoke on “Managing Your Career in a Dynamic Market.” Jamey shared insights into the landscape driving the demand for talent, the three types of Information Security/Technology Risk Executives emerging, key success factors for security leaders, and compensation ranges in the marketplace. In closing, Jamey highlighted the importance of 1) executives building their own brand, 2) investing in your own development and career progression plan, and 3) demonstrating strong leadership – building teams and developing top talent. If you would like to find out further information, please contact Jamey at Jamey.Cummings@kornferry.com
During the afternoon reception, attendees and Summit sponsors had the opportunity to unwind, keep the conversations going and have fun with the prize drawings.
Be sure to visit the photo gallery.
Blue Coat Systems
Blue Coat empowers enterprises to safely and securely choose the best applications, services, devices, data sources, and content the world has to offer, so they can create, communicate, collaborate, innovate, execute, compete and win in their markets. Blue Coat has a long history of protecting organizations, their data and their employees and is the trusted brand to 15,000 customers worldwide, including 86 percent of the FORTUNE Global 500. With a robust portfolio of intellectual property anchored by more than 200 patents and patents pending, the company continues to drive innovations that assure business continuity, agility and governance. For additional information, please visit:
• A new study from ESG describing the growth of encryption and strategies for protection. Read the report, “Network Encryption and its Impact on Network Security” to get the facts and figures about the nature of the threat and the actions you can take now to deepen your defenses.
• Or visit www.bluecoat.com.
Accellion, Inc. provides secure access to enterprise content wherever it is stored to enable increased enterprise productivity and ensure data security and compliance. Accellion, Inc. is the leading provider of private cloud solutions offering enterprise organizations the scalability, flexibility, control and security to enable a global workforce with the tools they need to securely create, access and share information, wherever work takes them. Accellion solutions are used by more than 12 million users and 2,000 of the world’s leading corporations and government agencies including Procter & Gamble; Indiana University Health; Kaiser Permanente; Hogan Lovells; Bridgestone; Harvard University; US Securities and Exchange Commission; and NASA. For more information, please visit www.accellion.com or call 650-485-4300.
Malwarebytes protects businesses against malicious threats that escape detection by traditional antivirus solutions. Malwarebytes Anti-Malware, the company’s flagship product, has a highly advanced heuristic detection engine that has removed more than five billion malicious threats from computers worldwide. SMBs and enterprise businesses worldwide trust Malwarebytes to protect their data. Founded in 2008, the company is headquartered in California with offices in Europe, and a global team of researchers and experts. For more information, please visit www.malwarebytes.com/business.
Download a copy of the Malwarebytes Research Brief: Operation Fingerprint to get a look into several Angler Exploit Kit malvertising campaigns.
ZixCorp is a leader in email data protection. ZixCorp offers industry-leading email encryption, a unique email DLP solution and an innovative email BYOD solution to meet your company’s data protection and compliance needs. ZixCorp is trusted by the nation’s most influential institutions in healthcare, finance and government for easy to use secure email solutions. ZixCorp is publicly traded on the Nasdaq Global Market under the symbol ZIXI, and its headquarters are in Dallas, Texas. For more information, please visit www.zixcorp.com or contact Steve Irons, VP of Sales, 781-993-6023.
CloudPassage Halo® is the world’s leading agile security platform that empowers our customers to take full advantage of cloud infrastructure with the confidence that their critical business assets are protected. Halo delivers a comprehensive set of continuous security and compliance functions right where it counts — at the workload. Our platform orchestrates security on-demand, at any scale and works in any cloud or virtual infrastructure (private, public, hybrid or virtual data center). For more information, please visit www.cloudpassage.com or contact Steve Opfer, Sales Director.
OpenDNS is a leading provider of network security and DNS services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. The Umbrella cloud-delivered network security service blocks advanced attacks, as well as malware, botnets and phishing threats regardless of port, protocol or application. Its predictive intelligence uses machine learning to automate protection against emergent threats before they can reach customers. OpenDNS protects all devices globally without hardware to install or software to maintain. For more information, please contact Britt Allen, 630-637-1613 or visit www.opendns.com.
Whitepaper available: Automated Protection Against Advanced Attacks
Alert Logic, the leader in security and compliance solutions for the cloud, provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Fully managed by a team of experts, the Alert Logic Security-as-a-Service solution provides network, system and web application protection immediately, wherever your IT infrastructure resides. Alert Logic partners with the leading cloud platforms and hosting providers to protect over 3,000 organizations worldwide. Built for cloud scale, our patented platform stores petabytes of data, analyzes over 450 million events and identifies over 60,000 security incidents each month, which are managed by our 24×7 Security Operations Center. Alert Logic, founded in 2002, is headquartered in Houston, Texas, with offices in Seattle, Dallas, Cardiff, Belfast and London. For more information, please visit www.alertlogic.com or contact Adam Walsh, Territory Sales Manager.
BeyondTrust is a global cyber security company that believes preventing data breaches requires the right visibility to enable control over internal and external risks. We give you the visibility to confidently reduce risks and the control to take proactive, informed action against data breach threats. And because threats can come from anywhere, we built a platform that unifies the most effective technologies for addressing both internal and external risk: Privileged Account Management and Vulnerability Management. Our solutions grow with your needs, making sure you maintain control no matter where your company goes. BeyondTrust’s security solutions are trusted by over 4,000 customers worldwide, including half of the Fortune 100. To learn more about BeyondTrust, please visit www.beyondtrust.com or contact Jarrett Benavidez.
Forcepoint safeguards users, data and networks against the most determined adversaries, from accidental or malicious insider threats to outside attackers, across the entire threat lifecycle. Forcepoint protects data everywhere – in the cloud, on the road, in the office – simplifying compliance and enabling better decision-making and more efficient remediation. Forcepoint empowers organizations to concentrate on what’s most important to them while automating routine security tasks. More than 22,000 organizations around the world rely on Forcepoint. Based in Austin, Texas, with worldwide sales, service, security laboratories and product development, Forcepoint is a joint venture of the Raytheon Company and Vista Equity Partners. For more information, please visit www.forcepoint.com or contact Patrick Curley or Philip Sullivan.
Whitepaper available: Forcepoint 2016 Global Threat Report
Security Innovation focuses on the most difficult IT Security problem, and the root cause of most data breaches — insecure software applications. For more than a decade, we’ve helped organizations build internal expertise, uncover critical vulnerabilities, and improve the process by which applications are built. The company’s solutions are based on the three pillars of a secure Software Development Lifecycle (SDLC), which feed into one another to create an ecosystem of repeatable, secure software development: Standards, Education, and Assessment. Our flagship products include TeamProfessor, the industry’s largest library of application security eLearning courses, and TeamMentor, “out of the box” secure development standards. For more information, please contact Rick Filippo or visit www.securityinnovation.com.
Wombat Security Technologies
Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%. For more information, please visit www.wombatsecurity.com or contact Greg Stewart or Mitch Sheffler.