The Executive Alliance Security Leaders Summit Dallas was held on Thursday, March 22, 2018 at the Westin Galleria in Dallas Texas. The Spring energy was apparent, as the Summit was packed with great session content and highly engaging interaction from attendees throughout the day. The Summit Hosts represented companies across a diversity of industries and sizes, and shared their insights and knowledge with the distinguished group of attendees through their presentations, interviews and breakout roundtable discussions.
Thanks to all of the Hosts, Speakers, Attendees and Sponsors for a stellar event!
Morning Keynote - The Future of Securing our Data
Andy Ulrich, Head of Security, Americas at Ericsson kicked off the morning with his highly engaging opening keynote on dealing with the complexities of information security, distractions in the environment, assumptions made from hindsight, and the predictability and unpredictability of being breached.
Guiding Information Security into the Future
In this interview session, Mary Dickerson, Chief Information Security Officer and Asst. Vice Chancellor at the University of Houston, shared her insights into the value of relationships and the management of these relationships and her main challenge as a leader in finding opportunities for and promoting alternate qualities of senior employees that adds value to the business.
Identity at the Center
Phil McQuitty, Identity and Data Access Governance Strategist, Office of the CTO at SailPoint Technologies, Gold Sponsor, presented on “identity is power.” People & Data: The access between the two is the key – Identity Governance is of primary concern now in most organizations.
Take a Break! Coffee and Networking with Your Peers
Summit guests and sponsors had the opportunity during the morning break to continue the discussions.
The Breach Anxiety in Information Security
Duaine Styles, CISO of The Torchmark Family of Companies and Cecil Pineda, CISO of DFW Airport, discussed in an interview setting, expectations of their Boards and their need to see a balanced scorecard, insights into the security organization’s level of maturity, and their ability to translate technical perspectives into bottom line perspectives.
Privilege – The New Cyber Battleground
Ruben Garcia, District Manager, N. TOLA Region at CyberArk, Silver Sponsor presented on “privileged access is the new battleground for cyber warfare.” Ruben spoke on the challenges with identity sprawl at most companies and the need for artificial intelligence to lead the way to be able to stay ahead.
Top of Mind
The live polling session with attendees highlighted cyber security awareness training for employees as the most important item to be kept in budgets, agreement that a breach, whether technical or trust, as in the aftermath of Facebook, should be reported to customers, and organizations believe they are “mostly equipped” in building a security strategy to support their companies.
Man + Machine is the Winning Combo for Combatting Cyberthreats
Chris Morales, Head of Security Analytics at Vectra Networks, Silver Sponsor, shared insights into building capabilities to slow the attackers and speeding up response time. With internal recon being the longest phase for an attacker in your system, focusing people and advanced technologies on this area produces the best results.
Lunch and Networking
Guests agreed that lunch (award winning brisket) and the conversations were outstanding!
Recap of the Day So Far and What Next?
Richard Warner, Summit Moderator, provided highlights and takeaways from the morning sessions. Survey results for these sessions were outstanding in terms of content, format and level of discussions.
The second live polling session highlighted the following results from key questions asked to the audience:
Autonomous Cyber Defense: AI and the Immune System Approach
Evan Glaser, Cyber Security Account Executive at Darktrace, Silver Sponsor, discussed how the threat landscape is still evolving and the need to develop an immune system approach within the organization, as security will continue with the challenge of being outpaced. Unsupervised machine learning means our system knows what “normal” is and can thereby determine anomalous behaviors of employee accounts and other logged activities.
Cyber Intelligence – Forward Thinking
In the afternoon interview session with Miguel Clarke, Special Agent with the FBI, discussed key strategies for getting ahead of attacks and responding quickly, when under attack. He believes, when it comes to conflict with an adversary in cyberspace, whoever is more committed to the act wins. Already having relationships in place with key people and organizations is the first “best” step for all companies.
There was plenty of energy in the air as guests and sponsors continued to catch up.
Breakout Executive Roundtable Discussions with Debriefs
The always highly rated breakout discussions wrapped up the sessions for the day.
Topic: “Security Analytics & Threat Intelligence – Maturing the Environment,” facilitated by Corey LeBlanc, Vice President, Chief Technical Officer at Origin Bank
Debrief: Discussions focused on determining how best to tackle known issues. By taking data you have and aggregating, collaborating, and assessing the information, (and even try the use of honeypots) these acts will help to isolate threats.
Topic: “Biometric Technologies,” facilitated by Joel Lytle, Director of Information Security of Jackson Walker LLP.
Debrief: Discussions focused on a technology that not many companies are currently using, except for ones that use with access controls. Some implications are data transference between one modern device/system to another.
Topic: “Information Risk Management Programs…Forward Thinking,” facilitated by Ashok Kumar, Director of Information Security at AIG.
Debrief: Discussions focused on how risk is ultimately traced back to reputation and money. Determine how to position the company with annual assessments – identify maturity models to determine if it is on the right path and if you have the right policies in place.
Topic: “Measuring Security as a Business Value,” facilitated by Paul Horn, Chief Information Security Officer, HD Vest Financial Services.
Debrief: Discussions focused on the importance of knowing your audience, the business risk model should be able to tie into monetary value to present the right metrics (to the Board), especially for budget allocation, and building capabilities to answer for what is being tracked (before and after presenting to the Board).
Topic: “GDPR,” facilitated by, Eric Yancy, formerly with CEC Entertainment.
Debrief: Discussions focused on the enforcement assessments… Who is going after whom, with respect to compliance and regulatory enforcement? Will it be a sort of bear-attack situation where the business is okay so long as it isn’t the slowest guy on the path running away? The full impact ahead is still unknown and won’t even begin to see until after May 25th, 2018. Otherwise, for now, in wait and see mode.
Attendees and sponsors had a great time enjoying each other’s company, laughing, and planning to meet at next year’s National Security Leaders Symposium at The Breakers Hotel in Palm Beach from October 21 -23, 2018!
SailPoint, the leader in enterprise identity management, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint's customers are among the world’s largest companies in a wide range of industries, including: 6 of the top 15 banks, 4 of the top 6 healthcare insurance and managed care providers, 8 of the top 15 property and casualty insurance providers, 5 of the top 15 pharmaceutical companies, and six of the largest 15 federal agencies.
To learn more about SailPoint, please visit www.sailpoint.com Or contact Scott Davis email@example.com
CyberArk, the #1 provider of privileged account security, provides a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50% of the Fortune 100, to protect against external attackers and malicious insiders, and address audit and compliance requirements. CyberArk is the only public company 100% focused on privileged account security, delivering innovative solutions to stay one step ahead of attackers.
Darktrace is the world’s leading machine learning company for cyber security, having developed AI algorithms that mimic the human immune system to defend enterprise networks of all types and sizes. Created by mathematicians from the University of Cambridge, Darktrace’s Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal’ for all devices and users, updating its understanding as the environment changes.
By applying its unique, unsupervised machine learning, Darktrace has identified 30,000 previously unknown threats in over 2,4000 networks, including zero-days, insider threats and subtle, stealthy attacks. The company has experienced 600% year-on-year revenue growth. With 500 employees in 24 offices and dual headquarters in San Francisco and Cambridge UK, Darktrace was named ‘Most Innovative Security Company of the Year 2017,’ ‘Bloomberg Innovator,’ and ‘GSN Homeland Security’ award winner. The company’s valuation is $.5 billion and its investors include KKR, Softbank, Summit, Invoke Capital, and Samsung. https://www.darktrace.com/
DarkTrace Global Threat Report 2017 Download the Presentation
Vectra AI provides real-time attack visibility and non-stop automated threat hunting powered by artificial intelligence. The result is blind-spot-free threat detection coverage across the entire network infrastructure and all devices, including IoT and BYOD. Vectra also lets you respond quickly and decisively to attacks by putting the most relevant threat information and context at your fingertips. And Vectra hasn't forgotten about your existing security infrastructure. By providing additional threat intelligence to firewalls, endpoint security and other enforcement points, you can block unknown and customized attacks. In addition, Vectra provides the best starting point for SIEMs and forensic tools to speed-up threat investigations. Our core team consists of threat researchers, data scientists, network security engineers, user interface designers and white hats. We're passionate and committed to making a difference in a world where cybersecurity is a top concern and we constantly push the boundaries of what's possible to drive the next-generation of network security.For more information, please visit: https://vectra.ai/
[Webcast] Is your blue team fast enough to win the race against attackers?
2018 Gartner MQ Report: https://info.vectra.ai/vectra-visionary-2018-gartner-magic-quadrant-for-idps
White paper- How to automate SOC with AI:
Stacy Palmquist- Regional sales manager: firstname.lastname@example.org p: 214-354-2584
Chris Morales- Head of security analytics: email@example.com p: 512-221-0402
Matt Pieklik- Sales engineer: firstname.lastname@example.org p: 512-623-9452
BeyondTrust® is a global cyber security company that believes preventing data breaches requires the right visibility to enable control over internal and external risks.
We give you the visibility to confidently reduce risks and the control to take proactive, informed action against data breach threats. And because threats can come from anywhere, we built a platform that unifies the most effective technologies for addressing both internal and external risk: Privileged Account Management and Vulnerability Management. Our solutions grow with your needs, making sure you maintain control no matter where your organization goes.
BeyondTrust's security solutions are trusted by over 4,000 customers worldwide, including over half of the Fortune 100. To learn more about BeyondTrust, please visit www.beyondtrust.com. Or contact Ed Underwood at email@example.com.
More than 1.3 billion global users rely on Cyren’s 100% cloud internet security solutions, which protect them against cyber attacks and data loss every day. Powered by the world’s largest security cloud, Cyren delivers fast time to protection from cyber threats with SaaS security solutions for web, email, sandboxing, and DNS for enterprises, and embedded threat intelligence solutions for partners. To learn more about Cyren, please visit www.cyren.com
Or contact Mike Beeson at firstname.lastname@example.org
ISSA Fort Worth Chapter
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. Learn more at the ISSA, International website.
About the Fort Worth Chapter
The Fort Worth Chapter of ISSA brings all of the benefits of International membership, along with opportunities for experiencing great speakers, local networking, earning CPEs, job prospecting and more.
For more information contact Kelly Hammons at email@example.com
Security Innovation focuses on the most difficult IT Security problem, and the root cause of most data breaches — insecure software applications. For more than a decade, we’ve helped organizations build internal expertise, uncover critical vulnerabilities, and improve the process by which applications are built. The company’s solutions are based on the three pillars of a secure Software Development Lifecycle (SDLC), which feed into one another to create an ecosystem of repeatable, secure software development: Standards, Education, and Assessment. Our flagship products include TeamProfessor, the industry’s largest library of application security eLearning courses, and TeamMentor, “out of the box” secure development standards.
For more information, please visit www.securityinnovation.com or contact Zack Hatfield at firstname.lastname@example.org