Hosted by Executive Alliance, the 2017 National Security Leaders Symposium was held October 22-24, 2017 at The Ritz-Carlton in Naples, FL. This year's Symposium opened against a backdrop of industry challenges that coalesced the community and had the room buzzing. With some of the top minds in the nation on hand, there was no shortage of lively debate and the breadth of knowledge garnered was unprecedented. Engaging with their peers on the most pressing issues, attendees offered their predictions of future trends, gained insights from industry leaders, and participated in interview discussions and breakout roundtables.
The 2017 National Symposium was truly an example of the tip of the sword and we thank all of the Hosts, Speakers, Attendees and Sponsors for a stellar event.
"The interactions at this symposium are just perfect."
Avishai Avivi, Vice President, Information Security, E*TRADE Financial Corporation
“Executive Alliance provides an outstanding venue for thought provoking dialogue.”
Jan Wardle, Business Application Advisor, FedEx
“Candid discussion, nice balance of information- tapping into a wider experience than I could do on my own."
Dan Yomine, Vice President / Risk Management, Bank of America
After boarding the Naples Princess, attendees, their guests and sponsors got a chance to get to know each other and enjoyed an exquisite dinner reception along with music, memories and epic sunset views.
Sunday Morning, October 22nd - Gators and Golf
For 2017, attendees chose to live on the wild side and ventured out into the Everglades and boarded Wooten's airboats for a tour of the primal, alligator infested swamps. Luckily everyone made it back and enjoyed a tour of the animal sanctuary and some gator wrestling!
The foursomes teed off on a perfect Sunday morning at the finest course in Naples, The Tiburon Golf Resort. The competition was fierce with awards going to Longest Drive, Longest Putt and Overall Team Winners.
The National Security Leaders Symposium formally opened up on Sunday evening in the middle of the Ritz Carlton courtyard with an outdoor reception under the stars and a delicious low country boil dinner provided by the Ritz Carlton. Attendees and sponsors had the chance to reconnect and start forming new friendships.
Top of Mind
After a warm welcome from Executive Alliance CEO Mary Lou Heastings, Richard Warner, Symposium Moderator, opened up the 2017 National program with some of the latest statistics on the state of CISO thinking in terms of breaches, preparedness, compliance and awareness. Download the Presentation
State of the Industry
Sanju Misra, CISO of Praxair, and Gene Scriven, CISO of ACI Worldwide, dove right in to hard hitting discussion on some of the biggest challenges facing the industry, the biggest successes the industry overall has accomplished and what CISOs need to focus on for the future. Repeated continually was the lack of resources as they compete not only with their peers in the industry, but also internally for scarce IT personnel.
CASB 2.0: Safely Adopt Cloud Apps with Integrated Cloud Security
Deena Thomchick, Senior Director Cloud Security, Symantec, Platinum Sponsor provided an excellent overview on CASB systems and best practices for integrating into an organization’s overall security infrastructure. Download the Presentation
Take a Break! Coffee and Networking with Your Peers
Attendees and sponsors from across the country had a chance to reconnect at the annual Symposium and strike up new relationships.
The Expanding Footprint of Responsibilities
Alex Cunningham, CISO of Commonwealth Financial Network, and Julie Porro, CISO of JetBlue Airways, held the audience captive as they discussed their vision for their roles as CISOs. Alex and Julie report to either the Risk Officer or Chief Operating Officer, which they believe provides more support and autonomy as they transition from tactical roles to much more strategic roles.
Practical Insider Threat
David Pogemiller, Vice President of Strategy at Forcepoint, Platinum Sponsor, focused his session on how organizations face increasingly asymmetric and unprecedented risks from the “accidental insider”…those who have valid access to enterprise networks and knowledge. He provided practical insight into building a threat protection program that includes best practices for prioritization, identification and mitigation.
Re-Evaluating Data Protection Strategies
Susan Koski, Senior Vice President of Security Operations at PNC Bank, presented on the changes necessary in infrastructure and applications relative to building a data protection program, effective measurements, and managing through policies and governance.
Privileged Attack Vectors - Building Effective Defense Strategies to Protect Organizations
In this session, Morey Haber, VP of Technology at BeyondTrust, Gold Sponsor provided a comprehensive view of how privileges, passwords, and vulnerabilities are being leveraged as attack vectors and how organizations can properly take measurable steps to defend against them. Download the Presentation
Lunch and Networking in the Courtyard
Attendees and sponsors had the opportunity to enjoy the beautiful Florida weather as they continued discussions and getting to know each other over lunch.
Talking Cars – A Privacy by Design Case Study 10 Years in the Making
Ed Adams, Distinguished Research Fellow at The Ponemon Institute, Co-founder and Chairman of OnBoard Security, Inc. and President and CEO of Security Innovation Inc., Silver Sponsor, gave the third annual installment on “talking cars.” This year’s presentation focused on Privacy by Design, specific software security threats and the V2V certification management system, the largest ever conceived.
Executive Roundtable Discussions with Debriefs
At the closing session on Monday, attendees and sponsors had the opportunity for peer-to-peer discussions across a range of topics, during the roundtable breakouts. Executives facilitating the topic discussions included Avishai Avivi, Vice President, Information Security at E*TRADE Financial Corporation, Ans Claiborn, Vice President, Information Security Management at State Street Corporation, Liz Johnson, Vice President, Chief Risk and Compliance Officer at The Christ Hospital, Wayne Washburn, Director, IT Operations & Security at HSF Affiliates LLC, Richard Rosano, SVP, Critical Infrastructure Protection at EXCEL Services and Howard Miller, Deputy CIO and Chief Information Security Officer at Columbia University Business School.
Evening Cocktail Hour and a Half
The networking continued into the evening with laughs, stories, and catching up!
SYMPOSIUM RECAP – Tuesday, October 24th
Day Two Opening Remarks
Day Two of the National Security Leaders Symposium opened up with Symposium Moderator, Richard Warner, providing insights into some of the latest trends.
Leadership During Challenging Times
David Less, CIO of JL Audio, and Frank Sirianni, VP and CIO of Fordham University, got the day started with their interview session focused on the challenges organizations face today relative to information security, insights into discussions with their CIO peers on the industry and their thoughts on leading their security organizations into the future.
A Holistic Approach to Identity and Data Governance
In this session, Phil McQuitty Identity and Data Access Governance Strategist, Office of the CTO with SailPoint, Gold Sponsor, presented on the "identity at the center,” where access to the most sensitive information in the enterprise is well governed, regardless of where it is stored.
Top of Mind
In this interactive polling session, questions discussed about cyber security policies included whether the government should disclose its own software vulnerabilities, back doors for government use, legal reporting of data breaches, and whether IoT security standards should be mandated by government regulation.
The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defense
Becca Bloom, Cyber Security Account Executive at Darktrace, Silver Sponsor presented on an approach to cyber defense that provides the ability to detect and investigate threats that are already inside the network based on unsupervised machine learning and probabilistic mathematics.
Living with the GDPR: A SaaS Practitioner’s View
In a highly engaging interview session with attendees, Gerald Beuchelt, CISO of LogMeIn Inc., shared his thoughts on how GDPR will impact companies in the US, how companies ensure vendors implement the GDPR, what departments need to come together to create a plan and provided a practical example of a Data Privacy Impact Assessment.
Polling – Cyber Security Leadership
During the 2nd polling session, attendees discussed results on survey questions covering areas of focus for budget expenditures, employee cyber security engagement, audits and their biggest challenges as a leader.
Executive Roundtables with Debriefs
The second day of roundtable discussions formally closed the Symposium with great interactive discussions. Executives facilitating the breakout sessions included Sam Bruce, CISO at Medac, Robert Pellerin, Vice President and CSO at Valetude and Paige Easley, CISO at Palmetto Bank GMB.
On the last night, attendees and sponsors had a great time enjoying each other’s company, laughing, and planning to meet at next year’s National Security Leaders Symposium at The Breakers Hotel in Palm Beach from October 21 -23, 2018!
Forcepoint is transforming cybersecurity by focusing on what matters most: understanding people’s intent as they interact with critical data wherever it resides. Our uncompromising systems enable companies to empower employees with unobstructed access to confidential data while protecting intellectual property and simplifying compliance. Based in Austin, Texas, Forcepoint supports more than 20,000 organizations worldwide.
For more information, visit www.forcepoint.com or contact David Pogemiller, email@example.com
Symantec Corporation (NASDAQ: SYMC) is the global leader in cyber security. Operating one of the world’s largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives. For more information, please visit www.symantec.com.
For additional information contact Deena Thomchick at firstname.lastname@example.org
BeyondTrust® is a global cyber security company that believes preventing data breaches requires the right visibility to enable control over internal and external risks.
We give you the visibility to confidently reduce risks and the control to take proactive, informed action against data breach threats. And because threats can come from anywhere, we built a platform that unifies the most effective technologies for addressing both internal and external risk: Privileged Account Management and Vulnerability Management. Our solutions grow with your needs, making sure you maintain control no matter where your organization goes.
BeyondTrust's security solutions are trusted by over 4,000 customers worldwide, including over half of the Fortune 100. To learn more about BeyondTrust, please visit www.beyondtrust.com. Or contact Russell McGuire, email@example.com
SailPoint, the leader in enterprise identity management, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint's customers are among the world’s largest companies in a wide range of industries, including: 6 of the top 15 banks, 4 of the top 6 healthcare insurance and managed care providers, 8 of the top 15 property and casualty insurance providers, 5 of the top 15 pharmaceutical companies, and six of the largest 15 federal agencies.
To learn more about SailPoint, please visit www.sailpoint.com. Or contact Scott McKenzie firstname.lastname@example.org
Darktrace is the world’s leading machine learning company for cyber security, having developed AI algorithms that mimic the human immune system to defend enterprise networks of all types and sizes. Created by mathematicians from the University of Cambridge, Darktrace’s Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal’ for all devices and users, updating its understanding as the environment changes.
By applying its unique, unsupervised machine learning, Darktrace has identified 30,000 previously unknown threats in over 2,4000 networks, including zero-days, insider threats and subtle, stealthy attacks. The company has experienced 600% year-on-year revenue growth. With 500 employees in 24 offices and dual headquarters in San Francisco and Cambridge UK, Darktrace was named ‘Most Innovative Security Company of the Year 2017,’ ‘Bloomberg Innovator,’ and ‘GSN Homeland Security’ award winner. The company’s valuation is $.5 billion and its investors include KKR, Softbank, Summit, Invoke Capital, and Samsung.
DarkTrace Global Threat Report 2017 Download the Presentation
Security Innovation focuses on the most difficult IT Security problem, and the root cause of most data breaches — insecure software applications. For more than a decade, we’ve helped organizations build internal expertise, uncover critical vulnerabilities, and improve the process by which applications are built. The company’s solutions are based on the three pillars of a secure Software Development Lifecycle (SDLC), which feed into one another to create an ecosystem of repeatable, secure software development: Standards, Education, and Assessment. Our flagship products include TeamProfessor, the industry’s largest library of application security eLearning courses, and TeamMentor, “out of the box” secure development standards.
For more information, please visit www.securityinnovation.com or contact Joe Mundy at email@example.com
Digital Shadows monitors and manages an organization’s digital risk across the widest range of data sources within the visible, deep, and dark web to protect an organization’s business, brand, and reputation. The Digital Shadows SearchLight™ service combines scalable data analytics with human data analysts to manage and mitigate risks of an organization’s brand exposure, VIP exposure, cyber threat, data exposure, infrastructure exposure, physical threat, and third party risk, and create an up-to-the minute view of an organization’s digital risk with tailored threat intelligence. The company is jointly headquartered in London and San Francisco.
For more information, please visit www.digitalshadows.com or contact Randy Fowlkes at firstname.lastname@example.org
Zix Corporation (Zix) is a leader in email security. Trusted by the nation’s most influential institutions in healthcare, finance and government, Zix delivers a superior experience and easy-to-use solutions for email encryption and data loss prevention, advanced threat protection, archiving and bring your own device (BYOD) mobile security. Focusing on the protection of business communication, Zix enables its customers to better secure data and meet compliance needs. Zix is publicly traded on the Nasdaq Global Market under the symbol ZIXI. For more information, visit zixcorp.com.