Day 2: Monday, June 11
8:00 am - 8:30 am Breakfast
8:40 am - 9:15 am Managing, Interpreting and Implementing Regulatory ComplexityPaul Ferrillo - Counsel, Greenberg, Traurig LLP
The industry is faced with new regulations from New York Department of Financial Services and other bodies including the European Union General Data Protection plan. Nation states, hacktivists and other cyber criminals seek to exploit technological vulnerabilities to access data. While the types of cyber security threats continue to grow, so do the cyber security regulations. In this session, explore the way growing regulations are affecting operations. Technology alone is not enough, but a blend of people, processes and technology. The New York regulations require companies to have a CISO who will implement correct risk assessments and processes- the regulations also require reporting of attempted breaches and ensuring third-parties are also secure. The regulations 180-day transitional period ends in August with some of the requirements and the two-year transitional period will end in March 1, 2019. In this interactive session, discuss the impact, effect and next steps from transitional legislation and other evolving legislation and regulations.
Greenberg, Traurig LLP
Ignite Session: 2 Quick Fire Presentations in 20 Minutes. Talk about getting to the crux of the matter, fast!9:15 am - 9:50 am C. How Real-Time Asset Intelligence Enables Full Posture Control Tom Dolan - VP, Global Financial Services, ForeScout
9:55 am - 10:25 am Business Meetings
10:25 am - 10:55 am Business Meetings
10:55 am - 11:35 am Bring in the Machines: Intelligent and Proactive DefenseRahul Patel - CIO KBC Bank NV
David Stern - CISO, BGC Partners
Susan Koski - SVP Security Operations, PNC
In this digital age, security and regulatory requirements necessitate breach prevention, user protection and rapid threat analysis. Yet attackers have an advantage over defenders as opportunity and convenience drive technology. Security executives must look at the entire lifecycle of threats and focus security priorities. Working together is essential in sharing threats to prevent attacks.
In this session:
•Intrusion prevention / detection
•Anti-malware / machine based learning protection
•Efficiency in the resolution process
KBC Bank NV
Susan KoskiSVP Security Operations
11:35 am - 11:50 am Networking Break
MasterClass11:50 am - 12:35 pm Digital Trust in the Age of Insecurity Matt Konwiser - Technical Sales Manager - Financial Markets North America, IBM
Digital Trust is not about authentication. It’s a promise between a financial institution and its customers. It’s largely upon the CISO and their team to uphold that promise, but is a traditional SOC and GRC team enabled for that mission? Most are not. This is a discussion about fraud, security operations, and audit focused on two central use cases common in the financial sector designed to reinforce the importance of keeping your eye on the promise of Digital Trust, not just everyday security operations.
Matt KonwiserTechnical Sales Manager - Financial Markets North America
MasterClass11:50 am - 12:35 pm Defense in a New Landscape Danielle Wood - Director of Advisory Services, Cybereason
So far, the 2018 security threat landscape has yielded a combination of tried and true techniques like ransomware (Atlanta in March) and relatively new methods like supply chain attacks (Delta Airlines, Best Buy, Sears and Kmart in April). What other attack methods are adversaries likely to turn to this year? Attend this talk for an overview of the 2018 threat landscape as well as a case study of a Nation State attack on a financial institution, and what you can do technologically to defend yourself effectively from these threats.
Danielle WoodDirector of Advisory Services
12:35 pm - 1:35 pm Networking Lunch
Roundtable Discussions: Engage in two 30-minute targeted discussions enabling open exchange amongst industry peers.1:40 pm - 2:45 pm Cyber Exposure: The New Critical Risk Metrics for CISOs Jeff Wallat - Northeast Sales Leader, Tenable Network Security
- Securing in an IoT World- Sponsored By Tenable Network Security
Jeff WallatNortheast Sales Leader
Tenable Network Security
Roundtable Discussions: Engage in two 30-minute targeted discussions enabling open exchange amongst industry peers.1:40 pm - 2:45 pm Achieving Reliable Zero-trust Network Isolation of Critical Financial Systems Tom Gilbert - CTO, BlueRidge Networks
Modern Espionage: Detecting Spies, Hacktivists and Trusted Insiders
Roundtable Discussions: Engage in two 30-minute targeted discussions enabling open exchange amongst industry peers.1:40 pm - 2:45 pm The State of Endpoint Security Doug Ennis - Vice President of Enterprise Sales, Comodo Cybersecurity
Control, Protection and Visibility
Doug EnnisVice President of Enterprise Sales
BrainWeave2:50 pm - 3:35 pm Unifying IAM and Network Security: A New Model to Secure Access to Corporate Resources in Distributed Environments Eldad Livni - Co-Founder & CPO, Luminate
The enterprise environment is becoming hybrid and distributed, with over 80% of enterprises adopting the cloud, mobile access and remote workforce. As a result, the traditional network perimeter solutions such as VPNs and DMZs can no longer provide the security, flexibility and agility required for the modern business and adequately protect the organizations’ assets.
To address these business needs, the security architecture must shift from the network level focus to the identity, device and applications level. Leveraging such architecture an organization can enforce an easy-to-manage access policy that is unified regardless of where the users, devices or applications are located. With this shift, an organization can also apply the Zero Trust security model, just like Google did with their BeyondCorp model.
The discussion will include:
•What are the building blocks of the new architecture? How can you combine identity-as-a-service and device management with network level security? What are the alternatives and the related pros and cons?
•How can the unified architecture support the modern organization’s security, flexibility and agility requirements? How would this help you to achieve a complete Zero Trust security model – including a detailed walkthrough.
•Real world case studies of: operations team access
(DevOps), third party access, M&A IT integration and cloud migration based on user, device and application context.
Eldad LivniCo-Founder & CPO
MasterClass2:50 pm - 3:35 pm Autonomous Cyber Defense: AI and the Immune System Approach Justin Fier - Director for Cyber Intelligence & Analytics, Darktrace
From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. A fundamentally new approach to cyber defense is needed to detect and respond to these threats that are already inside the network – before they turn into a full-blown crisis.
Self-learning systems represent a fundamental step-change in automated cyber defense, are relied upon by organizations around the world, and can cover up to millions of devices. Based on machine learning and probabilistic mathematics, these new approaches to security can establish a highly accurate understanding of normal behavior by learning an organization’s ‘pattern of life,’. They can therefore spot abnormal activity as it emerges and even take precise, measured actions to automatically curb the threat.
Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.
In this session, learn:
•How new machine learning and mathematics are automating advanced cyber defense
•Why full network visibility allows you to detect and autonomously respond to threats
•How smart prioritization and visualization of threats allows for better resource allocation and lower risk
•Real-world examples of unknown threats detected by ‘immune system’ technology
Justin FierDirector for Cyber Intelligence & Analytics