Day 1: Sunday, June 10

11:00 AM - 11:40 AM Registration

11:40 AM - 12:10 PM Networking Lunch

1:10 PM - 1:20 PM Welcome Orientation

1:20 PM - 1:30 PM Chairperson's Opening Remarks

Opening Keynote

1:30 PM - 2:00 PM Bridging the Diversity Gap in Cyber Security: Addressing Culture and Skill Shortfalls

Devon Bryan, Executive Vice President and Chief Information Security Officer, Federal Reserve System
A security culture needs to be embraced prior to security work. Within the security industry there is a problem of empathy where the victims of the cyber security breaches are punished. The whole world, which utilizes security systems, needs to be engaged to be effective. The true diversity of people who use the systems must be protected and represented. This means the security teams needs to include the variety of cultures and thinking protected. Clearly cyber criminals do not discriminate based on gender and strategies must be implemented to create and inform a growing, strategic workforce and pipeline. In this session, explore efforts for achieving a truly diverse industry and ways to recruit and retain diverse talent including women and minorities.
•Planning long term with staff development and culture awareness
•Widening talent searches outside of IT
•Creating and empowering cross-functional teams

Devon Bryan

Executive Vice President and Chief Information Security Officer
Federal Reserve System


2:00 PM - 2:30 PM Identity and Access Management as a Team Sport

People, processes and technologies are all critical to effective privileged access management. The evolving IAM landscape improves business outcomes, strengthens the user experience and increases operational efficiency. Beyond a tick box for compliance, identity and security analytics can improve decision-making information for business managers, driving access revocation rates higher. Attend this session to learn how analytics can make your governance investment worthwhile with examples including:
  • Focusing on orphaned accounts
  • Detecting behavioral anomalies
  • Responding with multi-factor authentication

2:35 PM - 3:05 PM Business Meetings

3:05 PM - 3:35 PM Business Meetings

3:35 PM - 4:05 PM Business Meetings


4:05 PM - 4:50 PM Next Steps in Security Awareness, Attitudes and Behavior

Cyber criminals continue to successfully and consistently exploit human nature to accomplish their goals. Employees are often the last line of defense between a sophisticated cyber-scam and internal systems, data, and customers. This session will provide practical advice to help organizations leverage effective security awareness and behavior management practices to strengthen their human firewall.
  • Practical security awareness and behavior management tips
  • Outlining how and where tools are helpful
  • Emerging industry trends
  • How to create a “human firewall”
  • Security Ambassador Program- lessons learned and best practices, gamification, security mascots
Session Themes: Security Awareness Training, Situational Awareness, Behavior Analytics


4:05 PM - 4:50 PM Navigating Risk With Big Data and Predictive Analytics

Enterprise risk assessment and modelling using predictive analytics is a major tool for insurance, financial services and government. The availability of big data and the tools used to process data from multiple sources has led to a more comprehensive understanding of customers’ risk for actions ranging from defaulting on debt to suffering a major security incident. Financial institutions must understand data sources and where technology intersects. Using these tools and techniques to their fullest capacity will save enterprises money and time in the long run by avoiding less-desirable outcomes.
In this session:
  • Introducing the newest innovations for more precise assessment
  • Utilizing broad-base risk modelling to identify and define a customer profile
  • Exercising prudence in selecting data sets to avoid discriminatory analysis
Session Themes: Data Classification ,Identification, Digital Forensics, Business Intelligence

4:50 PM - 5:05 PM Networking Break

Ignite Session

5:05 PM - 5:40 PM 3 Quick Fire Presentations in 30 Minutes. Talk about getting to the crux of the matter, fast!

•Case Study: Converging User Experience and IAM
•Quantum Computing- What Would it Mean for Online Banking?
•Innovating Ways to Modernize Device Identification to Reduce Fraud


5:45 PM - 6:30 PM Effective Third Party Vendor Risk Management

Jon West, CISO, Kemper
Robust vendor vetting and management are key when working with third parties. As the cyber security executive, this adds the responsibility of proactively identifying risks, as well as verifying and overseeing that business partners and suppliers meet regulatory and compliance requirements throughout the life of the relationship. This session will explore the extended risk and attack vectors associated with vendor staff, products and services that originate outside of an enterprise’s defensive perimeter and offer best practices for assessing vendor compliance, including:
•Appropriate access levels for third parties user and system accounts
•Secure development of application integrations; including firewall configuration
•Sectioning internal networks to limit third party needs

Jon West


6:30 PM - 7:30 PM Networking Cocktail Discussion