Day 2: Monday, June 11

8:00 AM - 8:30 AM Breakfast


8:30 AM - 9:15 AM Managing, Interpreting and Implementing Regulatory Complexity

Paul Ferrillo, Counsel , Weil, Gotshal & Manges LLP
The industry is faced with new regulations from New York Department of Financial Services and other bodies including the European Union General Data Protection plan. Nation states, hacktivists and other cyber criminals seek to exploit technological vulnerabilities to access data. While the types of cyber security threats continue to grow, so do the cyber security regulations. In this session, explore the way growing regulations are affecting operations. Technology alone is not enough, but a blend of people, processes and technology. The New York regulations require companies to have a CISO who will implement correct risk assessments and processes- the regulations also require reporting of attempted breaches and ensuring third-parties are also secure. The regulations 180-day transitional period ends in August with some of the requirements and the two-year transitional period will end in March 1, 2019. In this interactive session, discuss the impact, effect and next steps from transitional legislation and other evolving legislation and regulations.

Paul Ferrillo

Weil, Gotshal & Manges LLP

9:20 AM - 9:50 AM Business Meetings

9:50 AM - 10:20 AM Business Meetings


10:20 AM - 11:00 AM Bring in the Machines: Intelligent and Proactive Defense

David Stern, CISO, BGC Partners Rahul Patel, CIO, KBC Bank NV
In this digital age, security and regulatory requirements necessitate breach prevention, user protection and rapid threat analysis. Yet attackers have an advantage over defenders as opportunity and convenience drive technology. Security executives must look at the entire lifecycle of threats and focus security priorities. Working together is essential in sharing threats to prevent attacks.
In this session:
•Intrusion prevention / detection
•Anti-malware / machine based learning protection
•Efficiency in the resolution process

David Stern

BGC Partners

Rahul Patel


11:00 AM - 11:15 AM Networking Break


11:15 AM - 12:00 PM Blockchain Technology to Redefine Banking and Securities Processing?

Block chain, the shared ledger between trusted parties, continues to evolve as a technology. It serves as the transactional engine that helps build trust between unrelated parties, which fuel cryptocurrencies such as Bitcoin. Block chain has the potential to shorten the time for transactions to clear and provides opportunity for the development of new product offerings
•A better data base for automating back office banking processes or a disruption to the current banking ecosystem?
•Evolving uses of block chain technology for government and businesses to create new products
•Exploring security, scalability, efficiency and trust with block chain


11:15 AM - 12:00 PM Navigating Biometrics for Financial Services

While facial recognition, iris scanning and biometric security may sound like the stuff of sci-fi movies, today’s financial services industry must solve security and meet customer needs simultaneously. The rapid pace of innovation continues in financial services, especially in biometrics including real-time authentication for payment and money transfers through the mobile banking applications.
Organizations must adopt a pro-active strategy with a focus on the most vulnerable areas while giving consumers and corporate users the functionality and services they receive from other businesses.
•Weighing drivers and challenges to biometrics adoption
•Streamlining multi-factor authentication
•Ensuring consistency and reliability
Session themes: biometrics, multi-factor authentication, implementing emerging technologies

12:05 PM - 1:05 PM Networking Lunch

Roundtable Discussions

1:05 PM - 2:10 PM Engage in two 30-minute targeted discussions enabling open exchange amongst industry peers.

  • Evolving Information Sharing: Gaining Insights into Intelligence
  • Modern Espionage: Detecting Spies, Hacktivists and Trusted Insiders
  • Secure Sharing of Critical Data- Control, Protection and Visibility

2:15 PM - 2:45 PM Business Meetings

2:45 PM - 3:15 PM Business Meetings

3:15 PM - 3:45 PM Business Meetings


3:45 PM - 4:30 PM Utilizing Deception to Reduce Fraud and Insider Threats

The emerging technology of deception offers early detection of in-network threats. In this session, explore how deception strategies can lessen the risk of fraud, help over tasked security teams and provide a more proactive approach. Deception adjusts to varying network conditions and does not require known attack paths. The discussion will include case studies of actual deployments within financial services.
In this session:
•Utilizing deception for advanced threat detection
•Assessing varying results of deception techniques
•Deploying deception in incident response

Session Themes: Deception, Threat Mitigation, Incident Respons


3:45 PM - 4:30 PM Providing True Data Protection Beyond Compliance

Investigate the use of the cyber security solution stack to get beyond compliance and into protection of key assets and data. Participants will discuss the challenges of implementing a comprehensive security solution which delivers as promised.
In this session:

•Communicating confidently with all stakeholders from the board to business units to ensure true security
•Understanding of the importance of clear visibility into the complete environment, including potential dark endpoints
•Instilling awareness of the need to leverage and protect investments in cyber security solution stacks.
Session Themes: Data security, Comprehensive security solutions

4:30 PM - 4:45 PM Networking Break

4:45 PM - 5:15 PM Business Meetings

5:15 PM - 5:45 PM Business Meetings


5:45 PM - 6:30 PM BICT Cyber Security Strategy Framework

Aman Raheja, U.S. Chief Information Security Officer , BMO Financial Group
Digital business challenges the traditional approaches to security management. Striking a balance between digital innovation and providing assurance requires an approach that is way beyond being reactive or looking at the next cool thing. Using scare tactics to secure funding for security initiatives has become something of a cliché. Let's change the conversation. Aman Raheja - US CISO of BMO Financial Group has developed a vision for security and risk management that brings objectivity to the InfoSec conversation. This session will present the B-I-C-T framework - a multi-pronged approach for framing the security strategy from the perspective of Business value, Industry benchmarking, Compliance, and Threat management. Can security do something that makes the organization more productive, more agile? Yes, take all four components, put them together in the right order, and you'll have a solid strategy and a wonderful business driver.


Aman Raheja

U.S. Chief Information Security Officer
BMO Financial Group

6:30 PM - 7:30 PM Networking Reception & Dinner