Day 2- Monday, June 26th


Jason Harrell

Head of TRM Risk Analysis and Reporting
Depository Trust and Clearing Corporation (DTCC)

Breakfast Briefing

8:15 AM - 9:15 AM Use of Artificial Intelligence in Incident Response

Paul Ferrillo, Counsel , Weil, Gotshal & Manges LLP
While the idea of artificial intelligence may create images of robots leading the security team. AI now can help with identifying cyber security threats more rapidly. Securing in an Internet of Things environment
means a much wider attack surface with extra security

In this session examine:
•Eliminating time consuming and repetitive tasks
•Implications on existing infrastructure
•Effects on the IT workforce


Paul Ferrillo

Weil, Gotshal & Manges LLP

9:15 AM - 9:35 AM Book Signing

Plenary Session

9:35 AM - 10:05 AM How to build and secure a regulatory compliant hybrid cloud

Gary Meshell, Security Global Sales and Business Development Leader , Financial Services Industry

In order to adopt hybrid cloud senior executives in the Financial Services industry must ensure that they are building secure services that are meeting an increasingly complex regulatory and compliance landscape as well as providing security services that will ensure secure transactions in a multi vendor cloud environment.

  • What are the 10 essential elements for hybrid cloud adoption

  • What are the regulatory and compliance questions that must be answered before adopting hybrid cloud

  • Why is it critical that financial services companies establish security frameworks and controls as part of a hybrid cloud strategy

  • What role does analytics and cognitive technology play in implementing hybrid cloud security

  • Why is it important to implement cloud agnostic security services


Gary Meshell

Security Global Sales and Business Development Leader
Financial Services Industry

Master Class

10:10 AM - 10:55 AM Securing The Privileged Pathway – The Most Travelled Cyber Attack Route

Adam Bosnian, Executive Vice President,, CyberArk
Traditionally, much of the focus of a corporation’s InfoSec efforts have been placed on ensuring that the perimeter is secure. Recent attacks have shown an alarming shift from perimeter-based attacks to ones that originate inside the corporate network using privileged accounts. Once hackers establish a privileged foothold, they gain unfettered access to elevate privileges and move about the network freely without detection. Understanding this widely used method of attack is essential to developing ways to mitigate the risk.

In this session, we’ll:
• Review a case study demonstrating abuse of privileged credentials
•Discuss how privilege is used in these attacks
• Discuss effective prevention strategies


Adam Bosnian

Executive Vice President,

Master Class

10:10 AM - 10:55 AM Security and Compliance Built to Succeed In the Clouds and On Premises

Dhiren Pardanani, AVP, R&D for Security Operations, BMC Software
Traditional approaches to security and compliance fail in multi-cloud environments, and are often ignored in the race to continuously deliver new applications. Organizations need better visibility and consistency to avoid undue risk and cost. In this session you’ll learn about critical capabilities needed in order to evolve your practices, operationalize security, and successfully reduce the attack surface.]

In this session you will learn:
•Adapting conventional network security and incident response techniques to the cloud
•Strengthening and streamlining internal communications among security, operations, and the business owners.
•Navigating the explosion cloud and container technologies


Dhiren Pardanani

AVP, R&D for Security Operations
BMC Software

10:55 AM - 11:25 AM Business Meeting/Networking Break

Sponsored by: Demisto

11:25 AM - 11:55 AM Business Meeting

11:55 AM - 12:25 PM Business Meeting

12:25 PM - 1:25 PM Networking Lunch

Sponsored by: SentinelOne

1:30 PM - 2:10 PM Customer Identity Access Management

Kirk Havens, Director ISPO, Discover Financial Services
With the explosion of technology and growth of businesses, security is often an after thought when identifying and tending to the methods your customers have to communicate with your business. Every day we look for ways to understand our information security risk by understanding vulnerabilities that exist in our environments and moving to patch them quickly. What happens when the very things you rely on to generate revenue, get weaponized into a mechanism that has the exact opposite affect? Join this discussion on customer identity and access management.


Kirk Havens

Director ISPO
Discover Financial Services

BrainWeave C

2:15 PM - 3:00 PM The Rise of Cybercrime as a Service: Which Threats Should We Address First?

Kevin Flynn, Director of Worldwide Product Marketing, Skybox Security
This session will cover what's been driving the shift to distributed cyber crime, how to align your vulnerability management with real-world threat behavior, and what intelligence and tools are needed. Monetarily motivated attacks are by far the most prevalent cyber threats to organizations worldwide, yet vulnerability management techniques have largely failed to adapt to a threat landscape dominated by distributed crimeware. By understanding the commercialization of attack tools and services - particularly the vulnerabilities they use, re-use and share - vulnerability management can focus on the small subset of vulnerabilities that are exploited in the wild and packaged in distributed crimeware. This threat-centric approach improves vulnerability prioritization and focuses remediation on the relatively small number of exploitable vulnerabilities, greatly reducing risk through efficient, intelligent processes.
In this session:
• What's been driving the shift to distributed cybercrime
• How to align vulnerability management with real-world threat behavior
• The intelligence and tools needed.


Kevin Flynn

Director of Worldwide Product Marketing
Skybox Security

Master Class C

2:15 PM - 3:00 PM NextGen Endpoint Defense and What You Need to Know!

Chris Bates, Principal Architect, SentinelOne
Explore a fundamentally different approach to Endpoint Protection: Real-time protection against advanced threats driven by machine learning and intelligent automation.

This session covers why the end point is at the center of almost every breach and according to the trends that fact will not change. In the end executives should be armed with the information to move forward (or not) with a "Next Gen" endpoint solution.

In this session:
•Explore the current state of endpoint defense software why those approaches are sinking faster then the titanic.
•Review quick debunking of the magic that is machine learning
•Explore the different approaches and categories of "Next Gen" endpoint defense

Chris Bates

Principal Architect

3:00 PM - 3:15 PM Networking Break

Sponsored by: Demisto

3:15 PM - 3:45 PM Business Meetings

3:45 PM - 4:15 PM Business Meetings

4:15 PM - 4:45 PM Business Meetings

Evening Keynote Session

4:45 PM - 5:15 PM Role of FBI in Cyber Security

Richard Jacobs, Assistant Special Agent in Charge, FBI
The FBI’s role in cyber security differs from other government agencies, which will be discussed in the keynote. This session will look at the public-private partnership in fighting cyber crime with the FBI and financial services companies. The presentation will cover incident response protocols and the current threat landscape.


Richard Jacobs

Assistant Special Agent in Charge
The industry is faced with new regulations from New York Department of Financial Services and other bodies. The pending New York rules affect banks, insurance companies and financial services companies regulated in the state. The proposed regulations would require breach notification and are aimed at curbing illegal transactions by known terrorist and criminal organizations. The regulations call for establishing a cyber security program, which covers 16 areas including data privacy, vendor risk management and incident response. In this interactive session discuss the impact, effect and next steps from proposed legislation and other evolving legislation and regulations including the General Data Protection Regulations.


Andrew Speirs

National Life

Bruce Daise

Chief Privacy Officer
H&R Block

Jason Harrell

Head of TRM Risk Analysis and Reporting
Depository Trust and Clearing Corporation (DTCC)

Parveen Malik

AVP, Information Security and Compliance Implementation
Global, State Street Corp.

6:00 PM - 6:00 PM Networking Reception/Business Meeting