Agenda

 

  • Building a World-Class AppSec Program

    Jeremy Brooks, Information Security Architect, Aaron’s, Inc.
    Eric Simmons, Information Security Manager & Application Security Lead, Aaron’s, Inc.

    Eric Simmons, Information Security Manager and Application Security Lead at Aaron’s, and Jeremy Brooks, Information Security Architect at Aaron’s, led a CSO50 award-winning project to rethink application security for efficiency and speed. Partnering with QA, development, and DevOps, they built a platform enabling integration of application security across Aaron’s technologies. Join us to learn how they now deliver faster feedback to development teams with self-service processes and automation.

    Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

  • Creating a Global Cybersecurity Assurance Program with Ongoing Value

    Angela Burnette, Global Cybersecurity Assurance Manager, Global Security Program Development, Aflac
    Stacia Dickerson, Director, Global Security Program Development, Aflac

    Stacia Dickerson, Director, Global Security Program Development at Aflac, and Angela Burnette, Global Cybersecurity Assurance Manager at Aflac, helped the Aflac lead a CSO50 award-winning quest to discover unknown gaps in Aflac’s security program and to mature the control environment. To solve for this, Aflac built a Cybersecurity Assurance Program (CAP) at the global level. Join us to learn how the program — developed against the NIST Cybersecurity Framework — adds ongoing value to Aflac.

    Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

  • Today’s Attack Surface is Exploding. Are You Ready?

    Tony Cole, CTO, Attivo Networks

    Today’s attack surface is rapidly changing, security teams are facing an increasing visibility challenge, and new guidance from the Treasury and Department of Justice involves possible sanctions violations through ransomware payments.  Join us for this session as Tony Cole, CTO at Attivo Networks, and Bob Bragdon, SVP and Managing Director of CSO, discuss how Attivo Networks is helping security professionals tackle these threats.

    Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

  • Identity and Access Management at the Forefront of Digital Transformation

    Dave Wilner, Chief Revenue Officer, Auth0

    Many companies are investing in digital transformation in 2020 and beyond — particularly in the face of a pandemic that’s forced us to adapt the way we work and interact. As companies accelerate their digital transformation timelines, many find that identity access management is essential to the speed of their success. Join us for this session to learn how four companies — Babylon, Siemens, and Kiva — approach transformation, and how they’re managing identity in their journeys.

  • Using Security Innovation to Protect the Dynamic Workforce

    Nicole Eagan, Founder, Chief AI & Strategy Officer
    Nabil  Zoldjalali, Director of Cloud Security

    The future of work remains unpredictable, and organizations are rethinking their security approach to achieve much-needed adaptability and resilience. Whether it’s clouds and SaaS, to email, to IoT and beyond, join us for this session to learn how the Darktrace Immune System protects the dynamic workforce with AI augmentation, autonomous response, and unified visibility.

  • Measuring Risk in 2020: Findings from the Enterprise of Things Security Report

    Shawn Taylor, Customer Evangelist, Senior Systems Engineer, Forescout Technologies

    Shawn Taylor, Customer Evangelist and senior systems engineer at Forescout Technologies, is an expert on the Forescout Device Cloud — the world’s largest repository of connected device data. Join us for this session to hear how Forescout Research Labs analyzed the risk posture of more than 8 million devices to reveal the greatest points of risk across today’s enterprise. You’ll hear about the ten riskiest device types, riskiest device functions across verticals, and how to mitigate and remediate these risks.

  • Data: The Risk We All Share

    Stephen Cavey, Co-Founder, Ground Labs

    In the world of growing compliance regulation, constant risk, and remote workforces, a solid data management strategy is critical to success. When an organization fails to understand and secure data, it fundamentally puts your organization at risk of not only fines, but lost customer, employee and shareholder trust. Join us for this session as Stephen Cavey explores the benefits and pitfalls of enterprise data.

  • Enabling Self-Healing Endpoints in a Work From Home World

    Dan Wolff, Director, Product Management & Marketing, HCL Big Fix

    As more people work from home and anxiety mounts, expect organizations can expect cyberattacks of all kinds to take advantage. If an organization were asked to continuously patch all of its endpoints across the enterprise, how many tools would be needed and how would you mange endpoints off of the corporate network? Join us for this session to learn how with These issues can be handled smoothly with the right tools, the right processes, and an automated, self-healing endpoint environment.

  • North Dakota’s K-20W Initiative: Every Student, Every School, Cyber Educated

    Shawn Riley, CIO, ND Information Technology

    Shawn Riley is CISO for the ND Information Technology Department serving the State of North Dakota’s government agencies. Its CSO50 award-winning K-20W initiative (kindergarten through PhD and workforce) called “Every Student, Every School, Cyber Educated” is setting students up for success with a focus on computer science and cybersecurity education and training. Join us to learn how this model for other states reflects a whole-of-government approach to helping students and businesses succeed.

    Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

  • Improving Team Satisfaction and Skills with Creative Penetration Testing

    Michael Kenney, Lead Information Security Engineer, Penn Medicine

    Michael Kenney is Lead Information Security Engineer at Penn Medicine where they’ve created their CSO50 award-winning ‘Penn Test Security Challenge’ that leverages gamification penetration testing exercises to add value. By building skills in a creative way, the program develops staff to effectively assess internal technologies so they can mitigate vulnerabilities before they occur. Join us for this session to learn how hacker and exploitation gaming improves staff satisfaction and skills.

    Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

  • Leveraging Blockchain to Mitigate Breaches in Real Time

    Lou Senko, CIO, Q2 Software, Inc.

    Lou Senko is CIO of Q2 Software where his team created a CSO50 award-winning data governance and protection technology – the first of its kind — for banking and lending. Powered by blockchain-based data-security, TrustView works to mitigate breaches in real time and safeguards account holders’ most critical data: financial information. Join us for this session to learn how — with TrustView technology — data simply won’t exist when it’s found, rendering it useless to unauthorized entities.

    Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

  • Scaling Global Security Capabilities Across Borders

    Tima Soni, Chief, Cybersecurity Section, United Nations International Computing Centre

    Tima Soni is CISO at the United Nations International Computing Centre where her team built a CSO50 award-winning common security services hub for the United Nations family of agencies. Originating a few years ago as a continuous security improvement suite of tools for a handful of agencies, its success led the center to scale it to a comprehensive global solution serving 30 agencies and growing. Join us to hear about their comprehensive set of capabilities and cyber security solutions.

    Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

1:00 - 1:05 PM

Welcome & Opening Remarks

Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:05 - 1:40 PM

The CISO’s Evolving Role: Career Tips and Guidance for Today’s Security Leaders

Tim Youngblood, Corporate VP, Global CISO, McDonald’s

Tim Youngblood is Corporate VP, Global CISO at McDonald’s, one of the world’s largest food service companies. Having worked at other large organizations, Tim’s developed a unique understanding of the various stages in evolving your career to the CISO level. Join us for this in-depth interview to understand Tim’s views on the evolving CISO role, his career and skills advice for aspiring security leaders, why expertise in operational excellence and partnering is essential, and the future of information security.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

1:40 - 2:00 PM

The Expanding Identity Universe and How to Address It

Ryan Cluff, Director, Integral Partners
Lori Robinson, Sr. Director, Product and Market Strategy, SailPoint

Rapid digital transformation, distributed cloud environments, and a remote workforce are just a few of the dynamics that have placed identity at the center of IT security. Join this conversation with Lori Robinson at SailPoint, and Ryan Cluff at Integral Partners, as they discuss the importance of balancing privilege and governance, the role of AI and automation in managing access, and what leading companies do to prepare for a successful identity journey in today’s evolving business landscape.

2:00 - 2:10 PM

Networking Break

2:10 - 2:35 PM

Demystifying the CISO Role and Leading Security for Business Success

Greg Wood, SVP, Information Security & Risk Management, The Walt Disney Company

Greg Wood is SVP, Information Security and Risk Management at The Walt Disney Company, one of the world’s largest media and entertainment companies. With an early life passion for technology, Greg discovered the critical role of security in a changing landscape. Join us for this session as he shares how risk management creates a framework to protect, detect and respond to threats, how every business decision has an element of security, and why big business goals are achievable when security is involved.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

2:35 - 2:55 PM

Here and Now: A Conversation with BlackBerry President Tom Eacobacci

Tom Eacobacci, President, BlackBerry

Join CSO’s Bob Bragdon for a conversation with BlackBerry’s new President, Tom Eacobacci, when they discuss security and productivity, business agility and optimization, how BlackBerry delivers value to customers through platform differentiation, including AI and machine learning innovation, and how the company is uniquely positioned to compete in today’s world.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

2:55 - 3:20 PM

CISOs and Personal Liability in Today’s Business Climate

Aravind Swaminathan, Global Co-Chair, Cyber, Privacy & Data Innovation, Orrick, Herrington & Sutcliffe LLP

Aravind Swaminathan is a former cybercrime prosecutor and is currently Global Co-Chair, Cyber, Privacy & Data Innovation at Orrick, Herrington & Sutcliffe LLP where he’s directed more than 200 cybersecurity and data breach investigations. Join us for this session as he discusses the current breach landscape, why CISOs can be in the crosshairs for personal liability, the implications if they conceal information or mislead investigators, and what CISOs should ask when considering a new CISO role.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

3:20 - 3:50 PM

Continue the Conversation: CISOs and Personal Liability & Managing Ransomware Response

Join Bob Bragdon, CSO’s SVP/Managing Director Worldwide, for a live text chat in the Networking Lounge on CISOs, personal liability and managing a response to ransomware. Connect with fellow attendees and award winners as you share your thoughts, recommendations and experiences on this important topic.

1:00 - 1:05 PM

Welcome & Opening Remarks

Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:05 - 1:30 PM

How CISOs Need to Work with the Board: Tips and Strategies from an Expert

Mark Weatherford, Chief Strategy Officer and Board Member, National Cybersecurity Center

Mark Weatherford is Chief Strategy Officer and Board Member of the National Cybersecurity Center. As a CISO for various organizations throughout his career, he has a keen understanding of how the CISO role has emerged, and how CISOs must engage with their organization’s board of directors. Join us for advice on the most important ways to work with the board, why developing a personal dialogue with members is crucial, and tips on acclimating them to a better understanding of risk and security.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

1:30 - 1:50 PM

Cloud Security and the Future of Threat Management: Lessons from 100 CISOs

Christopher Bontempo, VP, Cloud & Cognitive Marketing, IBM Americas.
Jason Keirstead, Distinguished Engineer & CTO, Threat Management, IBM Security

IBM Security’s Chris Bontempo and Jason Keirstead say 2020 was the year where nothing happened as expected. As the global pandemic accelerated digital transformation strategies, and attacks increased in scale and complexity, cloud security and threat management rose to the top of CISO priority lists. How are clients addressing cloud security, and how will threat management evolve? Join Chris and Jason as they share findings from roundtables with more than 100 CISOs across the US and Canada.

1:50 - 2:00 PM

Networking Break

2:00 - 2:25 PM

Global Security Trends: A Worldwide Roundtable with CSO’s Editors

Amy Bennett, Executive Editor, CIO.com & CSOonline.com, IDG Communications, Inc.
Bob Bragdon, SVP & Publisher, CSO
Byron Connolly, Editor-in-Chief, CIO Australia, IDG Communications Pty Ltd.
Jens Dose, Editor, CIO Magazin, Germany, IDG Business Media GmbH
Dan Swinhoe, UK Editor, CSO Online

Join CSO worldwide managing director Bob Bragdon as he discusses today’s issues with CSO editors from Australia, Germany, the United Kingdom and the United States. How is security evolving in various parts of the world with continued remote work? What’s the impact of data breaches and GDPR, along with potential legal exposure to CISOs? Where is ransomware a challenge? And how are relationships between CISOs and their boards adjusting? Join us for perspectives from various regions of the world.

2:25 - 2:50 PM

An Innovative Approach to Drive Engagement in Essential Security Training

Jeff Thomas, CSO, Prudential Financial

Jeff Thomas is CSO of Prudential Financial where his team created a CSO50 award-winning workplace threat management training course designed to capture employee attention and maintain interest. The solution combines a story with a graphic novel look-and-feel and an interactive game — all designed to educate and motivate learners to recognize and report behaviors of concern observed in the workplace . Join us for this session to learn how this interactive storytelling approach drives engagement.

Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

2:50 - 3:10 PM

Cybersecurity as Business Enabler for the Cloud-First Enterprise

Jay Chaudhry, CEO, Chairman and Founder, Zscaler
Bob Varnadoe, CISO, NCR

Today’s organizations must secure cloud-first strategies to minimize business risk, maximize user experience in the work-from-anywhere future, and simplify and modernize infrastructure to increase efficiency, retire technical debt and reduce costs.  Join us for this session as Bob Varnadoe, CISO of CSO50 Honoree NCR and Jay Chaudhry, CEO of Zscaler, discuss how IT is becoming the driver of enterprise agility and scalability, and share their perspectives leading enterprise digital transformation.

Moderated by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

3:10- 3:20 PM

Career Success Stories: Recognizing the CSO Hall of Fame Honorees for 2020

2020 marks the year CSO is inducting its inaugural class of CSO Hall of Fame honorees by recognizing how they’ve given back to the CSO community and continue to help the next generation of security leaders. Join us for this session as we celebrate their contributions to the CSO community, and they share their leadership and risk management philosophies.

2020 CSO Hall of Fame Inductees

3:25 - 3:55 PM

Continue the Conversation: Security and the Boardroom

Join us to meet your peers, award winners and other CSO50 conference attendees to share insights on security and the boardroom. Amy Bennett, Executive Editor, CSOonline.com and cio.com, will host this live, interactive text chat in the Networking Lounge.

1:00 - 1:05 PM

Welcome & Opening Remarks

Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:05 - 1:30 PM

Building a Command Center to Protect Personally Identifiable Information

Kevin Charest, Divisional SVP, CISO, & Head of IT Infrastructure, Health Care Service Corporation

Kevin Charest is CISO of Health Care Service Corporation where his team created a CSO50 award-winning Cyber Fusion Center for cyber defense representing collaboration across five Blue Cross and Blue Shield plans in Illinois, Montana, New Mexico, Oklahoma and Texas. The center leads intelligence-driven security operations to provide real-time incident monitoring, detection, response and handling. Join us to hear how it protects a complex matrix of data on 16 million members and 23,000 employees.

Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

1:30 - 1:55 PM

Returning to the Office Safely and Securely: What Does It Look Like?

Juliana Beauvais, Research Manager, Enterprise Applications, IDC
Todd Lukens, SVP, CISO, Nationwide
Dave Snyder, Chief Information Security Leader and Director, Information Security & Risk Management, Independence Blue Cross

Nationwide CISO Todd Lukens, Independence Blue Cross Chief Security Leader David Snyder, and IDC Research Manager Juliana Beauvais are experts on return to office strategies. Join us as they discuss: modulating returns with employee waves; flexing for home family needs; adjusting to new floor layouts along with sanitation, contactless surfaces and clean air systems for employee safety; enabling contact tracing by mapping personnel movements in the office; and using data to make good decisions.

Moderated by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

1:55 - 2:05 PM

Networking Break

2:05 - 2:30 PM

Building a Global Security Program for Privacy and Regulatory Complexities

Roland Cloutier, CISO, Tik Tok

Tik Tok CISO Roland Cloutier is an expert on how data privacy, data access management and a complex regulatory environment play key roles in creating appropriate security. Join us for this session as he reveals why security leaders need to have a clear understanding of their business to develop specific controls and operating parameters for different jurisdictions. He’ll discuss working relationships with the general counsel and privacy peers, and why a problem solving culture is key to success.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO

2:30 - 2:40 PM

Security and Risk Success: Join Us to Recognize the CSO50 Honorees for 2020

CSO’s annual CSO50 awards recognize teams that built exceptional security projects that deliver ongoing business value. Of the hundreds of nominations CSO received for this honor, only 50 were selected by our esteemed panel of judges, so please join us for this special ceremony to recognize their contributions and celebrate their success.

2020 CSO50 Honorees

2:45- 3:15 PM

How to Win a CSO Award

You’ve seen and met them: the 2020 CSO50. How might you find your team on the list next year? Join program chair Derek Hulitzky in the Networking Lounge for a look at the types of projects and writeups that make a winning entry.

Register Now