Agenda

CSO's CYBERSECURITY SUMMIT

Event Dates: March 16-18

What’s happening, and when

Our agenda includes keynotes, talks, and conversations that will inform, answer, enlighten, inspire, solve, and prepare you for the challenges ahead. Session topics are carefully selected to be of maximum value.

All times listed on the agenda are Eastern Standard Time.

1:00 - 1:05 PM

Welcome & Opening Remarks

Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:05 - 1:30 PM

Lessons from the SolarWinds Attack on Securing the Software Supply Chain

Jim Routh, former CISO, MassMutual

The SolarWinds breach represents a tectonic shift in threat actor tactics, suggesting this kind of attack vector will be replicated. Not only were the attacker’s sophistication and technical proficiency high — allowing them to stay in stealth mode — they also understood the supply chain. Join us to learn how improved identity management and governance surrounding software components, along with workload runtime protection, are critical strategies in guarding against attacks like SolarWinds.

Interviewed by: Clint Boulton, Senior Writer, CIO.com, IDG Communications, Inc. 

1:30 - 1:55 PM

Open Security: Moving from a Patchwork of Solutions to a Critical Platform

Jason Keirstead, Distinguished Engineer and CTO of Threat Management, IBM Security

Security leaders today are stressed with too much to do, too many security tools, too much complexity, too many alerts, and not enough skills. The challenge is that the tools providing the cybersecurity technology we rely on, don’t talk to each other. The reasons why vary – vendors are not incented enough to do so; there are competitive concerns; the APIs or standards sometimes don’t exist, or if they do, don’t work well. There is, however, one direction that the cybersecurity industry is starting to move in together to solve these challenges, and that direction is “open”.

1:55 - 2:15 PM

Networking Break

2:15 - 2:40 PM

The Politics and Policy of SolarWinds

Richard Harknett, Chair, Center for Cyber Strategy and Policy, University of Cincinnati

Richard Harknett, PhD., Co-Director of the Ohio Cyber Range Institute, has examined the SolarWinds hack that’s not only dominated the news for months, but is defined by the level of sophistication, persistence, and patience exhibited by the attackers. Join us for this session when Professor Harknett looks at the big picture and discusses why we should be shifting our approach from a doctrine of persistent engagement, to a whole-of-nation frame that includes public and private sectors along with our international allies.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide CSO, IDG Communications, Inc. 

2:40 - 3:05 PM

Security Startups: How to Engage Them for Specific Needs

Marina Levinson, Partner, Benhamou Global Ventures

Security solutions from startup companies can be unique opportunities for an organization to fill critical gaps for a specific security need. That said, the way to consider a startup’s solution — along with the relationship your organization has with them — is different than with an established vendor company. Join us as a former CIO turned technology investor provides experienced guidance on how best to work with security startup companies.

Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

3:05 - 3:12 PM

How to Deploy Devices Faster and with Optimized Apps

Jason Wong, Product Manager, Chrome OS, Google

Jason Wong, Product Manager for Chrome OS, is an expert on how today’s organizations need to deploy devices to employees more quickly and efficiently. Join us for this session to see how you can drop ship devices with zero-touch enrollment, and identify optimized apps for Chrome OS with its new partner program, Chrome Enterprise Recommended.

3:15 - 3:40 PM

A Global Cybersecurity Perspective from CSO’s Editors

Lucian Constantin, Senior Writer, CSOOnline.com, IDG Communications, Inc.
Jens Dose, Editor, CIO Magazin, Germany, IDG Business Media GmbH
Marc Ferranti, Editor, CIO Middle East, IDG
Yogesh Gupta, Executive Editor, IDG India

Join Bob Bragdon and selected CSO editors from around the world to understand regional influences in cybersecurity trends.

Moderated by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

3:40 - 4:00 PM

CSO Industry Partner Session

Moudy Elbayadi, CTO, Shutterfly
Neil Daswani, Co-Director, Stanford Advanced Security Certification Program; President, Daswani Enterprises
Robert Wagner, Security Executive Advisor, Splunk

4:05 PM

CSO On Demand Sessions Available

Building a World-Class AppSec Program
Jeremy Brooks, Information Security Architect, Aaron’s, Inc.
Eric Simmons, Information Security Manager & Application Security Lead, Aaron’s, Inc.

Establishing Security Ambassadors to Fortify a Secure Organizational Culture
Omar Prunera, Senior Director ESI Business Security Office and Global Programs, ADP

Success Factors for Securing a Multi- or Hybrid-cloud Environment
Carson Sweet, Co-Founder and Chief Executive Officer, CloudPassage

Expanding Fraud Prevention and Detection and Cybersecurity at Scale
Stephen Pedersen, Director, Information Security, Coast Capital Savings

Establishing a Risk Culture in the Enterprise
Tommy Todd, VP, Security, Code42

GE’s Journey to Zero Trust
Justin Acquaro, Global CISO, GE

Challenge the Rules of Security by Proactively Transforming the Threat Surface
Robert DeVito, Global Chrome Customer and Partner Sales Engineering, Google Chrome

The CISO’s Evolving Role: Career Tips and Guidance for Today’s Security Leaders
Tim Youngblood, Corporate VP, Global CISO, McDonald’s

CISOs and Personal Liability in Today’s Business Climate
Aravind Swaminathan, Global Co-Chair, Cyber, Privacy & Data Innovation, Orrick, Herrington & Sutcliffe LLP

Aligning Security, Compliance and Privacy Across Inventory Tracking
Kandice Samuelson, Senior Director, IT Governance, PPD
Brad Wells, Executive Director, Information Security, PPD

Keeping a Remote Workforce Secure: Lessons Learned, Tips for the Future
Lucian Constantin, Senior Writer, CSO Online, IDG Communications, Inc.
Matthew Finnegan, Senior Reporter, Computerworld, IDG Communications, Inc.
Ken Mingis, Executive Editor, Computerworld, IDG Communications Inc.

The Next Generation of Cyber Security: Autonomous Cyber AI
Justin Fier, Director of Threat Intelligence and Analytics, Darktrace

An IT Operations, Security, and Risk Management Platform That Responds to Plain English Queries
Hosted by Tanium

Overcoming Data Overload: Data Discovery and Risk Formulas that Standardize Risk at Scale
Nick Pavlichek, GRC Product Manager, OneTrust

Navigating Enterprise Security in a Post-Compromise Reality
Dan Greer, Director of Sales Engineering, ExtraHop

1:00 - 1:05 PM

Welcome & Opening Remarks

Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:05 - 1:30 PM

Strategies for Elevating Security to an Evergreen Business Priority

James Shira, Chief Information and Technology Officer, PwC

PwC Chief Information and Technology Officer James Shira is an expert on managing security’s big picture. With the growing focus on risk management from boards and senior leadership, James shares advice on keeping security and risk management a top priority for senior business leadership. We’ll discuss where security should be focusing efforts, risks businesses should be prioritizing, how to address the security talent shortage, and ways security leaders can prepare themselves for the future.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide CSO, IDG Communications, Inc. 

1:30 - 1:55 PM

Moving the Industry and the Enterprise to an Open Security Model

Jason Keirstead, Distinguished Engineer and CTO of Threat Management, IBM Security

Security leaders struggle with too much to do, too many security tools and too much complexity, as well as alert overload and skills shortages. We all have access to the same technologies, but our tools don’t talk to each other, making actionable intelligence a challenge. One direction the industry is taking to address this is a move towards “open.” In our executive interview, Jason Keirstead will discuss the industry’s move towards “open,” what’s behind the move, and how it will impact all of us.

1:55 - 2:15 PM

Networking Break

2:15 - 2:40 PM

Creating a Cross-Cloud Security Architecture: IDG’s CIO Think Tank

Manish Desai, Cyber Security Senior Information Risk Manager, BNY Mellon
Eric Knorr, Editor in Chief, IDG Enterprise
Bradd Lewis, VP & Global Lead, Financial Services Vertical, Dell Technologies

IDG convened 30 senior IT executives as part of our CIO Think Tank Program to explore key opportunities and challenges with multicloud – including security issues IT leaders face in building a true multicloud architecture. Join us as we shed light on problems voiced by these IT executives, explore how savvy IT shops are crafting a cross-cloud security architecture, and discuss how their strategic vendor partners can help ease the burden of multicloud security for their customers.

Moderated by: John Gallant, Enterprise Consulting Director, IDG Communications, Inc.

2:40 - 3:05 PM

Passwordless Environments Are Here: How One Company Made the Shift

Mario Duarte, VP, IT Security, Snowflake

Every CISO understands how passwords across the workforce are difficult to remember, drive up help desk costs, and impede workforce productivity with ongoing password change requirements. And while single sign-on environments reduce some inefficiencies of passwords, they aren’t always ubiquitous. Are passwordless environments possible? Join us to hear how passwordless environments work, why Snowflake made the decision to deploy, and the efficiencies and upside they’re realizing.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide CSO, IDG Communications, Inc. 

3:05 - 3:20 PM

CSO Industry Partner Session

Join us to learn about new security strategies for your organization.

3:20 - 3:45 PM

The Role of Ransomware Negotiators and What They Can and Can’t Do

Lucian Constantin, Senior Writer, CSOOnline.com, IDG Communications, Inc.
Michael Nadeau, Senior Editor, Reporter, CSO, IDG Communications, Inc.

CSO senior writer Lucian Constantin knows that paying ransomware demands should be avoided — unless lives are on the line or the survival of a business is at stake. Join us as Lucian talks about the role of the ransomware negotiator, the person called in to negotiate terms with the criminals holding data hostage. He’ll explain their role, their background, and what they can and can’t do to regain access to critical data. He’ll also discuss the ethics that legitimate ransomware negotiators should adhere to.

3:45 - 4:05 PM

CSO Industry Partner Session with HPE

Sunil James, Senior Director, Security Engineering, HPE

4:05 PM

CSO On Demand Sessions Available

Building a World-Class AppSec Program
Jeremy Brooks, Information Security Architect, Aaron’s, Inc.
Eric Simmons, Information Security Manager & Application Security Lead, Aaron’s, Inc.

Establishing Security Ambassadors to Fortify a Secure Organizational Culture
Omar Prunera, Senior Director ESI Business Security Office and Global Programs, ADP

Success Factors for Securing a Multi- or Hybrid-cloud Environment
Carson Sweet, Co-Founder and Chief Executive Officer, CloudPassage

Expanding Fraud Prevention and Detection and Cybersecurity at Scale
Stephen Pedersen, Director, Information Security, Coast Capital Savings

Establishing a Risk Culture in the Enterprise
Tommy Todd, VP, Security, Code42

GE’s Journey to Zero Trust
Justin Acquaro, Global CISO, GE

Challenge the Rules of Security by Proactively Transforming the Threat Surface
Robert DeVito, Global Chrome Customer and Partner Sales Engineering, Google Chrome

The CISO’s Evolving Role: Career Tips and Guidance for Today’s Security Leaders
Tim Youngblood, Corporate VP, Global CISO, McDonald’s

CISOs and Personal Liability in Today’s Business Climate
Aravind Swaminathan, Global Co-Chair, Cyber, Privacy & Data Innovation, Orrick, Herrington & Sutcliffe LLP

Aligning Security, Compliance and Privacy Across Inventory Tracking
Kandice Samuelson, Senior Director, IT Governance, PPD
Brad Wells, Executive Director, Information Security, PPD

Keeping a Remote Workforce Secure: Lessons Learned, Tips for the Future
Lucian Constantin, Senior Writer, CSO Online, IDG Communications, Inc.
Matthew Finnegan, Senior Reporter, Computerworld, IDG Communications, Inc.
Ken Mingis, Executive Editor, Computerworld, IDG Communications Inc.

The Next Generation of Cyber Security: Autonomous Cyber AI
Justin Fier, Director of Threat Intelligence and Analytics, Darktrace

An IT Operations, Security, and Risk Management Platform That Responds to Plain English Queries
Hosted by Tanium

Overcoming Data Overload: Data Discovery and Risk Formulas that Standardize Risk at Scale
Nick Pavlichek, GRC Product Manager, OneTrust

Navigating Enterprise Security in a Post-Compromise Reality
Dan Greer, Director of Sales Engineering, ExtraHop

1:00 - 1:05 PM

Welcome & Opening Remarks

Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:05 - 1:30 PM

Surviving a Destructive Nation-State Cyber Attack

Steve Bernard, former EVP, Security, Sony Pictures Entertainment

Former Sony Pictures Entertainment EVP of Security Stevan Bernard is an expert at understanding nation-state attacks. Join us as he shares what businesses need to know about adversaries in an era consumed by a pandemic, social and political unrest, and rampant cybercrime. We’ll discuss future risks businesses should be preparing for, the role businesses should be addressing given the declining security capabilities of governments, insider risks and how they’re evolving, and more.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide CSO, IDG Communications, Inc. 

1:30 - 1:55 PM

How Accenture Secures with Zero Trust

Kris Burkhardt, CISO, Accenture

With more than a half-million employees around the world, Accenture has a long history of supporting employees with technology as they visit clients. Those roots are what informed the organization’s traditional focus on the workstation, endpoint and identity — rather than backhauling traffic through a VPN to maintain a corporate perimeter. Join us for this session to learn about how this approach is even further modernized with Zero Trust.

Interviewed by: Bob Bragdon, SVP/Managing Director Worldwide, CSO, IDG Communications, Inc.

1:55 - 2:15 PM

Networking Break

2:15 - 2:40 PM

Why Businesses are Turning to Zero Trust Models for an Evolving Workforce

Jeremy Smith, Global Head of IT Risk and Security, Avery Dennison
Jason Keenaghan, Director of Offering Managerment, IBM Security
Frank Dickson, Program Vice President, Cybersecurity Products, IDC

In the wake of the pandemic, more businesses are turning to a zero trust model to address the needs of their complex and evolving workforces. Join us as experts from IBM and IDC discuss the evolution of Zero Trust models and how they’re adding value to organizations now and into the future.

Moderated by: Bob Bragdon, SVP/Managing Director Worldwide CSO, IDG Communications, Inc. 

2:40 - 3:05 PM

WAN Evolution: From SD-WAN to Secure Access Service Edge (SASE)

Brandon Butler, Senior Research Analyst, Enterprise Networks, IDC
Christopher Rodriguez, Research Manager, Network Security Products & Strategies, IDC

Join IDC analysts Brandon Butler and Christopher Rodriguez as they talk with Network World’s Ann Bednarz about the SASE model for streamlining network access and improving security. Deployed as a cloud service, it blends SD-WAN’s network optimization capabilities with security features such as zero-trust authentication, data loss prevention, threat detection, and encryption. Learn how SASE can offer easier network and security management, lower costs, and fewer vendors to manage.

Interviewed by: Ann Bednarz, Assistant Managing Editor, Features, Network World, IDG Communications, Inc. 

3:05 - 3:30 PM

A Structured Approach to Securing the Software Supply Chain

Tami Hudson, CISO, Randstad

Interviewed by: Derek Hulitzky, VP, Content Development & Strategy, IDG Communications, Inc. 

3:35 PM

CSO On Demand Sessions Available

Building a World-Class AppSec Program
Jeremy Brooks, Information Security Architect, Aaron’s, Inc.
Eric Simmons, Information Security Manager & Application Security Lead, Aaron’s, Inc.

Establishing Security Ambassadors to Fortify a Secure Organizational Culture
Omar Prunera, Senior Director ESI Business Security Office and Global Programs, ADP

Success Factors for Securing a Multi- or Hybrid-cloud Environment
Carson Sweet, Co-Founder and Chief Executive Officer, CloudPassage

Expanding Fraud Prevention and Detection and Cybersecurity at Scale
Stephen Pedersen, Director, Information Security, Coast Capital Savings

Establishing a Risk Culture in the Enterprise
Tommy Todd, VP, Security, Code42

GE’s Journey to Zero Trust
Justin Acquaro, Global CISO, GE

Challenge the Rules of Security by Proactively Transforming the Threat Surface
Robert DeVito, Global Chrome Customer and Partner Sales Engineering, Google Chrome

The CISO’s Evolving Role: Career Tips and Guidance for Today’s Security Leaders
Tim Youngblood, Corporate VP, Global CISO, McDonald’s

CISOs and Personal Liability in Today’s Business Climate
Aravind Swaminathan, Global Co-Chair, Cyber, Privacy & Data Innovation, Orrick, Herrington & Sutcliffe LLP

Aligning Security, Compliance and Privacy Across Inventory Tracking
Kandice Samuelson, Senior Director, IT Governance, PPD
Brad Wells, Executive Director, Information Security, PPD

Keeping a Remote Workforce Secure: Lessons Learned, Tips for the Future
Lucian Constantin, Senior Writer, CSO Online, IDG Communications, Inc.
Matthew Finnegan, Senior Reporter, Computerworld, IDG Communications, Inc.
Ken Mingis, Executive Editor, Computerworld, IDG Communications Inc.

The Next Generation of Cyber Security: Autonomous Cyber AI
Justin Fier, Director of Threat Intelligence and Analytics, Darktrace

An IT Operations, Security, and Risk Management Platform That Responds to Plain English Queries
Hosted by Tanium

Overcoming Data Overload: Data Discovery and Risk Formulas that Standardize Risk at Scale
Nick Pavlichek, GRC Product Manager, OneTrust

Navigating Enterprise Security in a Post-Compromise Reality
Dan Greer, Director of Sales Engineering, ExtraHop

Agenda subject to change.

Register Now