CISO Chicago Summit | Mar 12, 2020 | Convene - 16 West Adams Street - Chicago, IL, USA

Register

PDF Download Agenda (PDF)

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Thursday, March 12, 2020 - CISO Chicago Summit

8:00 am - 8:30 am

Registration & Networking Breakfast

 

8:30 am - 8:40 am

Welcome Address & Opening Remarks

 

8:40 am - 9:30 am

Keynote Panel

Steering Cultural Change

An IT executive's role, goals and objectives have drastically changed over the years. Most leaders supervise teams and units beyond their IT department. Due to these changes in responsibilities, their success is measured in greater business metrics. As a result, these roles have become both more attractive and more demanding. 

Takeaways: 

  • What are the significant changes regarding the role of the IT Executive 
  • How to keep up with the changing requirements  
  • How to properly measure an IT executive's success

Moderated by:

Ann Madea, Former EVP / CIO, Former HSBC View details

 
 

Panelists:

Robert Sumter, Chief Information Officer, Cook County Health & Hospital System View details

 
 

Wayne Towson, Global Director Vulnerability & Threat Mitigation, Information Security Officer, Abbott Laboratories View details

 
 
 

9:30 am - 10:00 am

Keynote Presentation

Tailoring Cloud Strategies to Deliver Business Agility

As businesses evaluate the move to cloud, like anything else in life, it's a journey not a destination. Lenovo will share their experiences in the market with their customers and their experiences as a multi-billion dollar international enterprise. And, hopefully, leave the audience entertained and informed on what signs to look for and which ones to follow.

Sponsored by:

Lenovo View details

 
 

Presented by:

Kevin Hooper, President, NA Data Center Group, Lenovo

 
 

10:05 am - 10:30 am

Executive Exchange

 

Share:

Thought Leadership

You Need to Know Who Is Accessing Your Data, But Do You Really?

Knowing who is accessing what data is at the heart of security. Today, users and attackers get to your data through a mesh of web applications, APIs, and microservices. Unfortunately, your database logs only report the querying source as an authorized intermediary application without the originating requestor's information. This blind spot causes glaring gaps during audits, slows incident response, and impede breach detection. 

Learn how to apply new ways of continuously linking originating users' information to every database access with cohesive interworking between edge WAF, server RASP, and Data Activity Monitoring tools.

Sponsored by:

Imperva View details

 
 
 

10:30 am - 10:40 am

Morning Networking Coffee Break

 

10:45 am - 11:10 am

Executive Exchange

 

Think Tank

A Different Approach: Identifying and Reporting on Cyber Security Risks

Focusing on Cyber Security Risks in a dynamic threat landscape is key to a successful Security Risk Program. How do you reduce noise and focus on key metrics that effectively communicate your Cyber Security Risk posture across the organization? What are critical success factors in developing and maintaining an effective risk reporting program that not only meets regulatory requirements but effectively addresses risks that impact mission critical operations in your organization? 

In this session we will discuss: 

  • Steps required to develop an effective risk reporting program 
  • Critical Success Factors  
  • Lessons learned and pitfalls to avoid when developing a robust risk reporting function that measures key Cyber Security Risks

Presented by:

Chris Carter, Global Head of Cyber Analytics, Zurich Insurance Group View details

 
 
 

11:15 am - 11:40 am

Executive Exchange

 

Executive Boardroom

Bright, Shiny Objects and Refocusing on the Basics of Service Delivery

Today's CIO is preoccupied with using technology to drive fundamental change in business and operating models. Opportunities include intelligent automation, Big Data and Machine Learning. But the allure of these innovations is leading many CIOs to neglect the fundamentals of service management - specifically, tools, skilled people and process improvement. Recognizing this disconnect, many businesses are re-committing to a disciplined approach to service management, one characterized by standardization, integration and analytics. By focusing on these basics, businesses can reduce costs, enhance agility and optimize their investments in existing technology. 

Takeaways will include: 

- The importance of integrated global service delivery in overcoming the challenges posed by inefficient multi-vendor sourcing models characterized by silos of activity, lack of communication and service disconnects. 

- Key elements of a "Modernized Shift/Left" model that transitions from reducing ticket volumes through self-service to more advanced use of remote access and configuration.

- How governance and standardized management practices can enable predictive analytics that leverage data collection, analysis and insight to drive continuous improvement. 

Sponsored by:

Claro Enterprise Solutions View details

 
 

Presented by:

John McGurgan, VP of Managed Services, Claro Enterprise Solutions View details

 
 

Executive Boardroom

The Network Comes First: Fiber Infrastructure's Critical Role in the Digital Economy

Today's organizations rely on network-dependent applications and require ubiquitous access to data, while staying abreast of tomorrow's business trends. Legacy infrastructure is cited as the most frequently reported challenge to digital transformation, making it difficult to introduce new technologies like 5G, artificial intelligence and the internet of things.

As business bandwidth is exploding, a fiber network infrastructure is the backbone necessary to operate today's enterprise business and prepare for future success. 

 Takeaways: 

- Why a fiber network is mission-critical to business success

- Upcoming trends that require, impact bandwidth

- The importance of auditing your bandwidth needs

Sponsored by:

Everstream Solutions View details

 
 

Presented by:

Brett Lindsey, President and CEO, Everstream Solutions

 
 

11:45 am - 12:10 pm

Executive Exchange

 

Think Tank

Data 2020, The Duality of Fueling AI and Addressing Data Risk

This year will offer a wake-up call for many, as the overall cost of getting data wrong will be realized. CIOs will be pulled between business growth strategies focusing on AI and the increasing cyber-imperative of addressing the critical data risk issues. As data is sourced from a complex portfolio of applications; successful transformations will need to balance convincing gatekeepers to say yes, the use of intelligent automation to deliver compelling initiatives for data cleansing, integration, and management, and the overall IT support of the exponentially increasing demand for data overall. Successful leaders will need to leverage concepts like technical debt to deliver the budget increases they need to deliver and manage the potential that data represents. 

Takeaways: 

  • A technical debt view - how mishandling data drives financial cost 
  • How AI improves predictability in safeguarding data  
  • IT teams can be more effective at cleaning and organizing data

Presented by:

Gokula Mishra, Former Senior Director, Global Data & Analytics, McDonald's View details

 
 

Think Tank

Automating Cybersecurity

IT security professionals all face one major issue: being asked to do more, with less resources. Automation and integration are a necessity in order to meet the demands of an organization's security needs. Managing risk without diminishing the speed and quality of development is achievable by integrating security into agile processes, like DevOps or CI/CD. Since most security teams are understaffed, automated solutions are becoming a requirement, rather than an option to properly manage the ever-increasing workload. 

Takeaways:

  • Automation is required to meet today's security demand 
  • DevOps can operate more efficiently with CI/CD  
  • IT security staff are responsible for more than ever
 

12:15 pm - 12:40 pm

Executive Exchange

 

Executive Boardroom

Put that Cease and Desist Down: How to Train your Org to Work with Hackers

Before that hacker slides into your brand's DMs, how do you prepare your organization to talk to researchers and spot vulnerability disclosure? Today, poorly handled disclosures can cause the same reputational damage as a public security incident. As security continues to climb the ranks of importance, more decision makers and stakeholders are involved in interactions that were once solely owned by security teams. The vulnerability reports are coming. Ready or not. Everyone is on the front lines of security and this includes researcher interactions. Are your executives, legal, PR, and social media teams prepared? 

Based on hundreds of hacker and company mediation request, this talk will look at common and extreme scenarios many are seeing for the first time. We will cover real-world communication failures, as well as the success stories you will never read about. Attendees will walk away with armed with practical tips to prepare their colleagues for the inevitable vulnerability report, starting with hacker motivations, what disclosure success looks like, and de-escalation tips.

Sponsored by:

HackerOne View details

 
 

Presented by:

Luke Tucker, Senior Director of the Global Hacker Community, HackerOne

 
 

12:40 pm - 1:10 pm

Networking Lunch

Networking Lunch
 

1:10 pm - 1:40 pm

Keynote Presentation

Integrate Once, Reuse Everywhere: IBM Security and the Open Cybersecurity Alliance

In late 2019, IBM joined forces with 17 other cybersecurity vendors - including McAfee, Crowdstrike and others - to form the Open Cybersecurity Alliance (OCA) to promote open and interoperable cybersecurity. Recognizing that most companies have too many cybersecurity tools to manage, too much data in too many places, and not enough skilled security professionals, OCA members subscribe to the mantra "Integrate once, reuse everywhere" to enable security teams to focus on solving security issues rather than getting tools to work together. Now up to 27 members, the OCA is becoming a powerful force in the cybersecurity industry. 

 Chris Bontempo leads Marketing and Offerings for IBM Security in North America and will discuss how the OCA members are working together and contributing foundational technologies under the open-source Apache 2.0 license, to enable security solutions to communicate with each other over a standard fabric during the entire threat management life cycle.

 He'll also demonstrate how IBM Security is implementing foundational open-source OCA technologies like STIX-Shifter, OpenDXL and OpenC2 in its new open security platform, the IBM Cloud Pak for Security, to help clients transform threat hunting and detection, security analytics, operations and response and beyond.

Sponsored by:

IBM View details

 
 

Presented by:

Chris Bontempo, IBM Security Marketing Leader, IBM View details

 
 
 

1:45 pm - 2:10 pm

Executive Exchange

 

Keynote Think Tank

2020 Focus: The People

Successful IT executives focus on the people. It's important for IT executives to partner with UX, HR and employee experience teams to aid with the shift in workforce dynamics, bringing emerging technologies or AI interactions to high-value business engagement. 

Takeaways: 

  • Strategies for success through focus on the business software user 
  • How employee training contributes to software success 
  • Case studies for success building business engagement in the IT team

Presented by:

Steve Betts, Former CIO at HCSC and Aon, Board Chair, Lumity, View details

 
 
 

2:15 pm - 2:40 pm

Executive Exchange

 

Innovation Partner Showcase

Reviewing your Identity & Access Management strategy, as we head into a Zero Trust world

In this session we will walk through the highlights of our new whitepaper titled ?Mastering Identity & Access Management? as well as provide some examples from recent consulting engagements. 

By attending this session, the audience will gain a new perspective on the right way to approach IAM and take control of this most important aspect of IT security.

Sponsored by:

Insight Cloud + Data Center Transformation View details

 
 

Executive Boardroom

Behind the Scenes of Next-Generation Managed Detection and Response

On a long enough timeline, the probability of avoiding a breach eventually reaches zero. The real question is how prepared is your organization when an event occurs? Join eSentire to see a demonstration on why a Zero-Trust Managed Detection and Response approach is critical to rapidly identifying and containing attacks such as Emotet, Powershell, Ransomware and Crypto Miners that are designed to bypass existing security controls.

Sponsored by:

eSentire View details

 
 

Presented by:

Ramelle Sarna, Senior Solutions Engineer, eSentire

 
 

2:45 pm - 3:10 pm

Executive Exchange

 

Think Tank

Bring Your Own . . . Enhancement

Over the next 5 years, it's forecasted that roughly 30% of enterprises will augment BYOD policies to include "bring your own enhancement" (BYOE) to add focus to augmented staff members. It will be tempting for IT to try and regulate or control human augmentation technology, but the real focus should be to exploit the employee's interest in BYOE to advance the business. We are seeing manufacturing companies currently using wearables to promote worker safety, and companies in both travel and healthcare industries are using these devices to boost productivity. With these technologies constantly evolving, organizations should contemplate how these enhancements can be leveraged in both the personal and professional lives of the workforce. 

Takeaways: 

  • Impactful examples of BYOE Technology 
  • Strategies to encourage employees to use 
  • AI Critical considerations for IT's need to regulate Augmented Technology

Presented by:

Bob Holzer, Sr. Director Technology Exploration, Blue Cross Blue Shield of Illinois View details

 
 

Think Tank

Think Tank
 

3:15 pm - 3:40 pm

Executive Exchange

 

Think Tank

Increasing Customer Value with RPA (Robotics Process Automation)

CIOs are turning to an emerging technology practice called robotic process automation (RPA) to streamline enterprise operations and reduce costs. With RPA, businesses can automate mundane rules-based business processes, enabling business users to devote more time to serving customers or other higher-value work. Looking at HCSC's Intelligent Automation will illustrate how this is possible. 

Takeaways 

  1. What is Robotics Process Automation (RPA)  
  2. What are the benefits and pitfalls of RPA 
  3. What enterprise models/companies are successfully using RPA

Presented by:

Jim Petrassi, CTO, Blue Cross Blue Shield of Illinois View details

 
 
 

3:40 pm - 3:50 pm

Afternoon Networking Coffee Break

 

3:55 pm - 4:20 pm

Executive Exchange

 

Think Tank

Unprotected Data: Your Risk of Internet-Enabled Psychological and Information Warfare

Since the last elections in the United States, France, and other nations, fake news has become a tool to manipulate voters. This creation of fake news creates a problem that ripples through an entire society creating division. However, the media has not scrutinized enough on data misuse. Daily it appears that there are breaches causing millions of users to have their personal information taken, exposed, and sold on the Dark Web in exchange of encrypted currencies. Recently, news has surfaced of major social media sites allowing emails to be read without user consent. 

Takeaways:  

  • It is essential that organizations continuously review current data policies 
  • Ensure that enterprises do not become victims of information warfare. 
  • How can the misuse of data be used for information warfare and the exploitation of targeted groups?

Presented by:

Maurice Dawson, Director of the Center for Cyber Security and Forensics Education, Illinois Institute of Technology View details

 
 
 

4:25 pm - 4:50 pm

Executive Exchange

 
 

4:55 pm - 5:00 pm

Closing Remarks


 

5:00 pm - 6:30 pm

Summit Happy Hour