EVENT
CISO Chicago Summit | October 18, 2018 | Trump Hotel Chicago - Chicago, IL, USA
agenda
Download Agenda (PDF)↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session 
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
Thursday, October 18, 2018 - CISO Chicago Summit
7:30 am - 8:10 am
Registration and Networking Breakfast
8:15 am - 8:25 am
Welcome Address and Opening Remarks 
8:25 am - 8:55 am
Keynote Presentation
Digital Transformation: A Journey Not a Destination
There are many forces that are driving companies to continue to transform how they do business. Technological advances such as IoT, AI, Machine Learning, Virtual Reality and Augmented Reality are creating demanding expectations from customers, employees and boards. Adding to the complexity of CIOs and CISOs is the increasing threats to the security of the data that is at the heart of digital transformation. This keynote presentation will focus on the realities that this transformation will never end and it is critical to implement both the mindset and processes to treat digital transformation as a journey...not a destination.
Takeaways:
- It is critical to realize that Digital Transformation will never end, but will always be unfolding
- CIOs and CISOs must implement processes to ensure that not only their departments are forward thinking, but that their entire company is aware of what new technologies can bring to bear for customers and employees
9:00 am - 9:30 am
Keynote Presentation
Case Studies in Digital Transformation: Learnings Along the Journey
We will explore key learnings from various industries and verticals on the good, the bad and the ugly of digital transformation. We will have an opportunity to not only be exposed to successful use cases, but also ask the hard questions behind those successes.
Takeaways:
- One of the best ways to learn is to hear the stories of success (and failure) from companies similar to yours
- Asking questions of HOW the Journey unfolded are just as important as the end result
9:35 am - 10:00 am
Solutions Spotlight
Deep dives into the latest and greatest technology solutions to today's business problems.
10:05 am - 10:30 am
Executive Exchange
Think Tank
Designing a Digital Workplace: Balancing Security with Effectiveness
Employees are consumers of digital technologies such as IoT, AR and VR. The plethora of mobile devices has enabled them to work where they want and when they want which has raised the bar on employee expectations for tools and capabilities from their employers. In order for companies to retain the best and get the most out of their employees, it is vital to design and continually update the digital workplace. We will discuss the current trends as well as share case studies of successful digital workplace implementations including how to deal with the inherent security risks of expanded accessibility to company resources.
Takeaways:
- Highly skilled employees will demand a mobile and efficient workplace.
- Keeping these skilled employees fully engaged and passionate about your company is critical to achieving the desired Digital Transformation
10:30 am - 10:40 am
Morning Networking Coffee Break
10:45 am - 11:10 am
Executive Exchange
Thought Leadership
Knowing Is Half the Battle - Protecting Applications & Their Sensitive Data
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection RASP changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc. 
Greg Wolford, Solutions Architect, Prevoty, Inc.
11:15 am - 11:40 am
Executive Exchange
Thought Leadership
Machines Are Friends Not Foes: Using Cognitive Computing to Assess Threats
Popular movies, books and television shows typically position advanced technology as a threat to humanity and all we hold dear. Yet Cognitive Computing technologies such as Artificial Intelligence (AI), Machine Learning (ML), Natural Language Processing and Augmented Reality (AR) are helping CIOs and CISOs make better decisions faster. We will discuss how Cognitive Computing can help us navigate the acceleration of activity and decisions that we are experiencing on our Digital Transformation journeys.
Takeaways:
- New Cognitive Computing Technologies can be unnerving and difficult to trust
- Used properly, Cognitive Computing Technologies such as AI, ML and AR can provide data to humans in such a way to enable us to better prioritize the decisions we must make and make those decisions more effectively
11:45 am - 12:10 pm
Executive Exchange
Executive Boardroom 
Risky Business: The Hidden Threat in Your Organization
Cyber security threats continue to proliferate. When combating these growing risks, most organizations place more trust in technology-based solutions than on training their employees to be more aware of the threat landscape and able to recognize cyber breach attempts.
Join Erich Kron as he explains the emerging threats, the strengths and weaknesses that users bring to an organization's security culture, and strategies to fortify your last line of defense, your users.
In this session you will learn:
- Current and emerging attack landscape
- Right and wrong approaches to changing employee behavior
- How to build a successful Security Awareness Training Program
Sponsored by:
KnowBe4, Inc
Erich Kron, Security Awareness Advocate, KnowBe4, Inc
Executive Boardroom
Finding the Right Security Partner: The Difference Between MSSP and MDR
In today's world of increasing cyber threats, selecting the best security partner for your organization can be challenging. With innovative services such as Managed Detection and Response changing the way organizations respond to threats, it's important to understand the difference between traditional MSSPs and MDR providers. This presentation will focus on the realities of using MSSP technologies versus MDR and provide selection recommendation guidelines for CISOs.
Takeaways:
- Vendors can respond to incidents proactively or reactively
- Not all MDR vendors are the same
- Use a proof of concept to authenticate vendor claims
- Validate the vendors regulatory experience
Sponsored by:
eSentire
12:15 pm - 1:25 pm
Working Lunch and Panel
CIOs/CISOs as the Consummate Communicator
It is also changing the role of the CIO and CISO to be a business leader and internal sales leader for transformation. CIOs are now responsible for communicating strategies and recommendations to CxOs, boards and key stakeholders within a company. Join us, during lunch, for a passionate panel discussion with your peers as they share how they are successfully communicating internally to accomplish the company's goals.
Takeaways:
- CIOs must be great communicators, not only with their teams, but the rest of the organization
- CIOs must learn the best ways to communicate clarity and urgency with Boards and CXOs
1:30 pm - 1:55 pm
Executive Exchange
Executive Boardroom
Knowing Your Network: Tracking Your Assets in the Age of Machine-Speed Attacks
In this talk, we'll discuss how attackers have begun conducting internet-scale attacks at machine speed by leveraging new scanning technologies. Qadium will present examples of how new classes of perimeter exposures are creating new risks and data on global internet trends.
Sponsored by:
Qadium
Marshall Kuypers, Director of Cyber Risk, Qadium
Executive Boardroom
Making Zero Trust A Reality
Implementing a zero trust security strategy involves two bodies of work. One is preparing your applications and data for access on the public internet as well as segmenting your internal network to stop traverse attack and is often described as the companies digital transformation. The second is enabling and controlling access to those resources based on a level of trust, starting at zero, ascribed to the endpoints attempting to access them. Many organizations have made significant progress on their digital transformation, but continue to use legacy approaches to endpoint management that undermine the zero trust model. This session will examine modern approaches to establishing and continuously monitoring endpoint trust.
Sponsored by:
Lookout
Aaron Cockerill, Chief Strategy Officer, Lookout
2:00 pm - 2:25 pm
Executive Exchange
Think Tank
Which "Friends" Do I Trust? Realities of 3rd Party Risk
It is not a matter of if, but a matter of when. Organizations, more and more, and are outsourcing business activities to 3rd-parties because of cost-savings, revenue opportunities, expertise, etc. Thus collaborating with our business partners early to select the right 3rd-party vendor(s) with the appropriate security posture is essential, especially for vendors hosting, processing and/or transmitting sensitive/regulatory information, or having access to our IT assets.
Takeaways:
- Regardless of the reasons, outsourcing some business functions to a 3rd party seems inevitable in today's world
- It is critical to have a proper vetting procedure of 3rd parties before engaging them as business partners who have access to company systems and data
2:30 pm - 2:55 pm
Executive Exchange
Executive Boardroom
Preventing Unknown Cyberattacks Is Easier Than They Tell You
Unknown zero-day attacks have the advantage, but they have an Achilles heel. To work, they have to both evade defenses and execute in memory. Moving Target Defense nullifies their advantage by making it impossible for them to find a target to attack. This prevents them instantaneously and effortlessly.
Morphisec is not a faster way to detect attacks or replace AV, but a way of preventing unknown attacks without waiting for them to be identified and before they get started. As a virtual patch, Morphisec eliminates the dwell time of attacks. As a 2MB deterministic prevention tool, it is "set and forget", with no impact on end users and no alerts.
Takeaways:
- Unknown, evasive, zero-day attacks are one of cybersecurity's greatest dangers.
- Paradoxically, they are super easy to prevent with Moving Target Defense.
- Moving Target Defense is a potent virtual patch that reduces risk and is "set and forget".
Sponsored by:
Morphisec Inc.
Arthur Braunstein, VP US Sales, Morphisec Inc.
Executive Boardroom
Navigating Security and Risk In a Changing IT Landscape
Agile, DevOps, containers, microservices, the cloud are all seeing increased adoption across the enterprise. But, while there are valid business reasons to embrace these new models, there is potential risk in implementation. Is this change necessary? If so, how can this change be accommodated effectively, safely? This session will cover some common elements of the risk of change - and of not changing - and suggest approaches to minimize risk as you adopt these new technologies.
Takeaways:
- The IT Landscape will continue to change leading to new processes, new technologies and new "standard" ways of doing IT business
- This changing Landscape will present security challenges where you will need to balance the "pain of same" vs the "pain of change"
3:00 pm - 3:25 pm
Executive Exchange
Think Tank
CISO's Got Talent: Finding, Growing & Retaining the Best People
While new technology and solutions can help CISOs make more, faster and better decisions for an organization, nothing will take the place of a highly talented workforce. CISOs need to be great recruiters of talent but even more importantly growing the skills and capabilities of their team providing engaging and challenging opportunities for people. Competitive compensation is important for retaining great talent but so is a work environment where individual growth and development are front of mind and not an after thought.
Takeaways:
- Highly skilled employees want an environment where they can grow their skills and feel appropriately challenged
- Finding the best people, inside and outside of your company, and then providing a path to individual excellence is a key responsibility of CIOs
3:25 pm - 3:35 pm
Afternoon Networking Coffee Break
3:40 pm - 4:05 pm
Executive Exchange
Think Tank
Disrupt or Be Disrupted: The Digital Transformation Journey Has No Parking Lots
The seemingly ever expanding cadre of technological tools available to incumbent industry leaders are also available to myriad start-ups. Start-ups are using these new technologies to disrupt industries of all types, changing how customers think about tried and true industries. Disruption is found on every corner and it is critical for CIOs to lead their organizations in a way that make them as nimble as their competitors.
Takeaways:
- Technology enables companies, especially start-ups with no legacy infrastructure, to disrupt industries overnight
- CIOs need to lead their companies in ways that disrupt before they are disrupted by others
4:10 pm - 4:35 pm
Executive Exchange
Innovation Partners Showcase
Sponsored by:
Datalink, a division of Insight
Comodo
4:40 pm - 5:00 pm
What's the Next Stop On the Transformation Journey?
Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs where common issues can be addressed and success stories can be shared.
Takeaways:
- Building an ongoing community with your peers can be an invaluable resource for tackling the Digital Transformation projects ahead of you
- Sharing stories of success (and failures) is not reserved to a one day CIO Summit but should be shared on a regular basis with your peers
5:00 pm - 6:30 pm