CISO Chicago Summit | Mar 12, 2020 | Convene - 16 West Adams Street - Chicago, IL, USA

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Thursday, March 12, 2020 - CISO Chicago Summit

8:00 am - 8:30 am

Registration & Networking Breakfast

 

8:30 am - 8:40 am

Welcome Address & Opening Remarks

 

8:40 am - 9:30 am

Keynote Panel

Steering Cultural Change

An IT executive's role, goals and objectives have drastically changed over the years. Most leaders supervise teams and units beyond their IT department. Due to these changes in responsibilities, their success is measured in greater business metrics. As a result, these roles have become both more attractive and more demanding. 

Takeaways: 

  • What are the significant changes regarding the role of the IT Executive 
  • How to keep up with the changing requirements  
  • How to properly measure an IT executive's success

Moderated by:

Ann Madea, Former EVP / CIO, Former HSBC View details

 
 

Panelists:

Nalini Polavarapu, Head of Data Science - Customer Centricity, Bayer CropScience View details

 
 

Sherri Adame, Chief Customer/Reference Data Officer, CIGNA View details

 
 

Robert Sumter, CIO, Cook County Health & Hospital System View details

 
 

Wayne Towson, Global Director Security Intelligence, Abbott Laboratories View details

 
 
 

9:30 am - 10:00 am

Keynote Presentation

Integrate Once, Reuse Everywhere: IBM Security and the Open Cybersecurity Alliance

In late 2019, IBM joined forces with 17 other cybersecurity vendors - including McAfee, Crowdstrike and others - to form the Open Cybersecurity Alliance (OCA) to promote open and interoperable cybersecurity. Recognizing that most companies have too many cybersecurity tools to manage, too much data in too many places, and not enough skilled security professionals, OCA members subscribe to the mantra "Integrate once, reuse everywhere" to enable security teams to focus on solving security issues rather than getting tools to work together. Now up to 27 members, the OCA is becoming a powerful force in the cybersecurity industry. 

 Chris Bontempo leads Marketing and Offerings for IBM Security in North America and will discuss how the OCA members are working together and contributing foundational technologies under the open-source Apache 2.0 license, to enable security solutions to communicate with each other over a standard fabric during the entire threat management life cycle. 

 He'll also demonstrate how IBM Security is implementing foundational open-source OCA technologies like STIX-Shifter, OpenDXL and OpenC2 in its new open security platform, the IBM Cloud Pak for Security, to help clients transform threat hunting and detection, security analytics, operations and response and beyond.

Sponsored by:

IBM View details

 
 

Presented by:

Chris Bontempo, IBM Security Marketing Leader, IBM View details

 
 

Keynote Presentation

Case Studies in Digital Transformation: Learnings Along the Journey

We will explore key learnings from various industries and verticals on the good, the bad and the ugly of digital transformation. We will have an opportunity to not only be exposed to successful use cases, but also ask the hard questions behind those successes. 

 Takeaways: 

- One of the best ways to learn is to hear the stories of success (and failure) from companies similar to yours 

- Asking questions of HOW the journey unfolded are just as important as the end result

Sponsored by:

Lenovo View details

 
 

Presented by:

Kevin Hopper, President, NA Data Center Group, Lenovo

 
 

10:05 am - 10:25 am

Executive Exchange

 

Thought Leadership

TBC
Content Pending:

Sponsored by:

Imperva View details

 
 
 

10:30 am - 10:40 am

Morning Networking Coffee Break

 

10:45 am - 11:10 am

Executive Exchange

 

Think Tank

Bring Your Own . . . Enhancement

Over the next 5 years, it's forecasted that roughly 30% of enterprises will augment BYOD policies to include "bring your own enhancement" (BYOE) to add focus to augmented staff members. It will be tempting for IT to try and regulate or control human augmentation technology, but the real focus should be to exploit the employee's interest in BYOE to advance the business. We are seeing manufacturing companies currently using wearables to promote worker safety, and companies in both travel and healthcare industries are using these devices to boost productivity. With these technologies constantly evolving, organizations should contemplate how these enhancements can be leveraged in both the personal and professional lives of the workforce. 

Takeaways: 

  • Impactful examples of BYOE Technology 
  • Strategies to encourage employees to use 
  • AI Critical considerations for IT's need to regulate Augmented Technology

Presented by:

Bob Holzer, Sr. Director Technology Exploration, Blue Cross Blue Shield of Illinois View details

 
 

Think Tank

The Elephant in the Room, Data Breaches

In 2019, data breaches endured yet again as the largest security threat noted by organizations and IT security professionals alike. If data remains as a high valued commodity, ensuring data privacy and securing personal data will continue to be at the top of the list of an organization's concerns. The increases in privacy legislation, such as GDPR and CCPA, and the understanding of the ramifications stemming from a breach have allowed these concerns to remain heavily in the spotlight. Web application flaws have been identified as the top cause of data breaches. As such, establishing and maintaining web application security has developed into a high priority for all organizations. 

Takeaways:

  • Data breaches are the biggest security concern
  • Data continues to be a high value asset but the need to protect it is even higher 
  • New laws like GDPR and CCPA enforce consequences for failing to secure data

Presented by:

Chris Carter, Global Head of Cyber Analytics, Zurich Insurance Group View details

 
 
 

11:15 am - 11:40 am

Executive Exchange

 

Executive Boardroom

Can Organizations Trust Artificial Intelligence to Address Gaps in Security?

In an era of talent shortages in security, organizations need to turn to tools that can adapt to the human intelligence of attackers. But can you trust tools that rely on artificial intelligence to help fill that gap? In this talk, we'll discuss how security teams can unpack the black box that can be AI and machine learning to leverage tools that implement these for tasks which they're best at. We'll discuss how sometimes the only way to protect against the real humans behind targeted email attacks is artificial intelligence that can adapt to human intelligence..

Sponsored by:

Abnormal Security View details

 
 

Presented by:

Rami Habal, VP, Product, Abnormal Security

 

Executive Boardroom

Bright, Shiny Objects and Refocusing on the Basics of Service Delivery

Today's CIO is preoccupied with using technology to drive fundamental change in business and operating models. Opportunities include intelligent automation, Big Data and Machine Learning. But the allure of these innovations is leading many CIOs to neglect the fundamentals of service management - specifically, tools, skilled people and process improvement. Recognizing this disconnect, many businesses are re-committing to a disciplined approach to service management, one characterized by standardization, integration and analytics. By focusing on these basics, businesses can reduce costs, enhance agility and optimize their investments in existing technology. 

Takeaways will include: 

- The importance of integrated global service delivery in overcoming the challenges posed by inefficient multi-vendor sourcing models characterized by silos of activity, lack of communication and service disconnects. 

- Key elements of a "Modernized Shift/Left" model that transitions from reducing ticket volumes through self-service to more advanced use of remote access and configuration.

- How governance and standardized management practices can enable predictive analytics that leverage data collection, analysis and insight to drive continuous improvement. 

Sponsored by:

Claro Enterprise Solutions View details

 
 

Presented by:

John McGurgan, VP of Managed Services, Claro Enterprise Solutions View details

 
 
 

11:45 am - 12:10 pm

Executive Exchange

 

Think Tank

Hyper-personalization: Using AI to Drive the Bottom Line

How organizations connect with and influence the customer is set for dramatic changes: AI identification of emotions will be the driving force behind many advertisements; the rise in popularity of wearables that track user's habits, locations and biometrics will enable detection of customer emotions and reactions; environmental and behavior indicators enable companies to establish a much deeper level of hyper-personalization within the customer's experience. Companies that successfully apply these trends to gather and make use of data will increase sales and drive revenue, but there is a new industry standard for also being hyper-transparent with consumers about the data that is being collected and how it is being used. 

Takeaways: 

  • How AI has become a critical part of the advertising industry 
  • How emotional prediction technology will help companies hyper-personalize their offerings  
  • What companies need to consider to succeed in balancing hyper-personalization with being more transparent about data collection

Presented by:

Robert Miller, Chief of Staff to the CIO, Citi View details

 
 

Think Tank

Automating Cybersecurity

IT security professionals all face one major issue: being asked to do more, with less resources. Automation and integration are a necessity in order to meet the demands of an organization's security needs. Managing risk without diminishing the speed and quality of development is achievable by integrating security into agile processes, like DevOps or CI/CD. Since most security teams are understaffed, automated solutions are becoming a requirement, rather than an option to properly manage the ever-increasing workload. 

Takeaways:

  • Automation is required to meet today's security demand 
  • DevOps can operate more efficiently with CI/CD  
  • IT security staff are responsible for more than ever
 

12:15 pm - 12:40 pm

Executive Exchange

 

Executive Boardroom

Put that Cease and Desist Down: How to Train your Org to Work with Hackers

Before that hacker slides into your brand's DMs, how do you prepare your organization to talk to researchers and spot vulnerability disclosure? Today, poorly handled disclosures can cause the same reputational damage as a public security incident. As security continues to climb the ranks of importance, more decision makers and stakeholders are involved in interactions that were once solely owned by security teams. The vulnerability reports are coming. Ready or not. Everyone is on the front lines of security and this includes researcher interactions. Are your executives, legal, PR, and social media teams prepared? 

Based on hundreds of hacker and company mediation request, this talk will look at common and extreme scenarios many are seeing for the first time. We will cover real-world communication failures, as well as the success stories you will never read about. Attendees will walk away with armed with practical tips to prepare their colleagues for the inevitable vulnerability report, starting with hacker motivations, what disclosure success looks like, and de-escalation tips.

Sponsored by:

HackerOne View details

 
 

Presented by:

Luke Tucker, Senior Director of the Global Hacker Community, HackerOne

 

Executive Boardroom

The Network Comes First: Fiber Infrastructure's Critical Role in the Digital Economy

Today's organizations rely on network-dependent applications and require ubiquitous access to data, while staying abreast of tomorrow's business trends. Legacy infrastructure is cited as the most frequently reported challenge to digital transformation, making it difficult to introduce new technologies like 5G, artificial intelligence and the internet of things.

As business bandwidth is exploding, a fiber network infrastructure is the backbone necessary to operate today's enterprise business and prepare for future success. 

 Takeaways: 

- Why a fiber network is mission-critical to business success

- Upcoming trends that require, impact bandwidth

- The importance of auditing your bandwidth needs

Sponsored by:

Everstream Solutions View details

 
 

Presented by:

Brett Lindsey, President and CEO, Everstream Solutions

 
 

12:40 pm - 1:40 pm

Networking Lunch and Keynote

2020 Focus: The People

Successful IT executives focus on the people. It's important for IT executives to partner with UX, HR and employee experience teams to aid with the shift in workforce dynamics, bringing emerging technologies or AI interactions to high-value business engagement. 

Takeaways: 

  • Strategies for success through focus on the business software user  
  • How employee training contributes to software success 
  • Case studies for success building business engagement in the IT team

Presented by:

Steve Betts, Former CIO at HCSC and Aon, Board Chair, Lumity, View details

 
 
 

1:45 pm - 2:10 pm

Executive Exchanges and Networking

 

2:15 pm - 2:40 pm

Executive Exchange

 

Think Tank

Increasing Customer Value with RPA (Robotics Process Automation)

CIOs are turning to an emerging technology practice called robotic process automation (RPA) to streamline enterprise operations and reduce costs. With RPA, businesses can automate mundane rules-based business processes, enabling business users to devote more time to serving customers or other higher-value work. Looking at HCSC's Intelligent Automation will illustrate how this is possible. 

Takeaways 

  1. What is Robotics Process Automation (RPA) 
  2. What are the benefits and pitfalls of RPA  
  3. What enterprise models/companies are successfully using RPA

Presented by:

Jim Petrassi, CTO, HCSC View details

 
 

Share:

Think Tank

Security in the Crosshairs - The Future Comes into Focus

All organizations, regardless of size, are continuously evolving through modern technologies. Having an incident response plan and an effective cybersecurity strategy is not a luxury, but rather a requirement. Finally, security training for employees to improve their awareness is becoming the rule instead of the exception. Security is now establishing a permanent footprint within the software development lifecycle, with SecDevOps/DevSecOps processes to incorporate security at all layers of development. 

Takeaways: 

  • Any organization can fall victim to a data breach 
  • Having a plan of action is essential to business survival  
  • Security has become a part of the conversation at nearly every level of an organization

Presented by:

Kenneth Townsend, Vice President & Chief Information Security Officer, R1 RCM

 
 

2:45 pm - 3:10 pm

Executive Exchange

 

Executive Boardroom

Still Using Passwords? Forget That Sh*t

The constant barrage of breaches over the last decade has made it clear that usernames and passwords - invented back in 1964 - are simply no longer secure enough. According to the 2019 Verizon Breach Investigations Report, compromised credentials are responsible for over 80% of all breaches. 

 Despite attempts to make static credentials more secure by adopting two-factor authentication utilizing SMS, OTPs or hardware tokens, these added layers still leave organizations vulnerable to phishing attacks, keylogging, malware and more. 

 By removing the past reliance on usernames and passwords, you can enhance your organization's security by significantly reducing your overall attack surface and virtually eliminating the risk of compromised credentials. 

 Takeaways: 

 1. Learn how usernames and passwords are leaving your organization at risk. 

 2. See how how passwordless authentication removes major threat vectors. 

 3. Provide users a fast, simple and consistent authentication experience across any channel

Sponsored by:

Trusona, Inc. View details

 
 

Executive Boardroom

Behind the Scenes of Next-Generation Managed Detection and Response

On a long enough timeline, the probability of avoiding a breach eventually reaches zero. The real question is how prepared is your organization when an event occurs? Join eSentire to see a demonstration on why a Zero-Trust Managed Detection and Response approach is critical to rapidly identifying and containing attacks such as Emotet, Powershell, Ransomware and Crypto Miners that are designed to bypass existing security controls.

Sponsored by:

eSentire View details

 
 

Presented by:

Ramelle Sarna, Senior Solutions Engineer, eSentire

 
 

3:15 pm - 3:40 pm

Executive Exchange

 

Think Tank

Data 2020, The Duality of Fueling AI and Addressing Data Risk

This year will offer a wake-up call for many, as the overall cost of getting data wrong will be realized. CIOs will be pulled between business growth strategies focusing on AI and the increasing cyber-imperative of addressing the critical data risk issues. As data is sourced from a complex portfolio of applications; successful transformations will need to balance convincing gatekeepers to say yes, the use of intelligent automation to deliver compelling initiatives for data cleansing, integration, and management, and the overall IT support of the exponentially increasing demand for data overall. Successful leaders will need to leverage concepts like technical debt to deliver the budget increases they need to deliver and manage the potential that data represents. 

Takeaways: 

  • A technical debt view - how mishandling data drives financial cost 
  • How AI improves predictability in safeguarding data 
  • IT teams can be more effective at cleaning and organizing data

Presented by:

Gokula Mishra, Former Senior Director, Global Data & Analytics, McDonald\'s

 

Think Tank

AI: Friend or Foe?

Advances in artificial intelligence (AI) are introducing new technologies to a wide array of products across every industry, especially cybersecurity. Facial recognition and natural language processing have become a reality thanks to deep learning algorithms, however, there is a dark side to these advancements. Cybercriminals have managed to weaponize AI to create extremely intricate malware and attack methods. This has forced organizations to use advanced heuristic solutions rather than counting on known vulnerability and attack signatures. 

Takeaways: 

  • Artificial Intelligence products are already being deployed in many industries  
  • Features like facial recognition and chat bots are common examples 
  • Cybercriminals can weaponize this technology without proper security measures

Presented by:

Jonathan Golder, Director, Information Security and Fraud Governance, Discover Financial Company

 
 

3:40 pm - 3:50 pm

Afternoon Networking Coffee Break

 

3:55 pm - 4:20 pm

Executive Exchange

 

Executive Boardroom

Keep ALL endpoints continuously patched and compliant with the just released BigFix 10!

Join us to learn why thousands of enterprises use a single solution to simplify patch, compliance and security configuration management of all Windows, UNIX, Linux, MacOS, AWS, Azure, and VMware instances, whether they're on premise or in the cloud. The results? Faster cycles, reduced OPEX and tighter security.

Sponsored by:

HCL BigFix View details

 
 
 

4:25 pm - 4:50 pm

Executive Exchange

 

Innovation Partner Showcase


Sponsored by:

Insight Cloud + Data Center Transformation View details

 
 
 

4:55 pm - 5:00 pm

Closing Remarks


 

5:00 pm - 6:30 pm

Summit Happy Hour