Register Today >>

Unlimited threats, limited seats.

SC Media's 12th annual security conference
is back in New York, May 31, 2018

Partner with us >>

Can't-miss keynotes!

GREG TOUHILL

Brigadier general, USAF (ret.) president
Cyxtera Federal Group

CHRISTOPHER PAINTER

former sr. director cybersecurity
White House, national security staff

Everything from government-mandated cybersecurity policy to intelligence

Earn 9 CPE

to maintain your certification while expanding your knowledge base and skill set

Response times matter -
register now

PETER CHRONIS

SVP, CISO,
Turner

TONY SAGER

SVP, chief evangelist
Center for
Internet Security

DEVON BRYAN

executive VP & CISO
Federal Reserve System

STEVE BONGARDT

president
The Gyges Group

Don't miss this opportunity to network and collaborate with the best in the business.

We know your C-suite worries
about nation-state cyberattacks.

March on over to RiskSec
to strengthen your
cybersecurity armory.

  new york city cleaning services

A destination for information and security professionals providing analysis on all of the latest cybersecurity issues from highly respected thought leaders.


Welcome to the 2018 New York City RiskSec Conference. As SC Media approaches our 30th anniversary, we fully understand the avalanche of cybersecurity-related problems, responsibilities and aspirations you face. Like no other time before, data security is crucial to you and your corporate executives. With an avalanche of massive data breaches that compromised millions of users’ data and cost senior-level executives their jobs and the endless other types of attacks that leveraged both new and traditional techniques, 2017 seemed yet another banner year for the infosec industry. We expect this year will be just as active as our attendees will face the challenge of both the criminal element and nation states stepping up their aggressive activities. On top of these, insider threats, supply chain vulnerabilities, regulatory demands and increasing dependence on IoT, AI, cloud apps, mobile devices and still other technologies will continue to convolute your tactical and strategic cybersecurity aims. 

This conference will bring you insights from thought leaders across a variety of industries who will focus on the most significant issues that CISOs and other security professionals like you face every day. RiskSec comprises interactive learning sessions, keynotes and panel discussions, and features an area designated for technology companies to demo and share their latest products and services. 

All of us at SC Media look forward to welcoming you at our conference.

Illena Armstrong
VP, Editorial
features

The Features

30+ Industry leading Keynotes and Speakers

Interactive floor & demos from over 25 leading technology companies

Earn Up to 9 CPE to maintain your certification while expanding your knowledge base and/or skill set

Sharpen Risk Management Strategies

Network with senior cybersecurity leaders connected across all industry verticals

Unlimited snacks and beverages, lunch from an executive chef at our nourish bar

Corporate-meets-social in our new full service event venue designed around your attendee experience

Register now for this must attend event

View Our

Schedule

8:00 am
-
9:00 am

Registration and Breakfast

Registration and Breakfast

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

9:00 am
-
9:30 am

Keynote

Policy, Intelligence and the Future

Discussed will be everything from government mandated cybersecurity policy to intelligence regarding such issues as cyber related voter fraud and what the future holds for us.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Chris Painter, Former Sr. Director for Cybersecurity, White House, National Security Staff

- Gregory Touhill, Brigadier General, USAF (ret), President, Cyxtera Federal Group

Keynote

Policy, Intelligence and the Future

Discussed will be everything from government mandated cybersecurity policy to intelligence regarding such issues as cyber related voter fraud and what the future holds for us.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Chris Painter, Former Sr. Director for Cybersecurity, White House, National Security Staff

- Gregory Touhill, Brigadier General, USAF (ret), President, Cyxtera Federal Group

9:35 am
-
10:05 am

Management / Tech Track

Management / Tech Track

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

9:36 am
-
10:05 am

Management Track

Cyber/Intellectual Property Insurance - How to remove the ambiguity

The second rising of cyber insurance is here, however the guesswork involved in what is covered and setting premiums remain. The only solution is metrics which are achievable through threat detection and intelligence available today. How do we get there and how will Intellectual Property Insurance fit into the picture?

Moderator: Doug Olenick, online editor, SC Media

- Tony Parillo, Partner, Fortium Partners

- James C. Trainor, Senior Vice President, Aon Risk Solutions

Management Track

Cyber/Intellectual Property Insurance - How to remove the ambiguity

The second rising of cyber insurance is here, however the guesswork involved in what is covered and setting premiums remain. The only solution is metrics which are achievable through threat detection and intelligence available today. How do we get there and how will Intellectual Property Insurance fit into the picture?

Moderator: Doug Olenick, online editor, SC Media

- Tony Parillo, Partner, Fortium Partners

- James C. Trainor, Senior Vice President, Aon Risk Solutions

9:37 am
-
10:05 am

Tech Track

The Cyber Threat Intelligence (CTI) Balancing Act

Over the last 15 years CTI has not only improved but has also been refined. Gone are the days where the most intelligence wins - it’s about the most relevant intelligence so it doesn’t take an army of professionals to analyze it and too late find out your organization is already pwned. Learn how to maximize the right intelligence in a form digestible and actionable by the resources you have.

Moderator: Bradley Barth, senior reporter, SC Media

- Tammy Moskites, Managing Director, Sr. Security Executive, Accenture

- Teddy Powers, Senior Cyber Security Architect, Anomali

Tech Track

The Cyber Threat Intelligence (CTI) Balancing Act

Over the last 15 years CTI has not only improved but has also been refined. Gone are the days where the most intelligence wins - it’s about the most relevant intelligence so it doesn’t take an army of professionals to analyze it and too late find out your organization is already pwned. Learn how to maximize the right intelligence in a form digestible and actionable by the resources you have.

Moderator: Bradley Barth, senior reporter, SC Media

- Tammy Moskites, Managing Director, Sr. Security Executive, Accenture

- Teddy Powers, Senior Cyber Security Architect, Anomali

10:10 am
-
10:40 am

Platinum Sponsor Session 1

Effectuating Multi-Cloud Access Security (Pulse Secure)

The transition from legacy data centers to hybrid environments brings an array of usability, visibility and protection challenges as users connect to applications and resources across network, cloud and SaaS domains. With accelerated demands to support a mobile workforce and consumerization of IT, “trust but verify” controls are crucial to mitigate malware, data privacy, breach and IoT threats. How can anytime, anywhere access be seamless while ensuring consistent policy and protection capabilities. Whether your business is fully cloud invested or going on a per app and business case, this session will explore:

  • How, why and impact of siloed, work-around secure access mechanisms
  • Defining identity, device, security state and information relationships
  • Key components of protected connections, appropriate access, and availability
  • Considerations to gain intelligence, unify policies and orchestrate workflows
  • A reference platform for on-premise and multi-cloud Secure Access

Jim Hebler, Director of Americas' Cyber-Security Solutions, Pulse Secure

Platinum Sponsor Session 1

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

Effectuating Multi-Cloud Access Security (Pulse Secure)

The transition from legacy data centers to hybrid environments brings an array of usability, visibility and protection challenges as users connect to applications and resources across network, cloud and SaaS domains. With accelerated demands to support a mobile workforce and consumerization of IT, “trust but verify” controls are crucial to mitigate malware, data privacy, breach and IoT threats. How can anytime, anywhere access be seamless while ensuring consistent policy and protection capabilities. Whether your business is fully cloud invested or going on a per app and business case, this session will explore:

  • How, why and impact of siloed, work-around secure access mechanisms
  • Defining identity, device, security state and information relationships
  • Key components of protected connections, appropriate access, and availability
  • Considerations to gain intelligence, unify policies and orchestrate workflows
  • A reference platform for on-premise and multi-cloud Secure Access

Jim Hebler, Director of Americas' Cyber-Security Solutions, Pulse Secure

10:45 am
-
11:15 am

Networking and Expo Floor

Networking and Expo Floor

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

11:20 am
-
11:50 am

Platinum Sponsor Sessions 2 & 3

Best Practices for IAM Assessments, Blueprints & Roadmaps (SailPoint)

Organizations process and store huge volumes of sensitive information that belong to their customers and employees – from financial information to medical records to personal identifiers, like social security numbers and birthdates. Inadequate controls in IAM processes and technology can lead to breach, involuntary exposure of this data, and non-compliance issues. But you cannot correct what you don't know, so the first step in any IAM program is assessment.

IDMWORKS CEO & Chief Strategist, Todd Rossin, will address the most common questions around IAM Assessments & Roadmaps - Why Should We Assess? What Should We Assess? and When Should We Reassess?

Todd Rossin, CEO & Chief Strategist at IDMWORKS

Platinum Sponsor Sessions 2 & 3

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

Best Practices for IAM Assessments, Blueprints & Roadmaps (SailPoint)

Organizations process and store huge volumes of sensitive information that belong to their customers and employees – from financial information to medical records to personal identifiers, like social security numbers and birthdates. Inadequate controls in IAM processes and technology can lead to breach, involuntary exposure of this data, and non-compliance issues. But you cannot correct what you don't know, so the first step in any IAM program is assessment.

IDMWORKS CEO & Chief Strategist, Todd Rossin, will address the most common questions around IAM Assessments & Roadmaps - Why Should We Assess? What Should We Assess? and When Should We Reassess?

Todd Rossin, CEO & Chief Strategist at IDMWORKS

11:55 am
-
12:25 pm

Plenary Panel

Lessons Learned from over a Year of Targeted Ransomware Attacks

Discussed will be 3 pieces of the puzzle the industry can all learn from - human behavior, law enforcement and technology. How do we all help each other?

Moderator: Teri Robinson, executive editor, SC Media

- Steve Bongardt, President, The Gyges Group

- Carolyn Schreiber, CISO, Ahold Delhaize

Plenary Panel

Lessons Learned from over a Year of Targeted Ransomware Attacks

Discussed will be 3 pieces of the puzzle the industry can all learn from - human behavior, law enforcement and technology. How do we all help each other?

Moderator: Teri Robinson, executive editor, SC Media

- Steve Bongardt, President, The Gyges Group

- Carolyn Schreiber, CISO, Ahold Delhaize

12:30 pm
-
1:00 pm

Gold Sponsor Sessions 1, 2, 3

Turtles, Trust and the Future of Cybersecurity (Varonis)

Learn how the breakdown in cyber-confidence can only be repaired by recognizing the criticality of data protection in a hybrid, interdependent world - and by securing data first, not last.

Matt Radolec, Security Architect Manager at Varonis

One CISO’s Journey to Cyber Awareness (Wombat Security)

Whether budgets are robust or restrictive, infosec teams are often skeptical about diverting dollars away from technical tools so they can better fund awareness training. Fortune 500 CISO Alan Levine felt the same — until a nation-state attack on his organization led him to reexamine employees’ roles in cybersecurity and the value of defense-in-depth strategies at users’ desktops.

Alan Levine, Security Advisor at Wombat Security

If You Can't Beat 'Em, Join 'Em (Bugcrowd)

Crowdsourced security is a powerful tool - used by leading edge firms such as Google and Facebook - to decrease risk. However, crowdsourced security is not yet well understood across the enterprise security community. This discussion will define crowdsourced security and described why its a key element in any viable security architecture.

David Baker, CSO of Bugcrowd

Gold Sponsor Sessions 1, 2, 3

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

Turtles, Trust and the Future of Cybersecurity (Varonis)

Learn how the breakdown in cyber-confidence can only be repaired by recognizing the criticality of data protection in a hybrid, interdependent world - and by securing data first, not last.

Matt Radolec, Security Architect Manager at Varonis

One CISO’s Journey to Cyber Awareness (Wombat Security)

Whether budgets are robust or restrictive, infosec teams are often skeptical about diverting dollars away from technical tools so they can better fund awareness training. Fortune 500 CISO Alan Levine felt the same — until a nation-state attack on his organization led him to reexamine employees’ roles in cybersecurity and the value of defense-in-depth strategies at users’ desktops.

Alan Levine, Security Advisor at Wombat Security

If You Can't Beat 'Em, Join 'Em (Bugcrowd)

Crowdsourced security is a powerful tool - used by leading edge firms such as Google and Facebook - to decrease risk. However, crowdsourced security is not yet well understood across the enterprise security community. This discussion will define crowdsourced security and described why its a key element in any viable security architecture.

David Baker, CSO of Bugcrowd

1:05 pm
-
2:05 pm

Networking Lunch and Expo Floor

Networking Lunch and Expo Floor

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

2:10 pm
-
2:40 pm

Management / Tech Track

Management / Tech Track

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

2:11 pm
-
2:40 pm

Management Track

Disaster Planning Cyber Security Style

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

Management Track

Disaster Planning Cyber Security Style

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

Moderator: Illena Armstrong, VP, editorial, SC Media

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

2:12 pm
-
2:40 pm

Tech Track

Controls, Benchmarks and Tools - Best Practices in Building and Maintaining Robust Technical Security

Hear from the Center for Internet Security (CIS) and those that have successfully implemented such controls as they use the many tools available to remove ’security by obscurity’ from our vernacular completely. You bought the tool, you think you bought the service - but the gotcha may be in the fine print.

Moderator: Eric Green, program director, SC Media

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Karen Gispanski, VP Global Cyber Security Operations, Neilsen

Tech Track

Controls, Benchmarks and Tools - Best Practices in Building and Maintaining Robust Technical Security

Hear from the Center for Internet Security (CIS) and those that have successfully implemented such controls as they use the many tools available to remove ’security by obscurity’ from our vernacular completely. You bought the tool, you think you bought the service - but the gotcha may be in the fine print.

Moderator: Eric Green, program director, SC Media

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Karen Gispanski, VP Global Cyber Security Operations, Neilsen

2:45 pm
-
3:15 pm

Gold Sponsor Sessions 4, 5, 6

ISO 27001 & the GDPR: Identifying Overlap and Streamlining Efforts (OneTrust)

Together, security and privacy teams share a common goal: Protect the organization from reputational damage, lawsuits, and regulatory trouble. On one hand, ISO 27001 focuses on the assessment of risks and protection of the organization. On the other, the GDPR aims to assess and protect the rights and freedoms of individuals. With a joint goal in mind, it is crucial that security and privacy teams work together to develop a common language that produces greater productivity and takes advantage of collective efforts. In this session, OneTrust will present findings from research conducted in cooperation with the International Association of Privacy Professionals (IAPP), sharing how ISO 27001 and the GDPR overlap, as well as how security and privacy teams can work together to become more effective.

Bénédicte Dambrine, Privacy/Legal at OneTrust

Audit as Code - Improving Business Resilience by Applying DevOps Concepts to Audits (Tanium)

Security audits get a bad rap. Ask any IT professional about security audits and you’ll likely receive a colorful, negative response. Yet, when done correctly, audits are a great method for proactively identifying problems before they become major, newsworthy incidents. In this discussion, David Damato, Chief Security Officer from Tanium will provide insight on how security audits can borrow concepts from DevOps in order to strengthen security and deliver value to business stakeholders.

David Damato, Chief Security Officer at Tanium

Autonomous Cyber Defense: AI and the Immune System Approach (Darktrace)

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

Nancy Karches, Sales Director at Darktrace

Gold Sponsor Sessions 4, 5, 6

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

ISO 27001 & the GDPR: Identifying Overlap and Streamlining Efforts (OneTrust)

Together, security and privacy teams share a common goal: Protect the organization from reputational damage, lawsuits, and regulatory trouble. On one hand, ISO 27001 focuses on the assessment of risks and protection of the organization. On the other, the GDPR aims to assess and protect the rights and freedoms of individuals. With a joint goal in mind, it is crucial that security and privacy teams work together to develop a common language that produces greater productivity and takes advantage of collective efforts. In this session, OneTrust will present findings from research conducted in cooperation with the International Association of Privacy Professionals (IAPP), sharing how ISO 27001 and the GDPR overlap, as well as how security and privacy teams can work together to become more effective.

Bénédicte Dambrine, Privacy/Legal at OneTrust

Audit as Code - Improving Business Resilience by Applying DevOps Concepts to Audits (Tanium)

Security audits get a bad rap. Ask any IT professional about security audits and you’ll likely receive a colorful, negative response. Yet, when done correctly, audits are a great method for proactively identifying problems before they become major, newsworthy incidents. In this discussion, David Damato, Chief Security Officer from Tanium will provide insight on how security audits can borrow concepts from DevOps in order to strengthen security and deliver value to business stakeholders.

David Damato, Chief Security Officer at Tanium

Autonomous Cyber Defense: AI and the Immune System Approach (Darktrace)

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

Nancy Karches, Sales Director at Darktrace

3:20 pm
-
3:50 pm

Networking and Expo Floor

Networking and Expo Floor

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

3:55 pm
-
4:25 pm

Management / Tech Track

Management / Tech Track

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

3:56 pm
-
4:25 pm

Management Track

Managing Expectations - A Lesson in Garnering Support from Senior Management

Whether poorly communicated from the CISO, from the media or even vendors - senior management, more often than not, are armed with alternative facts which can easily throw need and expectations of the security team out of alignment with the actual mission. How do you pro-actively work to stay ahead of, or away from this damaging trend?

Moderator: Bradley Barth, senior reporter, SC Media

- Pete Chronis, CISO, Turner

- John McCumber, Director of Cybersecurity Advocacy, (ISC)2, Inc.

Management Track

Managing Expectations - A Lesson in Garnering Support from Senior Management

Whether poorly communicated from the CISO, from the media or even vendors - senior management, more often than not, are armed with alternative facts which can easily throw need and expectations of the security team out of alignment with the actual mission. How do you pro-actively work to stay ahead of, or away from this damaging trend?

Moderator: Bradley Barth, senior reporter, SC Media

- Pete Chronis, CISO, Turner

- John McCumber, Director of Cybersecurity Advocacy, (ISC)2, Inc.

3:57 pm
-
4:25 pm

Tech Track

The State of the Patch

First - how is it we are still talking about patching as a security vulnerability? From there technically why is this STILL such an issue and more importantly what can be learned from those who have figured out how to get this right?

Moderator: Teri Robinson, executive editor, SC Media

- Charles Kao, SVP, Cyber Security at EthicalHat

- Alexander Bilus, Partner at Saul Ewing Arnstein & Lehr

- Chris Goettl, Director, Product Management, Security at Ivanti

Tech Track

The State of the Patch

First - how is it we are still talking about patching as a security vulnerability? From there technically why is this STILL such an issue and more importantly what can be learned from those who have figured out how to get this right?

Moderator: Teri Robinson, executive editor, SC Media

- Charles Kao, SVP, Cyber Security at EthicalHat

- Alexander Bilus, Partner at Saul Ewing Arnstein & Lehr

- Chris Goettl, Director, Product Management, Security at Ivanti

4:30 pm
-
5:15 pm

Plenary

Mobile Attack Demo with CISO Panel and Law Enforcement

See live a number of attacks on both IOS and Android mobile devices as a panel of experts comments and discusses ramifications for the business, disclosure, defense, etc.

Moderator: Eric Green, program director, SC Media

- Mark Bilanski, Deputy Director, NYS Cyber Command Center, Cyber Incident Response Team

- Louis Smith, Senior Security Analyst, NYS Cyber Command Center

EXPERT PANEL

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Tim Callahan, SVP, Global CISO, Aflac

- Christine Runnegar, Senior Director of Internet Trust, Internet Society

Plenary

Mobile Attack Demo with CISO Panel and Law Enforcement

See live a number of attacks on both IOS and Android mobile devices as a panel of experts comments and discusses ramifications for the business, disclosure, defense, etc.

Moderator: Eric Green, program director, SC Media

- Mark Bilanski, Deputy Director, NYS Cyber Command Center, Cyber Incident Response Team

- Louis Smith, Senior Security Analyst, NYS Cyber Command Center

EXPERT PANEL

- Tony Sager, Senior VP & Chief Evangelist, Center for Internet Security

- Tim Callahan, SVP, Global CISO, Aflac

- Christine Runnegar, Senior Director of Internet Trust, Internet Society

5:20 pm
-
5:30 pm

Conference Closing Remarks

Conference Closing Remarks

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

5:30 pm
-
6:20 pm

Sponsored Cocktails and Networking

Sponsored Cocktails and Networking

Threat, Intelligence, Metrics and Cyber/Intellectual property Insurance - How to remove the ambiguity

From the ever present insider threat to the all too familiar ransomware attack - your organization will get hit if it hasn’t already. Learn how to plan for the worst even if you’d also like to hope for the best.

- Cedric Leighton, Colonel USAF (Ret), Chairman, Cedric Leighton Associates

- Devon Bryan, Executive VP & CISO, The Federal Reserve System

- Cheri McGuire, Group CISO, Standard Chartered Bank

This year's

Speakers

speaker

Pete Chronis

SVP, Chief Information Security Officer at Turner

Pete’s team is responsible for the media conglomerate’s infosec operations, architecture, governance, compliance, and business continuity programs – all designed to protect the company and its global portfolio of more than 100 brands. He has also developed proprietary and commercial security technologies that, together, have prevented $100 million+ in fraud.

learn more
speaker

Gregory Touhill

President at Cyxtera Federal Group

One of the nation’s premier cybersecurity and IT senior executives, Greg was selected by President Obama to be the U.S. government’s first CISO. He also previously served as director of the National Cybersecurity and Communications Integration Center, where he led national programs to protect the U.S. and its critical infrastructure.

learn more
speaker

Karen Gispanski

VP, Global Cyber Security Operations at Nielsen

Karen is responsible for Nielsen's global cyber security operations, including Security Operations, Threat Intelligence, and Incident Response. Her strategic leadership experience ranges across multiple industries including managed security, financial, medical, manufacturing, and security consulting.

learn more
speaker

Christopher Painter

Former Sr. Director, Cybersecurity for White House, National Security Staff

A globally recognized expert on cybersecurity, cyber policy, and cyber diplomacy, Chris prosecuted of some of the most high-profile cybercrime cases in the U.S., before serving as senior official for the DOJ, FBI, National Security Council, State Department and White House.

learn more
speaker

Devon Bryan

Executive VP & CISO, Federal Reserve System

After serving as Deputy CISO for the IRS and Global CISO for ADP, Devon was appointed CISO of the Federal Reserve System where he ensures information security architecture, standards, policies and programs remain effective and efficient. His information security career began in the U.S. Air Force, where he served as a Captain and lead engineer working on systems and programs to protect the critical network and communications tools of the Air Combat Command.

learn more
speaker

Tim Callahan

SVP, Global Security & CISO at Aflac

Tim is responsible for directing Aflac’s global security strategy and leading the information security, business continuity and disaster recovery functions across the company to prioritize security initiatives and allocate resources based on appropriate risk assessments.

learn more
speaker

Tony Sager

SVP & Chief Evangelist, Center for Internet Security

Tony leads the development of the CIS Controls, a worldwide consensus project to find and support technical best practices in cybersecurity. He also serves as the director of the SANS Innovation Center. Before retiring from the NSA, Tony spearheaded the release of NSA security guidance to the public.

learn more
speaker

Carolyn Schreiber

CISO at Ahold Delhaize

Carolyn is leading the information security team for Ahold Delhaize globally, spanning 11 countries and 22 local brands including Food Lion, Stop & Shop, and Giant.

learn more
speaker

Steve Bongardt

President, The Gyges Group

A retired FBI agent, criminal profiler, digital forensic examiner, and SWAT operator and sniper, Steve is now the President of The Gyges Group, a cybersecurity and behavioral profiling consultation firm. His specialty is working with organizations' personnel, cybersecurity stack, and physical security apparatus to focus on their adversaries’ behavior and predatory pathway of attack.

learn more
speaker

Cedric Leighton

Colonel, USAF (Ret), Chairman, Cedric Leighton Associates

During his 26-year career as an intelligence officer in the US Air Force, Cedric witnessed the fall of the Berlin Wall, oversaw critical Special Operations missions, established key partnerships with nations in Southeast Asia and deployed five times to the Middle East. He served at every command echelon from small deployed elements to the Joint Staff at the Pentagon, where he was the Deputy Director for Warfighter Support and Integration in the Intelligence Directorate. He retired as a Colonel in 2010.

learn more
speaker

Charles Kao

SVP, Cyber Security at EthicalHat

Charles works closely with internal and external security experts and business partners to make sure security maturity governance are not only protecting company confidentiality, integrity, and availability but also demonstrate the business value and return of investment through security orchestration and workflow.

learn more
speaker

John McCumber

Director of Cybersecurity Advocacy, (ISC)2, Inc.

John represents (ISC)2’s 125,000+ members as their spokesperson for the profession of cybersecurity. His duties require him to work with legislators on Capitol Hill and provide strategic input to national and international committees on critical cybersecurity issues.

learn more
speaker

Tony Parrillo

Partner, Fortium Partners

Prior to joining Fortium, Tony spent 10 years managing a consulting practice focused on cyber security, IT risk management, and compliance, where he implemented federal IT security programs for the Department of Defense and other federal agencies, including the Navy, the U.S. Department of Agriculture and the General Services Administration.

learn more
speaker

James C. Trainor

Senior Vice President, Aon Risk Solutions

Mr. Trainor joined Aon in 2016 after a distinguished career at the Federal Bureau of Investigation, where he most recently led the Cyber Division at FBI Headquarters. He played a critical role in devising the FBI’s national strategy to combat cyber-crime and was the senior FBI executive responsible for all cyber investigations. During his three year tenure in the Cyber Division, Mr. Trainor led FBI Agents and Analysts in every major high-profile cyber investigation involving the FBI.

learn more
speaker

Mark Bilanski

Deputy Director, NYS Cyber Command Center, Cyber Incident Response Team

Mark Bilanski has been leading a Cyber Incident Response Team since 2007. The team specializes in digital forensics, malware reverse engineering, and post intrusion analysis, focusing on root cause and mitigation.

learn more
speaker

Louis Smith

Senior Security Analyst, NYS Cyber Command Center

Louis has been part of the New York State Cyber Command Center since 2016 and assists in responding to event alerts, malware analysis and phishing email attribution along with providing forensic support to the Cyber Incident Response Team.

learn more
speaker

Tammy Moskites

Managing Dir., Sr. Security Executive at Accenture

As a career CISO wth 30 years of experience, Tammy has held many security and technology leadership roles including Venafi, Time Warner Cable and Home Depot. She has dedicated her career to guiding CISO’s worldwide to help defend organizations from cyber threats and attacks.

learn more
speaker

Sandy Bilus

Partner, Saul Ewing Arnstein & Lehr

Sandy assists clients who need legal advice on issues involving cybersecurity and data privacy or who are facing complex commercial litigation, particularly in the higher education and financial services industries.

learn more
speaker

Cheri McGuire

Group CISO at Standard Chartered Bank

Cheri oversees information and cybersecurity strategy and risk management, governance, and policy for Standard Chartered Bank. With more than 25 years experience, she has held senior roles at Microsoft, Symantec, the US Department of Homeland Security Cyber Division/US-Computer Emergency Readiness Team (US-CERT), and Booz Allen Hamilton.

learn more
speaker

Christine Runnegar

Sr. Director of Internet Trust, Internet Society

With a background in regulatory litigation and an international outlook, Christine leads the Internet Society’s policy agenda on trust, which advocates for policies that support an open, globally-connected, secure and trustworthy Internet.

learn more
speaker

Todd Rossin

CEO & Chief Strategist, IDMWORKS

With over 20 years experience, Todd Rossin is responsible for the oversight of IDMWORKS business segments and for the development of strategic plans to sustain the company’s rapid growth.

learn more
speaker

Bénédicte Dambrine

Privacy Counsel at OneTrust

Bénédicte works closely with the Director of Privacy to handle the company’s internal privacy program. She enables customers to identify the most efficient response to their privacy regulatory needs and drafts and negotiates a broad range of commercial agreements.

learn more
speaker

Matthew Radolec

Security Architect Manager, Varonis

Matt has extensive experience investigating breaches, hunting for internal and external threats, responding to events, and building security operations programs.

learn more
speaker

Teddy Powers

Senior Cyber Security Architect, Anomali

Teddy is a leader in the threat intelligence management space, responsible for educating prospects on how to improve their current threat intelligence processes. He works with teams who have expressed the need to better manage intelligence, prioritize response and operationalize it to drive other business processes.

learn more
speaker

Chris Goettl

Director, Product Management, Security at Ivanti

With more than 15 years’ experience in the industry, Chris currently manages product and strategic direction for Ivanti's Security product lines. He also hosts Ivanti's monthly Patch Tuesday webinar and analysis, and regularly speaks at security events around the globe.

learn more

Full conference pass

$369

Industry-leading speakers, interactive demos,
and ability to earn 9 CPE.

register

All-inclusive access

Keynote and editorial sessions with industry-leading speakers

Demos from prominent tech companies

Interactive learning sessions

Key networking opportunities

Earn 9 CPE credits

Lunch from executive chef and unlimited snacks & beverages

Cocktail hour

Meet in person your favorite speakers

venue

Convene, 237 Park Avenue
NY, NY

address

Convene, 237 Park Avenue
New York, NY

more information

RiskSec NY 2018

Decrease Your Risk, Increase Your Security  |  Presented by SC Media
register Today >>