September 22 - 24, 2019
The Ballantyne Charlotte, Charlotte, NC

Day One: Sunday, September 22, 2019

10:45 am - 11:35 am Registration


11:35 am - 11:45 am Orientation

11:45 am - 11:55 am Thoughtexchange App Introduction

11:55 am - 12:00 pm Chairperson's Opening Remarks

Aaron Weissenfluh, Chief Information Security Officer at CBOE Global Markets

Aaron Weissenfluh

Chief Information Security Officer
CBOE Global Markets

12:00 pm - 12:30 pm Security Engineering is My Life(cycle)

Everything has a security consideration whether we build it or buy it. In today's environment of buy first or build quickly, how do we make certain that data is protected? Developing a security engineering discipline that is applied at any lifecycle stage can address this. This talk will look at some practical use cases.
In this session:
•Balancing security and productivity
•Providing real-time feedback loops throughout the organization
•Cultivating a forward-thinking vision for risk management
Janet Oren, Chief Information Security Officer at Legg Mason

Janet Oren

Chief Information Security Officer
Legg Mason

12:30 pm - 1:00 pm Evolving Threats and Empowering Security through the Cloud

The cloud offers economic, competitive and collaborative benefits to financial services. But the sensitive and regulated data kept by financial services requires heightened security measure. In this session, discuss the challenges and benefits of moving to the cloud. Look at how the changing threat landscape creates risks to traditional security practices. Examine current security trends affecting financial services  and approaches to protecting sensitive data:
•              Prioritizing and overcoming challenges to the cloud
•              Embracing the cloud with full visibility while managing shadow IT
•              Identifying gaps and ensuring regulatory compliance through the cloud
Paul Hamman, Senior Vice President, Head of Cloud Security at Suntrust

Paul Hamman

Senior Vice President, Head of Cloud Security

1:00 pm - 2:00 pm Networking Lunch

2:05 pm - 2:35 pm Machine Learning is Here to Help, Not Replace Humans

Over the next few years, machine learning (ML) will be a regular security practice and will offset skills and staffing shortfalls. Today though, ML is better at addressing smaller, more specific problems. Technology leaders have to understand that humans and machines complement each other and work better together than alone, as ML can assist humans in addressing uncertainty by presenting relevant information.
In this session:
•Discuss the ways machine learning can assist teams and organizations
•How to make the right machine learning choices for your organization
•The future of machine learning
Dr. Grant Jacoby, Senior Vice President,Director of Information Security Strategy and Training at Fifth Third Bank

Dr. Grant Jacoby

Senior Vice President,Director of Information Security Strategy and Training
Fifth Third Bank

2:35 pm - 3:05 pm Tales from the SOC

Let Neustar take you through the key workings of our world class SOC. Learn how we mitigate attacks of all shapes and sizes. Get an overview of the types of attacks and trends we are seeing. See first hand via our interactive demonstrations how our daily attacks are handled and see a live global attack map. Most importantly though - come prepared with questions to make this interactive and let our experts help and guide you regarding your own needs online Security.
Learning Outcomes:
• Live DDoS Attack & Mitigation Demonstrations
• Education on DDoS and other online attacks
• Fundamental understanding of a SOC
• Learn from key Neustar customer case study examples
• Your questions answered on your particular business security requirements

Matthew Wilson, Technical Team Lead at Neustar

Matthew Wilson

Technical Team Lead

3:05 pm - 3:35 pm Business Meetings

3:35 pm - 4:05 pm Business Meetings

4:05 pm - 4:35 pm Business Meetings

4:35 pm - 4:50 pm Networking Break


4:50 pm - 5:35 pm The Human Deception Problem: Understanding and Defending Against Social Engineering Attacks
The most successful method of cyber-attacks continues to be phishing. These attacks cost organizations millions of dollars each year and things are just getting worse. As these attacks intensify and become more refined, technology is failing to keep up and your users will continue to fall prey. To effectively defend yourself against this, you have to understand how the attacks work, including the psychological triggers and tricks the attackers are using. This session will explore the different levers that social engineers and scam artists pull to make your users more likely to do their bidding.

Join Erich Kron CISSP, Security Awareness Advocate at KnowBe4, as he provides fun and engaging examples of mental manipulation in everyday life: from the tactics used by common criminals, to sophisticated social engineering and online scams. Additionally, he'll look at how you can ethically use the very same levers when educating your users.

Key Takeaways:

•The Perception vs. Reality Dilemma
•Understanding the OODA (Observe, Orient, Decide, Act) Loop
•How social engineers and scam artists achieve their goals by subverting critical thinking steps
•How can you defend your organization and create your human firewall
Erich Kron, Security Awareness Advocate at KnowBe4

Erich Kron

Security Awareness Advocate


4:50 pm - 5:35 pm Adversary Oriented Security
In modern environments, the corporate security program utilizes an increasingly complex inter-relationship of people, processes, and technology in detection and response operations.  However, incident response capabilities must be balanced against budgetary constraints and other requirements the security program must meet. How do you measure the effectiveness of your incident response program, and the investments your organization has made? What measure of confidence do you have in your organization’s ability to detect and respond to the worst of circumstances? These are not questions that can be answered by yet another technical solution, yet are critical in understanding how your organization is oriented against the adversary.

This discussion will include:
•Programs that can be utilized to measure the efficacy of the security and incident response technology, people and processes.
•Identifying deficiencies in enterprise adversary detection programs, and pursue continuous improvement in organization-wide detection capability.
•Methods to determining new investments to be made in incident response capabilities. 

David McGuire, Chief Executive Officer at Specter Ops

David McGuire

Chief Executive Officer
Specter Ops

5:40 pm - 6:10 pm Converging Risk Management Across Multiple Disciplines to Address Recovery from Attacks

The parade of discussions regarding the Business Impact Analysis and Business Impact Assessment (collectively, the BIA) continue to play out across Business Continuity, Risk and Security industry events, discussion boards, articles, blogs, etc.  Discussion topics include streamlining, mechanizing and integrating the BIA with the Risk Assessment, and eliminating the BIA altogether as proposed by select new BCM and Security methodologies. This discussion will look at the necessary convergence and major expansion of the BIA across multiple risk disciplines supporting a fundamental business intelligence and requirements driven contribution to all of these risk domains, supporting Information Security, Data Privacy, Incident Management and Operational Risk (by example).
Importantly, the BIAs that are performed today by standalone BCM teams are increasingly becoming out of date and insufficient as business continuity, technology operations and the business are called upon to address recovery from cyber-attacks.
Paul Hamman, Senior Vice President, Head of Cloud Security at Suntrust

Paul Hamman

Senior Vice President, Head of Cloud Security

Two Quick Fire Presentations in 20 Minutes.Talk about getting to the crux of the matter, fast!

Ignite Sessions

Ignite Session

6:10 pm - 6:35 pm Digital Transformation: Data Diodes as Gateways to Protect, Detect, Respond and Recover
OWL Cyber Defense
As financial institutions “open up” and digitally transform, an interlocked cybersecurity transformation plan is essential as the access to operations and data becomes more complex and must be secured. In this session, attendees can expect to learn what a data diode is and how data diodes help financial institutions conform to security frameworks. This includes protecting production applications and data, assisting in anomaly detection, and recovering from a ransomware, wiperware or other malware attack. Security analytics/SIEM, secure blockchain/cryptocurrency processing, and cyber recovery use cases will be reviewed.

Gary McGibbon, Business Development Manager for Financial Services at Owl Cyber Defense Solutions, LLC

Gary McGibbon

Business Development Manager for Financial Services
Owl Cyber Defense Solutions, LLC

Ignite Session

6:10 pm - 6:35 pm The Industrial Revolution of Penetration Testing
All the drawbacks of manual penetration testing, cost-efficiency, time, and scope limitations, have now been solved.

A major leap in technology has, for the first time, enabled machine-based penetration testing. 
Now, with a click of a button, you can perform daily pen-tests without the need for third-party consultants.  

Explore how to implement automated penetration testing and its effect on the world of risk validation.

Ran Tamir, Vice President of Product at Pcysys

Ran Tamir

Vice President of Product

6:35 pm - 7:05 pm Networking Reception