Day Three: Tuesday, September 24, 2019
8:00 am - 8:40 am Networking Breakfast
8:40 am - 8:45 am Chairperson's Opening Remarks
8:45 am - 8:55 am Thoughtexchange Market Question
Market Question: What are some things organizations must do more of to transform and remain competitive?
8:55 am - 9:30 am Security’s Role in Combatting Fraud in the Digital Economy
Balancing security and usability is vital for seamless customer experiences and security of accounts. Through collaboration, transparency and risk awareness, organizations can fight against fraud and ensure seamless experiences. Data needs to be secure and private so organizations can leverage, collaborate and monetize information without being exposed to breaches, misuse of information or theft of proprietary data. Security teams are an integral piece of the organization and need to reduce the likelihood of an attack and lessen and contain the impact of any breaches.
In this session, learn:
- Communicating with stakeholders the security risks in today’s mobile landscape
- Utilizing analytics to detect suspicious activity and alert stakeholders in fraud, claims and security
- Quantifying the level of vulnerability and creating opportunities for remediation
David VaughnCIS Security Officer
BB&T Branch Banking & Trust Co.
Raghuram GatamaneniChief Information Security Officer
Caliber Home Loans
Matthew LangChief Information Security Officer
9:30 am - 10:00 am Cracking the Code- Deploying Enterprise Data Protection and Cryptography Strategy
In this session explore the journey of pioneering payments processing for in-store, online, and mobile environments over the last 30 years. With daunting industry compliance mandates such as PCI-DSS, and a wide range of global privacy mandates that include GDPR, CCPA, and beyond, a clear global strategy and enterprise framework approach to compliance is an integral piece of the enterprise infrastructure. Explore best practices for implementing robust key and secrets management, and data-centric security implementation with tokenization and format-preserving encryption technologies to protect cardholder data and address other personal privacy use cases.
In this session:
•Developing a road map for compliance
•Implementing best practices for key management
•Protecting data throughout is payment journey
Sid DuttaVice President - Global Head Of Data Protection & Applied Cryptography
10:05 am - 10:35 am Business Meetings
10:35 am - 11:05 am Business Meetings
11:05 am - 11:35 am Deep Dive Insights: The Role of FBI in Cyber Security
The FBI’s role in cyber security differs from other government agencies, which will be discussed. This session will look at the public-private partnership in fighting cyber crime with the FBI and financial services companies. The presentation will cover incident response protocols and the current threat landscape with a focus on the CISO’s role in the process.
In this session:
•Partnering ahead of a breach- best practices for teaming with law enforcement
•Investigating the digital trail left behind by hackers
•Discovering the latest advanced persistent threats
11:35 am - 12:05 pm Evolving Threat Trends: Cryptojacking, Botnets, What’s Next?
Staying ahead of the latest cyber threats and attack vectors is critical. Cyber criminals continue to successfully penetrate and exploit corporate networks looking for unpatched vulnerabilities and new entry points. Financial services networks are utilized unknowingly to transfer crypto currency through traditional payment paths such as ACH and wire transfers. Proactive hunting and mitigating of potential security incident and users with criminal intent is necessary since current cyber threats are often missed by traditional tools. Threat hunting assumes a breach with the focus on quickly detecting and responding with clear visibility of the network and endpoints.
In this session, explore the necessary proactive stance along with the current types of threats:
- Exploring the latest threats and trends
- Deriving threat intelligence from malware discovered during incident response
- Strengthening incident response and threat hunting skills