EVENT
CISO BFSI Summit US | November 1, 2018 | Grand Hyatt Hotel - New York, NY, USA
agenda
Download Agenda (PDF)↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session 
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
Thursday, November 1, 2018 - CISO BFSI Summit US
7:15 am - 8:00 am
Registration and Networking Breakfast
8:00 am - 8:10 am
Welcome Address and Opening Remarks 
Presented by:
Paula Rizzo, Author, Individual 
8:10 am - 8:40 am
Keynote Presentation
Intelligence as a Maker Movement
An AI transformation is underway that positively impacts people, businesses and organizations globally. That is because today artificial intelligence is not artificial. Every industry and stakeholder stands to win and the benefits are universal. In the financial services industry, the use cases range from customer churn prediction to credit risk scoring to fraud detection and so many more. H2O, open source, is used in nearly every major bank and financial institution globally and is powering the new AI transformation that is changing the way finance industry leaders are making decisions and approaching the future. With AI to do AI, H2O Driverless AI, provides automatic machine learning to easily and quickly solve business challenges and create opportunities. With H2O.ai, our mission is to democratize AI for everyone. We want everyone to explore, learn, dream and imagine a new future with AI.
Sponsored by:
IBM
Presented by:
SriSatish Ambati, CEO and Co-Founder, H2O.ai
8:45 am - 9:15 am
Keynote Presentation
The Future of Operationalizing Your Cyber Capabilities
The industry finds itself in a situation where there is a gap in cyber security talent. There is plethora of different technologies being presented to help further advance the various cyber capabilities. This keynote will provide a view on how leaders can address these issues and turn these gaps into strengths through innovative practices.
Takeaways:
- Talent: How do develop your future Cyber Warriors
- Automation: How to utilize orchestration to enable your cyber operations
Presented by:
Rich Baich, EVP Chief Information Security Officer Corporate Risk, Wells Fargo
9:20 am - 9:50 am
Keynote Presentation
You Have Been Breached. Now What?
IBM has worked with many Financial Services companies in our Cyber Range and our Incident Response Teams have examined the readiness of the industry to survive a major cyber attack. Join this session to hear IBM's learnings and recommendations for the next steps Financial Services firms must take to survive a coordinated cyber attack.
Sponsored by:
IBM
Gary Meshell, Global Sales Leader, IBM
9:55 am - 10:20 am
Executive Exchange
Thought Leadership
Cyber Fatigue and What We Can Do About It
Fatigue seems to be the normal state for those working in the cybersecurity industry. Exhausted might be better word for it. But what is causing this fatigue and have we lost sight of the ?Righteous Fight?? Forcepoint Chief Scientist Dr. Richard Ford discusses why we've lost our way as security professionals and how we must recognize this truth in order to work smarter rather than harder.
Sponsored by:
Forcepoint LLC
Richard Ford, Chief Scientist, Forcepoint LLC
Thought Leadership
Digital Transformation Through the Lens of Customer Experience
Whatever your thoughts on digital transformation, there is a change happening in how technology is bought, sold, and used to deliver results. In this session, David will share a perspective and set of best practices that define the fundamental changes we're experiencing and how to execute against these changes. David will use examples from financial services and healthcare to demonstrate how attendees can develop a new perspective on their markets in order to execute more effectively.
Sponsored by:
CA Technologies
David Bressler, VP Presales, Agile Products, CA Technologies
10:20 am - 10:30 am
Morning Networking Coffee Break
10:30 am - 10:55 am
Executive Exchange
Think Tank
Cybersecurity - Complexity, Simplicity in Defensive Capability for the Year 3000
The United States accounts for over 50% of theft of intellectual property via cyber intrusions; amounting to over $250B per year. As a nation, consisting of a collective of small to large multi-national businesses and of US academic institutions, we have a call to arms to assure US innovations, ideas, and technologies are no longer stolen to propel those who intend harm to our nation and our future generations. This session will introduce the threats to our cybersecurity as well as discussing solution that you can take back with you.
Presented by:
Jennifer Gilbert, Senior Cybersecurity Advocate, NATIONAL SECURITY AGENCY
11:00 am - 11:25 am
Executive Exchange
Thought Leadership
Knowing Is Half the Battle - Protecting Applications & Their Sensitive Data
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection RASP changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc.
Chris Prevost, Vice President, Solutions, Prevoty, Inc.
Thought Leadership
Digital Transformation - Architecting Your Digital Edge
The digital economy is forcing enterprises to transform how they connect customers, partners, employees and operations. Today's market leaders credit their speed and business advantages to their digital platform. Equinix will discuss how an Interconnection Oriented Architecture (IOA(TM)) with a step-by-step playbook can redefine the edge - which is where to localize delivery of cloud-supported services to your customers, employees and partners - and architect your digital platform.
Sponsored by:
Equinix
Dan Eline, Head of Solutions Marketing, East Region, Equinix
11:30 am - 11:55 am
Executive Exchange
Thought Leadership
Don't Break the Bank: Achieving Compliance in Financial Institutions Quickly and at Scale
Compliance regulations such as SWIFT and GDPR can be challenging to understand and implement. Many of these regulations have cybersecurity requirements that are focused on protecting critical banking infrastructure with aggressive timelines - and without disrupting the very business-critical systems you're trying to protect. Jumping from one set of requirements to another, and to subsequent internal and external audits, can feel like a never-ending cycle.
In this session, we will share thoughts on different approaches to handling the unique challenges a security practitioner in financial services can expect. We'll highlight Illumio's unique position helping the largest financial institutions in the world solve regulatory and compliance challenges quickly and at scale.
Takeaways:
- Top challenges facing global banking
- Approaches to protecting your "digital crown jewels"
- Pros and cons of different approaches
- How to future-proof for evolving requirements
Sponsored by:
Illumio, Inc.
Presented by:
Sumita Gorla, Systems Engineer, Illumio, Inc.
Thought Leadership
Process Mining - Turning Process Insights Into Action
Celonis is the leader in business transformation software, turning process insights into action with the process mining technology it pioneered. For Global 2000 companies, transforming to an intelligent enterprise has become a key strategic priority. Celonis disrupted what had previously been a manual, time-consuming and expensive consulting-driven approach to jump-start and operationalize change in transformation initiatives.
Sponsored by:
Celonis
Priya Shah, , Celonis
12:00 pm - 1:10 pm
Luncheon & Executive Visions Panel
CIOs/CISOs as the Consummate Communicator
It is also changing the role of the CIO and CISO to be a business leader and internal sales leader for transformation. CIOs are now responsible for communicating strategies and recommendations to CxOs, boards and key stakeholders within a company. Join us, during lunch, for a passionate panel discussion with your peers as they share how they are successfully communicating internally to accomplish the company's goals.
Takeaways:
- CIOs must be great communicators, not only with their teams, but the rest of the organization
- CIOs must learn the best ways to communicate clarity and urgency with Boards and CXOs
Moderated by:
Paula Rizzo, Author, Individual
Panelists:
Rich Baich, EVP Chief Information Security Officer Corporate Risk, Wells Fargo
Michael Palmer, Vice President Chief Information Security Officer, National Football League
Sandip Sahota, Managing Director Head of Enterprise Data, Canada Pension Plan Investment Board
Steven Wolk, CTO, PC Richard and Son
1:15 pm - 1:40 pm
Executive Exchange
Executive Boardroom 
Reducing Risk in the Face of Cyberattacks & Data Loss Exposure: For Business-Critical Data, Recovery is Everything
As a security office, protecting against exposure to the risk of data loss is one of your major concerns. Cyberattacks and extended outages are just some of the threats your organization faces. It's likely that many of your critical enterprise-wide applications run on Oracle Database, so protecting them against these threats should be a top priority.
When a ransomware attack occurs, recovery is everything. Continuous protection eliminating exposure to the risks of database data loss. Cybercriminals are using ransomware to target mission-critical data and enterprise applications. If a ransomware attack gets past your security barriers, you have two options: pay to regain access to your data or restore as quickly as possible from the last successful backup prior to the attack. If you choose to restore instead of paying, your IT team will need to make sure you have a valid copy that can be recovered quickly. In addition, they'll need a recovery point as close as possible to the moment prior to the attack - seconds, not hours - to minimize data loss and business disruption.
Join us to discuss how Oracle's Zero Data Loss Recovery Appliance (Recovery Appliance) has been developed by Oracle specifically to protect Oracle Databases, it ensures optimal protection of your critical data. Who better to know the best way to protect your Oracle Database than Oracle itself? It not only protects each transaction down to the last sub-second, but also maps those changes to create an on-demand, ready-to-restore full database copy. This enables your IT team to rapidly recover data up to the very moment a ransomware attack or outage occurs -eliminating the risk to your organization's productivity, revenue, and reputation. And, because Recovery Appliance can cut recovery times by up to 90 percent - your business operations get fully up and running rapidly.
Sponsored by:
Oracle
Tim Chien, Director of Product Management, Oracle
Presented by:
Matthew O'Keefe, Corporate Technologist, Converged Infrastructure Division, Oracle
Executive Boardroom
Achieving Critical Outcomes with Next-Gen Service Management
You invest in IT Service Management (ITSM) to enable employee productivity and help ensure performance and availability of business-critical services. You are also looking to improve customer experience, support delivery of new services, ensure compliance, and often reduce costs. Have decade old traditional ITSM solutions helped you achieve the outcomes you expected? If not, you are not alone. We will present solutions and methods used by successful IT organizations to deliver more value, provide better support, and improve your customer satisfaction.
Takeaways:
- How a codeless service platform accelerates time-to-value and simplified administration.
- What Zero-Touch Management is and how to enhance your processes by adopting it.
- Using metrics to evaluate a $0 implementation.
Sponsored by:
Cherwell Software
Jesse White, President, Intact Technology, Cherwell Software
1:45 pm - 2:10 pm
Executive Exchange
Executive Boardroom
IT & OT Cyber Security: Different Sides of the Same Coin
Organizational diversity makes it difficult to define and adopt an industry wide security framework. Additionally, IT and OT operations have historically operated independently from each other, creating a challenge for manufacturers to assess their specific cyber security risk. The challenge will become even more complex as the connectivity of information and operational technologies increase, providing new opportunities for cyber criminals to target and breach manufacturing organizations. It is critical for organizations to consider vulnerabilities in both information and operational technologies in order to implement effective risk management strategies and to better understand the impact of a cyber attack on their infrastructure or a data breach specific to their business.
Takeaways:
- Share successes and challenges in assessing cyber security risk across IT and OT operations.
- Discuss the use of scenario planning and impact analysis in development of a risk management strategy.
- The importance of threat intelligence to active cyber defense.
Sponsored by:
BAE Systems Applied Intelligence
Jerry Piatkiewicz, Technical Sales, BAE Systems Applied Intelligence
Executive Boardroom
#NoDarkspace: Learn Why, What, and How to Monitor and Automate East-West and Cloud Security Investigations
What is darkspace, and what do you need to do about it? Once an attacker compromises a physical, virtual, or cloud host, their next step is to roam your extended (cloud, hosted, and on-prem) network looking for opportunity. The attacker looks like an insider: just one reason they are hard to identify. Another is the increasing use of encryption, including TLS 1.3, that will make it even less likely you can detect these activities without new tools. Gartner and other analysts are recommending Network Traffic Analysis (NTA) as an important element of a healthy risk posture, primarily because of its payoff in better threat detection and response.
We will walk through examples of blind spots and use cases for efficient and automated threat management for East-West and South-North attack activities. Then, as part of upgrading your security maturity, we will review case studies to leverage NTA's auto-discovery and visibility to reduce your attack surface, improve audit and pen test results, and make SOC analysts more productive.
Sponsored by:
Extrahop Networks Inc
Barbara Kay, Sr. Director - Security, Extrahop Networks Inc
2:15 pm - 2:40 pm
Executive Exchange
Think Tank
Driving an Omni - Channel Experience in Financial Services
Maintaining a consistent client experience is key to ensuring a consistent client relationship, which in turn leads to greater client retention and spend. Maintaining that consistent experience is complicated by the fact that clients now interact with all providers, not just financial services ones, through a variety of channels that can number into the dozens. It is essential to not have just consistency of look and feel across all channels, but consistency of experience, and indeed to allow individual experiences to occur sequentially across all channels.
Takeaways:
- Client experience is the primary motivator in client retention and reducing client churn is essential to controlling costs
- Client experience degrades when channel experience conflicts or limits client choice or activity so consistency is key
- Optimal experience needs a seamless client ?experience ecosystem? that, done well, tightens bonds, reduces costs, and increases spend
Presented by:
Chirag Arora, CISO, Crum & Foster
2:45 pm - 3:10 pm
Executive Exchange
Thought Leadership
Cyber Threats Gone in 60 Seconds - The Bad, The Really Bad and The Ugly
Cyber attacks can happen very fast and can have varying degrees of impact. Threat actors continue to evolve the tactics and techniques they use in doing bad things.
Join Ladi Adefala and discover surprising and interesting new techniques used by threat actors from the cyber underground. It's not just the bad, but the really bad and the ugly.
Sponsored by:
Fortinet
Presented by:
Ladi Adefala, Senior Security Strategist, Fortinet
3:10 pm - 3:20 pm
Afternoon Networking Coffee Break
3:25 pm - 3:50 pm
Executive Exchange
Think Tank
Back to basics- focusing on security architecture & strategy
In a world of increased sophistication, frequency and impact of cyber-attacks, security executives often struggle to juggle through priorities. How to stop the bleeding and staying ahead in the game with bad actors is a question that CISOs are often thinking in their minds. Considering cyber-attack is unavoidable, what should the security executives do to proactively prevent attacks and protect assets? This presentation will explain how going back to the basics and building a strong architecture practice helps cyber organizations to avoid shiny-toy syndrome and build a strategic risk-based controls maturity.
Takeaways:
- Only running after newer security controls is NEVER THE answer
- Building a control footprint that is risk based, absolutely needed for your organization and not driven by industry buzzwords
- Step by step approach on achieving architectural maturity in security space
Questions to address:
- Why focusing on architecture is so critical now?
- How to achieve maturity in establishing a security architecture practice?
Presented by:
Parthasarathi Chakraborty, AVP- Global Head Of Security Architecture, Strategy & Innovation, Guardian Life Insurance
Think Tank
Big Data, Little Data. Secure Data, Lost Data.
If digital transformation is a journey, then data is the fuel that will transport your company from here to there. What data do you have access to? How can you make sense out of the data and thus make decisions from it? How does a company use data to be a disruptor and not a victim? And how do you secure that data to ensure that the digital transformation journey does not end prematurely?
Takeaways:
- Digital transformation without constant access to usable and reliable data will be a slow and arduous journey.
- Digital transformation exposes increasing amounts of data potentially vulnerable to cyber attacks and must be addressed.
Presented by:
Peter Kapur, Head of Data Governance Operationalization and Data Stewardship, AIG
3:55 pm - 4:20 pm
Executive Exchange
Think Tank
Cloud Strategy Development
Healthcare is usually slow to adapt technology, mostly due to compliance and financial reasons. Cloud adoption in healthcare can provide more agility, cost savings, operational efficiency, and increase up time.
Presented by:
Vasee Sivasegaran, Corporate Director IS Infrastructure, Penn Medicine
Think Tank
Fund innovation & Digital Transformation Using Technology Business Management : The Art of the Possible
Today, most of the organizations want to fund innovation (AI, Blockchain, AR/VR) and/or digital transformation. However, their budgets are squirreled away by tech debt and they struggle to fund innovation and digital transformation. CFOs in conjunction with the CIOs must dramatically reinvent their Strategic IT Financial Management Strategy using Technology Business Management principles.
This session will introduce certain novel techniques such as the core-satellite approach towards portfolio management. The presentation content would mostly reflect my super-hit post with over 500K+ views at industry leading publication - TBM Council's Emerge..
Presented by:
Manik Patil, Global Senior Director, AIG
4:25 pm - 4:50 pm
Executive Exchange
Innovation Partners Showcase
A brief, but compelling review of three new innovative technologies supporting digital transformation.
Sponsored by:
Algosec
CenturyLink
4:50 pm - 5:00 pm
What's the Next Stop On the Transformation Journey?
Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs where common issues can be addressed and success stories can be shared.
Takeaways:
- Building an ongoing community with your peers can be an invaluable resource for tackling the Digital Transformation projects ahead of you
- Sharing stories of success (and failures) is not reserved to a one day CIO Summit but should be shared on a regular basis with your peers
Presented by:
Paula Rizzo, Author, Individual
Hugh Tamassia, Former CTO and Chief Architect (Master of Ceremonies), AIG and JP Morgan Chase
5:00 pm - 6:30 pm