CISO Chicago Summit | May 24, 2022 | Convene - 333 North Green Street - Chicago, IL, USA

agenda

Registration & Networking Breakfast

8:30 AM - 9:00 AM

Welcome Address

9:00 AM - 9:10 AM

Keynote: Personal and Professional Transformation as a Technology Leader

9:10 AM - 9:40 AM

Edward Wagoner, Executive Director & Chief Information Officer (Digital) of JLL joins us for a keynote presentation as we look at the technology professional in the new era of transformation.

Edward will take us through how you build an IT and tech division from the ground up while restructuring IT from a foundational standpoint with various business technologies. Do you build, buy, or partner to push your department and company forward?

The CIO and IT leaders have moved from the back office to the front office where IT used to be a "nice to have" and now is a "must have". Join this session to learn how you can move to become a transformational leader at your organization.

Edward Wagoner

Executive Director & Chief Information Officer (Digital)

JLL

Keynote: Let’s Create in the new era of digital transformation.

9:45 AM - 10:10 AM

Technology and transformation have always gone hand-in-hand, but the pace of transformational change accelerated over the last 2 years in every organization. IBM's VP of Marketing, Amy Swotinsky, will get our creative juices flowing as she shares stories and best practices sourced from thousands of IBM digital transformation engagements with the “new creators” - the change agents and forward thinkers in every organization - including yours.  She’ll cover a wide-range of areas, from cybersecurity to AI and data-driven transformations, how to use hyper-automation to make your business supersonic, and give you the tools to get creative to solve your organization’s biggest challenges. Welcome to today's IBM.

Amy Swotinsky

Vice President, Marketing

IBM

Break

10:10 AM - 10:20 AM

CIO Leading A Company Through an IPO and Adding Responsibility

10:20 AM - 10:45 AM

Join Rita Fisher as she speaks on lessons learned on her personal journey leading her company through an IPO and adding responsibility

Rita Fisher

CIO and EVP Supply Chain

Reynolds Consumer Products

CISO: Digital Age: Demystifying Data Analytics , Machine Learning : The need for ‘DataManity’

10:20 AM - 10:45 AM
Join us for a Thank Tank with Dimple Thakkar of JP Morgan Chase.

EB: Security Blind Spots in the Era of Cloud Communication & Collaboration: Are You Protected?

10:50 AM - 11:15 AM

The need to communicate, collaborate and do business on a global level has created a proliferation of cloud based applications and services. Email. Cloud Storage. Messaging platforms. CRM. Digital Apps and Services. Organizations continue to add new cloud channels to support their business needs. But with new channels come new security blind spots that must be addressed. 

 

In this session we'll discuss:
 

  • Cyber attack trends in the collaboration channel ecosystem
  •  The (yet) unsolved challenges of email security – the main channel of targeted attacks
  • The rising threat of cloud collaboration and the growing risk of content-borne attacks
  • And we will walk three use cases, their challenges and their deployments. 

Motti Elloul

Director, Technical Services

Perception Point

EBR: Future-Proof Your Customer Support IT Strategy

10:50 AM - 11:15 AM

The pandemic has led to a growing dependence on technology for customer support. Consumers are increasing their digital purchases by 160 percent and are expecting businesses to support them across their channels of choice like WhatsApp, Facebook Messenger, and more. 

 

To stay competitive, businesses have responded by rapidly purchasing new point solutions to support customers on their channels of choice. Now the pressure is on the IT teams to ensure these siloed solutions work together smoothly. They need to deliver consistent cross-channel experiences for their customers’ journeys, an easy to use tech stack for their employees, and a future-proof IT strategy for their business leaders. 

 

Join this session to learn: 

 

  • How to unify and simplify support experiences 
  • Why modern, consumer-grade experiences accelerate time to value
  • How to future-proof your support desk investment 
  • Art of the possible for customer support with AI and customer 360 view

Colin Crowley

CX Advisor

Freshworks

CIO: Smart City, Innovation and Security can Work for You

11:20 AM - 11:45 AM
What’s a smart city? Cities earn the label “smart” when they use three things – information, communication, and technology – to make a city run better, make it safer, more connected and prosperous. The main goal of a smart city is to optimize city functions and promote economic growth while also improving the quality of life for citizens by using smart technologies and data analysis. The security goals of a smart city—confidentiality, integrity, availability, safety, and resiliency—should be grounded on both the objectives of traditional IT (to secure data) as well as those of OT (to ensure safety and resiliency of systems and processes). Takeaway: How The City of Aurora used its agility to be in the forefront of Smart City Transformation

Michael Pegues

Chief Information Officer | Information Technology Division

City of Aurora, IL

CISO: The Cybersecurity Hiring Challenge: Solve the Mismatch

11:20 AM - 11:45 AM
There are nearly 600,000 open cybersecurity positions in the United States. HR departments have greatly inflated expectations of candidates for cybersecurity roles. Newly qualified cybersecurity professionals get one rejection letter after another. How can we solve this mismatch? How can we know who we can trust in entry-level positions, and what positions calling for five years experience and a CISSP could actually be filled by a qualified entry-level candidate?

Ray Trygstad

Associate Director Cyber Security Education

Illinois Institute of Technology

Executive Boardroom-Rise of machines: The new identity threat

11:50 AM - 12:15 PM

The number of machines of all types – from Kubernetes, to cloud, to IoT – is on the rise. Every machine requires an identity – TLS, SSH, and code signing keys and certificates – that control encryption, authentication, and code execution. However, compromise, misuse, and fraud of machine identities are prime attack vectors for hackers. Errors are creating debilitating outages and resulting in millions of dollars in lost revenue and impacted customer satisfaction and trust. For all these reasons and more, Gartner has named Machine Identity Management a top cyber trend for 2021.

 

Attend this session to learn:

· Errors, outages, and incidents happen every day when machine identities fail

· The top machine identity attacks targeting your organisation and software supply chain

· How to use the machine identity threat model built on standard ATTACK

· Three things your organisation can do today to stay #fastsecure with Machine Identity Management

 

Kevin Bocek

VP, Security Strategy & Threat Intelligence

Venafi

EBR: Milliseconds Matter in the World of Cyber Defense

11:50 AM - 12:15 PM

In the world of ransomware, supply chain poisoning, zero-day attacks, and unknown vulnerabilities, milliseconds matter.  Attackers can get access and manipulate workloads within minutes or even seconds.   

Our current tools allow attackers to dwell for hours, days, weeks, and months.   

There must be a better way.   

Powerful tools are needed to help organizations stop being reactive and start being proactive. Adoption of new security tools and frameworks can make a big difference. Enterprises should not have to settle for response if protection can be achieved.   

Join this session to learn how you can proactively protect your workloads from ransomware or other zero-day attacks in milliseconds and stop reacting to them after the fact.  Patch your vulnerabilities at your own tempo without opening yourself up to costly breaches.

Jennifer Cichoski

Director, Mid-west

Virsec Systems

IDMWORKS: Identity Security Foundations: Solving Customer and Workforce Management Access Issues

12:20 PM - 12:45 PM

Greg Bee

VP - Chief Risk Officer & Chief Information Security Officer

Pekin Insurance

Executive Boardroom: Applying Moving Target Defense to cyber physical system.

12:20 PM - 12:45 PM

Cyber Security has long been following the strategy of static defense, i.e an exercise of building castles and, over time, adding additional walls and improving the ones one already had.  This fell out of fashion in the physical world over a century ago because castles and other fixed fortifications are quite vulnerable to unanticipated forms of attack.  In this session we will be focusing at why implementing a Moving Target Defense is needed and its benefits.

Llyr Garner

Mission Systems

Dispel

Networking Lunch

12:50 PM - 1:50 PM

IP: Can you imagine a world without apps?

1:40 PM - 1:50 PM
Cloud applications have become central to how we innovate in business - how we make decisions or even take actions every day. And while they’ve been absolute game-changers, the sheer number of apps we use and the staggering velocity with which we add or swap them in our tech stacks has created a dizzying momentum that makes it nearly impossible for any human to keep up. It’s no wonder IT teams are grappling with how to manage, support and protect their exploding cloud application portfolio. The truth is - in situations like this - there really is only one answer to the problem: when humans can’t keep up, we need to let software manage software. We need to be able to see and act on every single app in our entire cloud application portfolio - to program desired, autonomous actions into the machine and let software manage the software. In short, we need SaaS Management.

Paul Kim

Enterprise Account Executive

Torii

CISO: What Good Looks Like - Vendor Management

1:55 PM - 2:20 PM
  • Working with vendors can be pleasant, mutually beneficial, and accomplished well without significant time commitment
  • Vendors offer a unique and powerful perspective that we should leverage
  • As CISOs, we can enable a more efficient market by promoting and ignoring vendors as appropriate

Brent Deterding

Chief Information Security Officer

Afni

CISO: Cybersecurity Maturity – is it Top Gun or Danger zone.

2:25 PM - 2:50 PM

Join Richard Rushing for a CISO Think Tank. 

Cybersecurity Attacks are ever-increasing. Ransomware is shutting organizations around the globe. Cybersecurity  has been around since the computer was invented and progressed into the foundations around many aspects of our lives. So when does Cybersecurity mature? Just what is Cybersecurity Maturity about? Does it mean that my Cybersecurity program can start “shaving now” and see a R-rated Movies, or could buy alcohol now?  This humor-filled view of Cybersecure Maturity or immaturity.

Richard Rushing

Chief Information Security Officer

Lenovo

Fireside Chat: Best Practices for Effectively Addressing Third-Party Security Risk

2:25 PM - 2:50 PM

InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches is to implement a comprehensive and efficient third-party security risk management (TPRSM) process. Dov Goldman discusses the increasing challenges surrounding third-party security as well as ways to efficiently and effectively manage the TPSRM process.

Dov Goldman

Director of Risk and Compliance

Panorays

CIO: Innovative, Agile Approach to Digital Transformation

2:55 PM - 3:20 PM
Most of us are somewhere on our digital transformation. Whether it is our journey to the cloud, enabling AI, or facilitating a remote workforce – digital transformation is driving organizations today. But what does it take to be more efficient and effective when it comes to digital transformation? Deepika DiGiovine is joining us to discuss a new way to look at your transformation with a focus on the customer (and also your internal customers).

Deepkia DiGiovine

VP Digital Applications and Connected Factory

Dover Corporation

CISO: Navigating through Complex IAM systems

3:25 PM - 3:50 PM

IAM has become central to many organizations security architecture today. Like a bouncer at the door of a nightclub with a list of who is allowed in, who isn’t, and who gets access to the VIP area – IAM allows your organization to have better visibility and protections of your systems. With that in mind, deciding what to do when it comes to IAM and what systems to have in place can be a nightmare. Jigar Shah is going to help us navigate through complex IAM system to give you the tools you need to make the best decisions possible.

Jigar Shah

Head of Identity and Access Management

R1 RCM

PM Break

3:50 PM - 4:00 PM

CISO : Hacking the Boardroom

3:55 PM - 4:20 PM

What can a hacker possibly know about navigating the world of the corporate boardroom? Well, as it turns out, quite a bit actually. CISOs and senior security leaders have fought for years to get our place at the table and our voices heard in these high-level conversations. Now with cyber security on the top of everyone’s minds and even regulatory pressures to bring cyber security topics to the agenda, we’ve got that voice. Yet all to often security leaders find resistance and frustration trying to connect with the board and secure support for our initiatives.

In this session, life-long hacker turned executive security leader Alyssa Miller, digs into the common pitfalls that security leaders fall into. She’ll illustrate many of the counter productive strategies that some leaders still attempt with very little success. She’ll use the lessons of neuroscience, her own experiences, and the guiding principle of truly being a business enabler to shine light on better ways to make those conversations count. She’ll share practical tips from a hacker’s perspective that have proven invaluable in gaining the trust of board member and building excitement for security programs.

Alyssa Miller

Business Information Security Officer

S&P Global Ratings

Executive Boardroom: Applying Moving Target Defense to cyber physical system.

4:25 PM - 5:00 PM

Cyber Security has long been following the strategy of static defense, i.e an exercise of building castles and, over time, adding additional walls and improving the ones one already had.  This fell out of fashion in the physical world over a century ago because castles and other fixed fortifications are quite vulnerable to unanticipated forms of attack.  In this session we will be focusing at why implementing a Moving Target Defense is needed and its benefits.

Llyr Garner

Mission Systems

Dispel

Closing Remarks

5:00 PM - 5:10 PM

Summit Happy Hour

5:15 PM - 6:30 PM