CISO New York Summit | September 13, 2018 | New York, NY, USA

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Saturday, September 15, 2018 - CISO New York Summit

7:00 am - 7:55 am

Registration and Networking Breakfast

 

8:00 am - 8:10 am

Welcome Address and Opening Remarks

 

8:10 am - 8:40 am

Keynote Presentation

Malware Management - Past, Present and Future

Malware dates back to the earliest days of connected computing. To date, our approach to dealing with malware has remained relatively static. Currently we rely on being able to determine patterns within unpacked, decrypted files. This provides a single pattern-based signature to defend against a wide range of malware attacks, but is insufficient due to several management aspects. Artificial intelligence is the next step, but how can we leverage it to meet malware management needs? 

In this session you will learn: 

  • The history of AI 
  • How a deep learning system functions 
  • How this type of system is being used to combat the ever-increasing onslaught of malware
 

8:45 am - 9:15 am

Keynote Presentation

Analytics & Cloud Together: Accelerating Innovation in the New Cognitive Era

Leading companies are disrupting the status quo by using data to inform business strategy and create new business models that fuel growth. CIOs have the power to uncover the insight that drives disruption and speeds transformation. Learn how leading IT organizations are maximizing the use of open source and cloud technologies alongside on-premises investments to accelerate innovation. And understand how CIOs are embracing new cloud-enabled consumption models while helping ensure data privacy, security and sovereignty. 

Takeaways: 

  •  Integrating analytics into key applications and systems can enable people throughout an organization to access and act on insights when and where it matters most.  
  • Take advantage of more sources to enable better decisions. IT must create an environment with easy access to all types of data - structured and unstructured - from internal sources and those outside the organization. 
  • Data science teams are answering the toughest questions by leveraging open source development platforms and tools to build models more quickly and easily.

Sponsored by: IBM

 

9:20 am - 9:45 am

Executive Exchange

 

Thought Leadership

Secure, Simplify and Transform to a Cloud-Enabled Enterprise

Progressive companies are leveraging cloud, a powerful business enabler, to transform their business and make it more competitive. But cloud and mobility significantly impacts the current IT infrastructure - security, network traffic flow, applications, user experience and cost. As CIOs and CISOs embrace this transformation, they look for opportunities to exchange ideas with their peers who have gone through this journey. 

In this session, Zscaler will share experiences of leading the massive network, security and datacenter application transformation that he managed across all business units of GE. Example topics will include: 

  •  How to transform your hub & spoke network into a cloud-enabled network  
  • How to transform datacenter applications to a SaaS, AWS and Azure environment  
  • New security paradigm for the new world of cloud 
  • Changing role of IT execs 
  •  Lessons learned

Sponsored by: Zscaler

 

9:50 am - 10:15 am

Executive Exchange

 

Thought Leadership

Know Which Risks Are Worth Taking: Scalable Risk Management

In the constantly changing landscape of cyber risk, executives and board members are increasingly forced to take ownership of and accountability relating to digital risks. Yet, many lack the critical knowledge to make effective risk management decisions and incorporate them into their overall business strategy. This inevitably leads to security strategies which are ineffective and reactionary. This presentation will outline RSA's Business Driven Security strategy and focus on the intersection of risk management and IT & security initiatives.

 

10:20 am - 10:30 am

Morning Networking Coffee Break

 

10:35 am - 11:00 am

Executive Exchange

 

Think Tank

Evolving From Legacy To Achieve Digital Transformation

For most IT organizations, the way to get there is through a digital transformation framework, which produces a radically different and modern approach to technology and support that is based on a principle of business agility. It emphasizes moving quickly to adjust to the way the customer in the global techno-society wants to interact. 

Digital transformation requires a new business operating vision and a strategy on how to deliver that vision. includes technology infrastructure, tools, applications, communications, staff capabilities, staff competencies and more. The CIO has to work closely with corporate planning to define the type of support that will be needed and how the technology infrastructure and capability will evolve and to create a flexible investment plan that can be adjusted over time. Key elements must include the redesign of the technology infrastructure to reduce complexity and cost while increasing scalability, a rethinking of how business and IT work together, and an ability to quickly adopt and integrate new advanced technologies. 

Until recently, this goal has been almost impossible to achieve, because few companies have the ability to replace legacy infrastructure and applications. And it has been almost impossible to unlock legacy functionality and data for use with modern technology.

Presented by: Ashish Atreja, Chief Innovation and Engagement Officer, Mount Sinai Health

Think Tank

The Blockchain & Enhanced Security

There is a definite need to rethink the future of identity management on the web. The ability to verify your identity is the lynchpin of financial transactions that happen online. In today's digital age, an individual's identity is not defined by a single attribute such as a name, address or user ID. Rather, it is a collection of attributes including, but not limited to, name, age, financial history, work history, address history and social history. However, remedies for the security risks that come with web commerce are imperfect at best. IF Blockchain is the answer? how are you going to take it from being seen by senior management, as a futuristic solution to the way your organization may survive competition in the next five years.

Takeaways:

  • Growth of trusted Blockchain providers is growing exponentially
  • It's not just the financial industry this will affect -Retail, Health Care....are going to be in for the pound as well as in for the bitcoin.
  • Uses for Blockchain from ecommerce to supply chain management


 

11:05 am - 11:30 am

Executive Exchange

 

Thought Leadership

Using Data & Analytics to Drive Business Transformation

Big Data initiatives have become a reality among almost every company today, however, what we have seen is lots of initiatives have become just science projects and did not deliver on early expectations. This situation needs to reversed quickly because those organizations that are being successful with Big Data and analytics programs are rapidly leaving those that are unsuccessful in their wake. Big Data and analytics has the potential to be transformational for the enterprise, but IT leaders need to be making the right investments, in the right areas, to ensure optimal success. This panel discussion will focus on how to use data and analytics to drive true business success and show some real examples of companies and individuals who made a difference. 

Takeaways:  

  • Analytics is not a new capability and has always been aligned with the most successful companies 
  • The roles of IT and the lines of business are changing when it comes to data and analytics programs 
  • The business benefits of analytics programs can be huge but efforts need to be constrained so that they don't turn into flights of fancy, yet set free enough that they find the unknown unknowns that truly drive transformation

Sponsored by: Dell EMC

 

11:35 am - 12:00 pm

Executive Exchange

 

Executive Boardroom

Cyber Exposure: The Next Frontier for Security

Cyber  Exposure is an emerging discipline for managing  and  measuring  the modern  attack  surface  to  accurately  understand  and  reduce  cyber  risk.  Built  on  the  roots  of Vulnerability  Management  designed  for  traditional  IT,  Cyber  Exposure  transforms  cybersecurity  from identifying  bugs  and misconfigurations  and  expands  it  to  live  discovery  into  every  asset  in  any environment.  Cyber  Exposure  also  delivers  continuous  visibility  into  where  assets  are  secure  versus exposed,  and  to  what  extent,  and  prioritizes  remediation  based  on  the  asset's  business  criticality and the  severity  of  the  exposure.  

The  adoption  of  Cyber  Exposure  will  ultimately  empower  organizations to  translate  raw  security  data  into  a  metrics-driven  program  where  every  business  decision  factors  in Cyber  Exposure  in  the  same  way  as  other  business  risks,  to  make  more  proactive  and  better decisions.

Executive Boardroom

The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defense

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. A fundamentally new approach to cyber defense is needed to detect and investigate these threats that are already inside the network - before they turn into a full-blown crisis. Based on unsupervised machine learning and probabilistic mathematics developed by specialists from the University of Cambridge, new 'immune system' technologies are capable of learning the 'self' of an organization. By analyzing every network, device, and user, and modeling them as they go about their day-to-day activity, the Enterprise Immune System can establish a highly accurate understanding of normal behavior. It can therefore spot abnormal activity as it emerges, and even take precise, measured actions to automatically curb the threat. Rules and signatures are not keeping pace with today's rapidly evolving cyber attacks. The Enterprise Immune System represents a fundamental step-change in automated cyber defense, is relied upon by organizations around the world, and can cover up to millions of devices. 

Takeaways: 

  • How new machine learning and mathematics are automating advanced cyber defense 
  • Why 100% network visibility allows you to detect threats as they happen, or before they happen 
  • How smart prioritization and visualization of threats allows for better resource allocation and lower risk 
  • Real-world examples of unknown threats detected by 'immune system' technology
 

12:05 pm - 12:30 pm

Executive Exchange

 

Think Tank

IoT and IT/OT

Today's world of IoT brings several challenges. Navigating the complexity of IoT -software, customer requirements, support and integration brings new demands. Keeping the lights on and introducing new capabilities is complex. Navigating the reality of process, data, security and functionality can be a potential minefield. What does today's IT executive do? Keeping the focus to meet both Operational and IT demands and deliver value to the bottom line is today's reality.

Takeaways: 

  • What are the key areas of concern and risk for IoT adoption. 
  • What can be done to mitigate risk and deliver viable and secure solutions. 
  • How we are dealing with the rapid marketplace, new solutions and demand.

Presented by: Timothy Reed, SVP CIO, EMCOR Group

Think Tank

AI Meets IG

Automating Information Governance For most corporations today, information security is inextricably intertwined with the legal and compliance functions. Threat landscapes grow larger and more complex by the day; so, too, do the legal and regulatory frameworks within which those landscapes lie. Most boards of directors today grasp the strategic and operational imperatives associated with information security, yet at most organizations, nearly 80% of IT budgets goes to operational spend - paying to maintain technology already purchased and to manage and protect information already created"leaving only 20% to drive innovation and create new value for business. Legal and compliance, as well, are expected to do more with less, including by finding ways to embrace new technologies and new models for procurement of professional services. How can you do that when most of your time, money, and effort go just to technologies and new models for procurement of professional services. How can you do that when most of your time, money, and effort go just to keeping the lights on? Join us as we explore this issue and examine some of the successful strategies that are being leveraged by top IT leaders. 

Takeaways: 

  • The pressure on CISOs to drive change has never been higher, but fortunately neither has the opportunity to do so  
  • Disruptive technologies don't just have the power to disrupt information security for the worse, they have the power to disrupt the business for the better 
  • Fortune favors the bold; now is the time to take a leap into new modes of business to break the operational spend stranglehold
 

12:35 pm - 1:20 pm

Networking Luncheon

 

1:25 pm - 1:50 pm

Executive Exchange

 

Think Tank

The Future of the CIO in the Digital Economy

As more businesses undergo a digital transformation, and as digital transformations become more ingrained into organizational culture, Digital becomes not something unique and different from the business, but a core component of every aspect of the business. As this shift occurs, IT itself faces the very real possibility of no longer being a unique value prop for the business, but just another facility and overhead. In the new Digital world, what role then exists for the CIO? Two clear paths are presenting themselves; one leads to a focus on infrastructure and integration, to keeping the lights on for the digital innovators, while the other is leading the charge and helping with innovation itself. Knowing what path to choose, how to choose it, and how to see it through will be one of the greatest challenges CIOs of this era will face.

Takeaways:

  • The Digital Godzilla, Digital Disruption and Digital Change is here, or coming for all companies. CIOs that don't prepare for this change may not like the results when it arrives
  • Digital transformation reshapes core business models and creates new products, services and experiences. Disrupt or be disrupted.

Presented by: Richard Entrup, Global CIO, Christie's


Think Tank

Driving Digital: Enabling the Data Driven Organization

To what extent is your organization leveraging data and analytics to make both strategic and tactical decisions? Are your analytics near real time and pulling data from multiple sources, or are your analysts producing insights through a myriad of manually maintained spreadsheets? How are you retooling your organizations with self-service BI and data tools and are you leveraging citizen data scientists to close the analytics skills gap? What is the impact on your IT organization that must support new database architectures, cloud and SaaS infrastructure, growing data sets, and increased regulation? 

Takeaway: 

Isaac Sacolick, author of Driving Digital: The Leader's Guide to Business Transformation Through Technology will lead an engaging session sharing lessons learned from executing digital transformation in three different industries.  

Presented by: Isaac Sacolick, President, CIO/CDO, Star CIO

 

1:55 pm - 2:20 pm

Executive Exchange

 

Thought Leadership

Say Goodbye to Vulnerability Backlogs: Using RASP to Reclaim Control and Reduce Risk

Knowing is half the battle when it comes to protecting applications and their sensitive data. 

Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol. 

A real-time, embedded solution like Prevoty's runtime application self-protection (RASP0 changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime. 

As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre-production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.

 

2:25 pm - 2:50 pm

Executive Exchange

 

Thought Leadership

A Modern ERP for Digital Value Creation

Reduce cost, increase revenue and improve productivity: These are the three critical business imperatives for leading companies regardless of their geography or industry. These imperatives have been supported by ERP systems for more than two decades through business process automation.  However, we now live in a digital world in which companies struggle to run their operations smoothly while adopting emerging technologies, all the while keeping a laser focus on meeting or surpassing their specific business objectives. 

Join us to learn about how the next generation of ERP can support modern day digital challenges and enable companies to "run live". You'll get real-life examples with tangible business outcomes, explore deployment options, and get practical next steps. 

Sponsored by: SAP

 

2:55 pm - 3:20 pm

Executive Exchange

 

Think Tank

The Unbearable Lightness of Digital Transformation

Managing digital transformation teams means organizing, motivating and empowering technology and business stakeholders to address long-term needs, technology trends and uncertainties to execute a strategy that provides effective, secure and adaptable IT capabilities to enable business innovation and sustainability. 

Digital Transition is about the business' use of technology. IT transformation is about ensuring that the business has the technology it will need. Technology organizations have an obligation and opportunity to make IT transition a strategic program. Transition means change in relationships, roles, capabilities and responsibilities; architecture, tools and methods. 

IT Transformation is a challenge. It works best where team members are cognitively ready- mindfully aware, supporting a common vision and emotionally, socially and organizationally intelligent- to work in and manage change in a cross functional, interdepartmental, interdisciplinary team. 

Takeaways: 

  •  Cognitive readiness has the greatest impact on the success of transition teams and should be an area of primary focus for IT Transformation team leads, all team members and their management. 
  • Managing expectations- using strategic, architectural and project planning; systems and process thinking; effective communication; a sense of organizational awareness, and a significant dose of practical reality- is a critical success factors to be addressed by transition teams. 

Presented by: George Pitagorsky, CIO, NYC Department of Education

Think Tank

Best-of-Breed or Consolidated: Principles in Security Architecture Design

When it comes to implementing network security infrastructure there are two schools of thought: use best-of-breed point solutions, or go with all round consolidated platforms. Pros and cons abound for either approach revolving around varying levels of protection, integration, and administrative overhead but the increasing complexity of current security infrastructure is showing a winning approach. Even though consolidated solutions may offer greater benefits in the long run, no one exists in a green-field situation when it comes to network and infrastructure security so careful planning is required to ensure the necessary protection.

Takeaways:

  • The management burden of best-of-breed outweighs performance benefits
  • Consolidated platforms can lead to feature overlap and unnecessary cost
  • Planning is required to maximize coverage but minimize effort and spend
 

3:25 pm - 3:35 pm

Afternoon Networking Coffee Break

 

3:40 pm - 4:05 pm

Executive Exchange

 

Innovation Showcase

An exclusive opportunity to be exposed to the hottest new solutions providers in a quick-hit format designed to whet the appetite and spark immediate interest.
 

4:10 pm - 4:50 pm

Executive Visions

Facilitating Technology-Enabled Business Transformation

The role of the modern IT Executive is more complex than it has ever been before, not just because the technology landscape has become more complex, but also because increasingly IT execs have had to become a business-focused executive, not just a technologist. Long have we talked about the CIO and CISO getting a seat at the table but modern businesses are now demanding that their technology impresario join them and leverage his deep and rich technical acumen to allow the organization as a whole to better position itself for market-place success. To be successful, CxOs need to invest in themselves, in their personnel, and in the right technologies to allow them to position the IT department to proactively address business needs as an innovator and driver, rather than order-taker and enabler.

Takeaways:

  • IT leadership can no longer be simply technology focused, but must instead take their visibility into business process and become business focused
  • A broader business-focus does not preclude maintaining technology excellence however and indeed may demand more of it than ever before
  • Success for CxOs will be measured not in how they can enable enterprise decisions, but in how they can drive growth

Panelists:

Paul Wilner, CIO, Pall Corporation

Richard Entrup, Global CIO, Christie's

 

4:55 pm - 5:00 pm

Thank You Address and Closing Remarks

 

5:00 pm - 5:25 pm

Technology Innovation: The FreshPour

Presented by: Kuvée
 

5:30 pm - 7:00 pm

Summit Happy Hour