Black Hat CISO Summit — August 2, 2016
FOUR SEASONS RESORT, LAS VEGAS

Agenda

07:00 – 16:00 CISO Summit VIP Registration, Acacia Ballroom, Four Seasons
07:30 – 08:45 Breakfast
08:45 – 09:00 Welcome
  • Jeff Moss, Founder, Black Hat, DEF CON
  • Brian Gillooly, Co-Host, Black Hat CISO Summit
09:00 – 09:45 Keynote: Cybersecurity at the Speed of Business
In the relentless pursuit of competitive advantage in an unforgiving global economy, businesses today are advancing at lightning speed. But IT security must move even faster. Increased mobility, expanding reliance on cloud computing, burgeoning customer demand, and other challenges are all putting intense pressure on companies to ensure they’re keeping up with securing their data at every access point. Our keynote discusses how the person most responsible for setting strategy to maintain this breathless pace for security, the CISO, must respond.
  • Jeremiah Grossman, Cybersecurity Expert
09:45 – 10:15 CISO Hot Seat: Adapt Security Measures to New Business Technology Initiatives – IoT, Cloud, and DevOps
As new business technology initiatives begin to dominate the enterprise planning for all types of companies, CISOs must be ready to adjust their cybersecurity strategies on the fly. With the widespread adoption of cloud technology, an explosion of security end points with the advent of IoT, and the fast-paced demands of DevOps, security must not just keep up but stay ahead of the changes. We put three CISOs on the hot seat to provide 10-minute-long concise and clear explanations of their security approaches for each of these categories, then bring them together for a 30-minute panel discussion with the audience.
  • Alex Stamos, CISO, Facebook - Cloud
  • Richard Rushing, CISO, Motorola - DevOps
  • Ron Green, CISO, MasterCard - IoT
10:15 – 10:45 CISO Panel: Huddle on IoT, Cloud, and DevOps Security
After their trips to the CISO Hot Seat, our three CISOs return to discuss their experiences in more detail and take questions from the audience.
Panelists:
  • Alex Stamos, CISO, Facebook - Cloud
  • Richard Rushing, CISO, Motorola - DevOps
  • Ron Green, CISO, MasterCard - IoT
Moderator:
  • Timothy Wilson, Editor in Chief, Dark Reading
10:45 – 11:15 Networking Break
11:15 – 12:00 Workshop: How to Make the Most of Your Time with the Board
It’s one thing to be able to come up with the right security strategy for your organization, even when it involves collaboration with other technology areas and business-line leaders. It’s entirely another to prepare to deliver this strategy – including the budget and explanation for protection data and protecting shareholders’ investments – to the board. Through an interactive workshop, an expert in this area guides the audience through ideas and best practices that will work at your company, using real-world information supplied by attendees. We’ll also discuss what the CEO demands of the CISO in today’s hyperactive world.
  • Venky Anant, Associate Partner, McKinsey & Company
  • Tucker Bailey, Partner, McKinsey & Company
12:00 – 13:15 Lunch
13:15 – 13:45 Detect Threats – and Impacts – More Quickly: The Current Threat Landscape
An expert’s view of the current threat landscape and a synopsis of some of the latest cybersecurity challenges to emerge. We’ll explain how information sharing is critical to keeping ahead of new threats and how data analysis is helping CISOs become better at detecting the threats and their impact on enterprise data.
  • Dmitri Alperovitch, Co-Founder and CTO, CrowdStrike
  • Kelly Jackson Higgins, Executive Editor, Dark Reading
13:45 – 14:15 Roundtable: Enhance Your Incident Response - Three Rules for Dealing with a Ransomware Attack
John Pironti, a noted expert in information risk and security, will lead an interactive roundtable conversation to discuss practices attendees are using to enhance their incident response capabilities to better prepare for ransomware attacks and provide guidance and feedback for improving on those ideas.
  • John Pironti, President, IP Architects
14:15 – 14:45 Cybersecurity Insurance: A Shortcut to Risk Management?
CISOs are giving cybersecurity insurance much more scrutiny as companies begin to better understand what value or protection it may bring. While recent changes are enabling companies to better weigh the risks and rewards of policies, the protections are still not as defined as they are in other insurance industries. Hear the latest on how companies can potentially use insurance as a hedge against breach risk, and whether the payments coming out of insurance would truly offset the breach costs.
  • Mark Weatherford, Senior VP and Chief Cybersecurity Strategist, vArmour
  • Scott Kannry, Chief Executive Officer, Axio Global, LLC
14:45 – 15:15 Networking Break
15:15 – 15:45 Interactive Panel: Accelerating Security Through Effective Information Sharing
One of the reasons why enterprises are slow to react to imminent threats is because they tend to operate in a vacuum. But in most cases, new threats and exploits don’t just hit one company – they hit whole industries and supply chains. Wouldn’t companies recognize threats faster and respond more quickly if they shared attack and resolution information with others in their industry? In this interactive roundtable, top industry experts share their experiences with emerging capabilities of information sharing groups and technologies to more quickly warn companies of new threats in their industries and develop shared strategies for stopping them.
Panelists:
  • Alain Desausoi, CISO, SWIFT
  • Brian A. Engle, Executive Director, Retail Cyber Intelligence Sharing Center
  • Paul Kurtz, Co-Founder and CEO, TruSTAR
Moderator:
  • Timothy Wilson, Editor in Chief, Dark Reading
15:45 – 16:30 CISO Panel: How to Survive When Your World’s On Fire: Dynamic Security Planning
How do you set up a security strategy that must cope with changing business partners, evolving technologies, advanced threats, and constantly changing business needs? The approach of planning your security defenses a year or more in advance may no longer be viable. More companies are mining security data for faster problem resolution and more reliable forecasting on dynamic planning to accommodate anticipated and unforeseen changes. Is it the right approach for your company? A panel of experienced CISOs provides insight.
Panelists:
  • Adam Ely, Chief of Security for Global Commerce, WalMart
  • Fred Kwong, CISO, Delta Dental
  • Mark Lohman, Senior Director, Information Security, W.W. Grainger
Moderator:
  • Kelly Jackson Higgins, Executive Editor, Dark Reading
16:30 – 16:55 Black Hat USA Briefings Preview
  • Stefano Zanero, Associate Professor, Computer Engineering Department, Politecnico di Milano University
16:55 – 17:00 Closing Remarks
17:00 – 18:00 Reception