8:00 - 9:00 AM |
Networking Breakfast |
9:00 – 9:20 AM |
Welcome and Introductions
-
Jeff Moss, Founder, Black Hat + DEF CON
Mr. Moss advises companies on security issues, both, electronic and physical, as well as speaking globally on the topic. He sits on several advisory boards helping enterprises make informed decisions on cyber risks.
In April 2011 Mr. Moss was appointed as the Chief Security Officer for the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit whose responsibilities include coordinating and ensuring the security, stability and resiliency of the Internet's unique global identifiers as well as maintaining the root zone of the Internet. This position involved managing the IT security of the ICANN networks and information systems, the physical security of ICANN facilities and meetings, and ensuring that ICANN meets its security and resiliency commitments to the multi stake holder community that oversees ICANN. This position involved extensive international travel and coordination with governments, law enforcement, and operational security communities in support of discussions around Internet Governance and security. Mr. Moss left this position at the end of 2013.
Moss is the founder and creator of both the Black Hat Briefings and DEF CON, two of the most influential information security conferences in the world, attracting over ten thousand people from around the world to learn the latest in security technology from those researchers who create it. DEF CON just had its 21st anniversary.
Prior to creating Black Hat Briefings, Jeff was a director at Secure Computing Corporation where he helped establish their Professional Services Department in the United States, Asia, and Australia. His primary work was security assessments of large multi-national corporations. Jeff has also worked for Ernst & Young, LLP in their Information System Security division. Because of this unique background Jeff is uniquely qualified with his ability to bridge the gap between the underground researcher community and law enforcement, between the worlds of pure research and the responsible application of disclosure.
Jeff is currently a member of the U.S. Department of Homeland Security Advisory Council (HSAC), providing advice and recommendations to the Secretary of the Department of Homeland Security on matters related to homeland security. Jeff is a life member of the Council on Foreign Relations, which is an independent, nonpartisan membership organization, think tank, and publisher.
In 2013, Jeff was appointed as a Nonresident Senior Fellow at the Atlantic Council, associated with the Cyber Statecraft Initiative, within the Brent Scowcroft Center on International Security.
In 2014, Jeff joined the Georgetown University School of Law School Cybersecurity Advisory Committee.
Jeff is active in the World Economic Forum, and recently became a member of the Cyber Security Global Agenda Council for 2014-2016.
ICSA President's Award for Public Service, 2011.
-
Steve Wylie, General Manager, Black Hat
|
9:20 – 9:50 AM |
Quantifying the Cost of Cyber Risk
-
Scott Stransky
Scott Stransky is Managing Director and Head of the Marsh McLennan Cyber Risk Intelligence Center. The Center launched in 2021 to provide cyber modeling, thought leadership, and cyber analytics guidance across Marsh McLennan. Previously, he led the Cyber Modeling group at extreme event modeling firm AIR Worldwide (part of Verisk Analytics). Under his leadership and guidance, the team sourced and cleansed detailed cyber security, incident, and claims data, and combined it with advanced machine learning algorithms, stochastic modeling techniques, and Monte Carlo simulations, providing the insurance industry with a robust suite of models to manage their cyber insurance portfolios. He is a recognized speaker across North America and Europe on the topics of cyber insurance risk and catastrophe modeling, having been invited to speak at numerous conferences sponsored by Advisen, NetDiligence, IUA of London, RAA, CPCU Society, AM Best, Lloyd's, and others, in addition to engaging directly with clients. He was voted by his industry peers to be the 2023 Cyber Risk Industry Person of the Year in the Actuary/Modeler category. Mr. Stransky earned a bachelor’s degree in Mathematics with Computer Science from MIT and a master’s degree in Atmospheric Science from MIT.
|
9:50 – 10:20 AM |
Engineering and Security Working Together
|
10:20 - 10:40 AM |
Break |
10:40 – 11:10 AM |
Lightning Talks: Briefings Session Summaries
|
11:10 – 11:40 AM |
Optimizing Supply Chain Management
-
Beth-Anne Bygum, Chief Information Security Officer, Q2
Cybersecurity issues and the potential to disrupt resilient operations and brand trust is top priority for publicly traded companies and corporate boards. Risks, particularly cyber risks are accelerating and if not prepared, can undermine regulatory compliance, strategic growth and worse, weaken consumer loyalty. Navigating this environment, proactively responding to changes in regulatory expectations and managing fluctuating residual concerns requires knowledge and an understanding of proactive planning.
At Q2, Beth-Anne is responsible for the company’s global information protection, product & application security (SSDLC), enterprise IT security, cyber defense, and data protection strategy and services. Our security program is designed to scale with changes across the digital and development landscape while enabling the organization to achieve growth and revenue targets. Beth-Anne is a member of Q2’s senior leadership team reporting to the president.
With more than 30 years of experience directing disparate teams across application and product security, cyber security, risk management, information governance, IT compliance, IT training and sales, Beth-Anne has a proven expertise in connecting teams, people and leaders across the organization in solving operational challenges that require large scale transformation.
Beth-Anne holds a Master of Science degree in management and leadership (MSLM) from the University of La Verne and a bachelor’s degree in business administration from Rutgers University. She has worked with leading companies in data science, technology, consumer packaged goods, biotechnology, pharmaceutical and consulting sectors. Beth-Anne holds a Certified Business Continuity Professional (CBCP) designation and is a member of NTSC, National Technology Security Coalition, a non-profit, non-partisan organization that serves as the preeminent advocacy voice for CISOs working with public and private sector stakeholders. Her work there is to help advance policies that improve national cybersecurity standards and awareness.
Beth-Anne is a board advisor to non-profit, the Forge Institute, she and her husband volunteer their time to assist resources in underserved communities as well as transitioning military members into the civilian workforce.
- Peter Naumovski, CISO, Abbie
|
11:40 AM – 12:20 PM |
AI Unleashed: Managing the Risks, Reaping the Rewards
Panel
- Russ Bodnyk, Principal Scientist, NuLabs.ai
-
Kristy Hornland, Director, KPMG
Kristy Hornland is a Director at KPMG US specializing in AI security. She has delivered responsible and secure AI governance programs for leading life sciences, financial services, and government clients aligned to industry leading frameworks and practices, deployed AI security platforms to support these program objectives, and also has held the position of Global Resilience Federation AI Security Working Group facilitator for the last two years. She has been deeply integrated in emerging technologies throughout her ten year career with KPMG, and was part of the core team incubating KPMG’s first start up, Cranium, an AI Security platform. She is also the Women in Cyber deputy lead for KPMG US, defining the annual strategy and supporting overall governance to enable the entry, ongoing success, and long term retention of women at KPMG.
- Jason Clinton
- Matt Knight
- Google
|
12:20 - 1:40 PM |
Lunch |
1:40 – 2:10 PM |
Deepfakes
|
2:10 – 2:40 PM |
Surviving and Thriving After the Breach: A Resilience Roadmap
-
Christopher Hoff, Chief Secure Technology Officer, LastPass
Christofer Hoff joined LastPass as Chief Secure Technology Officer in 2022, leading software and platform engineering as well as enterprise and platform security teams. Hoff brings 30 years of experience in high-profile global roles in network, application and information security architecture, software development, engineering, operations, and management.
Before joining LastPass, Christofer had multiple cyber security engineering and operations leadership roles at Bank of America. His previous roles include Chief Information Security Officer at Citadel, Vice President and Security CTO at Juniper Networks, and Director of Cloud & Virtualization Solutions at Cisco Systems, among other security-focused roles.
In addition to his professional leadership responsibilities, Chris takes an active role in engaging youth in the impact of technology, privacy and security on society and culture as founder of HacKid, an interactive STEAM conference for parents and kids from diverse backgrounds. Chris was a founding member of and technical advisor to the Cloud Security Alliance and serves as an advisor to numerous companies and organizations.
- TBA
|
2:40 – 3:00 PM |
Break |
3:00 – 3:40 PM |
Navigating the Regulatory Landscape: A Fireside Chat on SEC Actions and Corporate Responses
-
Jennifer Lee, Partner, Jenner & Block
Jennifer Lee is a former Assistant Director in the US Securities and Exchange Commission’s (SEC) Division of Enforcement, Jen represents public and pre-IPO companies, corporate officers, financial institutions, and asset management firms in high-stakes regulatory investigations, internal investigations, and litigation. During her twelve year-career at the SEC, Jennifer supervised attorneys and accountants in a broad range of complex investigations and enforcement actions, and has specialized expertise in cybersecurity, financial reporting and internal controls, and ESG. Jen brings nearly twenty years of experience as a litigator in the government and the private sector to help clients navigate government scrutiny. As a highly regarded expert on the SEC’s enforcement program and federal securities laws, Jen is a frequent speaker at industry events, including Securities Enforcement Forum West and the Bar Association of San Francisco.
-
Chenxi Wang, Managing General Partner, Rain Capital
Chenxi Wang is an experienced technology executive with deep cybersecurity expertise. Board of Director for MDU Resources, a Fortune 500 company, serving on Audit and ESG Committee. Founder and General Partner of Rain Capital, a Cyber-focused venture fund. Chenxi has held senior tech strategy roles in large companies (Intel Security). She has led Go-to-market operations and product strategy in booming Silicon Valley startups (Twistlock, Ciphercloud). Chenxi is also an advocate for diversity & inclusion, and founder of the Forte Group, a 5013(C) organization to advance women's careers in Cyber. Previously Chenxi was a computer engineering professor at Carnegie Mellon University. She holds a Ph.D. in Computer Science.
|
3:40 – 4:10 PM |
From the Server Room to the Boardroom: Insights from a Journey Beyond the CISO Role
-
Joanna Burkey, Founder, Flat Rock Strategic Advisors
Joanna Burkey is a corporate director, former cybersecurity executive and the founder of Flat Rock Strategic Advisors. She serves on the boards of Beyond Inc (NYSE: BYON) and ReliabilityFirst Corporation and also provides advisory and consulting services to multiple enterprises. Her three-decade career in cybersecurity and technology spanned engineering, strategy, and digital transformation, most recently as the CISO for HP Inc. She holds NACD Directorship Certification from the National Association of Corporate Directors, is a certified Qualified Technology Expert with the Digital Directors Network, and was previously a fellow with the Center for Strategic and International Studies in Washington DC. She is based in Austin, Texas.
|
4:10 – 4:45 PM |
Government Update
-
Jen Easterly, Director, Cybersecurity and Infrastructure Security Agency (CISA)
Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. Before coming to CISA, Jen was Head of Firm Resilience at Morgan Stanley. A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than 20 years, including deployments in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the creation of United States Cyber Command. A graduate of West Point, Jen holds a master’s degree from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors, including the George C. Marshall Award in Ethical Leadership and the National Defense University Admiral Grace Hopper Award. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.
|
4:45 - 5:00 PM |
Closing Remarks |