2017 Chief Information Security Officer (CISO)

Leadership Forum

Thursday, November 9, 2017 | Los aNgeLes

admiNisTraTive NoTes

securityPlease wear your name badge at all times during the meeting.

Please do not leave your personal belongings unattended in the meeting rooms.

Argyle Executive Forum will not be responsible for items left in the rooms.

mobile devicesPlease do not allow any mobile device to disrupt the meeting while in session.

All devices should be on silent mode.

ConversationPlease use areas outside of the ballroom to converse when the meeting is in session.

smokingPlease note that smoking is not permitted in the meeting venue.

The content of this program and the attendee list remain the sole property of Argyle Executive Forum and may not be rented, sold, or given to any outside party or used to market or promote any other meeting. Any such unauthorized distribution represents theft of property for which Argyle Executive Forum will pursue any and all appropriate legal remedies.

Speaker Materials are available upon request, pending availability.

ExtraHop’s Wire Data Analytics Platform Delivers IT

and Business Insight

Contact us at: 877-333-9872 or sales@extrahop.com

Single Source of Truth

Database Administrators Monitoring query performance

without profilers

VDI AdministratorsCorrelate front-end behavior

with back-end issues

Application OwnersCompare performance against baselines, troubleshoot faster

Virtualization TeamSupport P2V migrations with

before-and-after baselines

Security TeamDetect anomalies and simplify compliance

Network AdminstratorsUnderstand app performance with detailed L2-L7 metrics for all teirs

Business AnalystsDiscover unanticipated relationships and correlations

Chief Information OfficersGain a unique and valuable perspective on IT Operations

Server TeamIdentify misconfigurations and

automatically map dependencies

Storage AdministratorsTransactional detail for individual servers and server groups

The ExtraHop platform delivers visibility for IT organizations so that they can

mitigate risk, improve profits, and reduce costs. With ExtraHop, you can equip

all teams in your organization with a deterministic, real-time source of IT truth.

www.extrahop.com

ageNda

2017 Chief Information Security Officer (CISO) Leadership Forum (Los Angeles)

Thursday, November 9, 2017 | 8:00am – 6:00pm

8:00am – 9:00am

Breakfast

9:00am – 9:05am

Argyle Opening Remarks

9:05am – 9:40am

KeyNoTe preseNTaTioN FeaTuriNg CiTy oF Los aNgeLes:

“The Future of Cybersecurity”

As organizations race toward digital transformation to maintain competitive advantage and to satisfy evolving customer demands, CISOs must reevaluate their security strategies and risk management program to address new challenges of digital business security. This keynote will discuss the future of cybersecurity and evolving role of CISO in the age of digital transformation.

Timothy Lee Chief Information Security OfficerCity of Los Angeles

ageNda

9:45am – 10:05am

ThoughT Leadership spoTLighT FeaTuriNg LooKouT:

“Those APTs You’re So Worried About are Mobile Too”

Enterprises take a lot of care to protect their laptops from APTs. Indeed, the endpoint detection and response (EDR) market soared to over $500 million last year (2016). But evidence indicates that the same nation-states enterprises are spending millions to keep out of their laptops are widely executing targeted attacks on mobile. And enterprises have made it easier for them because they’ve left mobile devices unprotected.

Mike MurrayVice President of Security IntelligenceLookout

10:05am – 10:30am

Networking Break

ageNda

10:30am – 11:20am

paNeL disCussioN:

“Combatting Malvertising, Ransomware, and the Rise of Cyber Threats”

Session topics include, but are not limited to:

• Discussing heavily targeted industries for ransomware

• How organizations are taking precautionary measures

• Examining the evolution of the CISO role in relation to the rise of cyber threats

• Exploring the latest developments within the ransomware and malvertising space

• Pinpointing top weaknesses that are impacting the organizations

• Best practices for detecting and combatting advanced threats

Moderator:Emilio EscobarHead Of Information SecurityHulu

Panelists:Jason BunyeaChief Information Security OfficerArbonne International

Stephen FrethemSenior Systems EngineerVaronis

Darrell JonesHead, Global Information SecurityHerbalife International of America

Raja MukerjiCo-Founder & Chief Customer OfficerExtraHop

11:20am – 11:40am

Networking Break

ageNda

11:40am – 12:30pm

paNeL disCussioN:

“Security as a Business Enabler”

Session topics include, but are not limited to:

• Top emerging risks stemming from new digital channels

• Harnessing data to understand threats in real time

• Enabling efficiency and productivity through reliable security processes

• Compellingly communicating security concepts to the executive team

• Best practices for cross department collaboration and education

Moderator:Chris JoergChief Information Security OfficerCedars-Sinai Health System

Panelists:Nikolay ChernavskyChief Information Security Officer (CISO) and Senior Vice PresidentPennyMac Loan Services, LLC

Matt HughesVice President, Professional ServicesInteliSecure

Diego LaverdeSenior Vice President and Head of Information Security, Information Technology and Information Systems Risk and ControlCiti

Sami NassarVice President Cyber Security SolutionsNXP Semi Conductor

Brendan O’ConnorSecurity Chief Technology OfficerServiceNow

12:30pm – 1:30pm

Lunch

ageNda

1:30pm – 2:15pm

KeyNoTe FeaTuriNg sTaNFord ChiLdreN’s heaLTh:

“Cybersecurity Risk Management: Changing Cybersecurity from a Zero to a Hero”

In light of the recent rash of attacks (Equifax, WannaCry, etc.) that involved exploits of known vulnerabilities, having effective cybersecurity risk management is key. Experts are now becoming more proactive in predicting when, where, why and how attackers might strike – and despite that, many organizations still see cybersecurity as costly, inefficient, and counter-productive. In this session, we’ll explore a proven methodology to turn cybersecurity into a business enabler, and how to prioritize cybersecurity risk management as an internal business objective instead of a Cybersecurity Mandate.

Auston DavisChief Information Security OfficerStanford Children’s Health

ageNda

2:15pm – 2:50pm

Fireside ChaT FeaTuriNg darKTraCe:

“Autonomous Cyber Defense: AI and the Immune System Approach”

From insiders to sophisticated external attackers, the reality of cyber security today is that the threat is already inside. Legacy approaches to cyber security, which rely on knowledge of past attacks, are simply not sufficient to combat new, evolving attacks, and no human cyber analyst can watch so much or react quickly enough. A fundamentally new approach to cyber defense is needed to detect and respond to these threats that are already inside the network - before they turn into a full-blown crisis.

Self-learning systems represent a fundamental step-change in automated cyber defense, are relied upon by organizations around the world, and can cover up to millions of devices. Based on machine learning and probabilistic mathematics, these new approaches to security can establish a highly accurate understanding of normal behavior by learning an organization’s ‘pattern of life,’. They can therefore spot abnormal activity as it emerges and even take precise, measured actions to automatically curb the threat.

Discover why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.

In this session, learn:

• How new machine learning and mathematics are automating advanced cyber defense

• Why full network visibility allows you to detect and autonomously respond to threats

• How smart prioritization and visualization of threats allows for better resource allocation and lower risk

• Real-world examples of unknown threats detected by ‘immune system’ technology

Gabriel CortinaVP, TechnologyBunim / Murray Productions

Interviewed by:Parker AshleyCyber Security ManagerDarktrace

ageNda

2:50pm – 3:25pm

KeyNoTe preseNTaTioN FeaTuriNg hyuNdai:

“Overcoming Shadow IT with Vendor Risk Management”

What’s shadow iT? Shadow IT refers to IT devices, software and services that are procured outside the ownership or control of IT organizations. In this case we’re talking about the business going to outside vendors to procure these types of IT services. When the business hires vendors to perform IT services, they’re not aware of the risk that is introduced to the organization. Marketing tends to be the biggest offender for obvious reasons. In this discussion, I’ll talk about:

• The best way to discover when, where, how and why the business procures “applications”, either custom made or off-the-shelf, outside of the organization.

• What information security can do to mitigate this type of risk to the business through vendor risk management.

Doug MurrayPrincipal and CISOHyundai Motor Group (Autoever America)

3:25pm – 3:45pm

Networking Break

ageNda

3:45pm – 4:20pm

KeyNoTe preseNTaTioN FeaTuriNg The Los aNgeLes CouNTy deparTmeNT oF pubLiC heaLTh:

“A Day in the Life of a CISO”

CISOs are not just the heads of information security. They have to be business leaders; they have to learn and know the business. They need to be public relations and marketing specialists, selling security to their organization’s business units. The days of technologists sharing with management the number of potential attacks from the Internet are ancient history. The C-Suite has no desire to learn to communicate with Information Security professionals. We must learn to speak the language of business.

CISOs must have a solid background in IT to be able to effectively communicate with the IT side of the house, collaborating on projects and discussing strategies to ensure security controls are in place and being adhered to. Effective security awareness strategies are increasingly important, as phishing attacks proliferate. One Phishing attempt can interrupt an entire morning. Applications need to be written in a secure manner, in an environment with ample security processes in place. Proposed new apps must be assessed for security at their very inception, not just prior to implementation.

Each day in the life of a CISO will be different, as priorities change and interruptions abound. Join me as we look at atypical (if there is such a thing) day.

Richard GreenbergChief Information Security OfficerLos Angeles County Department of Public Health

ageNda

4:20pm – 4:55pm

KeyNoTe preseNTaTioN FeaTuriNg apria heaLThCare:

“Sustaining Security Up in the Cloud”

Today’s businesses continue to rapidly reach for the Cloud, which raises serious concerns for IT and Security departments. Should you still be worried as more cloud providers in the market differentiate themselves by proving their best of class security? And how about Mobility? Mobile access to the Cloud has also changed completely. Despite the big security improvements, the last few years, it is still important to think about the potential risks - specifically the fact that you are still responsible for access and movement of data to the cloud.

Jerry’s presentation provides an overview of security best practices and how to incorporate them to sustain Cloud strategies in any organization.

Jerry Sto.TomasVice President & Chief Information Security OfficerApria Healthcare Group

4:55pm – 5:00pm

Argyle Closing Remarks

5:00pm – 6:00pm

Closing Reception

__________________________________________________________________________________

*Please note, the agenda is subject to change.

The information, views, and opinions expressed by speakers and other participants at our conferences are those of the individual and do not necessarily reflect the views and opinions of Argyle Executive Forum.

Argyle Executive Forum, its directors and officers, do not guarantee that any information provided by a speaker or other participant is accurate or complete and Argyle Executive Forum does not endorse any opinions that may be presented.

www.servicenow.com/sec-ops

Resolve Real SecurityThreats Fast

• Connect Security and IT on a Single Platform • Integrate your Existing Security Investments • Gain a Definitive View of your Security Posture

parTNers

Thought Leadership spotlight & app partner

Lookout is a cybersecurity company that makes it possible for tens of millions of individuals, enterprises and government agencies to be both mobile and secure. Powered by a dataset of virtually all the mobile code in the world -- 40 million apps and counting -- the Lookout Secu-rity Cloud can identify connections that would otherwise go unseen and predict and stop mo-bile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its pre-ferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro, Microsoft, and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C. To learn more, visit www.lookout.com, subscribe to the Lookout blog, and follow Lookout on Facebook, Twitter and LinkedIn.

panel & polling partner

ExtraHop is a force multiplier for IT teams struggling with increasing complexity. With the ExtraHop platform, organizations can regain control over the performance of their applications and infra-structure, and capitalize on their data analytics opportunity to improve business operations and results. The ExtraHop Platform combines market-leading application performance, availability, and security monitoring with new analytics capabilities.

With ExtraHop, IT organizations can ensure fast and reliable performance for systems that directly impact revenue and productivity. The ExtraHop platform provides IT teams with correlated, cross-tier visibility for all networked applications. Learn more at www.extrahop.com.

InteliSecure works with its clients to identify, prioritize, and protect critical intellectual property and other key assets that if stolen, or otherwise exposed, would cause significant financial and repu-tational damage to their bottom line. InteliSecure provides a portfolio of Consulting, Technical, Penetration Testing, GRC and Managed Security Services to develop data and threat protection security programs that can adapt and grow as the clients’ needs change. From initial strategy and design, to fully managed security programs, InteliSecure’s proprietary Critical Asset Protec-tion Program (CAPP) methodology provides a far more effective security solution than traditional Managed Security Service Provider offerings.

panel partners

parTNers

panel partners

Your enterprise needs to move faster, but lack of process and legacy tools hold you back. Every day, thousands of customer requests, IT incidents, and HR cases follow their own paths—moving back and forth between people, machines, and departments. Unstructured. Undocumented. Un-improved for years. With the ServiceNow System of Action™ you can replace these unstructured work patterns of the past with intelligent workflows of the future. Now every employee, customer, and machine can make requests on a single cloud platform. Every department working on these requests can assign and prioritize, collaborate, get down to root cause issues, gain real-time in-sights, and drive to action. Your employees are energized, your service levels improve, and you realize game-changing economics. Work at Lightspeed™.

For more information, visit http://www.servicenow.com/ or @servicenow

Varonis is the leading provider of software solutions for unstructured, human-generated enterprise data. Varonis provides an innovative software platform that allows enterprises to map, analyze, manage and migrate their unstructured data. Varonis specializes in human-generated data, a type of unstructured data that includes an enterprise’s spreadsheets, word processing docu-ments, presentations, audio files, video files, emails, text messages and any other data created by employees. This data often contains an enterprise’s financial information, product plans, strate-gic initiatives, intellectual property and numerous other forms of vital information. IT and business personnel deploy Varonis software for a variety of use cases, including data governance, data security, archiving, file synchronization, enhanced mobile data accessibility and information collaboration. As of June 30, 2014, Varonis had approximately 2,750 customers, spanning lead-ing firms in the financial services, public, healthcare, industrial, energy & utilities, technology, consumer and retail, education and media & entertainment sectors.

Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algo-rithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.

Fireside Chat partner

parTNers

enSilo is a comprehensive endpoint security platform that combines next generation antivirus with post-infection data protection capabilities that can automatically respond to and defeat the most complex infections. The unique platform makes incident response automatic and provides post-infection protection that prevents the theft or ransom of all data even if an endpoint is compromised. enSilo enables forensic teams with evidence of all stopped attacks so remediation can follow the clear-cut evidence without being buried in questionable alerts. enSilo is financially backed by Lightspeed Venture Partners, Rembrandt Venture Partners and Carmel Ventures.

senior supporter partners

Identify, Analyze and Prevent email threats from targeting your customers

Agari builds new, internet scale, data driven security solutions that eliminate email as a channel for cyberattacks and enable businesses and consumers to interact safely. The Agari cloud-based SaaS solution aggregates data from 2.5 billion mailboxes hosted by the email receivers includ-ing Gmail and Yahoo! to help global brands, including JPMorgan Chase, Facebook, Aetna, and UPS, eliminate email threats, protect customers and their personal data, and proactively guard brand reputation. Today, Agari analyzes over 7 billion messages per day, identifies over 2 million malicious URLs per month, and blocks over 200 million malicious emails per month.

Agari enables CISOs to protect consumer data and partner with CMOs to build a foundation of customer trust and loyalty to fuel digital transformation and revenue growth. Agari provides global brands with the experience, tools and analytics they need to eliminate email threats, protect customers and their private data, and pro-actively guard brand reputation.

Founded by the thought leaders behind Cisco’s IronPort solutions, Agari, a recipient of the JPMorgan Chase Hall of Innovation Award and recognized as a Gartner Cool Vendor in Security, is headquartered in Silicon Valley. Learn more at http://www.agari.com

parTNers

ZixCorp is a leader in email data protection. Trusted by the nation’s most influential institutions in healthcare, finance and government, ZixCorp offers innovative email BYOD security, industry-leading email encryption and a unique email DLP solution. Zix Email Encryption provides easy-to-use secure email to anyone, anywhere. ZixCorp provides the only transparent email encryption for both senders and recipients – enabling the exchange of encrypted email without any extra steps, passwords or additional set-up. Leveraging our leadership and expertise in email encryption, Zix-DLP combines our proven policy and content scanning capabilities with an intuitive quarantine interface. By focusing on email, ZixDLP addresses business’s greatest data risk while decreasing cost, reducing the deployment timeline from months to hours and minimizing the impact on your team. Our BYOD security solution ZixOne offers a new and different approach that never allows corporate email to reside on the device. With ZixOne, organizations control access to corporate email without jeopardizing data protection or productivity. If a mobile device is lost or stolen, access is simply disabled. Employees maintain control of their devices and their privacy, and employer liability risks are eliminated. For more information, visit zixcorp.com.

senior supporter partners

Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Founded in 2002, we have enjoyed a history of growth, with 4,500 customers and 300 partners worldwide.

Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitor-ing, vulnerability management, log management, and reporting and analytics. Learn more at tripwire.com, get security news, trends and insights at tripwire.com/blog or follow us on Twitter @TripwireInc.

tripwire.com | The State of Security: Stories. Trends. Insights. tripwire.com/blog

Over 9,000 customers world-wide depend on our advanced threat protection, security and compliance solutions.

TRIPWIRE—PROTECTING SENSITIVE NETWORKS AND VALUABLE CYBER ASSETS SINCE 1997.

CoNTeNT NeuTraLiTy poLiCy

if you are interested in recommending a speaker for

a future forum, please email:

speakers@argyleforum.com

• argyle is proud and protective of our high standards in ensuring the value of all content presented at our events.

• strict guidelines are in place to ensure that all content presented is balanced and vendor neutral.

• all topics that are covered at our member events are thought leadership-focused and in line with the expectations of our members.

• argyle seeks to prevent overt sales pitches or unbalanced vendor references.

• argyle provides all speakers with content presentation guidelines at the behest of our executive membership.

We ask that all speakers, members and sponsors respect argyle’s

content neutrality guidelines. We thank you for your continued support

for this policy as a way of protecting the high content standards and

trust that argyle has established with its members.