Upload
dinhmien
View
233
Download
0
Embed Size (px)
Citation preview
SINET ITSEF IT Security Entrepreneurs Forum
Supported by the US Department of Homeland Security Science & Technology Directorate
The Computer History Museum, Silicon Valley March 28 & 29, 2017
@SINETCONNECTION #SINETITSEF
Thank You to Our Generous Sponsors
FOUNDING SPONSORS
Science and Technology
March 28, 2017
Dear SINET Community,
Welcome to the 11th Annual IT Security Entrepreneurs Forum (ITSEF).
2016 proved to be another year of challenges within the Cyber domain, in particular the Russian attacks on our democratic processes, the Chinese and North Korean’s continuing threats not only against our nation but also harmful to our trusted allies. These and other situations have caused the world to be less stable and less safe, which places the onus on us as Cybersecurity professionals to raise the bar towards the protection of our national security and economic interests. People, processes and technology must continue to evolve in order to take the geometric advantage over the adversary and in particular, the rapid advancement of global innovative solutions. SINET provides a digital highway that accelerates and connects the ecosystem of the entrepreneur in Silicon Valley, Washington DC, New York City, London and Sydney.
I’m excited about our program and the outstanding list of speakers who will share their expertise on industry and government’s most pressing needs and priorities and discuss current topics of interest on stage and during the Information Sharing Hour.
Whether you’re a builder, buyer, investor or researcher, there is something for everyone at SINET, regardless of where your organization is in its lifecycle. For the entrepreneurs in the room please see the information on the 7th Annual SINET16 application process which opens on April 20th, 2017.
I would like to extend a special thank you to the Department of Homeland Security S&T Directorate, in particular Dr. Douglas Maughan, our keynote speaker The Distinguished, Mr. Norm Pearlstine, our sponsors, esteemed speakers, SINET members, and to all of our valued SINET community. I’m grateful that you are joining us as we continue to build communities of interest and trust that support the advancement of Cybersecurity innovation…
Sincerely,
Robert D. Rodriguez SINET Chairman & Founder
SINET SHOWCASE & WORKSHOPS 2017
2017 SINET 16 Application Process Opens April 20th
DO YOU HAVE CUTTING EDGE TECHNOLOGY?Innovative solutions frequently come from new and small companies. Our goal is to provide entrepreneurs from all over the world an opportunity to increase their product awareness to a select audience of sophisticated investors, builders and buyers. In order to participate, companies must have annual revenues of approximately fifteen (15) Million dollars or less.
BENEFITS OF APPLYING TO BE SELECTED AS ONE OF THIS YEAR’S SINET 16 INNOVATORS:• SINET 16 Innovators will have six minutes to deliver their value proposition on stage in front of 300 to 400
investors, builders, buyers and researchers;• SINET 16 Innovators will be included in SINET press releases and marketing material before, during and after the
Showcase;• SINET 16 Innovators will receive a free booth to display their technology at the Showcase on November 4th;• SINET 16 Innovators will receive free but mandatory coaching on their messaging for the November 4th stage
presentation;• SINET 16 Innovators will enjoy additional opportunities to present at other SINET supported global venues that
may arise throughout the year (TBD).
THE SINET 16 PROCESS FOR 2017:
In preparation for the SINET Showcase, SINET assembles a steering committee consisting of Cybersecurity leaders from industry, government, venture capital, investment banking and academia. Our esteemed committee works with Federal Agencies and private industry to identify their most critical needs and requirements. These needs and requirements are used to help evaluate the company’s application during the vetting process.
• April 20, 2017: SINET 16 application process opens. Please visit our website for more details: https://www.security-innovation.org/sinet16-award/
• June 20, 2017: SINET 16 Innovator application process will close. No applications will be accepted after this date
• August 21, 2017: the final list of this year’s SINET 16 Innovators will be notified that they have been selected to present on stage at the 2017 SINET Showcase in Washington, DC.
• October 16-20, 2017: The companies selected will receive free coaching on their presentation skills on the East Coast in Rosslyn, Virginia and on the West Coast in Menlo Park, California. (This coaching is complimentary but mandatory in order to maximize the presenters six minutes on stage).
• November 9, 2017: SINET 16 Innovators will have an opportunity to meet with interested parties at their booth throughout the day and during the two- hour evening reception.
For additional SINET 16 application process questions, please contact Bill Bosen | [email protected]
SINET 16
SINET ITSEF 2017
ITSEF AgendaTuesday, March 28, 2017
Day One
12:00 PM – 1:00 PM
Registration
1:00 PM – 2:00 PM
General SessionHAHN AUDITORIUM
1:00 PM – 1:05 PM
Introductory Remarks• Rick Geritz, Chief Executive Officer & Founder, Life Journey, Chairman, CyberMaryland
1:05 PM – 1:10 PM
Introduction to The SINET ITSEF Mobile APP• Christina Riboldi, Strategic Marketing Coordinator, SINET
1:10 PM – 1:15 PM
Welcome Remarks• Robert D. Rodriguez, Chairman & Founder, SINET
1:10 PM – 1:15 PM
Strategic and Tactical Cyber Actions the New Administration Needs to Get RightAbstract: This panel discussion will explore the cybersecurity priorities the new Trump Administration needs to address from the perspective of current Federal Government CISOs. Moderated by former US CISO Greg Touhill, the panel will discuss the current cyber risk posture of the Federal Government, on-going and planned initiatives, and recommendations for the new administration to better manage cyber risk across the Federal Government.
Moderator: • Greg Touhill, (former) Chief Information Security Officer, U.S. Federal
Panelists:• Roopangi Kadakia, Chief Cloud Strategist, U.S. Department of Veteran Affairs• Peter Kim, Chief Information Security Officer, U.S. Air Force• Chris Wlaschin, Chief Information Security Officer, U.S. Department of Health & Human Services
7
AGENDA
2:00 PM
Track SessionsTRACK A: 2:00 PM – 2:45 PM HAHN AUDITORIUMThe Proverbial Insider Threat Challenge – Are We Making Headway?Abstract: They’ve been a problem for centuries. However, with increasing digitization, insider threats have become a much more persistent and costly problem. For example, Dark Web forums exist solely to collude with insiders to steal data and conduct insider trading. What should companies do to mitigate the threat and develop a proactive approach? This panel will discuss:
• Why corporations should view insider threat programs as strategic assets rather than as overhead costs – In other words, how insider threat programs add significant value by protecting an organization’s brand, reputation, intellectual property, people, and facilities.
• Principles, lessons, and best practices regarding the implementation of insider threat programs – In Raytheon’s experience, what key steps must be undertaken (or considered) to implement a comprehensive insider threat program effectively? Examples may include steps like regular communication with the workforce and securing the support of senior leadership.
Moderator: • Brian White, Chief Operating Officer,
RedOwl Analytics
Panelists: • Gary Harbison, Chief Information Security Officer,
Monsanto • Erik Laykin, Managing Director, Regulatory
Cybersecurity Services, Duff & Phelps • Bob Novy, Deputy Assistant Director, United States
Secret Service • Kirk Poulsen, Senior VP & Chief Security Officer,
Leidos• Matthew Tank, Senior Manager Counterintelligence,
Insider Threat and Security Investigations, Raytheon
TRACK B: 2:00 PM – 2:45 PM GRAND HALLSecurity Automation & Orchestration is Finally Here, Tying the Loose Ends On to One Sheet of MusicAbstract: The world’s leading enterprises and government agencies are suffering from a daunting task: Triaging a massive surge in the volume and velocity of security events. Over 75% of organizations admit to routinely ignoring security events. Until now, the only recourse has been to hire rooms full of security analysts just to keep up. While an elusive topic for the past few years, Security Automation and Orchestration has finally matured to solve this real world problem and is now used in production by some of the world’s largest organizations. This panel will discuss SA&O, it’s uses, and how organizations can benefit.
Moderator: • Jim Pflaging, Principal, The Chertoff Group
Panelists: • Sean Convery, VP and General Manager,
Security Business Unit, ServiceNow • Oliver Friedrichs, Chief Executive Officer,
Phantom • Larry Johnson, Chief Strategy Officer,
Cybersponse • Ely Kahn, VP of Business Development &
Marketing, Sqrrl
2:45 PM – 3:05 PM
Break
SINET ITSEF 2017
TRACK A: 3:05 PM – 3:50 PM HAHN AUDITORIUMDeveloping an International Cyber Innovation EcosystemAbstract: There are many opportunities and networks to discuss cyber security co-operation between international organizations, including government, industry and academia. There are less examples of international co-operation from a cyber innovation ecosystem perspective. For the purposes of this panel, a cyber innovation ecosystem is defined as having four constituent parts, all within the one location. These comprise of, a high quality research university or institute, strong cyber security industry presence (large corporate and SME), strategic government support and a vibrant entrepreneurship and private investment community. There are great examples of cyber innovation ecosystems operating in country. The focus of this panel is to understand and discuss best practice of these ecosystems and more importantly, explore how we can connect these ecosystems together for the greater good.
Moderator: • Godfrey Gaston, Director Centre for Secure
Information Technologies, Belfast, UK
Panelists: • Daniel Craigen, Director of GCR,
Carleton University• Doug Maughan, Division Director, U.S. Department
of Homeland Security Science & Technology • Kazuo Noguchi, Senior Manager, Hitachi America,
Ltd. & Senior Researcher, Keio Research Institute at SFC
• Greg Simmons, Vice President for Institutional Advancement, University of Maryland, Baltimore County
• Ron Zehavi, Chief Executive Office, CyberSpark
TRACK B: 3:05 PM – 3:50 PM GRAND HALLThe Evolution of the Targeted AttackAbstract: Nation state-level actors have long targeted enterprise and government PC, server assets and mobile devices for espionage, but the attacks are getting even more sophisticated and concerning. In the past year we saw Russians attacking the election (and others), the discovery of the Pegasus iOS malware and continued evolution from the rest of the traditional APT actors. This discussion will talk about the strategies for executing a successful targeted attack, how modern platforms, security architecture and incident response have to evolve, and how these attacks will evolve in the next 5 years.
Moderator: • Mike Murray, VP of Security Research and
Response, Lookout
Panelists:• Anup Ghosh, Founder & Chief Executive Officer,
Invincea • Philip Martin, Director of Security, CoinBase• Ariel Silverstone, Vice President for Security
Strategy, Privacy and Trust, GoDaddy LLC
9
TRACK A: 3:50 PM – 4:40 PM HAHN AUDITORIUMFinding the Threat Intel Needle in a Hay Stack of Needles, Prioritizing it and Making it Actionable, What is the Level of Maturity With This?Abstract: We have been talking about actionable intelligence for many years, but how do organizations actually mature their threat intelligence capabilities? In this session, we will explore both the automated analytics and human driven analysis required to create and prioritize threat intelligence. We will also discuss integrating intelligence into operational and strategic workflows.
Moderator: • David Zilberman, Managing Director,
Comcast Ventures
Panelists: • Lynda Grindstaff, Senior Director of Innovation
Pipeline, Intel Security • Rick Holland, VP of Strategy, Digital Shadows • Tom Pageler, Chief Risk Officer & Chief Security
Officer, Neustar, Inc.• Mario Vukson, Founder & Chief Executive Officer,
Reversing Labs• Bryan Ware, Chief Executive Officer,
Haystax Technology
TRACK B: 3:50 PM – 4:40 PM GRAND HALLProtecting the IoT, Medical Devices & All Things ConnectedAbstract: These SMEs will discuss the current cyber war environment that is now impacting organizations and sectors with connected Operational Technology and IoT. In particular, Healthcare cyber attacks have been on the rise, and most recently has contributed to major breaches making news headlines.
Medical devices continue to be a target of attackers with the lucrative financial goal of the theft of highly valuable patient data. This is one example of connected devices under attack. These devices are being used by organized cyber thieves seeking to target healthcare institutions on a global basis and represent a significant threat to hospital operations.
Learn more about the anatomy of these attacks, how they unfold and how they target devices and other known weaknesses within enterprise networks. Better understand new best practices you should implement and new technology which is available to meet and defeat these threats.
Moderator: • Greg Enriquez, Chief Executive Officer, TrapX
Panelists: • Thomas August, Chief Information Security
Officer, John Muir Health• Caitlin Bataillon, Intelligence Analyst,
Cyber Division, FBI• Kim Green, Chief Information Security Officer,
Zephyr Health• Rick Orloff, Vice President, Chief Security
Officer and Chief Privacy Officer, Code42• Suzanne Schwartz, MD, Associate Director
for Science & Strategic Partnerships, U.S. FDA’s Center for Devices and Radiological Health
AGENDA
SINET ITSEF 2017
TRACK A: 4:40 PM – 5:30 PM HAHN AUDITORIUMScaling Trust – Is it Possible to Have a Robust Information Sharing Program?Abstract: Scaling trust is the biggest challenge to a robust and timely Information Sharing Program. What time of technologies and platforms are best suited to enabling an anonymous, trusted and time sensitive Information Sharing Program. How much has the Government improved in its two way sharing from five years ago, and are CISOs more or less willing to share outside their respective sectors? With the continued onslaught of attacks against our government and critical infrastructures, the significance of sharing becomes more important than ever.
Moderator: • Sean Cunningham, Managing Director,
Trident Capital Cybersecurity
Panelists: • Michael Coates, Chief Information Security Officer,
Twitter • Ed Goetz, VP & Chief Security Officer,
Exelon Corporation • Tom Wilson, VP & Chief Information Security Officer,
Southern Company
TRACK B: 4:40 PM – 5:30 PM GRAND HALLGetting Cybersecurity Commercials RightAbstract: As consumers and businesses become more concerned about protecting sensitive data on-line, they are starting to asking tougher questions of their vendors and business partners about their cybersecurity practices. As a result, companies have to understand their clients preferences on data protection, put mechanisms in place to protect critical data without compromising customers experience and determine how to communicate with clients about data protection in a way that enhances trust.
Moderator: • James Kaplan, Partner, McKinsey & Company
Panelists: • Peter Gouldmann, Enterprise Risk Officer for
Cyber Directorate of Information Assurance, U.S. Department of State
• Alex Koehler, Executive Director, Amgen• Sherry Ryan, Vice President, Chief Information
Security Officer, Juniper Networks• Sunil Seshadri, Chief Information Security
Officer, Visa, Inc.
5:30 PM
Workshops Conclude
11
TRACK A: 4:40 PM – 5:30 PM HAHN AUDITORIUMScaling Trust – Is it Possible to Have a Robust Information Sharing Program?Abstract: Scaling trust is the biggest challenge to a robust and timely Information Sharing Program. What time of technologies and platforms are best suited to enabling an anonymous, trusted and time sensitive Information Sharing Program. How much has the Government improved in its two way sharing from five years ago, and are CISOs more or less willing to share outside their respective sectors? With the continued onslaught of attacks against our government and critical infrastructures, the significance of sharing becomes more important than ever.
Moderator: • Sean Cunningham, Managing Director,
Trident Capital Cybersecurity
Panelists: • Michael Coates, Chief Information Security Officer,
Twitter • Ed Goetz, VP & Chief Security Officer,
Exelon Corporation • Tom Wilson, VP & Chief Information Security Officer,
Southern Company
TRACK B: 4:40 PM – 5:30 PM GRAND HALLGetting Cybersecurity Commercials RightAbstract: As consumers and businesses become more concerned about protecting sensitive data on-line, they are starting to asking tougher questions of their vendors and business partners about their cybersecurity practices. As a result, companies have to understand their clients preferences on data protection, put mechanisms in place to protect critical data without compromising customers experience and determine how to communicate with clients about data protection in a way that enhances trust.
Moderator: • James Kaplan, Partner, McKinsey & Company
Panelists: • Peter Gouldmann, Enterprise Risk Officer for
Cyber Directorate of Information Assurance, U.S. Department of State
• Alex Koehler, Executive Director, Amgen• Sherry Ryan, Vice President, Chief Information
Security Officer, Juniper Networks• Sunil Seshadri, Chief Information Security
Officer, Visa, Inc.
5:30 PM
Workshops Conclude
Day Two
Wednesday, March 29, 2017
7:30 AM – 8:30 AM
Registration and Continental Breakfast
8:30 AM – 5:30 PM
General SessionHAHN AUDITORIUM
8:30 AM – 8:35 AM
Introductory Remarks by Forum Host• Rick Geritz, Chief Executive Officer & Founder, Life Journey, Chairman, CyberMaryland
8:35 AM – 8:40 AM
Welcome Remarks• Robert D. Rodriguez, Chairman & Founder, SINET
AGENDA
SINET ITSEF 2017
8:40 AM – 9:25 AMHow Russia Uses Cyber Attacks and Other “Hybrid Warfare” Tools to Advance its Foreign Policy and Economic ObjectivesAbstract: Russia has increasingly relied on cyber attacks as a core tool for pursuing its foreign and security policy goals. Moscow employs a mix of state agencies, state-supported proxies, and state-backed criminal networks to influence its adversaries’ political discourse, steal sensitive data, disseminate propaganda and misinformation, and disrupt foreign entities’ normal operations for political, military, and economic gain. But the use of cyber as a weapon is just one way in which Russia has turned to irregular warfare, or “methods short of war,” to advance its political, military, and economic agenda without triggering a conventional military conflict. Among the “hybrid warfare” tactics that Russia has recently employed are deploying anonymous “little green men” in Ukraine, arming local militias in the breakaway Georgian regions of South Ossetia and Abkhazia, funding right-wing political parties in both western and eastern Europe, manipulating natural gas supplies to secure political concessions, and expanding state-run media outlets designed to muddle the truth as much as to report the Kremlin’s official messages.
This panel will examine Russia’s use of cyber in the broader context of Russian foreign policy.
• What is Russia’s overarching strategy? What does Moscow hope to achieve by influencing U.S. and European elections, undermining Western institutions, and creating instability in Western-leaning areas of its “near abroad”?
• How does cyber fit into an overall strategy of irregular warfare that involves the use of political proxies, disinformation, and economic penalties?
• How does Russia use cyber as a means to achieve its goals? How do Russian tactics differ for different targets (governments, companies) and for different cyber actors (intelligence units, hackers, criminals)?
• What are the implications of Russian cyber strategy for the U.S. government, allied governments, and U.S. companies? How can a better understanding of Russian strategy help government agencies and private companies protect themselves from cyber attack?
Moderator:• Larry Hanauer, Vice President for Policy, Intelligence and National Security Alliance (INSA)
Panelists:• Ondrej Krehel, Digital Forensics Lead, Chief Executive Officer & Founder, LIFARS, LLC• George Kurtz, Chief Executive Officer & Co-founder, Crowdstrike• Herb Lin, Senior Research Scholar, CISAC and Research Fellow, Hoover Institution at Stanford University• Michael Murray, VP of Security Research and Response, Lookout
13
9:25 AM – 10:10 AMWhat is the Responsibility of Domestic and International Governments, Industry and Citizens Towards Protecting Themselves Against Global Cyber Attacks – and The Way Forward.Abstract: Costly and damaging cyber attacks involving the loss of personally identifiable information, commercial intellectual property and national state secrets continue to increase rapidly. To what extent should individuals, companies and governments be held responsible for ensuring that they are taking all appropriate steps to protect themselves from attack? What level of assistance should companies and citizens reasonably expect from governments in helping to address this serious problem for society? Should governments become more interventionist in imposing regulations to force the adoption of cyber best practices on business and citizens? Should companies impose more stringent requirements on their customers to adopt higher standards of personal cybersecurity?
Moderator:• Andrew Whitaker, H.M Consul General to San Francisco, British Consulate-General
Panelists:• Betsy Cooper, Executive Director, Center for Long-Term Cybersecurity, UC Berkeley• Alejandro Mayorkas, Partner, Wilmer Hale and Former Deputy Secretary, Department of Homeland
Security• John Mills, Director, Cybersecurity Policy, Strategy, International, DIB, and Workforce, Office of the Deputy
Chief Information Officer for Cybersecurity, U.S. Department of Defense• Andrew Stalker, Chief Information Security Officer, Barclays International
10:10 AM – 10:40 AM
Keynote Address: Cybersecurity & Media• Norman Pearlstine, Vice Chairman, Time, Inc.
10:40 AM – 10:55 AM
Break
10:55 AM – 11:15 AMSINET Thinks Forward with Yanev Suissa, General Partner, Sinewave VenturesAbstract: The problems associated with cybersecurity reflect a much broader paradigm shift that the current public-private paradigm is ill-equipped to handle. This shift forces government to become decentralized and personalized, while simultaneously allowing private sector entities to displace and replace traditionally public sector functions and roles. Cyber threats are different from traditional national security threats, and until we acknowledge that we are playing a very new game at a fundamental level, we can’t begin to adapt either the business or the public sector environments to cope with this new reality.
AGENDA
SINET ITSEF 2017
11:15 AM – 12:00 PMStatus of Implications of Chinese Rule Making Under the New Chinese Cybersecurity Law, Is There a Viable Market for Cyber Companies?Abstract: For many years, cybersecurity companies have tried to enter the growing Chinese market despite the ingrained preference for Chinese company preferences and concerns about intellectual property protection. Now a new Chinese cybersecurity law is requiring protections for national security purposes that seem to grant the government control over technologies protecting vaguely defined critical infrastructure. The law would impose large fines on both companies and responsible individuals. The panel will explore whether it is worth the risk for foreign companies to enter the market, the next steps for the implementation of the law, and how companies can engage with the Chinese government on these matters.
• How necessary is it to be a part of the Chinese fabric in order to achieve success.• Large companies have tried and failed to do so while others have succeeded. Why is this?• Is this market worth devoting attention too considering China’s past position on not always integrating US
Cybersecurity companies into their critical infrastructures?
Moderator: • Hank Barry, Partner, Sidley Austin
Panelists:• Guillermo Christensen, Attorney, Baker Botts LLP• Ted Dean, Former Deputy and Acting Assistant Secretary for Services, International Trade Administration
at Commerce • Dr. Mei Gechlik, Founder & Director, China Guiding Cases Project, Stanford Law School• Sherry Gu, Strategic Business Development and Public Affairs Director, ARM• Harvey Jang, Director, Global Privacy & Data Protection, Cisco
15
12:00 PM– 1:10 PMSINET Connects: Networking Luncheon GRAND HALLMaximize this 70-minute luncheon by sitting down in an informal and intimate setting with distinguished security thought leaders and experts. Topics will focus on how solution providers can best shape their business strategies to meet the needs of the market.
• Table #1: John Mills, Director, Cybersecurity Policy, Strategy, and International Office of the Deputy CIO for Cybersecurity, U.S. Department of Defense Topic: Pointers for Doing Business With the Government
• Table #2: Rick Orloff, Vice President, Chief Security Officer and Chief Privacy Officer, Topic: Emerging Technologies and Capabilities in 2017-18
• Table #3: Kiersten Todt, Executive Director, Presidential Commission on Enhancing National Security Topic: In the Age of IoT, How Do We Define Critical Infrastructure and What is the Role of Both the Government and the Private Sector in Securing It?
• Table #4: Dave Mahon, VP & Chief Security Officer, CenturyLink Topic: Are Managed Security Services an Effective Strategy to Mitigate the Ever Increasing Cyber Risks to Corporations?
• Table #5: General Bender, Chief Information Officer, U.S. Air Force Topic: Industry Engagement and Public-Private Partnership as a Government CIO
• Table #6: Tom Patterson, Chief Trust Officer and VP Global Security Corporation, Unisys Topic: Getting to Adaptive Security – Vision, Components, Technology
• Table #7: Marianne Bailey, Acting Deputy CIO for Cybersecurity, Department of Defense Topic: As We Embrace Commercial Technology More Aggressively, How Does the Government and Other Customers Get the Necessary Assurances that Our Information and Networks are Not at Risk? How Do We Do This at Cyber Speeds?
• Table #8: Andrew Whittaker, H.M Consul General to San Francisco, British Consulate-General Topic: The Responsibility of Domestic and International Governments, Industry and Citizens Towards Protecting Themselves Against Global Cyber Attacks.
• Table #9: Peter Kim, Chief Information Security Officer, US Air Force Topic: Priorities and Big Rocks for the AF CISO
• Table #10: Michael Daugherty, Founder, Chief Executive Officer & President, LabMD Topic: The Consistent Inconsistency and Secret Law of Cybersecurity Regulators
• Table #11: Matthew Tank, Sr. Manager Investigations & Counterintelligence, Global Security Services, Raytheon Topic: Predictive Human Behavioral Analytics
• Table #12 Jerry Archer, Senior VP & Chief Security Officer, Sallie Mae Topic: Revolutionary Evolution - the Internet of Everything, the Cloud and MIST
• Table #13 Gary Harbison, Chief Information Security Officer, Monsanto Topic: Building a Sustainable Insider Threat Program
• Table #14 Peter Gouldmann, Enterprise Risk Officer for Cyber Directorate of Information Assurance, U.S. Department of State Topic: Is your CISO a Security Technologist or a Business Risk Manager? Is there a difference?
• Table #15 Roopangi Kadakia, Chief Cloud Strategist, U.S. Department of Veterans Affairs Topic: Cloud Security
• Table #16 Major General Garrett Yee, Military Deputy, Cyber Security, U.S. Army Topic: Washington D.C. Versus Silicon Valley - Do the Two See Eye to Eye?
• Table #17 Ondrej Krehel, Digital Forensics Lead, Chief Executive Officer & Founder, LIFARS, LLC Topic: TBD
• Table #18 Greg Touhill, Chief Information Security Officer, (Former) U.S. Federal Topic: Is it Government’s Role to Dictate Cyber Risk Thresholds Through Regulation?
• Table #19 Greg Oslan, Commercial Executive, U.S. Department of Defense, Defense Innovation Unit Experimental (DIUx) Topic: Accelerating Commercial Solutions to Solve DoD Problems Fast
AGENDA
SINET ITSEF 2017
PETER KIM—TABLE #9
CISO, US Air Force
Networking Luncheon Table HostsA complete list of lunch table topics can be found on page 15.
JOHN MILLS—TABLE #1
Director, Cybersecurity Policy, Strategy, International, DIB, and Workforce, Office of the Deputy Chief Information Officer for Cybersecurity
RICK ORLOFF—TABLE #2
Vice President, Chief Security Officer and Chief Privacy Officer
KIERSTEN TODT—TABLE #3
Executive Director, Presidential Commission on Enhancing National Security
DAVE MAHON—TABLE #4
VP & Chief Security Officer, CenturyLink
GENERAL BENDER—TABLE #5
Chief Information Officer, U.S. Air Force
TOM PATTERSON—TABLE #6
Chief Trust Officer and VP Global Security Corporation, Unisys
MARIANNE BAILEY— TABLE #7
Acting Deputy CIO for Cybersecurity,Department of Defense
MICHAEL DAUGHERTY—TABLE #10
Founder, Chief Executive Officer & President, LabMD
ANDREW WHITTAKER—TABLE #8
H.M Consul General to San Francisco,British Consulate-General
17
NETWORKING LUNCHEON TABLE HOSTS
MATTHEW TANK—TABLE #11
Sr. Manager Investigations & Counterintelligence, Global Security Services, Raytheon
JERRY ARCHER—TABLE #12
Senior VP & Chief Security Officer, Sallie Mae
GARY HARBISON—TABLE #13
Chief Information Security Officer, Monsanto
PETER GOULDMANN—TABLE #14
Enterprise Risk Officer for Cyber Directorate of Information Assurance, U.S. Department of State
ROOPANGI KADAKIA—TABLE #15
Chief Cloud Strategist, U.S. Department of Veterans Affairs
MAJOR GENERAL GARRETT YEE— TABLE #16
Military Deputy, Cyber Security, U.S. Army
GREG TOUHILL—TABLE #18
Chief Information Security Officer, (Former) U.S. Federal
ONDREJ KREHEL—TABLE #17
Digital Forensics Lead, Chief Executive Officer & Founder, LIFARS, LLC
GREG OSLAN—TABLE #19
Commercial Executive, U.S. Department of Defense, Defense Innovation Unit Experimental (DIUx)
SINET ITSEF 2017
1:10 PM – 5:30 PM
General SessionHAHN AUDITORIUM
1:10 PM – 1:25 PMSINET Thinks Forward With Joe SullivanAbstract: Risk & ROI: How much should a company invest in security? With data security now a board level topic, security professionals can’t rely on doom and gloom prophesies to drive funding for their program, but must merge risk frameworks with ROI calculations to earn funding. This talk will look at ways boards should hold their security leaders accountable and security teams should frame their work to earn that trust.
• Joe Sullivan, Chief Security Officer, Uber & Commissioner on the President’s Commission on Enhancing National Cybersecurity
1:25 PM – 2:05 PMIt’s Time for Security to Get “Software-Defined” – A CISO’s View of Shifting from Hardware to Virtualized Security ServicesAbstract: Navin Chaddha, Partner of Mayfield, will lead a panel discussion of the tectonic shift from Hardware Defined to Software Defined infrastructure, and directly how today’s CISOs should leverage this shift. Collectively, the panel will discuss the impacts of this evolution shift in technology.
Moderator: • Navin Chaddha, Partner, Mayfield
Panelists:• Kelly Ahuja, Chief Executive Officer, Versa Networks• Alan Boehme, Chief Innovation Officer & Former Chief Technology Officer, The Coca Cola Company• Chris Chirico, Chief Operating Officer, VergX • Tom Patterson, Chief Trust Officer and VP Global Security Corporation, Unisys
2:05 PM – 2:30 PMFireside Chat with Ted SchleinAbstract: Robert Rodriguez asks Ted his perspective on policy, the role of Government and investment trends and opportunities in the Cybersecurity marketplace.
Moderator:• Robert D. Rodriguez, Chairman & Founder, SINET
Panelist:• Ted Schlein, General Partner, Kleiner Perkins Caufield & Byers
19
2:30 PM – 3:10 PMHow You Enhance Your Cybersecurity Posture by Finding the Right People Processes and Products Abstract: We now know that technology alone can’t address every single threat to our systems. Desktops, servers, databases, phones, IoT, and beyond are the new normal in our organizations, which provides a richer attack surface to adversaries. In this session, we will explore how products, bringing in the right people, and rethinking processes can help us stay many steps ahead of our cyber-adversaries.
Moderator:• Javier Ortiz, Partner, Falcon Cyber Investments
Panelists:• Dannie Combs, Chief Information Security Officer, Donnelley Financial Solutions• Robert Fry, Sr. Security Architect, Netflix• Brian Johnson, Chief Information Security Officer, Lending Club• Kevin Moore, Chief Security Officer, Fenwick & West LLP
3:10 PM – 3:25 PM
Break
3:25 PM – 4:05 PMWhat Does President Trump’s First 100 Days Look Like Relative to Cyber?Abstract: This panel will discuss key cybersecurity priorities for the Trump Administration. What are the challenges to addressing these priorities? The panel will also review the progress of the Administration on cybersecurity in the first 100 days. What have been the accomplishments of the Administration in cybersecurity so far? What should the Administration focus on in the next hundred days, in the next nine months, and over the course of this Presidential term? The panel will examine some of the key recommendations from the independent Commission on Enhancing National Cybersecurity and discuss how they have been addressed in the Trump Administration’s cybersecurity policies. Additional ideas that will be discussed include how public-private collaboration needs to evolve to be impactful and effective and how the definition of critical infrastructure may need to be revised to address the role of the Internet of Things.
Moderator:• Kiersten Todt, Executive Director, Presidential Commission on Enhancing National Security
Panelists:• Adam Golodner, Leader Global Cybersecurity & Privacy Practice Group, Kaye Scholer LLP • Herb Lin, Senior Research Scholar, CISAC and Research Fellow, Hoover Institution at Stanford University • Joe Sullivan, Chief Security Officer, Uber & Commissioner on the President’s Commission on Enhancing
National Cybersecurity
AGENDA
SINET ITSEF 2017
4:05 PM – 4:50 PMThe Evolution of the Cloud, Are We More Secure and Trusted Today Than Yesterday?Abstract: With the growth in available cloud capabilities and the advancement of innovation offered to potential customers within the government, the perception exists that leveraging cloud offerings would not only provide increased capabilities by also provide a more secure environment than traditional enterprise computing. With the proliferation of cloud services, the government has promulgated cybersecurity standards in an evolving effort to enable agencies to utilize cloud services that are known to have addressed and mitigated threats. Due to the prescriptive nature of the government cybersecurity standards, we are challenged with verifying that these cloud solutions meet/exceed standards and requirements from an equivalency perspective. Organizations need to understand how to map their mission/business data to an appropriate cloud service offering; understanding the architecture that best suits their needs. In addition, organizations must also understand the impact to internal business practices, the potential engineering costs in moving legacy systems/applications to the cloud, and the shared cybersecurity responsibilities/accountability between cloud service provider and mission owners/customers.
The discussion will center around the growth in available cloud services and the challenges related to adoption and trust. Additionally, the maturation of cloud security standards and governance have laid the groundwork for creating more secure and trusted cloud computing environments. This panel will discuss varying implementations of cloud capabilities, on-prem, off-prem, hybrid and what mission sets should be considered as we modernize the DoD. Initiatives that should be considered/explored pertain to understanding common space associated with various government mandated and recognized commercial best practice security requirements (Sarbanes-Oxley, HIPAA, Payment Card Industry, etc.).
Moderator:• Marianne Bailey, Acting Deputy CIO for Cybersecurity, Department of Defense
Panelists: • Mark Anderson, President, Palo Alto Networks• Lt. General William Bender, Chief, Information Dominance and Chief Information Officer, U.S. Air Force• Suzanne Frey, Director, Trust, Security, Privacy, Compliance, Google• James Shira, Global and U.S. Chief Information Security Officer, PWC• Major General Yee, Chief Information Officer, U.S. Army
21
AGENDA
4:50 PM – 5:30 PMHow Cyber is Driving the CISO – Board Relationship & Perspective on Enterprise Risk ManagementAbstract: Join leading cybersecurity executives as they share current best practices and explore new proactive strategies and policies to combat and withstand threats.
Understanding that breaches will occur, security executives must work with senior leaders and boards of directors to assess value, measure costs, and identify risk to then properly architect and implement a comprehensive security program.
Topics to include:
• A view from the Board of Directors• Balancing threats versus compliance• Dealing with ever increasing regulatory and litigation actions• How to develop a cyber risk management strategy
Moderator:• David Mahon, VP & Chief Security Officer, Century Link
Panelists: • Jerry Archer, Senior VP & Chief Security Officer, Sallie Mae • Laurie Champion, Managing Director, AON • Matt Hollcraft, Chief Information Security Officer, Maxim Integrated• Michael Machado, Chief Security Officer, RingCentral, Inc.
5:30 PM
Closing Remarks • Robert D. Rodriguez, Chairman & Founder, SINET
5:30 PM – 7:30 PM
SINET Connects: Networking Reception
SINET ITSEF 2017
Thank you to the SINET ITSEF & Workshops 2017 Sponsors
FOUNDING SPONSORS
Science and Technology
23
Thank you to the SINET ITSEF & Workshops 2017 Sponsors
FOUNDING SPONSORS
Science and Technology
SPONSORS
PLATINUM SPONSOR
29
SPEAKERS
KEYNOTE SPEAKER
SINET CHAIRMAN AND FOUNDER
ROBERT D. RODRIGUEZ
Chairman and FounderSINET
NORM PEARLSTINE
Vice ChairmanTime, Inc.
KELLY AHUJA
CEOVersa Networks
MARK ANDERSON
PresidentPalo Alto Networks
MARIANNE BAILEY
Acting Deputy CIO for CybersecurityDepartment of Defense
HANK BARRY
PartnerSidley Austin
JERRY ARCHER
Senior VP & CSOSallie Mae
THOMAS AUGUST
CISOJohn Muir Health
SINET SpeakersComplete speaker bios can be found at https://www.security-innovation.org/events/silicon/speakers/
SPEAKERS
SINET ITSEF 2017
CAITLIN BATAILLON
Mission Critical Engagement Unit (MCEU) Cyber Operational Engagement SectionCyber Division, Federal Bureau of Investigation
LT. GENERAL WILLIAM BENDER
Chief Information OfficerU.S. Air Force
ALAN BOEHME
Chief Innovation Officer & Former Chief Technology Officer The Coca Cola Company
NAVIN CHADDHA
PartnerMayfield
LAURIE CHAMPION
Managing DirectorAon Risk Solutions
CHRIS CHIRICO
COOVergX
GUILLERMO CHRISTENSEN
AttorneyBaker Botts LLP
MICHAEL COATES
CISOTwitter
DANNIE COMBS
CISODonnelley Financial Solutions
SEAN CONVERY
VP & General Manager, Security Business UnitServiceNow
BETSY COOPER
Executive DirectorCenter for Long-Term Cybersecurity, Berkeley
DANIEL CRAIGEN
Director of GCRCarleton University
SEAN CUNNINGHAM
Managing DirectorTrident Capital Cybersecurity
MICHAEL DAUGHERTY
Founder, Chief Executive Officer & PresidentLabMD
31
TED DEAN
Former Deputy and Acting Assistant Secretary for ServicesInternational Trade Administration at Commerce
GREG ENRIQUEZ
CEOTrapX Security
SUZANNE FREY
Director, Trust, Security, Privacy, ComplianceGoogle
OLIVER FRIEDRICHS
Founder & CEOPhantom
ROBERT FRY
Sr Security ArchitectNetflix
GODFREY GASTON
DirectorCentre for Secure Information Technologies, Belfast, UK
MEI GECHLIK
Founder & Director, China Guiding Cases ProjectStanford Law School
RICK GERITZ
CEO & FounderLife Journey
ANUP GHOSH
Founder & CEOInvincea
KIM GREEN
CISOZephyr Health
ED GOETZ
VP & CSOExelon Corporation
LYNDA GRINDSTAFF
Senior Director of Innovation PipelineIntel Security
ADAM GOLODNER
Senior CounselArnold & Porter Kaye Scholer, LLP
PETER GOULDMANN
Enterprise Risk Officer - CyberBureau of Information Resource Management, U.S. Department of State
SPEAKERS
SINET ITSEF 2017
SHERRY GU
Strategic Business Development and Public Affairs DirectorARM
LARRY HANAUER
Vice President for PolicyIntelligence and National Security Alliance (INSA)
GARY HARBISON
CISOMonsanto
RICK HOLLAND
VP of StrategyDigital Shadows
MATT HOLLCRAFT
CISOMaxim Integrated
HARVEY JANG
Director, Global Privacy & Data ProtectionCisco
BRIAN JOHNSON
CISOLending Club
LARRY JOHNSON
Chief Strategy OfficerCyberSponse
ROOPANGI KADAKIA
Chief Cloud StrategistUS Department of Veterans Affairs
ALEX KOEHLER
Executive DirectorAmgen
ELY KAHN
Co-founder and VP of Business DevelopmentSqrrl
ONDREJ KREHEL
Digital Forensics Lead, CEO & FounderLIFARS LLC
JAMES KAPLAN
PartnerMcKinsey & Company
PETER KIM
CISOUS Air Force
33
GEORGE KURTZ
CEO & Co-founderCrowdstrike
ERIK LAYKIN
Managing DirectorRegulatory Cybersecurity ServicesDuff & Phelps
HERB LIN
Senior Research Scholar, Center for International Security and Cooperation & Hank J. Holland Fellow in Cyber Policy and Security, Hoover InstitutionStanford University
MICHAEL MACHADO
CSORingCentral, Inc.
DAVE MAHON
CSOCenturyLink
PHILIP MARTIN
Director of SecurityCoinBase
DOUG MAUGHAN
Division DirectorU.S. Department of Homeland Security Science & Technology
ALEJANDRO MAYORKAS
Partner, Wilmer Hale & Former Deputy Secretary, Department of Homeland Security
JOHN MILLS
Director, Cybersecurity Policy, Strategy, International, DIB, and Workforce, Office of the Deputy Chief Information Officer for CybersecurityU.S. Department of Defense
KEVIN MOORE
CSOFenwick & West LLP
MIKE MURRAY
VP of Security Research and ResponseLookout
KAZUO NOGUCHI
Senior Manager, Hitachi America, Ltd. & Senior Researcher, Keio Research Institute at SFCHitachi
ROBERT NOVY
Office of the Deputy CIO for CybersecurityU.S. Secret Service
RICK ORLOFF
CSOCode42
SPEAKERS
SINET ITSEF 2017
JAVIER ORTIZ
PartnerFalcon Cyber Investments
TOM PAGELER
CRO & CSONeustar, Inc.
TOM PATTERSON
Chief Trust OfficerUnisys
JIM PFLAGING
PrincipalThe Chertoff Group
KIRK POULSEN
Senior VP & CSOLeidos
SHERRY RYAN
VP & CISOJuniper Networks
TED SCHLEIN
General PartnerKleiner Perkins Caufield & Byers
SUZANNE SCHWARTZ
Director for Emergency Preparedness/Operations & Medical CountermeasuresFDA
SUNIL SESHADRI
CISOVISA
ANDREW STALKER
CISOBarclays International
JAMES SHIRA
Principal & Network / US CISOPricewaterhouseCoopers International LLP
YANEV SUISSA
General PartnerSineWave Ventures
ARIEL SILVERSTONE
VP for Security Strategy, Privacy and TrustGoDaddy LLC
GREG SIMMONS
VP for Institutional AdvancementUniversity of Maryland, Baltimore County
35
SPEAKERS
JOE SULLIVAN
CSOUber
MATT TANK
Sr. Manager Investigations & Counterintelligence, Global Security ServicesRaytheon
KIERSTEN TODT
Executive DirectorPresidential Commission on Enhancing National Security
GREG TOUHILL
CISO(Former) U.S. Government
MARIO VUKSON
Founder & CEOReversing Labs
BRYAN WARE
CEOHaystax Technology
BRIAN WHITE
COORed Owl
ANDREW WHITTAKER
H.M. Consul General to San FranciscoBritish Consulate-General
TOM WILSON
VP & CISOSouthern Company
DAVID ZILBERMAN
Managing DirectorComcast Ventures
CHRIS WLASCHIN
CISOHHS
MAJOR GENERAL GARRETT YEE
Military Deputy, Cyber SecurityU.S. Army
RONI ZEHAVI
CEOCyberSpark
SINET ITSEF 2017
Upcoming SINET ProgramsSINET Presents: The Global Cybersecurity Innovation Summit 2017Supported by Her Majesty’s Government & US Department of Homeland Security, Science & Technology Directorate May 16 & 17, 2017 The British Museum, London
The Global Cybersecurity Innovation Summit objective is to advance innovation and the growth of the Cybersecurity sector by providing a platform for Cybersecurity businesses, particularly Small and Medium Enterprises (SMEs), to connect with key UK, US, and International decision makers, system integrators, investors, Government policy makers, academia and other influential business executives. Last year’s event sold out. Register early to secure your spot.
Innovation Summit 2017—New York, NY“Connecting Wall Street, Silicon Valley and the Beltway” June 20, 2017 The TimesCenter
Innovation Summit connects America’s three most powerful epicenters—Wall Street, Silicon Valley and Washington, DC—and promotes the importance of industry and government collaboration. The summit is designed to reinvigorate public-private partnership efforts between disparate communities and accelerate the business of Cybersecurity between investors, builders and buyers.
SINET61 2017—Sydney, AustraliaSupported by Data61 September 26 & 27, 2017 Four Seasons Hotel
SINET61 fosters the Australian national Cyber priorities in a global context by connecting London, Washington DC, New York City, Silicon Valley, Sydney, the Asia Pacific region and other centers of innovation.
UPCOMING SINET PROGRAMS
37
Upcoming SINET ProgramsSINET Presents: The Global Cybersecurity Innovation Summit 2017Supported by Her Majesty’s Government & US Department of Homeland Security, Science & Technology Directorate May 16 & 17, 2017 The British Museum, London
The Global Cybersecurity Innovation Summit objective is to advance innovation and the growth of the Cybersecurity sector by providing a platform for Cybersecurity businesses, particularly Small and Medium Enterprises (SMEs), to connect with key UK, US, and International decision makers, system integrators, investors, Government policy makers, academia and other influential business executives. Last year’s event sold out. Register early to secure your spot.
Innovation Summit 2017—New York, NY“Connecting Wall Street, Silicon Valley and the Beltway” June 20, 2017 The TimesCenter
Innovation Summit connects America’s three most powerful epicenters—Wall Street, Silicon Valley and Washington, DC—and promotes the importance of industry and government collaboration. The summit is designed to reinvigorate public-private partnership efforts between disparate communities and accelerate the business of Cybersecurity between investors, builders and buyers.
SINET61 2017—Sydney, AustraliaSupported by Data61 September 26 & 27, 2017 Four Seasons Hotel
SINET61 fosters the Australian national Cyber priorities in a global context by connecting London, Washington DC, New York City, Silicon Valley, Sydney, the Asia Pacific region and other centers of innovation.
UPCOMING SINET PROGRAMS
Showcase 2017—Washington D.C.“Highlighting and Advancing Innovation” November 8 & 9, 2017 The National Press Club
SINET Showcase provides a platform to identify and highlight “best-of-class” security companies that are addressing industry and government’s most pressing needs and requirements. The chosen SINET 16 Innovators present their technological solutions to representatives from the ecosystem of the entrepreneur: venture capital, investment banking, system integration, academia, science, legal, policy, private industry and executives from the Federal Government, including civilian, intelligence and military professionals. Showcase’s objective is to increase awareness of innovative solutions that may lead to an investment in, or the purchase of, advanced technologies that will help secure our nation’s critical infrastructure and command-and-control systems.
SINET Global Institute CISO Series—Scottsdale, AZOctober 18 & 19, 2017 Four Seasons Hotel Invitation Only
These intimate workshops address the challenges that Board of Directors are placing on security and risk executives, and how to successfully manage and communicate today’s enterprise and organizational threats. These are an intense “roll your sleeves up” thought leadership discussions on How Cyber is Driving the New Board Perspective on Enterprise Risk Management. Attendance is limited to 30 Security and Risk Executives from Global 2000 corporations.
SINET ITSEF 2017
SINET Mission
Advance innovation and enable global collaboration between the public and private sectors to defeat Cybersecurity threats.
ABOUT SINETSINET is a “super connector.” We provide a series of platforms for the business of Cybersecurity to take place within the global ecosystem of the entrepreneur including venture capital, investment banking, system integration, academia, science, legal, policy, and industry as well as Government intelligence, military and civilian departments and agencies.
Our programs consistently attract the highest level of international industry and government executives. SINET is well known for our coveted and unparalleled networking opportunities.
Learn more at www.security-innovation.org
COMMUNITY BUILDINGSINET—where the business of Cybersecurity takes place—builds communities of interest and trust, connects thought leaders in government and industry with builders, buyers, researchers and investors across the international security domain with the goal of promoting and advancing Cybersecurity innovation. We are passionate about our mission and strive to build a community that engenders a sense of common duty, purpose and commitment to protect our critical infrastructure and help to preserve economic stability.
Join our community and participate in our mutually beneficial, trust-based approach that connects the ecosystem of the entrepreneur, increases business opportunities and advances Cybersecurity innovation.
Join the SINET community at www.security-innovation.org/community.htm
MEMBERSHIPThe IT Security Entrepreneurs Forum (ITSEF) is just one of the many resources available to the SINET community. By becoming a member, you will gain access to additional benefits and discounted services that can take your company to the next level. Many of your peers have already discovered that SINET is the Cybersecurity “super connector” that enables them to exchange knowledge, learn from industry experts, advance innovation, and build networks with investors, entrepreneurs, government agencies, military, corporate enterprises and more.
Together, we can make a difference. Become a SINET member and help contribute to our mission of advancing the business of Cyber.
To learn more about membership contact Janice Avellar at [email protected]
39
SINET Mission
Advance innovation and enable global collaboration between the public and private sectors to defeat Cybersecurity threats.
ABOUT SINETSINET is a “super connector.” We provide a series of platforms for the business of Cybersecurity to take place within the global ecosystem of the entrepreneur including venture capital, investment banking, system integration, academia, science, legal, policy, and industry as well as Government intelligence, military and civilian departments and agencies.
Our programs consistently attract the highest level of international industry and government executives. SINET is well known for our coveted and unparalleled networking opportunities.
Learn more at www.security-innovation.org
COMMUNITY BUILDINGSINET—where the business of Cybersecurity takes place—builds communities of interest and trust, connects thought leaders in government and industry with builders, buyers, researchers and investors across the international security domain with the goal of promoting and advancing Cybersecurity innovation. We are passionate about our mission and strive to build a community that engenders a sense of common duty, purpose and commitment to protect our critical infrastructure and help to preserve economic stability.
Join our community and participate in our mutually beneficial, trust-based approach that connects the ecosystem of the entrepreneur, increases business opportunities and advances Cybersecurity innovation.
Join the SINET community at www.security-innovation.org/community.htm
MEMBERSHIPThe IT Security Entrepreneurs Forum (ITSEF) is just one of the many resources available to the SINET community. By becoming a member, you will gain access to additional benefits and discounted services that can take your company to the next level. Many of your peers have already discovered that SINET is the Cybersecurity “super connector” that enables them to exchange knowledge, learn from industry experts, advance innovation, and build networks with investors, entrepreneurs, government agencies, military, corporate enterprises and more.
Together, we can make a difference. Become a SINET member and help contribute to our mission of advancing the business of Cyber.
To learn more about membership contact Janice Avellar at [email protected]