EVENT SUMMARY

SIM's Cybersecurity Special Interest Group (SIG) is hosting its second annual Virtual Conference on Thursday, September 20, 2018, from 11:00 am ET – 4:30 pm ET. This exclusive executive event will offer attendees the opportunity to engage with the sharpest minds on significant cybersecurity issues.

With concurrent Risk and Strategy tracks, we explore practical applications of this year’s theme “TRUST -- THE GREATEST CASUALTY OF CYBER WAR” – building cyber resilient organizations and leveraging cyber trust as a strategic advantage.

Society needs trust in order to function. Consider all of the people, processes, and institutions we place our trust in as we go about our daily lives. The fact we don’t really think about it is an indication of how well trust has worked – until now.

In the past few years, we’ve seen breaches of striking proportions, the disclosure of some serious hardware and software flaws, and questionable behavior by some of the largest consumer technology companies. Cybercriminals and state-sponsored actors are becoming increasingly more sophisticated and aggressive in their abilities to exploit our behaviors and technology flaws -- putting all of us at greater risk. Lack of trust is now becoming pervasive.

Mark your calendars and join us at SIM’s Cybersecurity Virtual Conference to hear from an impressive lineup of experts who will share their stories and experiences in preparing for the cyber challenges of tomorrow.

By attending the Cybersecurity Virtual Conference you will:
* Gain insights and knowledge into the emerging cyber threats of tomorrow
* Learn how to build cyber resilient organizations
* Develop approaches for integrating cybersecurity into organizational strategy

The issues in front of us have yet to be resolved and they will continue to linger. As threat actors become more creative and sophisticated, we have to adapt to get ahead of them.

Register for the 2018 Cybersecurity Virtual Conference today!

REGISTER NOW!

Registration fees are $75 for SIM Members and $199 for Non-Member Practitioners.


 

5 Reasons Why You Can’t Miss SIM’s Cybersecurity Virtual Conference

SIM's Cybersecurity Special Interest Group’s 2nd annual Virtual Conference is just around the corner. Here are just a few reasons why you need to attend:

Expand Your Leadership Skills for Cybersecurity -- There are lots of cybersecurity events. SIM’s event stands out because it is designed for leaders to enhance and build their cybersecurity workforce. From a session designed on how best to find true cybersecurity talent to how to leverage blockchain to create long-term value for your company, our programming is tailored to cybersecurity from the executive perspective. 

Get Ahead of the Curve -- In such a rapidly changing field with the next data breach lurking behind every corner, it’s particularly challenging to take time out to plan accordingly so that your organization isn’t just on the defense. The Virtual Conference offers a forward-look at trends for 2019 and the future of the password to best position your organization for what is on the horizon. 

Learn From Real-World Case Studies -- Cybersecurity is such a fast-changing area. Learn something today and it could be outdated tomorrow. This isn’t a topic that you can master from theory alone -- it’s critical to hear from colleagues who have faced real threats like the city of Fort Lauderdale’s CIO who navigated an attack from the hacker group Anonymous. 

Hear Directly From Top Cybersecurity Leaders -- We’ve rounded up a brain trust of cybersecurity experts with cutting-edge experience like Dr. Shawn Murray, principal scientists at the United States Missile Defense Agency, Dr. Rebecca Wynn who led information security for LearnVest Inc., and many others! 

Receive Maximum Value -- Registration for the Virtual Conference gets you full entrance to the event on Thursday, September 20th as well as post-event access to recordings -- so you can go back and review anything you want. With a significant discount for SIM members (just $75) and a competitive rate for non-member practitioners, we’re certain your learnings will far outweigh your investment. And since it’s a virtual event, you don’t have any additional travel costs or hassle!

SESSIONS


All times are Eastern Time Printable Schedule || Times, presenters and sessions are subject to change.

11:00 AM
-to-
11:15 AM


Track:
General Session

11:15 AM
-to-
12:01 PM


Track:
General Session

The Ever-Evolving Threat Landscape – Reducing Risk from Cybercrime to Cyber Espionage

Eduardo E  Cabrera

The threat landscape is constantly evolving from global digital extortion attacks and Business Email Compromises to international cyberespionage campaigns distilling cyber propaganda during national elections. Learn what makes these attacks successful to better understand how you need to defend your networks, data, users. Only by having a deep understanding of the threats you face and the vulnerabilities you have, can you successfully reduce the risk your organizations face



Sponsored by:


12:01 PM
-to-
12:05 PM


Track:
General Session

Cyber Insights

Laszlo  Gonc
Caren Shiozaki
 


12:05 PM
-to-
12:35 PM


Track:
Risk

Life After an Anonymous Attack on My City

Mike  Maier
This session will discuss the Anonymous attack on the city of Fort Lauderdale, Florida in late 2014 and how the city has changed its ways – both technologically, and behaviorally, in the time since.

The city of Fort Lauderdale, Florida was hit by an Anonymous denial-of-service attack in December 2014 and was forced to immediately upgrade computer systems to thwart any potential future attacks.

The city of Fort Lauderdale, Florida was hit by an Anonymous denial-of-service attack in December 2014 that was brought on by a dispute over a city ordinance that had recently become heated. The city proactively shut down internet access while ensuring its files were secure.

The city quickly spent $430,000 upgrading computer security systems to mitigate vulnerabilities it had previously identified. While the attack itself did not cost the city this money, it expedited the timeline for these necessary system upgrades.


12:05 PM
-to-
12:35 PM


Track:
Strategy

Building a Cyber Work Force – Opportunities and Challenges

Dr. Suku  Nair
This session will address the difficulty in the finding of qualified workers in the cyber area. Statistics on qualified positions is staggering. We will discuss how the crisis impacts national security and the economy. Further, it will discuss various initiatives that are trying to mitigate the problem.

The main theme of the webinar is the current status of the cyber workforce. In addition to the various challenges in building and maintaining the workforce. It will discuss various opportunities surrounding the problem.

This session will include discussions on Threat landscape, Various Actors Cyber Workforce Crisis, Cyber Security Education, and Research- with a discussion on sample programs and a way forward.


12:35 PM
-to-
12:55 PM


Track:
General Session

Global Cyber News Coffee Break & Cyber Insights

Laszlo  Gonc
Caren Shiozaki
 


12:55 PM
-to-
1:25 PM


Track:
General Session

Stop the Breach. The Case for Real-Time Automated Endpoint Security

Andy  Singer

The threat landscape has changed yet again. What was several years ago an era of advanced attackers seeking valuable data, has transformed to be global disruptive data related plagues, backwinded by nation-states seeking to dictate agenda and terms. In respect to the evolving threat landscape, organizations came to realize that compromise is inevitable and have started to look for ways to respond and quickly, automatically and in real-time in order to prevent the next data breach or disruption. The evolving incident response process holds in store a great challenge as the process effectiveness metric is fairly easy to measure. Do you actually know how effective is your current SOC/IR/MDR in detecting, validating, containing and remediating infections in the environment? Are you ready to win the race to your own data?



Sponsored by:


1:25 PM
-to-
2:10 PM


Track:
General Session

Exhibit Hall

 
Take a breather from programming in our virtual exhibit hall. Visit our sponsor booths from the comfort and convenience of your computer and learn how their solutions can enhance your cybersecurity efforts. Browse at your convenience!


2:10 PM
-to-
2:40 PM


Track:
Risk

Shawn Murray CEO at Murray Security Services

Dr. Shawn  Murray
Everywhere we turn, we hear that there is a shortage of cyber security professionals with highly sought-after skill sets and experienced tradecraft to fill widening cyber security program requirements. I have sat on workforce development panels with federal, state and city government leaders, education professionals and industry partners looking for ways to address the problem. I have seen many startup companies claiming they have the key to filling the needs of various industries. I have also seen well-established organizations realigning current training & certification programs in an effort to keep up with the startups. While very few are embedded into true workforce development initiatives, most companies are jumping on the bandwagon and trying to capitalize on a new revenue stream called “Cyber” or “Cyber Security”. My take away is that the issue is more complex than just finding the right person with the right skills to fill a need. There are several factors that need to be considered when analyzing the problem, which do not revolve around training and certification.


2:10 PM
-to-
2:30 PM


Track:
Strategy

Leveraging Blockchain to Create Trusted Data Assets Live with Margaret Mitchell

Margaret  Mitchell
Learn how to leverage blockchain to increase the value of your company's core data assets by wrapping them in unbreakable trust.

As more of your company’s assets become digitized the need for a trusted history of those digitize assets becomes more important. But it is easy for the origination, ownership and history of that data to get lost. In this Quick Tip you will learn how to leverage blockchain to turn a data asset into a trusted data asset.

In this session you will learn what is a trusted data asset and why creating trusted data assets is important to creating long-term value for your company. Topics covered are:

Learn how to:

  • What is a trusted data asset; how traditional data management techniques can create a data trust vacuum
  • The basics of how block chain
  • How to use blockchain to transform data assets into trusted data assets
  • How those trusted data assets can create long-term sustainable value for your company.


2:30 PM
-to-
2:40 PM


Track:
Strategy

Live with Margaret Mitchell

Laszlo  Gonc
Caren Shiozaki
Margaret Mitchell
 


2:40 PM
-to-
2:55 PM


Track:
Risk

Cyber Trends 2016 - 2019

Dr. Chris  Maurer

While cybersecurity is commonly mentioned as a top organizational priority, are organizations really doing everything they can to protect their networks and data?  For the past three years, the SIM IT Trends Study has been investigating this issue and some surprising results have emerged.

This data-driven session will summarize key findings from the last three years to provide insight into organizational cybersecurity practices.  In addition to an organizational analysis, industries will be evaluated to demonstrate how some industries are better positioned to address cybersecurity threats than others.  By combining organizational cybersecurity practices with previous breach experience and cybersecurity investment, we will start to understand why there is significant room for improvement across nearly all industry sectors.

The presentation will conclude with thoughts on the future trends related to cybersecurity and what organizations should be looking out for in 2019 and beyond. 


2:40 PM
-to-
2:55 PM


Track:
Strategy

Cybersecurity: A “Competitive Advantage” or an over Hyped term?

Don  Devine
This session will explore the question of whether Cybersecurity is or can be a “Competitive Advantage” or is that just Hype.

For the past several years, and for good reason, Cybersecurity has been a much talked about topic in the Boardroom. We have read and heard countless articles and industry presentations touting that more and more top executives have embraced cybersecurity as a strategic priority and "Competitive Advantage." There is no doubt that cybersecurity is a top priority for most organizations, but can it truly be a competitive advantage or is that just sales/marketing hype?


2:55 PM
-to-
3:00 PM


Track:
General Session

Cyber Insights

Laszlo  Gonc
Caren Shiozaki
 


3:00 PM
-to-
3:45 PM


Track:
General Session

Resilience in Apps & Applications

Carlos   Pero

Apps and application both utilize a Web site exposed to the Internet, and that is where the real Cyber risk to an enterprise exists. This session reviews basic concepts, the well-known risks, and how to be resilient to defend against attacks and not provide opportunity in the first place.

A functional Web application, exposed to the Internet, is literally asking for trouble by opening port 80 and 443 on network firewalls to allow Web requests to come into a data center and be executed. A poorly-coded Web application can compromise the server, the network, and your business. The OWASP Top 10 list of critical security risks provides a good starting point to make sure you are aware of and have appropriate controls in place for these risks, but you can only protect what you are aware of, and your developers need to prevent vulnerabilities from being exposed in the first place.


3:45 PM
-to-
3:50 PM


Track:
General Session

Cyber Insights

Laszlo  Gonc
Caren Shiozaki
 


3:50 PM
-to-
4:35 PM


Track:
General Session

Closing Keynote: Make it a Win-Win Proposition

Dr. Rebecca  Wynn
How to successfully resolve conflicts between business leaders, security, compliance, and human behavior while keeping your sanity

This is an enlightening and entertaining presentation on how to successfully resolve conflicts between business leaders, security, compliance, and human behavior while keeping your sanity! Real-world examples are used to teach you practical tools you can use to quickly align people to one purpose.


4:35 PM
-to-
4:45 PM


Track:
General Session

SPEAKERS

Laszlo Gonc

Laszlo is a recognized senior executive with over twenty-five years of progressive experience in business and information technology. He is responsible for helping organizations, corporate and non-profit alike, navigate the digital frontier advising on cyber security, IT risk mitigation, and building digital technology strategies that drive performance and business value. He has experience across a number of industries advising senior executives, developing security strategies, evaluating IT risk and spearheading critical security projects for senior leadership.

A member of Infragard, ISSA and ISACA, he serves as Chair of the Project Management Institute (PMI) Executive Council, Executive Vice President for the Chicago chapter of the Association of Information Technology Professionals (AITP) as well as the boards of Society for Information Management (SIM) and Illinois Technology Foundation (ITF). In early 2016, he helped form the SIM national Cybersecurity SIG for senior technology leaders and continues to serve as Programming Lead.

He is an invited guest speaker at professional associations, industry conferences and universities providing thought leadership on the state of cyber security, mitigating technology risk, and implementing project management best practices.

Laszlo holds a Bachelor of Science Commerce degree in Operations Management from DePaul University and is a certified CISSP security professional.

Caren Shiozaki

Caren Shiozaki is Executive Vice President and Chief Information Officer for TMST, Inc., a mortgage company based in Santa Fe, NM. The company is currently in Chapter 11. Due to the company’s circumstance, in addition to the usual CIO duties, she focuses on cybersecurity, risk management, and information governance. She is responsible for litigation support projects involving large-scale data management and forensic data analysis. Prior to TMST, Ms. Shiozaki was Vice President and CIO for Belo Corp, one of the nation’s largest media companies with a diversified group of market-leading television, newspaper, cable and interactive media assets headquartered in Dallas, TX. She has extensive experience in both technologies and business roles at American Express and Bank of America. Ms. Shiozaki is the Chair of the SIM National Board of Directors and is a member of the Dallas and Arizona chapters. She is the founder of SIM’s national Cybersecurity Special Interest Group. She holds ISACA’s CGEIT certification and is also a certified e-Discovery Specialist.

Eduardo E Cabrera

Eduardo E. Cabrera is a trusted advisor and a proven cybersecurity leader. He is responsible for analyzing emerging cybersecurity threats to develop innovative and resilient enterprise risk management strategies for Fortune 500 clients and strategic partners. Before joining Trend Micro, he was a 20-year veteran of the United States Secret Service with experience leading information security, cyber investigative, and protective programs in support of the Secret Service integrated mission of protecting the nation’s critical infrastructure and its leaders.

Recently, he served as the Secret Service CISO where he was responsible for establishing and maintaining a global information security and data privacy program to protect Secret Service data information assets and systems. He led a team of Information System Security Officers and Compliance Specialists to develop and deploy continuous risk assessment and mitigation programs and policies critical to protecting the Secret Service enterprise.

Mr. Cabrera started his career in the Secret Service in Miami, Florida where he worked on and led major 
cyber crime investigations against criminal groups that targeted financial and retail sectors. He moved on to Washington D.C. to proudly serve on the Presidential Protective Division for President George W. Bush and then transitioned to the Secret Service Criminal Investigative Division. There he led cyber forensic operations in support of Secret Service large-scale data breach investigations and served as the Secret Service Advisor to the National Cybersecurity & Communications Integration Center (NCCIC). At the NCCIC, he was responsible for identifying, analyzing, and sharing malicious data breach indicators derived from active Secret Service investigations and worked closely with Department of Treasury, the Financial Services Sector Coordinating Council (FSSCC), and the Financial Services Information Sharing and Analysis Center (FS-ISAC) to create public/private threat intelligence sharing strategies and programs to combat data breaches targeting the financial sector.

He is a guest lecturer at New York University Polytechnic Institute, Computer Science and Engineering Department and was a contributing subject matter 
expert on law enforcement; cyber security strategy and policy; and computer forensics and network intrusion incident response for the 2014 Risk and Responsibility in a Hyperconnected World; 2012 Homeland Security Advisory Council Task Force on Cyber Skills Report; and 2012 Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector. He is a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA).

Mike Maier

Mike Maier has played a pivotal role in shaping technology in the cities or companies he has served throughout his career. Mike has undertaken bold initiatives in bringing technology to the citizenry through focus group meetings and public/private partnership to help close the digital divide. Mike possesses a wide range of knowledge in all areas of municipal operations.

Mike currently serves as the Chief Technology Officer for the City of Fort Lauderdale, Florida, a city with a residential population of approximately 175,000, 12 million annual tourists, and an area of approximately 36 square miles. Fort Lauderdale is also home to Florida’s deepest port and sits in the pathway of many tropical storms and hurricanes, located just 25 miles north of Miami.

Dr. Suku Nair

Dr. Suku Nair is the director of the AT&T Center for Virtualization at SMU, Dallas. He is a University Distinguished Professor in the Computer Science and Engineering department at the Lyle School of Engineering (past chair 2008-2016). He is also the founder of the Cyber Security program at SMU, which currently enjoys the NSA/DHS Center of Excellence in Information Assurance Education and Cyber Defense designation.

Dr. Nair’s research interests include Software Defined Networks, Virtualization Technologies, and Cyber Security. His research is supported through funds from NSF, NSA/DHS, NIST, ONR, and various industry including Lockheed Martin, Alcatel, Raytheon, IBM, AT&T, and Google.

Dr. Nair has been a consultant to various IT, Telecom, Retail, and Cyber Security Companies. Some of his recent awards include the Dallas 500 award and CIO/CTO award for Outstanding Tech Advocate from the D CEO magazine, SMU Ford Research Fellowship, IBM faculty award, Distinguished University Citizen Award, and the University Distinguished Professorship.

Don Devine

Don Devine is a senior information security, privacy, regulatory compliance, audit, and risk management leader for Fortune 500 companies. Don works with senior executives to prioritize security needs in accordance with the organization's financial constraints and directives. He is also an experienced presenter in advising senior management on risks and regulatory issues.

Don currently holds CISSP, CISM, CISA, and CRISC designations and is the Senior Director, World Wide Information Security and Compliance (CISO) for Aspect Software. Aspect is the world’s leading enterprise cloud contact center and workforce optimization solution.

Andy Singer

Andy has more than 20 years of security industry experience. Prior to enSilo, Andy held global leadership roles at Check Point Software Technologies, Symantec Corporation and GuardiCore in product marketing, product management, corporate marketing, market intelligence and sales engineering servicing consumers, small businesses and enterprises. Andy holds a BA from Hamilton College and an MBA from the University of Maryland. 

Dr. Shawn Murray

Dr. Shawn Murray is President/CEO at Murray Security Services and is assigned to the United States Missile Defense Agency as a Principal Scientist. He is assigned as a Senior Cyber Security Professional and is an officer in the U.S. Civil Air Patrol. His previous assignments include work with the U.S. Army Cyber Command in Europe, U.S. Air Force and with Commercial Industry in various roles in Information Assurance and Cyber Security. Dr. Murray has worked with NSA, FBI, CIA and the U.S. Defense and State Departments on various Cyber initiatives.

Dr. Murray has several industry recognized certifications to include the C|CISO, CISSP and CRISC. He holds several degrees to include an Applied Doctorate in Computer Science with a concentration in Enterprise Information Systems. Dr. Murray was elected to the International Board of Directors for the Information Systems Security Association in 2016. He is a professional member of IEEE, ACM, ISSA, ISC2 and is an FBI Infragard program partner.

Margaret Mitchell

Margaret is not your average technology executive.  She is a full stack IT leader who is currently the CIO for Incyphae and Resonea Inc, a Med/Tech Startup in Scottsdale, AZ.  Her 25+ year experience leading global teams has given her a breadth of experience in the development and implementation of digital products (mobile and web), big data, business intelligence, campaign and offer systems, financial processing, enterprise data management, database development, data center migrations. 

Her interest in startups began when she led the bootstrap of a profitable startup within American Express. Once she got the bug for the fast pace innovation of the startup world there was no looking back.  She is a popular speaker at local IT clubs, as well as, an invited speaker at Grace Hoppe Conference twice: Sidekick to Superhero and Loyalty, Data and Games. She has a B.S. in Computer Science Engineering from Montana State University and an MBA, Master in International Management from Thunderbird School of Global Management.

Dr. Chris Maurer

Chris is currently an Assistant Professor in the McIntire School of Commerce at the University of Virginia.  His professional experience, research interest, and teaching revolve around cybersecurity, specifically risk management, organizational impacts of breaches, and behaviors of both users and malicious actors.

For the past three years, Chris has been a member of the SIM IT Trends Study Research Team and has helped to increase the scope of the study to include a greater focus on cybersecurity-related issues and practices.  Prior to joining the faculty at The University of Virginia in 2017, Chris was an Assistant Professor at the University of Tampa, where he helped to create a cybersecurity degree program and set up a state of the art lab for students to gain hands-on experience with various cybersecurity tools.

Prior to entering academia, Chris was the Director of Security and Controls for TRX, Inc. (now a subsidiary of SAP) where he was in charge of managing all cybersecurity, compliance, BCP/DR, and internal audit functions globally.  He also previously worked as an IT auditor for KPMG.

Carlos  Pero

Carlos' professional career has been entirely focused on the web, starting in 1994 with Argonne National Laboratory and discovering NCSA Mosaic, and connecting things to the internet such as their Advanced Photon Source electron accelerator before it was even possible to center text on a page. Other notable employers have been Chicago Tribune, PacifiCare Health Systems, Barbeques Galore, Cars.com, and Rand McNally, addressing the nascent topics of web development, content management, online marketing, and e-commerce.  
 
After 20 years, Carlos joined Zurich Insurance and pivoted into cybersecurity to protect websites instead of developing them, because ports 80 and 443 are the biggest vulnerabilities ever. He has bachelor's and master's degrees in Engineering from the University of Illinois at Urbana-Champaign, and an MBA from Concordia University. After having co-located his own email, web, and database servers for many years, Carlos still enjoys crafting code in Python and Google App Engine in his spare time. 

Dr. Rebecca Wynn

Named 2017 Cybersecurity Professional of the Year - Cybersecurity Excellence Awards, Chief Privacy Officer (CPO) SC Magazine, Global Privacy and Security by Design (GPSbyDesign) International Council Member, and finalist Women in Technology Business Role Model of the Year 2018 - Dr. Rebecca Wynn is lauded as a “game-changer who is ten steps ahead in developing and enforcing cybersecurity and privacy best practices and policies. She is a “big picture” thinker who brings nearly 20 years of experience in Information Security, Assurance & Technology. Recently she led the information security, privacy, and compliance pre-acquisition, acquisition and post-acquisition of LearnVest, Inc. to Northwestern Mutual Life Insurance Company – a Fortune 100 company. She is well known for being a gifted polymath, having deep understanding of current cyber security challenges and privacy issues. She has a proven track record of taking companies to the next level of excellence in many sectors including government, financial services, fintech, healthcare, information technology, legal, semiconductors, and retail. Always open to new opportunities.

Sponsors




ENSILO's single lightweight security agent gives customers comprehensive pre-infection Next Generation Anti-Virus (NGAV) as a first line of defense and post-infection automated, blocking-enabled Endpoint Detection and Response (EDR) as a last line of defense, enabling security teams to contain attacks, prevent data leakage and block malware communications in real time to stop post-infection impact.




Trend Micro Incorporated, a global leader in cybersecurity solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. For more information, visit www.TrendMicro.com.