The Future of Cybersecurity

CISO Think Tank

February 23, 2023 - New York, NY
Attend this Event
Speakers Agenda Partners
Become a Sponsor Attend this Event

Speakers

Alex Bazay
CISO
Align Communications
Anthony Gonzalez
CISO North America
QBE North America

Think Tank Speaker

Visionary, results and solutions-driven professional with 20+ years of experience in progressively responsible Cyber Security and IT leadership roles in the financial services, insurance, pharmaceutical, biotechnology, consumer goods,and chemical manufacturing industries. Adept in building and leading global Cyber Security, IT technical and support functions. Creative, resourceful problem solver with a track record of success in delivering cost-effective and value-added services to his customers. Additional experience in industrial engineering and process improvement. Specialties: Areas of expertise include: Cyber Security, Network Security,Application Security, Infrastructure Management and Security Incident Management, Disaster Recovery, Forensic Investigations, Operations Management, Financial Management, Project/Portfolio Management, Policy/Procedure Development, Budget Preparation, Strategic Planning, Process Design/Implementation, Risk Mitigation, Enterprise Architecture, IT Governance, Manufacturing/Laboratory Automation, Organizational Design, Vendor Audits, System, Start-Up Operations, Sarbanes-Oxley (SOX), Talent Development/Mentoring, International Team Management, and Regulatory Compliance
Brian Lozada
Global CISO, Prime Video
Amazon
Craig Shrader
CISO
Keystone Human Services
Paige Adams
Group CISO
Zurich Insurance Group

Think Tank Speaker

Paige Adams has been a member of the Zurich executive team since 2014 and served as the Global Head of Cyber Response, Chief Information Security Officer for Zurich North America, and VP for Cyber Security before assuming his current role as Group Chief Information Security Officer in February 2018. Prior to joining Zurich, Paige spent a 26-year career in the United States Navy serving in a variety of intelligence and cyber roles. Paige has a Bachelor of Science in Business Administration (Computer Information Systems) from Hawaii Pacific University and a Masters in Computer Science from the US Naval Postgraduate School..
Chase Cunningham AKA DrZeroTrust
CSO
Zero Trust
Les Correia
Executive Director, Global Information Security
Estee Lauder
Rob Hornbuckle
CISO
Allegiant Travel Company

Think Tank Speaker

A results-oriented Technology Leader experienced in building inclusive, cross-functional, remote, results-oriented and global teams/systems. Expertise includes IT and Product Strategic Goals/Plan, Technical Vision, Corporate Governance Mapping, Leadership and Coaching, Cloud Computing and more. Seeking a technology leadership opportunity in a fast-paced environment that can benefit from passion, innovation, strategic vision, creative ideas, and original thought.
Brenda Ferraro
SVP Cyber Security
Wells Fargo
Matt Syracuse
Senior Enterprise Cyber Security Architect
Northwell Health

Think Tank Speaker

Matt has been focused on IT Security Architecture at Northwell over 4 years……He also has experience with: vendor negotiations & purchasing, web application design, help desk management, network / database / VPN design & management. Northwell manages over 800 care locations in New York state including 3800 physicians and over 78000 employees.
Tim Rohrbaugh
Global CISO
JetBlue Airways
Daniel Torres
Senior Director, Information Security Governance
CVS
Gleb Reznik
Managing Director CISO
JPMorgan Chase
Michael Palmer
CISO
Hearst
Michael Owens
BISO
Equifax

Think Tank Speaker

Dr. Michael Owens is an innovative, collaborative, and distinguished leader with over 25 years of experience in startup, corporate, government, and military organizations. A transformation leader and sought-after speaker, Michael frequently keynotes on topics related to cybersecurity, cyberwarfare, and national security matters. As a cybersecurity executive, he has been at the vanguard of some of the most complex issues dealing with breach mitigation/recovery, threat intelligence sharing, and diversity within the tech and cyber industry. Michael is the president and CEO of the U.S. Global Center of Cyber Policy, where he leads the organization in providing federal, state, and local governments with non-partisan thought leadership and expert information and analysis on cybersecurity, cybercrime, and cyberwarfare trends, strategies, and policies from a domestic and international perspective. Prior to this, Michael led the Global Cybersecurity, Cybercrime, and Critical Infrastructure Program for EY within the Forensics, Investigations & Dispute division. In that role, he was responsible for the global strategic direction and standardization of threat intelligence, cybersecurity assessments, audits, and incident response services. Before this, Michael worked at Cisco Systems leading the Advanced Services, Public Sector service delivery team. During this time, he led cybersecurity, wired and wireless networks, and IT strategy engagements for government agencies in the U.S. southeast across and New York. Michael has extensive international and geopolitical experience with projects completed in over 100 countries. As an entrepreneur, Michael pioneered the practice of SMB MSP and fractional CIO/CISO services. Michael is an eight-year veteran of the United States Marine Corps and a current member of the US Marine Corps Cyber Auxiliary. He is a member of the World Affairs Council of Atlanta, a Political Partner with the Truman National Security Project, and serves on the State Advisory Committee for the US Global Leadership Coalition, the Evanta/Gartner Atlanta CISO Governing Body, and the Leadership Board of the Cybersecurity Collaboration Forum. Michael's educational background includes a bachelor’s from North Carolina A&T State University, a master’s degree from Georgia Institute of Technology, a doctorate from California Intercontinental University, and advanced certificates and executive programs from the U.S. Army War College and Harvard University. He resides in Mableton, Georgia with his two children.
Leo Cunningham
CISO
Flo Health Inc.

Think Tank Speaker

Leo has a successful track record working within different blue-chip companies and industries ranging from Start-ups/Scale-ups, Banking, FinTech, SaaS and eCommerce, providing insight, consultancy and strategy across global remits covering Information Security, Cyber Security, GRC, Auditing, Cloud and a multitude of compliance remits including PCI DSS, SOX and GDPR. At Flo Health, the number one health and wellbeing app. His team protects the data of 250 million users, equating to 300 billion data points. He is currently an advisor to multiple start-ups from the Palta Group. He has been instrumental in leading security efforts within HealthTech and FemTech. In June 2022, Flo Security delivered the industry’s first ISO 27001 certification. Leo is a multi-award winner. A Snyk influencer. A Keynote speaker worldwide and was added to the CISO Platform Top 100
John Whiting
Global CSO
DDB Worldwide (An Omnicom Co.)
David Cass
CISO
GSR

Think Tank Speaker

David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking. He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies. He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks. Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer. David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney. In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.
Florindo Gallicchio
VP of Strategic Solutions
NetSPI

Think Tank Speaker

Florindo Gallicchio is a VP of Strategic Solutions at NetSPI and serves as advisor to executives, managing directors, boards of directors, and technology staff. He is a senior risk management and information security practitioner with extensive experience in building and running cyber security programs to securely manage the business while also achieving and maintaining compliance to regulatory and industry requirements. Prior to joining NetSPI, Florindo was the CISO at a global advisory investment firm in New York City. He began his career with the National Security Agency while serving in the U.S. Navy, where in ten years of service he worked in signals and communications intelligence collection and systems exploitation.
Munish Sharma
CIO
Wells Fargo
Marcus Scharra
CEO
senhasegura
Ira Winkler
Field CISO and Vice President
CYE

Think Tank Speaker

Ira is the Executive Director of the Human Security Engineering Consortium, former Chief Security Architect at Walmart and author of You Can Stop Stupid. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigated crimes against them, telling them how to cost-effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost-effective security programs.
Become a Speaker
February 23, 2023
Add to Calendar

Attend this event

Not available on February 23, 2023?
View other dates for the Think Tank
Attend this Event Become a Speaker Become a Sponsor

Agenda

All times Eastern Time
Download Agenda
10:00 AM-11:00 AM
Registration & Welcome
11:00 AM-11:05 AM
Opening Remarks
11:05 AM-11:30 AM
Keynote
The Greatest Fears?

The biggest fear is not the technology, it is the potential of human error that could expose your organization to a cyberattack. The majority of CISOs agree that an employee carelessly falling victim to a phishing scam is the most likely cause of a security breach. Most also agree that they will not be able to reduce the level of employee disregard for information security. How do we guard against human error without limiting employee efficiency and productivity?

Brian Lozada
Global CISO, Prime Video
Amazon
11:35 AM-12:00 PM
Keynote
What’s AI Doing for You?

The terms "Artificial Intelligence" and "Advanced Machine Learning" are often thought of interchangeably. While there is a relationship between AI and AML, to say they are the same thing is an oversimplification and misclassification. Rather, one begets the other with AI being the basic principle upon which AML is developed. As AI begins to mature and migrate away from purely advanced mathematical operations into decision making paradigms, AML steps forward as the predictive ability of machines to process vast quantities of data. As data and analytics becomes foundational to the way every business operates, AI and AML will become foundational capabilities.

Munish Sharma
CIO
Wells Fargo
12:00 PM-1:00 PM
Lunch & Innovation Showcase
1:00 PM-1:45 PM
Panel
Ransomware/Extortionware

CISOs face a huge headache trying to understand how to know when they were attacked, what data attackers have corrupted? How quickly can they recover from the attack? And do they have to pay a ransom to get the data back?

Ransomware remains a significant challenge for companies, not simply because it has become ubiquitous, but also because of the significant impact a single ransomware attack may have on a company and every other company or customer that relies on that company.

Cybersecurity and risk management have always been vital for the flow of any business. However, the current condition of the global supply chain makes it exceptionally vulnerable to severe damage from an attack more so than usual. When the supply chain is barely getting by, criminals are more likely to assume they have leverage over businesses. A ransomware attacker may be more brazen and exercise higher demands than they might have a few years ago.

1:50 PM-2:35 PM
Panel
Security Controls: Measuring Efficacy for the Business Growth

The industry is spending record amounts on cybersecurity tooling, but somehow CISOs still are at times left scrambling to respond to the vulnerabilities like Log4j. Assuming that these types of critical and far-reaching events are inevitable, how can CISOs further improve their organization’s preparedness for future cyberattacks?

This panel will discuss potential strategies for determining the critical security controls - both technology and behavioral - that can minimize cyber-risks and give the organization the competitive advantage to grow and innovate. We will explore frameworks for measuring the efficacy of cybersecurity investments, and KPIs that show the board the investment is safeguarding the company's digital infrastructure for the long term.

Chair
David Cass
CISO
GSR
David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking. He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies. He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks. Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer. David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney. In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.
Panelists
John Whiting
Global CSO
DDB Worldwide (An Omnicom Co.)
Daniel Torres
Senior Director, Information Security Governance
CVS
Craig Shrader
CISO
Keystone Human Services
In partnership with
2:35 PM-2:55 PM
Networking Break
2:55 PM-3:40 PM
Panel
Zero Trust Network

A zero trust approach to security has been steadily gaining steam for the last several years. The importance of this approach reached a new level with the May 2021 White House executive order requiring federal agencies to shift to this architecture by fall 2024.

Ransomware continues to grow and clearly as remote work became the new norm, and e-commerce increased. Leaders need to establish a mature level of cyber resilience to better handle ransomware and other potential data breaches. Luckily, zero trust can play a critical part in that strategy as more and more businesses are realizing that to build customer trust they must establish zero tolerance for trust in their security strategy. Will Zero Tolerance for Trust redefine the state of security as government and private industry scrutinize their trusted relationships more, and re-evaluate the ‘who, what, why’ in 2023 more than any other year?

Chair
David Cass
CISO
GSR
David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking. He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies. He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks. Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer. David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney. In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.
Panelists
Leo Cunningham
CISO
Flo Health Inc.
Leo has a successful track record working within different blue-chip companies and industries ranging from Start-ups/Scale-ups, Banking, FinTech, SaaS and eCommerce, providing insight, consultancy and strategy across global remits covering Information Security, Cyber Security, GRC, Auditing, Cloud and a multitude of compliance remits including PCI DSS, SOX and GDPR. At Flo Health, the number one health and wellbeing app. His team protects the data of 250 million users, equating to 300 billion data points. He is currently an advisor to multiple start-ups from the Palta Group. He has been instrumental in leading security efforts within HealthTech and FemTech. In June 2022, Flo Security delivered the industry’s first ISO 27001 certification. Leo is a multi-award winner. A Snyk influencer. A Keynote speaker worldwide and was added to the CISO Platform Top 100
Les Correia
Executive Director, Global Information Security
Estee Lauder
Paige Adams
Group CISO
Zurich Insurance Group
Paige Adams has been a member of the Zurich executive team since 2014 and served as the Global Head of Cyber Response, Chief Information Security Officer for Zurich North America, and VP for Cyber Security before assuming his current role as Group Chief Information Security Officer in February 2018. Prior to joining Zurich, Paige spent a 26-year career in the United States Navy serving in a variety of intelligence and cyber roles. Paige has a Bachelor of Science in Business Administration (Computer Information Systems) from Hawaii Pacific University and a Masters in Computer Science from the US Naval Postgraduate School..
In partnership with
3:45 PM-4:30 PM
Panel
The Greatest Fears?

The biggest fear is not the technology, it is the potential of human error that could expose your organization to a cyberattack. The majority of CISOs agree that an employee carelessly falling victim to a phishing scam is the most likely cause of a security breach. Most also agree that they will not be able to reduce the level of employee disregard for information security. How do we guard against human error without limiting employee efficiency and productivity?

Chair
David Cass
CISO
GSR
David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking. He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies. He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks. Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer. David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney. In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.
Panelists
Michael Palmer
CISO
Hearst
Matt Syracuse
Senior Enterprise Cyber Security Architect
Northwell Health
Matt has been focused on IT Security Architecture at Northwell over 4 years……He also has experience with: vendor negotiations & purchasing, web application design, help desk management, network / database / VPN design & management. Northwell manages over 800 care locations in New York state including 3800 physicians and over 78000 employees.
Marcus Scharra
CEO
senhasegura
In partnership with
4:30 PM-4:50 PM
Networking Break
4:50 PM-5:35 PM
Panel
Building Solutions by Finding Problems

Disruption alters, destroys, but also creates value. You realize the need to act once revenue starts to shift, which is happening at a faster pace than most would think. Disruption can be a great thing if you act upon it, but it is a threat if you watch idly. We will discuss how CIOs and CISOs can be proactive and act on disruption by figuring out how to identify, prioritize and respond.

Michael Owens
BISO
Equifax
Dr. Michael Owens is an innovative, collaborative, and distinguished leader with over 25 years of experience in startup, corporate, government, and military organizations. A transformation leader and sought-after speaker, Michael frequently keynotes on topics related to cybersecurity, cyberwarfare, and national security matters. As a cybersecurity executive, he has been at the vanguard of some of the most complex issues dealing with breach mitigation/recovery, threat intelligence sharing, and diversity within the tech and cyber industry. Michael is the president and CEO of the U.S. Global Center of Cyber Policy, where he leads the organization in providing federal, state, and local governments with non-partisan thought leadership and expert information and analysis on cybersecurity, cybercrime, and cyberwarfare trends, strategies, and policies from a domestic and international perspective. Prior to this, Michael led the Global Cybersecurity, Cybercrime, and Critical Infrastructure Program for EY within the Forensics, Investigations & Dispute division. In that role, he was responsible for the global strategic direction and standardization of threat intelligence, cybersecurity assessments, audits, and incident response services. Before this, Michael worked at Cisco Systems leading the Advanced Services, Public Sector service delivery team. During this time, he led cybersecurity, wired and wireless networks, and IT strategy engagements for government agencies in the U.S. southeast across and New York. Michael has extensive international and geopolitical experience with projects completed in over 100 countries. As an entrepreneur, Michael pioneered the practice of SMB MSP and fractional CIO/CISO services. Michael is an eight-year veteran of the United States Marine Corps and a current member of the US Marine Corps Cyber Auxiliary. He is a member of the World Affairs Council of Atlanta, a Political Partner with the Truman National Security Project, and serves on the State Advisory Committee for the US Global Leadership Coalition, the Evanta/Gartner Atlanta CISO Governing Body, and the Leadership Board of the Cybersecurity Collaboration Forum. Michael's educational background includes a bachelor’s from North Carolina A&T State University, a master’s degree from Georgia Institute of Technology, a doctorate from California Intercontinental University, and advanced certificates and executive programs from the U.S. Army War College and Harvard University. He resides in Mableton, Georgia with his two children.
Florindo Gallicchio
VP of Strategic Solutions
NetSPI
Florindo Gallicchio is a VP of Strategic Solutions at NetSPI and serves as advisor to executives, managing directors, boards of directors, and technology staff. He is a senior risk management and information security practitioner with extensive experience in building and running cyber security programs to securely manage the business while also achieving and maintaining compliance to regulatory and industry requirements. Prior to joining NetSPI, Florindo was the CISO at a global advisory investment firm in New York City. He began his career with the National Security Agency while serving in the U.S. Navy, where in ten years of service he worked in signals and communications intelligence collection and systems exploitation.
Rob Hornbuckle
CISO
Allegiant Travel Company
A results-oriented Technology Leader experienced in building inclusive, cross-functional, remote, results-oriented and global teams/systems. Expertise includes IT and Product Strategic Goals/Plan, Technical Vision, Corporate Governance Mapping, Leadership and Coaching, Cloud Computing and more. Seeking a technology leadership opportunity in a fast-paced environment that can benefit from passion, innovation, strategic vision, creative ideas, and original thought.
In partnership with
5:40 PM-5:55 PM
Disruptor
Building Security into DevSecOps

Many organizations struggle with how and where to introduce automation and integrations efficiently. Conventional approaches to application security can’t keep pace with cloud-native environments that use agile methodologies and API-driven architectures, microservices, containers, and serverless functions. Application security testing is evolving to meet the speed at which DevOps teams operate. DevSecOps teams are challenged with how to make sense of the noise their AppSec tools generate once they’ve been automated into DevOps pipelines.

Processes and tools are more fast-paced and rely on integration and automation to maintain efficiency throughout the software development life cycle. A new approach to DevSecOps is required addressing a change in the security mindset. How do CISOs achieve this without the buy-in from stakeholders?

5:55 PM-6:00 PM
Closing Remarks & Raffle Giveaway
6:00 PM-7:00 PM
Cocktail Hour

In Partnership With

Become a Sponsor