Threat Intelligence is increasingly recognized as the most important component of an organization’s cyber security program. From incident response to fraud analysis, TI has become an essential ingredient in every organizations’ cybersecurity tech stack. Due to its wide application,TI can mean different things to different teams depending on their role, industry and priorities - even within the same organization.
Cybersecurity in the Age of Digitalization and Data Overload
CISO Virtual Think Tank
March 23, 2022 - United States
Presented by Cybersixgill & C-Vision, Re:con22 is an invite-only event that brings together thought leaders and practitioners in the world of cyber. The event will include interactive discussions around threat intelligence and risk management in order to develop strategies to tackle the challenges of data overload in the age of digitalization.
As digital transformation evolves, more organizations are moving to leverage digital technologies to transform business processes, enhance productivity and improve their existing SaaS workflows. However, it’s in a paradoxical way - generating, demanding, collecting and analyzing more data than ever, but lacking the much needed visibility to extract meaningful insights from data. With the digitization of daily life, while creating profound benefits, also presents significant risks and liabilities.. This affects everyone, from our identities, our decisions, to our actions. During this half-day event, we will explore the impact of this transformation and the resulting data-overload and how we can tackle its challenges through innovative technology and workforce discovery.
Speakers
Adam Healy
Chief Security Officer
BlockFi
Virtual Think Tank Speaker
Adam Healy has 20 years of technology and security experience having held senior roles at Intercontinental Exchange’s Bakkt subsidiary, Palantir Technologies, Microsoft, and the U.S. Intelligence Community. He’s been responsible for leading the implementation of numerous strategic cybersecurity, physical security, and technology initiatives within the U.S. government, as well as enabling enterprise data efforts at several Fortune 100 companies. Currently, Adam serves as BlockFi’s chief security officer overseeing a cross-functional team of over 100 employees and contractors responsible for an array of functions including cybersecurity, fraud, physical security, corporate information technology services, cloud engineering and SRE, and data science and machine learning. Skills: Cybersecurity | Information Security | Project Management | Leadership | Penetration Testing | Network Security | IT Operations | Vendor Management | Consulting | Enterprise Architecture | National Security | Bitcoin | Blockchain | ISO 27001 | NIST CSF | FIPS | Threat Modeling | Team Building | SDLC | Incident Response | Security Operations | ITIL | CISSP-ISSAP | PMP | PCI DSS | HIPAA | SOC 1 | SOC 2 | P&L | Insider Threat | Custody | Digital Assets | Multiple-Party Computation | MPC | Cryptocurrencies | Cryptographic Systems | FedRAMP | Physical Security | Insider Threat | CCSS | Digital Assets
Chris Strand
Chief Risk and Compliance Officer
Cybersixgill Ltd.
Virtual Think Tank Speaker
Cybersecurity strategist, entrepreneur, and evangelist with more than 20 years of extensive global industry expertise aligning security and cyber-regulatory advancements. Vast experience delivering strategic market vision to a variety of audiences worldwide at industry events, with C-level executives and the board, or to the media. Accustomed to being company spokesperson and thought leader for new disruptive market-leading solutions. Effectively works across a broad spectrum of company divisions while leading, building, and motivating diverse teams and partners. Ability to speak many cybersecurity languages from sales/marketing/techie, with ease.
Chris Roberts
vCISO
HillBilly Hit Squad
Virtual Think Tank Speaker
Hacker, InfoSec, Safety, CyberStuff Researcher, Advisor, @Hacknotcrime henchman, and various other names on the technical side of the world Chris is currently serving as a vCISO or advisor for a number of entities and organizations around the globe. His most recent projects are focused within the threat intelligence, identity, cryptography, Artificial Intelligence, and services space. I’ve been fortunate to be elbow deep in technology for more years than I care to remember, and these days am involved in both tactical and strategic discussions with clients across the spectrum of industries talking maturity, risk, and how to effect change. Oh, and I just got called a Scottish Security Warlock....I’m kinda digging it. Happy to connect, to talk and discuss what we can ALL do to effect change in this world, to collaborate and to communicate in a way that benefits all….I’d prefer folks didn’t use this forum to sell me certs, software or anything that has a hooded matrix theme (I DO come with a warning label...)
Marcos Marrero
CISO
H.I.G. Capital
Virtual Think Tank Speaker
Marcos Marrero is an IT Risk & Information Security professional with 20+ years of experience establishing and managing IT Risk & Information Security programs. Mr. Marrero first started his career in Information Security with Lloyds Banking Group in North America. At LBG, he assisted in establishing and later was responsible for managing LBG’s first IT Risk & Information Security program. After several years at Lloyds Banking Group, Mr. Marrero moved on to the Legal industry to implement an Information Security Program for international law firm Greenberg Traurig. While at Greenberg Traurig, Mr. Marrero discovered the unmet need within the Legal Industry for Information Security Programs. Once he completed the implementation at Greenberg Traurig, he took the opportunity to assist Greenspoon Marder with establishing an IT Risk and Information Security Program. After Greenspoon Marder, Mr. Marrero moved on to Itaú International, the private banking arm of Itaú Unibanco, serving as the VP & Information Security Officer, responsible for the organizations' Caribbean, South American, and Florida Information Security Programs. Currently, Mr. Marrero is the Chief Information Security Officer for H.I.G. Capital, a multi-national private equity firm with over $45bn assets under management.
Brian Mork
CISO
Westinghouse Electric Company
Virtual Think Tank Speaker
Security and technology executive with a passion for and expertise in information security and risk management. Has worked across the entire security spectrum, including intelligence collection, penetration testing, software development, documentation, governance, compliance, physical security, system administration, digital forensics/incident response, and social engineering. Specializes in security and corporate security culture transformation. Among other things, I'm a: - Developer, trainer, and mentor of junior information security personnel - Technology enthusiast focused on using technology to improve the world - Frequent speaker at security conferences - Frequent speaker at hacker conferences - Co-Founder, Team Cryptolingus - Co-Founder, Pittsburgh Hacker’s Association - Advocate for Hacking Is Not A Crime (#HINAC) Past Work: - CISO of a Fortune 500/S&P 500 multinational company with 30+ manufacturing operations worldwide - Internal corporate consultant on all aspects of information security to CIO level - Lead security engineer over 8 personnel for $30M+ of DOD programs, responsible for systems integration, design, implementation, evaluation, and acceptance - Embedded security consultant with a Fortune 10 customer's executive information security leadership - Principal systems engineer focused on Linux/Unix hardening, network engineering, and OS and application hardening for IC assets - Developed and authored numerous security tools - Software developer
Jodi Watkins
Chief Commercial Officer
GTN Technical Staffing and Consulting
Virtual Think Tank Speaker
Responsible for client delivery and direction to our Fortune 500 companies. Determine and formulate policies and business strategies and provide overall direction for specialized recruitment teams. Plan, direct, and coordinate sales activities at the highest level of management. Prudently manage the organization’s goals and initiatives in Field Services, IT, Professional Services, MSP vendor relations. Company-wide committee facilitation including planning, production and staff. Assures that the organization and its mission, programs, and services are consistently presented in a strong, positive image. Promotes a culture that reflects the organization’s values, encourages good performance, and rewards productivity. Actively advocates for the organization, its beliefs, and its programmatic efforts. Acts as a liaison between the organization and the community, building relationships with peer organizations when appropriate. Oversees design, delivery, and quality of MSP programs and services. Collaborate to define and articulate the organization’s vision and to develop strategies for achieving that vision.
Susan Koski
Divisional CISO Enterprise Technology and Security
PNC
Virtual Think Tank Speaker
Executive leader who develops partnerships to achieve risk management with a spirit of innovation, commitment to excellence and passion for people. Proven track record of building/re-building programs and teams; inspiring and supporting knowledge workers to achieve their best and ongoing process improvement aligned to company objectives. Ability to manage the high demands of an executive security role and competing priorities to achieve deliverables. Analytical and decision-making skills driven by the ability to identify “big picture” implications while balancing risk and opportunity. Innate ability to inspire, lead and transform concepts into fully functional programs in global organizations. Passion to deliver impeccable delivery to the business as a trusted advisor. • Built Security organizations from infancy to fully functional, building programs from the ground up to achieve regulatory compliance and business risk management. • Converged cyber security and fraud functions for multiple domains in operational risk achieving key synergies to combat adversaries. • Led and delivered on various merger and divestiture scenarios from the due diligence phase to implementation of the deal type. • Led the Technology Risk Management functional integration for the merger of BNY and Mellon. Specialties: Teambuilding, Superb Relationship Management, Situational Leadership, IT Risk Assessments / Management, IT-GRC, Information Security Management, Information Security Operations Center, Merger and Integration IT due diligence and integration, Secure Application Development, Program Management, Organizational Development Process Improvement
Ira Winkler
Chief Security Architect
Walmart
Omer Carmi
VP Intelligence
Cybersixgill
Virtual Think Tank Speaker
Experienced Cyber Security and Product Executive, leading strategic projects from inception to implementation. My passion is to develop creative solutions to complex technological problems. Unique ability to create and capture customer value by identifying market needs and gaps, Proven track record of leading innovative and market-disruptive products in the field of vulnerability management and cyber threat intelligence. Core specialities: Innovation, Product, Technology, Business Development, Management, Strategy, Cyber, Vulnerability Management, Leadership
Robert Cowans
Sr Manager IT Cyber Security Threat Management & Investigations
American Airlines
Virtual Think Tank Speaker
Experienced Information Security Leader with over 8 years working in Cyber Security, Digital Forensics and Risk Management. Robert embraces challenge, thrives under pressure, think outside the box, and drives improvement. Having talent for building new capabilities, introducing innovation, leadership, and forward thinking. Experience showcasing effective leadership of multidisciplinary teams which successfully defined, developed and delivered cyber security, investigation and risk management solutions.
Justinian Fortenberry
Global Chief Information Security Officer
Zip Co
Leda Muller
CISO
Stanford University
Virtual Think Tank Speaker
Leadership in Cyber Security, Information Technology, Start Ups and Non-Profits. In-depth experience driving results as a program and department leader. Adept at managing performance of teams, projects, and programs in collaboration with senior leaders and in line with organizational goals. Excel at training and mentoring users and teams, fostering relationships, and strategically solving problems. Proven ability to develop, collaborate and network with staff, faculty, end users, vendors, volunteers and donors. Strong leadership, collaboration and interpersonal skills. Solid strategic mindset—both short-term and long-range--including past creation and development of strategy to leaders. Exceptional customer relationship skills, combined with the ability to coordinate the efforts of many to meet organizational milestones and goals.
Erik Hart
CISO
Cushman & Wakefield Holdings
Virtual Think Tank Speaker
Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, InfraGard Chicago Members Alliance and Western Illinois University. Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries. Erik earned his Bachelors from Western Illinois University and Masters from Western Governors University.
Shamla Naidoo
Head of Cloud Strategy & Innovation
Netskope Inc
Virtual Think Tank Speaker
Shamla Naidoo is an accomplished executive with experience managing hundreds of millions of dollars in budgets for large, globally distributed teams who support operations in 170 countries. As Managing Partner of IBM Global Security Services, Shamla is one of the most influential security executives among Fortune 50 companies. Her advice and thought leadership in strategy and execution is sought by governments, public institutions, and private companies. Her ability to communicate complex technical process into simpler, more understandable terms is highly regarded. Shamla serves on advisory, not-for-profit and academic boards of various public and private institutions.
Victoria van Roosmalen
CISO and DPO
Coosto
Virtual Think Tank Speaker
Victoria van Roosmalen is focused on empowering a brighter future and navigates others towards thoughtful actions by sharing her expertise in IT, cybersecurity, and privacy. She fuels her passion for mastering her crafts by diving deep into them—allowing her to rapidly (for)see adverse effects and guard against them. Although playing safe doesn’t allow us to flourish, Victoria is determined to help others stay ahead and reveal the seemingly impossible yet possible while bringing her unique mixture of expertise, passion, fun, and controversy to the table. Catch her, if you can. 😉 ► https://victoriavanroosmalen.eu Personality type: INFJ-A Her certifications include: CGEIT, CISM, CRISC, ISO 27001 LI, FIP, CIPP/E, CIPP/US, CIPP/C, CIPM, CIPT, CDPSE, ISO 27701 LI
Shannon Selzer
Risk & Compliance Analyst
Inovalon Inc
Joshua Crumbaugh
CISO, Warehouse Services & CTO PhishFirewall
Warehouse Services
Virtual Think Tank Speaker
Cyber Defense Through Behavioral Modification ◄About PeopleSec► PeopleSec is a unique cyber vendor that specializes in behavioral change. We understand that people are the source of all cyber insecurity and that the only way to fix the problem is to secure the human element. This is why we are called PeopleSec - We are a “People-Centric CyberSecurity Firm” Our technology and methodologies are proven to stop malware by changing user behavior and are 98% more effective than our closest competitor. Let’s set up a 15-minute discussion to get to know each other better. ◄Thought Leadership► BlackHat Europe HackHalted COSAC Ireland ShowMeCon CarolinaCon HackMiami Social Engineering Rhode Island National Cyber Summit IS One World NRCLive Human Security Night (Keynote) InfoWarCon Insider Threat Summit InfoSec Con Athens, Greece SFISSA Conference BSides Huntsville RocketSecure ◄Professional Services► • Information Security Awareness Training • Incident Response Training • Full-Scope Penetration Testing • Red Teaming • Cyber Guidance • GAP Assessment • Physical Security • Social Engineering (Phishing, SMShing, Vishing, In-Person) • Internal Penetration Tests • OWASP Top 10 • Application Security Assessments • Vulnerability Analytics • Managed Vulnerability Scanning • Managed SIEM • Splunk Setup • Virtual CISO/Interim • Executive Cyber Coaching/Training • Human Risk Analytics/KPIs • GRC (Archer) • Compliance (PCI, HIPAA, SOX, CIF, etc....)
Shamla Naidoo
Head of Cloud Strategy & Innovation
Netskope Inc
Virtual Think Tank Speaker
Shamla Naidoo is an accomplished executive with experience managing hundreds of millions of dollars in budgets for large, globally distributed teams who support operations in 170 countries. As Managing Partner of IBM Global Security Services, Shamla is one of the most influential security executives among Fortune 50 companies. Her advice and thought leadership in strategy and execution is sought by governments, public institutions, and private companies. Her ability to communicate complex technical process into simpler, more understandable terms is highly regarded. Shamla serves on advisory, not-for-profit and academic boards of various public and private institutions.
March 23, 2022
Agenda
All times Pacific Time
8:30 AM-9:15 AM
Fireside Chat
What is Threat Intelligence & What Does it Mean to You?
Panelists
Leda Muller
CISO
Stanford University
Joshua Crumbaugh
CISO, Warehouse Services & CTO PhishFirewall
Warehouse Services
9:20 AM-10:15 AM
Panel
What Do CISOs Want to Consume on Their Dashboard?
A CISO’s greatest challenge is data fatigue. They have too much information, in too many dashboards, from too many data streams. Trying to draw meaningful conclusions out of this deluge of data can be impossible, resulting in inaccuracies, misunderstandings, and miscalculated decisions. This session will explore new ways to help CISOs derive the best answers to the right data-driven questions. The panelists will share their experience and expertise to shed light on what an ideal dashboard should include, and how it can be used to make a CISO's life easier.
Panelists
Marcos Marrero
CISO
H.I.G. Capital
Erik Hart
CISO
Cushman & Wakefield Holdings
Shannon Selzer
Risk & Compliance Analyst
Inovalon Inc
Ira Winkler
Chief Security Architect
Walmart
10:20 AM-11:05 AM
Panel
Security and Compliance in the Age of Data Overload
There is a constant tension between the two sides of the security coin. Compliance is intended to instill your clients with unwavering confidence that you are protecting their information and adhering to jurisdictional data usage policies. However, the process of measuring the mandate can often distract from another important responsibility; the provision of evidence that the business is adequately cyber secure. Further, as our reliance on data keeps growing, we make crucial data-driven decisions that have a tremendous impact on every industry and aspect of modern culture. But, are we basing these decisions on the right data? On safe and validated data? Moreover, how do we ensure compliance while maintaining a secure and resilient cybersecurity posture, in order to prevent further risk and liability within our global marketplace? This discussion will delve into the paradox of data reliability and liability: How can we simultaneously track, validate and leverage our data while balancing the tight-rope of security and compliance, and further, how can organizations future-proof current cybersecurity frameworks?
Panelists
Justinian Fortenberry
Global Chief Information Security Officer
Zip Co
Shamla Naidoo
Head of Cloud Strategy & Innovation
Netskope Inc
Victoria van Roosmalen
CISO and DPO
Coosto
11:10 AM-12:05 PM
Panel
Gaining an Edge on a Community That Thrives on Diversity, Equity and Inclusion
The cybercrime ecosystem is moving at a greater pace than the corporate world. Organizations today are facing threats that are rapidly increasing in number, velocity, and sophistication. Just as ferocious, the security industry has been facing growing gaps in the workforce as well as the knowledge and skills needed to stay ahead of the threat curve - all while operating in an ever-expanding and complex attack surface. Cybersecurity professionals around the globe have realized that just as the criminal underground is composed of a diverse set of people, from different geo-locations, genders, ethnicities and skillsets of skills, so must our industry. By building a diverse workforce of individuals with varying skill sets and expertise, from different backgrounds, industries, and geographies, we may be able to not only close the workforce gap, but also continuously benefit from a fresh approach to overcome our various cybersecurity challenges. This panel will openly discuss diversity and inclusion in cybersecurity talent discovery and share the steps companies can and need to take in order to better navigate the current reality.
Panelists
Adam Healy
Chief Security Officer
BlockFi
Susan Koski
Divisional CISO Enterprise Technology and Security
PNC
Robert Cowans
Sr Manager IT Cyber Security Threat Management & Investigations
American Airlines
12:10 PM-12:55 PM
Fireside Chat
Supply Chain Tech & 3rd Party Risk in the Age of Data Overload
Many enterprises look towards the supply chain to increase business productivity and ultimately gain an edge over their competition. By adopting new technologies such as AI and other predictive analytics, these organizations can automate their process and scale their business like never before. However, gaps remain in supply chain cybersecurity, even as digitalization grows. As organizations push forward, towards digitization without appropriate cybersecurity defenses, they risk exposing themselves to attacks that can have devastating results. Despite this very real danger, efforts to improve supply chain security have been progressing at a slower pace than the adoption of new supply chain technologies. As we look ahead, we must address the many risks to the supply chain - which today involve cloud-based infrastructures rather than hardware. This conversation will delve into the hyper-adoption of supply chain technologies, the associated risks it poses to organizations, and how to overcome these challenges and remain resilient.
Panelists
Brian Mork
CISO
Westinghouse Electric Company
Omer Carmi
VP Intelligence
Cybersixgill