Cybersecurity: Crucial Collaborations

About the Seminar

When it comes to cybersecurity, the nature of the risks and the costs of an ineffective approach become more perilous every year. But more notable than even the scale of the danger is how deeply interconnected the risks, and therefore the responses, must be.

Cybersecurity: Crucial Collaborations will focus on the partnerships without which effective cybersecurity is impossible: across functions within an organization; between companies as vendors and vendors’ vendors (and vendors’ vendors’ vendors) all generate risks; between the private and public sectors; and among governments across the globe. It will provide case studies and actionable insights for leaders in IS, risk, ethics & compliance, privacy, legal, communications, HR, business continuity, and the boardroom to build and maintain these critical cybersecurity collaborations.

Who Should Attend

This event is designed for the following senior executives and their mid-level staff. Titles include:

• Chief Technology Officers 
• Chief Information Security Officers 
• General Counsels & Technology Counsels
• Chief Compliance & Ethics Officers 
• Chief Risk Officers 
• Chief Privacy Officers 
• Chief Strategy Officers 
• Business Continuity & Crisis Management Heads 
• Corporate Security Officers
• Chief PR/External Relations/Investor Relations Officers 
• Chief Learning Officers
• Board Members

Get Involved

For sponsorship opportunities please contact: michael.felden@conferenceboard.org

Earn Credits

Day One | Thursday, January 18, 2018

Registration and Continental Breakfast: 8 – 8:30 am

Opening Remarks 8:30 – 8:40 am

Joan Greco,Program Director, The Conference Board

8:40 – 9:40 am

The Next Wave:The Fully Engaged Board and the Quantification of Cybersecurity Value

True organization-wide, cross-functional cybersecurity strategy requires a fully engaged board and leadership that can quantify the return on cybersecurity investments. Understand the latest developments on both fronts and how to bring them to your organization.

Larry Clinton, President and Chief Executive Officer, Internet Security Alliance

9:40 – 10:50 am

The Cross-Functional Challenge of Measuring Risk Appetite

Measuring, and making decisions based on, cyber risk appetite poses unique challenges in assessing and communicating constantly-evolving threats. Gain insights on the collaborations and communications required to fully integrate cybersecurity into risk management.

G. Sonny Cave, EVP, General Counsel, Chief Compliance & Ethics Officer, Chief Risk Officer and Corporate Secretary, ON Semiconductor

Talvis Love, SVP eCommerce, Enterprise Architecture & Chief Information Security Officer, Cardinal Health

Morning Networking Break: 10:50 – 11:05 am

11:05 am – 12:20 pm

Scenario 1: Third Party Risk and IP Under Attack

In interactive role-playing exercises conducted over the two days of the conference, attendees will work through security, privacy, legal, communications, and other business decision points arising from cyber-attack scenarios, and learn from cybersecurity leaders across functions.

Our first scenario explores choices around third party risk and defense of intellectual property and trade secrets.

Pamela Passman, President and CEO, Center for Responsible Enterprise and Trade (CREATe.org)

Craig Moss, Chief Operating Officer, Center for Responsible Enterprise and Trade (CREATe.org)

12:20 – 1:00 pm

Insiders and Immune Systems: When Rules and Signatures Don’t Work

Rules and signatures struggle to keep pace with rapidly evolving cyber attacks. From insiders to sophisticated external attackers, the reality of cyber security often is that the threat is already inside. Specialists from the University of Cambridge developed a new approach to such threats, using unsupervised machine learning and probabilistic mathematics to establish an accurate understanding of normal behavior in an organization, across every network, device, and user; it spots abnormal activity as it emerges, and takes action to curb the threat.

In this session, see real-world examples of unknown threats detected and contained through this technology, and explore its relevance to resource allocation and mitigation of risk.

Brad Hong, Cyber Security Regional Manager, Darktrace

Dan Fein, Senior Cyber Technology Lead, Darktrace

Lunch: 1:00 – 2:00 pm

2:00 pm – 2:45 pm

Case Study: How Microsoft Transformed its Cyber Security Governance

Explore the reasons behind, the process of, and the results emerging from Microsoft’s transformation of its cyber security governance.

Lisa Reshaur, Ph.D., Senior Director, Governance, Risk, Continuity and Compliance, Digital Security and Risk Engineering, Microsoft

2:45 – 3:30 pm

The Cybersecurity-Privacy Partnership

As cyberatacks lead to ever-larger breaches of private data, the missions of privacy and cybersecurity become increasingly interconnected. Yet the language, metrics and goals of each function may not always align. Explore actionable strategies for robust, effective collaborations that advance critical cybersecurity and privacy goals.

Lydia Payne Johnson, Chief Privacy Officer, Freddie Mac

Afternoon Networking Break: 3:30 – 3:45 pm

3:45 – 4:30 pm

Transcending Silos with a Compliance Framework

Learn how to use a compliance framework to break through silos around cybersecurity, privacy, and ethics and compliance, coordinating not only on response but on training and defense.

Paul Flanagan, Assistant Professor, Drexel University, Thomas R. Kline School of Law, Former Executive Director of Compliance and Privacy Services, Drexel University

4:30 – 5:15 pm

Conference Board Research: Digital Transformation and Evaporating Boundaries

In this interactive session, attendees will build from the Conference Board research study, Driving Digital Transformation: Why Culture and Structure Matter to explore the particular security challenges and opportunities raised by the push to facilitate open-source, boundary-defying collaborations among internal and external stakeholders.

Mary Young, Principal Researcher, The Conference Board

Closing Remarks: 5:15 pm - 5:25 pm

Joan Greco,Program Director, The Conference Board

Day Two | Friday, January 19, 2018

Continental Breakfast: 8:00 – 8:30 am

Opening Remarks: 8:30 – 8:40 am

Joan Greco,Program Director, The Conference Board

8:40 – 10:00 am

Scenario 2: Ransomware

In our Day 2 interactive role-playing exercise, we explore who is part of the decision-making and response, before, during and after a ransomware attack.

Robert Clyde, Vice Chair, Board of Directors, ISACA

10:00 – 10:45 am

How Your Business Becomes Russia’s Business: Understanding the Players, Methods and Motives behind Russian Cyberattacks

Russian political cyber- and information warfare have captured the headlines, but they are one part of a larger cybercriminal enterprise against which your organization is likely to be vulnerable. Understanding their capabilities and methods provides special insights into current threats and how to defend against them.

Ambassador David J. Smith, Professor of Cybersecurity Policy, Utica College

Dr. Khatuna Mshvidobadze, Adjunct Professor of Cybersecurity, Utica College

Morning Networking Break: 10:45 - 11:00 am

11:00 – 11:45 am

The Battle for Cybersecurity Talent: Creative and Collaborative Solutions

Research indicates that the challenges of recruiting cybersecurity talent are only going to intensify in the near term. Are there alternatives to fighting over a too-small talent pool? Learn of new initiatives and creative, actionable solutions to bolster your organization’s cybersecurity talent.

Robert Clyde, Vice Chair, Board of Directors, ISACA

11:45 – 12:30 pm

Case Study: Public-Private Partnerships in IoT Innovation

Learn how BD manages and benefits from a network of partnerships with the FDA, DHS, and the security research community in the development of innovative and secure IoT devices.

Edison Alvarez, Sr. Manager, Product Security, BD

Lunch: 12:30 – 1:30 pm

1:30 – 2:30 pm

Strengthening Lines of Communication: Information Sharing among Business, Government, and Academia

Cybersecurity leaders from the private sector, public sector, and academia discuss why and how to enhance information sharing on cyber threats.

Anthony Ferrante, Former Director for Cyber Incident Response & Cybersecurity Policy, National Security Council

D. Frank Hsu, Clavius Distinguished Professor of Science, Dept. of Computer and Information Science, Fordham University

Talvis Love, SVP eCommerce, Enterprise Architecture & Chief Information Security Officer, Cardinal Health

Lydia Payne Johnson, Chief Privacy Officer, Freddie Mac

Moderator: Jason Healey, Senior Research Scholar, School for International and Public Affairs, Columbia University; Senior Fellow, Cyber Statecraft Initiative of the Atlantic Council

2:30 – 3:15 pm

Building a More Defensible Cyberspace: The New York Cyber Task Force Report

How can cyberspace be made more defensible without sacrificing the utility, flexibility, and convenience that has made the Internet so essential? The members of the NY Cyber Task Force sought to address this question with a focus on leverage: those innovations across technology, operations, and policy which grant the greatest defender advantage at the least cost and greatest scale. The resulting report, drawing from a wide range of sectors and based on lessons from five decades of past efforts, brings new insights, particularly on the importance of operational innovations such as information sharing and organizational structures. Learn how to take advantage of these findings in your organization.

Jason Healey, Senior Research Scholar, School for International and Public Affairs, Columbia University; Senior Fellow, Cyber Statecraft Initiative of the Atlantic Council

Afternoon Networking Break: 3:15 – 3:45 pm

3:45 – 4:30 pm

The Human-Centric Future of Cybersecurity

Learn how behavior-based security - an approach that sees the human factor as a design imperative instead of a necessary evil - is changing the future of cybersecurity.

Jim Routh, Chief Security Officer, Aetna

Closing Remarks: 4:30 – 4:45 pm