Speaker:
Brett Johnson, Former Most Wanted and "The Original Internet Godfather"

Brett Johnson, referred to by the United States Secret Service as "The Original Internet Godfather" has been a central figure in the cybercrime world for almost 20 years. He founded and was the leader of Counterfeitlibrary.com and Shadowcrew.com. Working alongside the top cyber criminals of our time, he helped design, implement, and refine modern Identity Theft, ATO fraud, Card Not Present fraud, IRS Tax Fraud and countless other social engineering attacks, breaches and hacking operations.

Join Johnson as he discusses:

• His involvement in online crime;
• The current state of cybercrime, the crooks and the crimes they commit;
• How to avoid being a cybercrime victim.

Speaker:
David Houlding, Principal Healthcare Program Manager, Microsoft

Financial fraud can be notoriously hard to detect and easy to cover up. But does blockchain technology with its distributed digital ledger now offer a new tool to help organizations reduce risk and prevent fraud?

This session describes:

• More about blockchain and its uses beyond digital currencies;
• The value of blockchain to reduce financial transaction time, risk and fraud among multiple parties with a trusted, decentralized digital ledger;
• Lessons from organizations that already are using blockchain technology as a tool to prevent fraud.

Speaker:
Paul Bowen, Principal Security Technologist, Arbor Networks

Accidentally careless employees are the biggest cause of incidents involving data loss, responsible for almost 25 percent of all breaches.

Given that employees are the first line of defense against socially engineered schemes, such as account takeover, new account fraud and other crimes, doesn't it make sense to train your end users to support your security efforts - not just hinder them?

This session offers insights on:

• Why many end user training efforts fall flat;
• Effective new ways to utilize technology to train employees;
• Use cases for how to turn the adversarial end user relationship into a "friend user" partnership.

Speaker:
Gleb Esman, Senior Product Manager, Fraud Analytics and Research, Splunk

Security hygiene can be poor, and criminals know it. Fraudulent activity costs are in the billions worldwide across industries, and over 16 million consumers in the US were victims of identity theft or fraud in the past year. Learning to onboard new data at the speed of the business will ensure your fraud team can detect and investigate data to quickly find anomalies and reduce loss of money, reputation and organizational efficiencies.

In this session you will learn:

• How to recognize examples of fraudulent activities in your environment;
• How to more quickly find anomalies of transactions or behaviors of accounts that are fraudulent, acting fraudulently or being taken over;
• Recommendations and best practices on how to get started detecting fraudulent patterns and activities by using machine data and an analytics-driven security platform.

Speaker:
Frank Mendicino, Digital Identity & Fraud Prevention, Cyber Security, IBM US

As businesses evolve to support a complete digital experience, a challenge has emerged to one of the most basic questions of doing business: How can I truly trust I know my customer?

In the world of data breaches and identity theft, legacy programs of identity proofing and authentication do not instill a high level of confidence in the end user's claims to allow establishing digital identity trust. New technologies and approaches are needed to assess the risk of digital identities that examine each user's digital patterns and can detect bad actors more accurately.

This session dives into the details of a framework that establishes digital trust based on capabilities from fraud protection and Identity. Showing how it quickly and transparently establish a trusted, frictionless digital relationship for customers, employees, and business partners. The session also explores key scenarios of deployment, best practices and top technologies that establishes a digital trust stack.

Speaker:
Doug Copley, Advisory CISO, DUO Security

Many models of security have their roots in older infrastructure. But older models don't fit the needs of modern businesses, and with the death of the network perimeter and the rapidly approaching end to passwords, we need security that will enable us now and into the future - especially with new devices coming in ever-changing forms. This may seem new, but establishing trust in this new model of security is much like establishing trust when your child wants to go on a date. This presentation covers IoT, mobility, cloud, as well as the end of solutions like VPNs, firewalls, MDM and passwords - and we pick things apart. While they may seem like completely different topics, all of these things end up having security implications in unexpected ways.

Attend this session to:

• Contrast security risk in legacy and future computing environments;
• Learn what to look for in new technologies and security;
• Prepare for a world without perimeters, VPNs, and passwords.

Speaker:
David Lott, Payments Risk Expert, Retail Payments Risk Forum, Federal Reserve Bank of Atlanta

Maintaining strong payments security practices is a continuously moving target given the ever-evolving payments ecosystem and dynamic nature of the threat environment. The commitment to improve security is a priority throughout the payments industry as evidenced by the ongoing collaboration across these issues. This session covers:

• Efforts to support the payment industry, such as the Federal Reserve's payment fraud study;
• Initiatives designed to tackle tough issues, such as data protection, payment identity management and cybersecurity.

Speaker:
Chris Testa, Regional Vice President, Cybereason

In a world where adversaries are evolving their tools and techniques, defenders also need to advance their techniques to stay one step ahead of the ever evolving threat. While breach prevention used to rely heavily on static, signature-based detection, this is no longer an approach that will keep even simple threats out of your environment. This session will explain how AI, deception, and dynamic, behavioral analysis can enable organizations to prevent advanced attacks including ransomware, fileless malware, and never-before-seen threats.

Speaker:
Patrick Bedwell, Head of Product Marketing, Lastline

Organizations spend millions every year to prevent attacks, yet they have very little insight into the actual cyber risk they're facing. Without that insight, it's difficult to know where to focus resources or measure the value of any security investments.

This presentation discusses how you can build your own cyber risk model: understanding the breach chain, how to identify the relative risk at each stage of the chain, and the costs associated with reducing the risk at each stage.

Speaker:
Brent Maher, CISO, Johnson Financial Group

A consistent message throughout this Summit: Most threats to an organization continue to enter through the route of least resistance - email. In this session, hear directly from a CISO on why email security needs renewed focus and how he's addressed it in his own organization, including:

• Why smart employees continue to fall for email phishing schemes;
• How to use adult learning techniques as part of a new anti-phishing strategy;
• How to reduce exposure via phishing by more than 30 percent.

Speaker:
Diana Kelley, Cybersecurity Field CTO, Microsoft

Stolen data is one thing - the consequences are obvious. But what if data is not stolen or leaked, but rather altered? What could be the damage? Diana Kelley of Microsoft discusses the emerging topic of data integrity and how to preserve it.

Join this session, as Kelley discusses:

• How and where data can be altered - and the potential impacts;
• Implications across the enterprise, even with stored data;
• Cybersecurity tools to help ensure data integrity.