Speaker:
General Gregory Touhill, Retired, First US CISO & President, Cyxtera Federal Group

Cybersecurity is at the top of the agenda in board rooms around the world. In this presentation, Retired Brigadier Gen. Greg Touhill, the first Chief Information Security Officer of the United States Government, will discuss lessons learned during his military and federal service. Discover how properly executing critical tasks and following through on strategy, policies and procedures are essential to protecting you, your brand and your reputation.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speaker:
Kevin Flynn, Global Director of Products, Skybox Security

Monetarily motivated attacks are by far the most prevalent cyberthreats to organizations worldwide, yet vulnerability management techniques have largely failed to adapt to a threat landscape dominated by distributed crimeware. By understanding the commercialization of attack tools and services - particularly the vulnerabilities they use, re-use and share - vulnerability management can focus on the small subset of vulnerabilities that are exploited in the wild and packaged in distributed crimeware. This threat-centric approach improves vulnerability prioritization and focuses remediation on the relatively small number of exploitable vulnerabilities, greatly reducing risk through efficient, intelligent processes. This session will cover what's been driving the shift to distributed cybercrime, how to align vulnerability management with real-world threat behavior, and what intelligence and tools are needed.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speaker:
Jon Clay, Director, Global Threat Communications, Trend Micro

In this session, Trend Micro will review its own research into Pawn Storm (a.k.a., APT28, Fancy Bear, Strontium, etc.), which exposes the scope and scale of the cyber-espionage attacks the cyber tradecraft of those who wage these attacks. Trend Micro's researchers have observed activity dating back to 2004, with attacks that have been targeting government, military, media and political organizations around the world. This session will review how the groups that wage cyber-espionage attacks have shifted their focus toward cyber-propaganda over the past two years, with a 400 percent increase in targeting activity in 2016 alone. Additionally, this session will cover the extensive threat vectors that are used to target victims and how organizations can understand these threats and come up with ways to combat them.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speaker:
Peter Beardmore, Director of Digital Risk Management Solutions, RSA

How is it that, while cybersecurity spending is approaching $100 billion annually, attacks such as ransomware, distributed-denial-of-service and data theft remain so prevalent? Congressional reports about recent breaches such as the OPM breach read like Keystone Cops scripts. IT and security leaders are exhausted, if not defeated. And while many business executives remain bewildered by "The Cyber," some of the answers may ultimately be found in applying relevant business context to cybersecurity operations - translating the language of IT security to that of business risk, ultimately arriving at better strategy and decision-making. In this session, Peter Beardmore of RSA will explore the challenges and practical onramps for getting started on the journey of improving risk mitigation and cybersecurity maturity.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speaker:
Michael Lynch, Chief Strategy Officer, InAuth

Retailers and financial institutions are dealing with the changing face of customer interactions. For many businesses, mobile logins have surpassed online logins, and consumers are voicing their demands for more mobile services. Consumers expect to bank, pay, buy, transfer and more via their mobile devices - and they want to do all of this with the least number of security steps possible. But these new ways to pay require new ways to secure. The shift toward mobile payments puts extreme pressure on businesses to raise the bar on security, while also providing frictionless environments that deliver positive customer experiences. This session will explore and review specific risks related to mobile payments, wallets and applications, and review how device intelligence and authentication technologies are enabling the mobile device itself to be a trusted and secure token that can mitigate risk and lead to new and enhanced customer and business opportunities.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speaker:
Alex Mosher, Vice President of Security Strategy, CA Technologies

Many organizations are undergoing a transformation to support digital platforms and stay competitive; but in order to maintain security, they have to ensure that access to these platforms is limited and that security remains a priority. New vulnerabilities to cybercrime are being introduced through hybrid environments, ones that often include remote access to systems and servers, automation of processes, and concentration of administrative power. Limiting administrative power through privileged access management is increasingly critical, but so is authentication, as more legitimate users' credentials are being compromised and access to systems is being fooled by the coders. According to the 2017 Verizon Data Breach Investigations Report, today's breaches involve a "combination of human factors, hardware devices, exploited configurations or malicious software." How can these risks be mitigated while still keeping a competitive edge? This session will explore how taking a proactive stance can help mitigate risks, while still enabling the business to use tools that are necessary in today's digitally charged economy.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speaker:
Sean Brady, Sr. Director, Product Marketing, Arbor Networks

In 2014, the FFIEC released the Joint Statement "Distributed Denial-of-Service (DDoS) Cyber-Attacks, Risk Mitigation, and Additional Resources." This session will review the six primary guidelines provided within the statement, assess the evolution(s) that have occurred in the threat landscape since its release and drive a discussion about needed adjustments to existing risk controls.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speakers:
Erik Devine, CISO, Riverside Healthcare
Howard Anderson, News Editor, ISMG
Jennings Aske, CISO, New York-Presbyterian
Lee Kim, Director of Privacy and Security, HIMSS

In the wake of recent of recent ransomware attacks, such as WannaCry, which have plagued healthcare organizations, in particular, for the last year, what lessons do we have yet to learn? Ransomware attacks are nothing new, and while WannaCry was widespread, it was not sophisticated or stealthy, necessarily. So why did it have such an impact?

In this session, our panelists will discuss why the "wartime mindset" has yet to be embraced, and why CISOs need to take charge and lead the way toward developing more effective security action plans.

Experienced healthcare CISOs and legal experts will:

• Provide real-world insights into how to create an effective cybersecurity action plan;
• Spell out the core elements of breach prevention, detection and response strategies; and
• Identify security technologies that can play an effective role in supporting a so-called "wartime" strategy

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Speakers:
Brian Jeffords, Director of Identity Management and Cybersecurity Services, Boeing
Ruth Promislow, Partner, Commercial Litigation, Fraud and Cybersecurity Practice, Bennett Jones LLP, Toronto
Todd Carroll, CISO and VP of Cyber Operations, CybelAngel

Too many organizations continue to address breach response from a reactive mode - having a crude disaster-recovery plan in place in case something "does" happen, rather than accepting that something "will" happen and proactively preparing for it. In this session, a panel of legal, technical and law-enforcement experts will discuss what well prepared organizations are doing right, when it comes to proactive interaction with law enforcement, information sharing and breach investigation and response.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.