Speaker:
Selim Aissi, SVP & CISO, Ellie Mae

Selim Aissi is a respected, veteran CISO who has deep experience in technology, management and financial services. In this exclusive fireside chat, he opens up on a range of hot topics, including

• The security challenges of multicloud environments
• How to defend against new DDoS and ransomware variants and vectors
• Do's and don'ts for developing effective relationships with your Board

Speaker:
Donald Smith, Senior Director of Product Management, Oracle

Stability, security, performance and cost are the key parameters organizations consider when choosing an application development platform. Today's microservices and cloud-native approaches bring forth new possibilities but require careful considerations while trying to deliver on customer demands and business needs. In this session, Donald Smith, Senior Director of Product Management for the Java Platform Group at Oracle will cover:

• Java's evolution into the modern microservice and cloud-native application platform
• Evolving threat landscape
• Current best practices for application platforms in general

Speaker:
Homayun Yaqub, Senior Director of Strategy, Forcepoint

Join Forcepoint's Global Security Strategist Homayun Yaqub for a candid discussion on addressing financial services' security challenges today where viewing cyber risk as an information-technology issue will only continue to fall short. And the modern cyber path forward requires cyber integrated into the corporate risk framework making it critical to both business growth and competitive advantage in the years ahead.

Speaker:
Gary Sorrentino, Global Deputy CIO & Chairman, CISO Council, Zoom

2021: It's the big global reset. Business offices are likely to reopen, but much of the corporate world still prefers some work-from-home flexibility. Are you ready to secure this hybrid workforce? Do you have the visibility, tools, and skills to protect employees and critical assets, while enabling secure collaboration among your dispersed teams?

Join Zoom Global Deputy CIO Gary Sorrentino for an interactive discussion about:

• The new three types of workers
• "Separate but equal" security policies
• Why when you think you've got security right, you still might be wrong

Speakers:
Avi Shau, CEO and Co-Founder, Orca Security
Thomas Hill, CIO, Live Oak Bank

Public cloud providers like AWS, Azure, and GCP enable financial services firms to deliver new products and capabilities at breakneck speeds, but how do you balance speed to market against compliance mandates and security issues - do you have to choose? This presentation looks at how to meet compliance mandates, gain 100% visibility into security issues, and tips for reducing friction between DevOps and IT security teams.

Three key things the audience will be able to do after attending your session?

• Apply "lessons learned" from Live Oak Bank's public cloud journey
• Make a more informed decision when choosing a cloud security provider
• Implement continuous compliance and hardening of your public cloud environment

Speaker:
Rob Roj, Senior Solutions Architect, Shape Security

Web and mobile apps now represent the single most lucrative set of targets for cybercriminals - which means that application security has never been more important. Together, our combined F5 and Shape Security solutions deliver a comprehensive application security stack that marries best-in-class defenses with the simplicity and ease of a single vendor. Attend this session to learn how F5 and Shape Security can help you achieve: - Detection and mitigation from vulnerability exploits to denial-of-service attacks - Better application performance and uptime - Measurable cost savings for hosting and bandwidth costs - Slashed losses due to fraud and abuse

Speaker:
Chris Dobrec, Vice President of Product Marketing, Armis

Knowing what you have is the critical starting point for any security footprint, but do you really know about everything in your environment? First and foremost on any CISO's mind, is to understand where all their risks are coming from. And for security personnel in financial services, those risks need to be balanced with worries about fraud as well as focus on protecting key pieces of infrastructure constantly under attack. If you do not understand what is on your network or in your infrastructure:

• Would you have an accurate picture of your attack surface?
• Would you be able to find those things that you're not even aware of such as IoT devices you didn't even know were in the building?
• How would you begin to secure those devices?
• How would you do patch management to something you don't even know you have?
• Could you get risk scoring for an unmanaged/IoT device perspective?

During this session we'll take a look at the risks associated with the things you may not even know are in your environment and how to find and protect them.

Speakers:
Michael Alouf, Director of FinServ/FinTech Practice, Auth0
Pushp Abrol, Senior Solutions Engineer, Auth0

How do Financial Services companies provide a personalized and frictionless digital experience that will allow their customers to feel in control of the information they share?

By leveraging a Customer Identity and Access Management (CIAM) platform, businesses can enable solutions to easily identify and authenticate their users, while offering a simplified process that includes anomaly detection and other security measures to ward off attacks.

Join Michael Alouf, Director of FinServ/FinTech Practice, Auth0 and Pushp Abrol, Senior Solutions Engineer, Auth0 to discuss:

• Rapidly increasing security threats and evolving customer expectations
• How the changing landscape of modern identity is opening doors to disruptive innovation
• Exploring identity in today's environment and heading in 2021

Speakers:
Chip Mason, Lead, Mainframe Security Product Management, Broadcom
Mary Ann Furno, Offering Manager, Broadcom

Today's cloud-connected Mainframe is a vital infrastructure for crucial business applications and data - even more so for banking and financial service companies that carry the highest security and most stringent regulatory requirements. This cloud-connected, hybrid IT model can increase security risk and open opportunities for attacks, but it doesn't have to

Mainframes often house the most vital data and applications. Shifting away from "firefighting" mode and ensuring they integrate into the enterprise security plan can help to eliminate vulnerabilities and threats.

In this session, we'll explore how a comprehensive security suite can help us reduce risk through data classification, avoid human error, use automation and analytics to make decisions and align with best practices, and reduce insider and stolen credential threats with advanced identity management and privileged user management.

Key takeaways:

• Reduce insider threats with advanced authentication and privileged user management
• Identify hidden risks in my data from a governance and regulatory compliance perspective
• Monitor activity and determine if there is risky behavior going on that I'm unaware of
• Explore how analytics and automation can simplify security management
• Understand the importance of a comprehensive Mainframe security lifecycle

Speaker:
Sion Retskin, CISO & Head of Knowledge & Practice, Pcysys

Today more than ever, financial intuitions are looking for the flexibility of a fully automated platform that validates security efficiency with a click of a button. Security teams are met with an unfair challenge, the attack surface continues to grow and the number of attacks increases yet no matter how many security measures are implemented, there still remains a gap when it comes to validating their effectiveness and the accurate state of the enterprise's cyber posture.

PenTera is an Automated Security Validation solution that ensures you are secure around the clock. Continuous Automated Security Validation ensures your system's cyber posture by applying machine-based, agentless, and on-demand penetration testing.

Join Sion Retzkin, CISO & Head of Knowledge & Practice, Pcysys to learn how to:

• Build up your cyber resilience with continuous risk validation
• Prioritize remediation efforts with a threat-facing perspective
• Increase the productivity of your security teams

Speakers:
Christopher Janczewski, Special Agent, IRS
Jon Gebhart, Special Agent, IRS

The IRS Criminal Investigation Cyber Crimes Unit is waging a battle against the use of cryptocurrency for financing terrorists and other money-laundering activities. Agents Chris Janczewski and Jon Gebhart describe recent cryptocurrency-related takedowns.

In this Exclusive Interview agents Janczewski and Gebhart discuss:

• The role of the IRS in countering cryptocurrency- based criminal activity;
• The recent disruption of three cryptocurrency financing campaigns for terrorism
• Their concerns for cryptocurrency-funded crimes in 2021 and optimism for countermeasures

Speaker:
Steven Hunt, Senior Analyst, Aite Group

Nestled deep in most networks is such a popular destination for attackers that network security, endpoint security, and cloud security vendors make it their prime directive to catch bad activities before attackers reach this enticing target. The place all attacks seem to be worming their way toward is Active Directory. Microsoft's Active Directory is the treasure trove of all privileges and credentials

Speakers:
Christopher Hertz, VP of Sales for Cloud Solutions, Rapid7
Thomas Martin, Founder, NephōSec and former CIO at GE

Financial services organizations are experiencing a culture shift as they respond to consumer demand for improved experiences delivered when and how they want them. Building applications and migrating regulated workloads to the cloud offers an attractive way to speed innovation, reduce time to market, and increase resilience.

The financial services industry experiences security incidents at 300 percent more frequently than other sectors. The data breaches caused by cloud misconfiguration continue to be rampant, costing enterprises an estimated $5 trillion in 2018 and 2019 alone. Organizations must modify the "command and control" mentality of traditional IT and marry it with a "trust but verify" approach when looking to take advantage of the advantages in public cloud.

In this session, learn how to identify and implement the systems that are cloud-native, and can help you address the unique challenges of public cloud offerings through automation.

Speakers:
Ahmed Mohamud, VP, Cyber Risk, Morgan Stanley
Martyn Crew, Director of Solutions Marketing, Gigamon
Stephen Scharf, Managing Director & Global Chief Security Officer, The Depository Trust & Clearing Corporation

AS we begin 2021, many financial services companies are turning their attention to planning for the future - this means adapting to a hybrid workforce and a much greater reliance on cloud for operational efficiencies. While the transition is well underway for many organizations, the journey is fraught with challenges and potential security threats. This session will discuss

How has the shift to dynamic work and multicloud environments introduced cybersecurity risk?

How has the cloud journey been accelerated? Are you digitally transformed?

What have been the network challenges in enabling the hybrid workforce?

What will be the security model of The New Tomorrow?

Please join Martyn Crew, Gigamon's Solutions Marketing Director, Ahmed Mohamud, VP, Cyber Risk, Morgan Stanley and Stephen Scharf, Managing Director & Global Chief Security Officer, The Depository Trust & Clearing Corporation to discuss some of the issues and options facing the Financial Services industry as we step into The New Tomorrow

Speaker:
Mark Ostrowski, Head of Engineering for the East, US, Check Point

Security is everyone's problem, forging close partnerships between developers, DevOps, and AppSec teams is critical. Ops must create pipelines that let developers work at the speed of serverless and still deploy applications in a realistic and secure way.

Speaker:
James Brotsos, Product Manager, Developer Experience, Checkmarx

Today's modern applications are made up of a significant percentage of open source libraries, components, and packages. As a result, organizations must recognize, accept, and oversee how and where open source is used in the products and services delivered to their customer base.

Although organizations acknowledge a heightened level of security, license, and operational risk, unfortunately, most don't effectively track or manage open source throughout their entire code base and cannot easily address the widening hazards they face. Are you one of the organizations that lack automated, repeatable processes for open source usage, risk management, and remediation? In this session, attendees will hear recommendations on how to tackle the following:

• Open source selection and approval processes as it enters a code base
• Inventory and tracking of open source usage
• Monitoring, identification, and mitigation of security vulnerabilities
• License compliance efforts to avoid risk of potential litigation
• Prioritization of security risks and automated workflows to accelerate remediation
• Enforcement of open source security policies throughout development pipelines

Speakers:
Don Spies, Director of Market Development, Chainalysis
Jackie Koven, Solutions Architect, Chainalysis

It is no longer a question of "if" financial institutions and cyber security organizations are exposed to cryptocurrency - it is now, "how." The question then becomes how to build a risk-based approach to engage responsibly, identify and mitigate risks, and investigate financial crime with a crypto nexus.

Whether you're dealing with risks on the cyber security front or as a bank, Don Spies, Director of Market Development and Jackie Koven, Solutions Architect at Chainalysis, will guide you through the process of identifying risk and discuss how to build a framework to help understand and address your institution's overall crypto exposure.

Speaker:
Thomas Malta, Head of Identity and Access Management, Navy Federal Credit Union

Multi-cloud and hybrid cloud solutions are great enablers for organizations, but managing IAM across multiple entities that are ever expanding in capability and use? Big challenges. But here's an opportunity to re-do enterprise IAM. Join Tom Malta of Navy Federal Credit Union for insight on:

• Business requirements;
• Next-gen IAM architectures;
• A roadmap for success.

Speaker:
Jeff Dant, Managing Director, Fraud Operations & Intelligence - Enterprise Fraud Management, BMO Financial Group

Financial crime has seen some unique spikes in the past year, and banking institutions are taking extraordinary steps to coordinate their detection, prevention and response efforts - much like their fraud fusion centers. Jeff Dant, a former U.S. Secret Service agent, now plies his skills at BMO Financial Group, where he's dealing not only with financial crime ever more persistent fraudsters ... but the impacts of the COVID-19 pandemic. In this session, Dant discusses

• Financial crimes and a holistic response
• The evolution of the Fusion Center concept;
• How COVID-19 has impacted fraud schemes and how we defend against them

Speaker:
Joe Martinez, CISO, Aon

2020 was a volatile year in the marketplace, and 2021 promises more of the same, with mergers and acquisitions dominating the news. But what often gets overlooked in the mix - even by those who know better - is cybersecurity. In this session, Joe Martinez, a veteran CISO with M&A experience, discusses:

• How to balance competing challenges in M&A
• Major milestones in the process
• How to assess risk in a company when you have limited visibility