The Future of Security

In a hyper-connected world, the health of the digital economy depends more than ever on the security tactics and strategies that protect our networks. Structure Security will highlight the best practices that security professionals are using to protect some of the world’s largest companies and institutions, and examine the future of security products, services, and the threats that aim to take them down.


SPEAKERS

Nick Anderson

Facebook

Dan Burns

Optiv

Tom Corn

VMware

Art Coviello

Rally Ventures

Arlette Hart

FBI

Jay Leek

ClearSky Security

Bob Lord

Yahoo

Adrian Ludwig

Google

Scott A. Montgomery

Intel Security

Charles Beeler

Rally Ventures

Geoff Belknap

Slack

Mark Bergen

Recode

Ben Bernstein

Twistlock

Marc Canel

ARM

Biz Carson

Business Insider

Asheem Chandna

Greylock Partners

Craig Davies

Atlassian

Larry Dignan

CBS Interactive

Alex Doll

Ten Eleven Venture

Dale Drew

Level 3 Communications

Casey Ellis

Bugcrowd

Andy Ellis

Akamai

Oren Falkowitz

Area 1 Security

Alex Gantman

Qualcomm

Theresia Gouw

Aspect Ventures

Steve Grobman

Intel Security

Robert Hackett

Fortune Magazine

Stacey Higginbotham

SKT Labs

Leigh Honeywell

Slack

Niloofar Howe

RSA

Jessy Irwin

1Password

Diana Kelley

IBM

Christopher Key

Verodin

Tom Krazit

Structure Events

Demetrios Laz Lazarikos

Blue Lava

Tom Le

GE Digital Wurldtech

Kevin Mahaffey

Lookout

Sean Martin

ITSPmagazine

Bethany Mayer

Ixia

Stuart McClure

Cylance

Todd McKinnon

Okta

Robert McMillan

The Wall Street Journal

Kevin McLaughlin

The Information

Marten Mickos

HackerOne

Alastair Paterson

Digital Shadows

Alex Polvi

CoreOS

Paul Roberts

The Security Ledger

Jeff Roberts

Fortune

Seth Rosenblatt

The Parallax

Clare Ryan

Structure Events

Aarti Shahani

NPR

John Stauffacher

Caffeinated Networks

Stacy Stubblefield

TeleSign

Carson Sweet

CloudPassage

Mark Terenzoni

Sqrrl

Hugh Thompson

Hudson Thrift

Uber

Dylan Tweney

Tweney Media

Jonathan Vanian

Fortune

Prima Virani

Pandora

Headline Sponsor

Primetime Sponsors

Showtime Sponsors

Partners

Day 1 - Tuesday, September 27


8:00 AM

Registration and Breakfast

9:05 AM

Opening Remarks

Hosts:
Tom Krazit, Executive Editor, Structure Events
Clare Ryan, CEO, Structure Events
Emcee:
Hugh Thompson, Technology Executive

9:10 AM

The State of Information Security in 2016

Art Coviello will kick off Structure Security with an overview of the current security landscape, including new threats, solutions, and best practices for information security professionals and developers.
Speaker:
Art Coviello, Venture Partner, Rally Ventures

9:30 AM

How Machine Learning Will Keep Us Secure

Machine learning is helping produce breakthroughs in almost every area of computing, and it's helping play defense as well. What has machine learning allowed security professionals to accomplish with new products, and what's to come as these systems become more sophisticated?
Speaker:
Stuart McClure, CEO, Cylance
Moderated By:
Robert Hackett, Reporter, Fortune Magazine

9:50 AM

Building a Successful Agile InfoSec Program for Today’s Digital Business

Three time veteran CISO Demetrios Lazarikos (Laz) will present InfoSec strategies that are working with organizations interested in growing their programs to support Continuous Integration and Agile environments while protecting the company brand and adopting emerging technologies. Laz’ experience in these areas have been recognized globally by his peers and industry analysts. During this session, Laz will share successful strategies with you providing real world case studies and approaches that are embraced by practitioners and regulators. Laz will also share materials and data that work in creating meaningful dashboards and metrics to use for reporting to the board of directors, executive staff, and engineering teams.
Speaker:
Demetrios "Laz" Lazarikos, Founder and CEO, Blue Lava
Moderated By:
Sean Martin, CISSP | Editor-in-Chief, ITSPmagazine

10:10 AM

Security Challenges That Keep CIOs Up At Night

Some of the biggest and most successful companies in the world depend on RSA's products and services for protection. Niloofar Howe, RSA's Chief Strategy Officer, is charged with making sure her company is responding to the needs of those customers by anticipating the next threat.
Speaker:
Niloofar Howe, Chief Strategy Officer, RSA
Moderated By:
Paul Roberts, Founder and Editor in Chief, The Security of Things Forum, The Security Ledger

10:30 AM

Morning Break Sponsored By TenEleven Ventures

10:45 AM

Structure Talk: Synchronoss – Keeping Your Edge Secure – Main Stage

The future of our mobile lives relies on not compromising between Security and Productivity, regardless of where you are working. Synchronoss partnered with Goldman Sachs to optimize the mobile user's experience. This session will highlight trends, experiences and solutions and will focus on Mobile Productivity, Data Protection and Identity Management.
Speaker:
Jay Chitnis, Head of Marketing, Enterprise, Synchronoss

10:45 AM

Structure Talk: Citrix – Secure Mobility and Authentication For Highly Regulated Environments Including Government, Healthcare, and Financial Services – Cypress Room

Highly regulated environments including government, healthcare and financial services require strong mobile security that meets regulatory compliance and minimizes risks to critical data. Join this session to understand mobile security risks and how to protect data on the device with either device or application level controls; secure data sent in transit over public networks; and keep information stored in the cloud protected. Hear an Aviation industry case study to learn how these security measures have been successfully implemented.
Speaker:
Nivedita Ojha, Senior Director of Product Management, Citrix

11:30 AM

Help Wanted: The Coming Security Skills Gap

There is a scary shortage of qualified information security professionals - a 1 million-person gap in jobs available to cybersecurity experts and the people available to fill them, according to Structure Security adviser Jay Leek of Blackstone. How will CISOs plan for this shortage?
Speaker:
Jay Leek, Managing Director, ClearSky Security
Moderated By:
Larry Dignan, Editor in Chief, ZDNet; Editorial Director, TechRepublic , CBS Interactive

11:50 AM

Security is a Team Sport, Right?

For too long, technology product development groups and information security groups at many companies have battled over how to ascribe resources and requirements: each battling for their own interests: delivery speed versus functionality versus increased security. Diana Kelley of IBM will explain why this standoff has made us less secure, and why it has broader implications for sharing information outside of companies.
Speaker:
Diana Kelley, Global Executive Security Advisor, IBM
Moderated By:
Tom Krazit, Executive Editor, Structure Events

12:10 PM

What the Secret Service Can Teach Us about Cybersecurity

Since the Secret Service began protecting the President full time in 1906, only seven attackers have reached the President. From a cybersecurity defender’s perspective, the President is the ultimate high-value asset—incredibly important, but impossible to lock away in a sealed vault. But despite the similarity, the cybersecurity industry record is nowhere close to the Secret Service’s record. This talk will focus on what cybersecurity experts can learn from the Secret Service’s approach.
Speaker:
Nathaniel Gleicher, Head of Cybersecurity Strategy, Illumio

12:30 PM

Spotlight on Digital Shadows

Speaker:
Alastair Paterson, Founder and CEO, Digital Shadows

12:35 PM

Fighting Code with Code

Security experts are just starting to realize how advanced machine learning techniques and artificial intelligence research can help secure our networks. A panel of experts will discuss the progress so far and the challenges that remain in this session.
Speakers:
Kevin Mahaffey, Co-Founder and CTO, Lookout
Carson Sweet, Co-Founder and CTO, CloudPassage
Mark Terenzoni, CEO, Sqrrl
Moderated By:
Jonathan Vanian, Writer, Fortune

1:00 PM

Lunch Break Sponsored By Twistlock

1:15 PM

Structure Talk: Distil Networks – Are Bot Operators Eating Your Lunch? – Main Stage

High risk lessons from the OWASP Top 20 automated threats. A new way to think about Web Security.
Speaker:
Edward Roberts, Director Product Marketing, Distil Networks

1:15 PM

Structure Talk: Bugcrowd – State of Bug Bounty: The Evolution of Pentesting to Crowdsourced Security – Cypress Room

2015 saw unprecedented participation in crowdsourced security programs, as big technology vendors like Google, Facebook and Tesla embraced bug bounty programs. Across the board, bug bounties saw a sharp rise in both popularity and accessibility. This session will outline the findings from a four year report observing these trends.
Speaker:
Leif Dreizler, Senior Security Engineer, Bugcrowd

2:15 PM

Firewalls, Botnets, Intrusion Detection: Security at the FBI

The FBI doesn't just investigate major cyberattacks on behalf of U.S. businesses - it's on the business end of those attacks itself more often than you might think. FBI CISO Arlette Hart must balance the need to keep the FBI's work under wraps while unlocking the flexibility and cost-savings that modern cloud services provide, and that's not an easy job.
Speaker:
Arlette Hart, CISO, FBI
Moderated By:
Aarti Shahani, Technology Reporter, NPR

2:35 PM

Spotlight on Verodin

Speaker:
Christopher Key, CEO & Co-Founder, Verodin

2:40 PM

Securing the Future of Workplace Collaboration

Slack, the hottest workplace collaboration app on the market is also likely to be one of the hottest targets for hackers over the next few years. How do you keep a unicorn -- and its fast-growing customer base -- safe?
Speaker:
Geoff Belknap, CSO, Slack
Moderated By:
Seth Rosenblatt, Editor, The Parallax

3:00 PM

Defining What It Means To Be Trusted

Lots of hardware and security vendors like to talk about a "trusted computing base," but what do they really mean? Taking a page from other successful industry standard-setting processes, Marc Canel of ARM, Alex Gantman of Qualcomm, and Steve Grobman of Intel Security will discuss why the security industry needs to settle on a definition of what it means to have trusted hardware.
Speakers:
Marc Canel, VP, Security Systems and Strategy, ARM
Alex Gantman, VP, Product Service Engineering, Qualcomm
Steve Grobman, CTO, Intel Security
Moderated By:
Tom Krazit, Executive Editor, Structure Events

Special Announcement – Wandera

3:25 PM

To Secure It, Open It Up

Just as open-source software revolutionized enterprise software and allowed hundreds of startups to thrive, so too will open-source security products allow businesses to get best-in-class security without breaking the bank. A panel of Silicon Valley's finest engineers will discuss the inevitability of open-source security.
Speakers:
Nick Anderson, Security Engineer, Facebook
Hudson Thrift, Security Operations Lead, Uber
Leigh Honeywell, Security Response Manager, Slack
Prima Virani, Security Engineer, Pandora
Moderated By:
Robert McMillan, Reporter, The Wall Street Journal

3:50 PM

Closing Day One

Emcee:
Hugh Thompson, Technology Executive

3:55 PM - 5:30

Networking Reception

Day 2 - Wednesday, September 28


8:00 AM

Registration and Breakfast

9:00 AM

Opening Day Two

Emcee:
Hugh Thompson, Technology Executive

9:05 AM

Why Outside Feedback Makes Your Engineering Team Stronger

What happens to engineers the first time some random kid 8,000 miles away hacks their stuff as a part of their bug bounty? Casey Ellis, founder of Bugcrowd, will talk about why it makes sense to outsource the creation of the "oh shit" moment, and watch your engineering team become a blue team.
Speakers:
Casey Ellis, Founder and CEO, Bugcrowd
Moderated By:
John Stauffacher, Security Advisor, Caffeinated Networks

9:25 AM

IT + OT: The Key to Securing the Industrial IoT

As the Industrial Internet expands, so too will the number of vulnerabilities within critical infrastructure. Join Wurldtech VP of Engineering Tom Le for a discussion on the convergence of IT and OT security and learn how you can combine the two disciplines to better protect data, information and assets at every level within your Industrial IoT stack.
Speakers:
Tom Le, Executive Director of Cyber, GE Digital Wurldtech
Moderated By:
Stacey Higginbotham, Editor, SKT Labs

9:45 AM

To Map Your Virtualized Network, Test, Test, Test

As the internet of things and the increasing use of virtualization start putting demands on our core internet infrastructure the likes of which we've never seen, keeping these vital links secure becomes even more important. Ixia provides security services to some of the most widely used communication networks in the world, and CEO Bethany Mayer will explain the types of threats those customers are facing.
Speakers:
Bethany Mayer, President and CEO, Ixia
Moderated By:
Tom Krazit, Executive Editor, Structure Events

10:05 AM

Spotlight on Twistlock

Speakers:
Ben Bernstein, CEO, Twistlock

10:10 AM

Funding The Future Of Security Innovation

In this session, a panel of venture capitalists will discuss which areas of security are ripe for new thinking from scrappy startups, and the opportunities that smart founders are chasing right now.
Speakers:
Asheem Chandna, Partner, Greylock Partners
Alex Doll, Founder and Managing Member, Ten Eleven Venture
Theresia Gouw, Co-Founder and Managing Partner, Aspect Ventures
Moderated By:
Charles Beeler, General Partner, Rally Ventures

10:30 AM

Morning Break

10:45 AM

Structure Talk: Level 3 Communications – Enterprise Security Trends, Challenges and Solutions – Main Stage

Increasing enterprise adoption of cloud-based systems & applications have enabled a significant boom in organizational efficiency, streamlined collaborative access to critical information and reduced in-house IT expenditure. However, distributed information systems are substantially more challenging to secure, highlighting the increasing vulnerability of critical enterprise information amid today’s dynamic threat landscape
Speakers:
Michael Renshaw, Senior Director, Security, Level 3 Communications

10:45 AM

Structure Talk: Wandera – Cheap Wi-Fi Hacks & IoT Attacks: How to Cash in and Win Using Small Chips – Cypress Room

Big things come in small packages. Believe it or not, hackers can now insert tiny IoT chips into USB chargers to capture your personal data. Interested in learning more? Join us.
Speakers:
Dan Cuddeford, Director of Sales Engineering, Wandera

11:30 AM

Android's Balance Between Openness and Security

The Google engineers who built Android at some point made a decision to forgo the lock-down strategy Apple applied to iOS in order to make the mobile operating system more customizable and flexible. Over a billion active users later, how's that working out? Don't miss this session on the current and future state of Android security.
Speakers:
Adrian Ludwig, Android Security, Google
Moderated By:
Dylan Tweney, Founder and President, Tweney Media

11:50 AM

Preparing For The Security Tsunami of the Internet of Things

As billions of devices come online, new security models will have to be developed. Scott Montgomery of Intel will walk us through some promising candidates for securing the internet of things.
Speakers:
Scott A. Montgomery, VP and Chief Technical Strategist, Intel Security
Moderated By:
Stacey Higginbotham, Editor, SKT Labs

12:10 PM

Security in an Innovation Culture

Atlassian’s security team doesn’t do sign-offs or checkpoints before software goes out the door. It launches top secret end-to-end attacks against its own Executive Team and staff, without informing its monitoring teams. It believes “people are still the best detectives,” (rather than technology), and has found that their ability to detect what may be amiss improves the more security scenarios they experience. “Pre-built” communications are at the ready for specific types of threats. From creating a fake Atlassian website that sought to have end users install a remote access tool to sending out an email, purportedly from the Chief People Officer, that included people’s performance ratings, the security group is continually creating innovative scenarios to test weaknesses in incident reporting, user education and its own intelligence capabilities, among other things, using those results to close the gaps. What other lessons can you apply to your own organization?
Speakers:
Craig Davies, Head of Security, Atlassian
Moderated By:
Jeff Roberts, Reporter, Fortune

12:25 PM

Are The Demands On High-Profile Product Development Teams Making Us Less Secure?

The breakneck pace of modern technology development coupled with the pressures of high-profile tech product development groups often forces companies to ship first and ask questions later. That can be problematic. Is the current state of cybersecurity the fault of the broader technology industry?
Speakers:
Bob Lord, CISO, Yahoo
Moderated By:
Tom Krazit, Executive Editor, Structure Events

12:45 PM

The Once And Future Password: Should We Perfect It, Or Find Something New?

Managing modern passwords for home and work is complicated even if you're one of the few who use password management software. But even those systems have flaws: are there realistic solutions for replacing passwords?
Speakers:
Jessy Irwin, Security Evangelist , 1Password
Stacy Stubblefield, Co-founder and VP of Product Strategy, TeleSign
Moderated By:
Biz Carson, Reporter, Business Insider

1:00 PM

Lunch Break Sponsored By IntSights Cyber Intelligence

1:15 PM

Structure Talk: Darktrace – The Machine Fights Back: Self-Defending Networks Are Here – Main Stage

Cyber defense has become an arms race. Automated attacks that use artificial intelligence to hide inside networks and emulate user behaviors are difficult to spot. This session will examine how threats like ransomware are caught and discuss the future of information security – self-defending systems based on unsupervised machine learning.
Speakers:
Nicole Eagan, CEO, Darktrace

1:15 PM

Structure Talk: Trusted Computing Group – A Short Introduction to TPMs For Security in the Container World – Cypress Room

Trusting your containers requires trust in the systems your containers run on. Trusted computing makes it possible for computers to prove what they’ve booted, making it practical for clusters to verify that systems haven’t been compromised. See how Trusted Computing is extended to individual containers beyond boot security.
Speakers:
Matthew Garrett, Principal Security Software Engineer , CoreOS

2:15 PM

To Discover The Future, Understand The Present

When the some of the world's largest companies are coming to you for security advice, you learn a lot about what buyers really want, what security vendors really want to sell, and where those two come together. Dan Burns, CEO of Optiv, understands the modern security market from a very compelling vantage point.
Speakers:
Dan Burns, CEO, Optiv
Moderated By:
Robert Hackett, Reporter, Fortune Magazine

2:35 PM

Identity Management: They Are Who We Thought They Were

In a world of distributed cloud applications, managing employee identity is a huge issue for many corporations. Okta thinks it has found the answer, and it's raised over $200 million to beat legacy players to the punch.
Speakers:
Todd McKinnon, Co-Founder and CEO, Okta
Moderated By:
Tom Krazit, Executive Editor, Structure Events

2:55 PM

Networking Security

Security is an issue through every part of the internet, including the most fundamental part: the backbone networks that carry data around the world. A panel of experts on networking security will discuss the current threat landscape and ways that our networking providers are help keeping our data safe.
Speakers:
Dale Drew, Chief Security Officer, Level 3 Communications
Andy Ellis, CSO, Akamai
Moderated By:
Stacey Higginbotham, Editor, SKT Labs

3:15 PM

Bugs In The Cloud: Why Finding Security Holes In Cloud Applications Is Everyone's Job

Software bugs that compromise security are probably inevitable (for now), so finding them quickly and understanding how to plug the hole has never been more important in a fast-moving world. This is especially true for cloud-based applications, as veteran CEO Marten Mickos knows so well.
Speakers:
Marten Mickos, CEO, HackerOne
Moderated By:
Seth Rosenblatt, Editor, The Parallax

3:30 PM

How Virtualization Could Transform Security

Can virtualization technology help companies get a better return on their security investment by closing the architectural gap between application data and infrastructure? VMware thinks security should be something that's built into your development process, rather than bolted on later.
Speakers:
Tom Corn, SVP, Security Products, VMware

3:50 PM

Why Your Greatest Asset Is Your Weakest Link

People are the most valuable part of your organization -- and they are a huge security risk as well. While education and training are important, so too are other ways of saving people from themselves, which Area1 Security founder and CEO Oren Falkowitz will discuss in this session.
Speakers:
Oren Falkowitz, CEO, Area 1 Security
Moderated By:
Jeff Roberts, Reporter, Fortune

4:10 PM

Containing Containers: Security In The Post-VM World

Container-based software development trends are the talk of the cloud computing consortium, and security remains one of the biggest issues for those consider adopting containers in their organizations. CoreOS CEO Alex Polvi will explain how container security works, and why it's so important.
Speakers:
Alex Polvi, CEO, CoreOS
Moderated By:
Kevin McLaughlin, Reporter, The Information

4:30 PM

Closing Remarks

Hosts:
Clare Ryan, CEO, Structure Events
Tom Krazit, Executive Editor, Structure Events

4:35 - 5:30 PM

Networking Reception