Jump to

Day One
Day Two

Tuesday, September 26


8:00am

Registration and Breakfast

9:05am

Opening Remarks

Host:
Diana Kelley, Chief Security Advisor, SecurityCurve

9:10am

Securing Facebook

Speaker:
Alex Stamos
Chief Security Officer, Facebook
Moderated By:
Hannah Kuchler, San Francisco Correspondent, Financial Times

9:30am

The Cybersecurity Landscape

Speaker:
Patrick Morley
President & CEO, Carbon Black
Moderated By:
AJ Dellinger, Technology Reporter, International Business Times/Newsweek

9:50am

Android's Balance Between Openness and Security

The Google engineers who built Android at some point made a decision to forgo the lock-down strategy Apple applied to iOS in order to make the mobile operating system more customizable and flexible. Over a billion active users later, how's that working out? Don't miss this session on the current and future state of Android security.
Speaker:
Adrian Ludwig
Android Security, Google
Moderated By:
Jonathan Vanian, Writer, Fortune

10:10am

Warning: What You Need to Know About the Security Workforce Crisis

Organizations of all types and sizes are facing constantly increasing cybersecurity threats, from phishing to ransomware. Security operations are working overtime to defend their data and mitigate the increasing risks of our connected world. Is the lack of trained security personnel the biggest vulnerability?
Speaker:
Candace Worley
Vice President and Chief Technical Strategist, McAfee
Moderated By:
Seth Rosenblatt, Editor, The Parallax

10:30am

Morning Networking Break

11:30am

Global Security Challenges and How We're Facing Them

Some of the biggest and most successful companies in the world depend on RSA's products and services for protection. Niloofar Howe, RSA's Chief Strategy Officer, is charged with making sure her company is responding to the needs of those customers by anticipating the next threat.
Speaker:
Niloofar Howe
Chief Strategy Officer, RSA
Host:
Mahendra Ramsinghani, Founder, Secure Octane

11:50am

Why High Velocity of Change is the Only Way to Keep Things Secure

Learn how Uber thinks about connected car security.
Speaker:
Moderated By:
Aarti Shahani, Technology Reporter, NPR

12:10pm

Securing One of the World's Most Valuable Companies

At GE, Nasrin is responsible for all aspects of cyber security strategy and operations for GE products and enterprise, including incident response, threat intelligence, security services, architecture, commercial OT security, and regulatory & compliance. In this session, hear what's keeping her up at night.
Speaker:
Nasrin Rezai
Global Chief Information & Product Security Officer, GE

12:30pm

New Startup Company Launch

There are lots of startups launching in the security space but few as promising as Manish Gupta's steapth startup. Be here to learn about this new company firsthand.
Speaker:
Manish Gupta
Co-founder & CEO, Stealth Cybersecurity Company

12:35pm

Securing the Internet of Things in all its Glory

While consumers rejoice in today’s IoT world where every device is connected - from refrigerators to medical devices and cars - for businesses, the “Internet of Things” can quickly turn into the “Internet of Threats.” IoT security has become an issue of high concern at the government level, but what measures can a business take to prevent security breaches at the device level before disaster strikes?
Speakers:
Pritesh Parekh
Chief Security Officer, Zuora

Adam Ely
Vice President and Deputy CISO, Walmart

Kevin Walker
Security CTSO, Engineering, Juniper
Moderated By:
Stacey Higginbotham, Editor, SKT Labs

12:55pm

Lunch Break

1:55pm

Bring the Fight Back to Your Security Team

A record breaking four billion personal records were stolen by hackers in 2016, with no signs of stopping. While the parade of headlines indicates we’re losing this war, it’s time to turn the tides on attackers and gain control. An equal balance between people, processes and technology is the secret to success, though each category comes with its own set of challenges and intricacies. Learn how the best minds in the industry and government are combatting bad actors through training and recruitment of new talent, using behavior analytics and AI to hunt for emerging threats, and implementing policies and processes that are most impactful. This panel of private industry and FBI cyber veterans has a unique perspective on tackling the evolving threats of today and the future.
Speakers:
Colin Estep
Chief Security Officer, Sift Security

Jason Truppi
Director of Endpoint Detection and Response, Tanium, Inc.

Sameer Bhalotra
CEO, StackRox
Moderated By:
Jesse Goldhammer, Associate Dean, UC Berkeley

2:15pm

Are the Demands on VC-Backed Companies Making Us Less Secure?

"The breakneck pace of modern technology development coupled with the pressures of big-time venture capital often forces companies to ship first and ask questions later. That can be problematic. Is the current state of cybersecurity the fault of the broader technology industry?"
Speaker:
Bob Lord
CISO, Yahoo
Moderated By:
Seth Rosenblatt, Editor, The Parallax

2:35pm

Hacking the Wetware: How One Noob Compromised a Cybersecurity Company with Social Engineering

Social Engineering (SE) is one of the most severe threats to security and privacy because anyone can do it - even a noob. This talk outlines real-world SE examples, and seemingly innocuous information that could compromise a company. Learn the methods SEs use to mine data and exploit behavior to own targets, and how women are uniquely skilled as SEs - from a 2016 DEFCON SE Capture the Flag winner.
Speaker:
Rachel Tobac
Social Engineering Capture the Flag (SECTF) 2nd Place Winner, DEF CON 24

2:45pm

How Virtualization Could Transform Security

Can virtualization technology help companies get a better return on their security investment by closing the architectural gap between application data and infrastructure? VMware thinks security should be something that's built into your development process, rather than bolted on later.
Speaker:
Tom Corn
SVP, Security Products, VMware

3:05pm

Widespread Targeted Attacks: the Dawn of a New Era

In the world of information security, the attackers’ advantage is getting ever-stronger. Companies and other organizations have growing attack surfaces (driven largely by device proliferation, including the internet of things, mobility, automation and artificial intelligence, and infrastructure as a service), while the barriers to entry to creating and deploying sophisticated cyber weapons continue to fall.
Speaker:
Nathaniel Fick
CEO, Endgame
Moderated By:
Hannah Kuchler, San Francisco Correspondent, Financial Times

3:25pm

Security at the Point of the Spear

Rapid change is happening in every sector of the technology industry. The security industry is not the exception to the rule, it is the poster child for the rule. In the enterprises of today and tomorrow, security professionals have to secure and audit a mix of hosted servers, BYOD systems and cloud based applications. Many individuals are tasked with securing systems. The details of putting the pieces together as well generating the reports and metrics to effectively monitor and assess security is often lacking. This talk analyzes the evolving strategy and tools that security leaders utilize at various prominent Silicon Valley/Bay Area companies to orchestrate as well as automate their security solutions.
Speaker:
Jimmy Sanders
Information Security, Netflix DVD

3:45pm

Bugs In The Cloud: Why Finding Security Holes In Cloud Applications Is Everyone's Job

Software bugs that compromise security are probably inevitable (for now), so finding them quickly and understanding how to plug the hole has never been more important in a fast-moving world. This is especially true for cloud-based applications, as veteran CEO Marten Mickos knows so well.
Speaker:
Marten Mickos
CEO, HackerOne

4:05pm

Closing Remarks

Host:
Diana Kelley, Chief Security Advisor, SecurityCurve

4:10pm

Networking Reception

Wednesday, September 27


8:30am

Registration and Breakfast

8:55am

Opening Remarks

Host:
Diana Kelley, Chief Security Advisor, SecurityCurve

9:00am

Help Wanted: The Coming Security Skills Gap

There is a scary shortage of qualified information security professionals - a 1 million-person gap in jobs available to cybersecurity experts and the people available to fill them, according to Structure Security adviser Jay Leek of Blackstone. How will CISOs plan for this shortage?
Speaker:
Patrick Heim
Operating Partner & CISO, ClearSky
Moderated By:
Sean Martin, Editor-in-Chief, ITSPmagazine

9:20am

Security, Trust, and Privacy for Google Cloud

Speaker:
Suzanne Frey
Director, Trust (Security, Privacy, Compliance), Google

9:40am

Automating Application Security

Speakers:
Mike Kail
Chief Technology Officer, Cybric

Caroline Wong
Vice President of Security Strategy, Cobalt

10:00am

Corelight: Enterprise grade solutions from the creators of Bro

Corelight co-founder Vern Paxson created Bro in 1995 to monitor large academic networks. For over 20 years it’s been used by the intelligence community, the defense department, nuclear weapons labs, and research universities but has gone largely undiscovered by enterprises. Until now. Learn how Corelight can bring rich and actionable network data to your security team to help understand and prevent cyber attacks.
Speaker:
Vincent Stoffer
Director of Customer Solutions, Corelight

10:10am

Security across AT&Ts massive networks

Learn how Melissa Arnoldi is defining and executing on AT&Ts technology development strategy goals of delivering projects faster, re-architecting apps to platforms, and imbedding security and resiliency into software platforms infrastructure and operations.
Speaker:
Melissa Arnoldi
Senior Executive Vice President, AT&T Technology and Operations, AT&T
Moderated By:
Stacey Higginbotham, Editor, SKT Labs

10:30am

Morning Networking Break

10:45am

Enabling Threat Hunting

Modern security teams must bring together the people, process and technology to enable Threat Hunting. Detect and Alert strategies need to be revamped to shift from reactive forms of incident response to proactive threat hunting. Join Carbon Black as you learn how to enable your hunt.
Speaker:
Rick McElroy
Security Strategist, Carbon Black

11:30am

Opacity to Clarity: Driving Security Across Your Third Party Ecosystem

Digitization is invading all aspects of business, government and daily living. Now more than ever, security must be addressed pervasively--we must know who is touching, viewing or altering our digital devices and information.
Speaker:
Edna Conway
Chief Security Officer, Global Value Chain, Cisco

11:50am

Funding The Future Of Security Innovation

In this session, a panel of venture capitalists will discuss which areas of security are ripe for new thinking from scrappy startups, and the opportunities that smart founders are chasing right now.
Speakers:
Asheem Chandna
Partner, Greylock Partners

Charles Beeler
General Partner, Rally Ventures

Alex Doll
Founder and Managing Member, Ten Eleven Venture

Yoav Andrew Leitersdorf
Managing Partner, YL Ventures
Moderated By:
AJ Dellinger, Technology Reporter, International Business Times/Newsweek

12:10

Why AI has a leg up on IoT security

The stronger the systems of defense become, the harder nefarious attackers work to find a way into a system. In this continuous race to stay ahead of attacks and protect connected devices a full system approach to security is needed. Unlike IoT where security holes are everywhere, with the AI boom on the near horizon it is an opportunity to prevent rather than respond to threats. We will discuss trade offs on integrating security from the earliest building blocks in a device through the hardware, connectivity and to the cloud.
Speaker:
Marc Canel
VP, Security Systems and Strategy, ARM
Moderated By:
Stacey Higginbotham, Editor, SKT Labs

12:30pm

The Evolution of the CISO

Learn why today's CISOs are increasingly adopting a risk-based approach to security.
Speaker:
David Mahon
VP & Chief Security Officer, CenturyLink, Inc.
Moderated By:
Jonathan Vanian, Writer, Fortune

12:50pm

Lunch Break

2:00pm

Steps Government Officials Must Take to Protect Their Agencies

This talk will focus on securing the government cloud, and steps government officials must take to protect their agencies. What many government network defenders have forgotten is that security in a cloud environment is a shared responsibility. The cloud provider secures the internet and physical infrastructure, but the cloud customer is responsible for protecting its own data. FedRAMP and third-party certifications assure that the cloud provider is doing its part, but it’s up to customers to ensure they're working to prevent, detect and respond to cyber adversaries during the attack lifecycle.
Speaker:
John Davis
Federal CSO, Palo Alto Networks
Moderated By:
Sean Martin, Editor-in-Chief, ITSPmagazine

2:20pm

Breach and Attack Simulation- Making Threat Actors Work For You

Speakers:
Ayal Yogev
VP Product Management, SafeBreach

Glen Jones
Senior Director, Visa Risk Products, Visa

2:40pm

The Problem in Enterprise Security

The problem in enterprise security is not about building more and better mousetraps. The delivery model is fundamentally challenged. How security is trialed, purchased, distributed, managed, and updated is ineffective in today’s threat environment involving millions of data points, and far too burdensome on security teams.
Speaker:
Scott Chasin
CEO and Co-Founder, ProtectWise
Moderated By:
AJ Dellinger, Technology Reporter, International Business Times/Newsweek

3:00pm

Building a Successful Agile InfoSec Program for Today’s Digital Business

Three time veteran CISO Demetrios Lazarikos (Laz) will present InfoSec strategies that are working with organizations interested in growing their programs to support Continuous Integration and Agile environments while protecting the company brand and adopting emerging technologies. Laz’ experience in these areas have been recognized globally by his peers and industry analysts. During this session, Laz will share successful strategies with you providing real world case studies and approaches that are embraced by practitioners and regulators. Laz will also share materials and data that work in creating meaningful dashboards and metrics to use for reporting to the board of directors, executive staff, and engineering teams.
Speaker:
Demetrios "Laz" Lazarikos
Founder and CEO, Blue Lava
Moderated By:
Sean Martin, Editor-in-Chief, ITSPmagazine

3:20pm

Is AI/Machine Learning Eating Cyber Security?

Machine learning has percolated into the cyber security industry in recent times. In this session we discuss why this is occurring in cyber and explore ideas, opportunities and challenges.
Speaker:
Rahul Kashyap
SVP, Chief Product Officer, Cylance

3:40pm

Taking Care of Business: How to focus on the foundations of cyber without losing traction in emerging technologies

Speaker:
Diana Kelley
Chief Security Advisor, SecurityCurve

3:55pm

Closing Remarks

Host:
Diana Kelley, Chief Security Advisor, SecurityCurve