Day 2: Monday March, 12th

7:30 AM - 8:15 AM Breakfast

8:15 AM - 9:00 AM Opening Panel: Evolving Role and Reporting Structure of the CISO

Cyber security is just one responsibility of the CISO, with high profile data breaches in the new regulatory era, communication with the board and the rest of the C-suite is paramount. CISOs must shape the message and methods to address unique organizational dynamics. Explore how the CISO must be part technical guru along with psychologist and business leader. The CISO must know the technology enough to protect the organization’s critical operations and data. The CISO must be able to justify security expenditures in business terms. The psychology helps with navigating motivations and priorities of the rest of the executive team. Changing regulations are also affecting the CISO’s reporting structure and the dynamics of the role

Join this session to learn how to:

•Engage, manage and meet board and C-Suite expectations

•Exploring how the CISO reporting structure has changed
with regulations

•Blending business, psychology and technology

9:05 AM - 9:35 AM Business Meetings

9:35 AM - 10:05 AM Business Meetings

10:05 AM - 10:20 AM Networking Break


10:20 AM - 11:05 AM Defending Against DDos- Common Attacks and Best Mitigation Strategies

Distributed Denial of Services attacks continue to grow in numbers, complexity and frequency. Although DDoS attacks are just one part of the advanced threat landscape potentially endangering the enterprise including malware.
The attacks are far more dangerous than simple network and application attacks and are frequently used to cover unauthorized data exfiltration or other nefarious activities.

Join this discussion:

•Analyzing the use of DDos to disrupt and harm critical infrastructure

•Considering tactical and strategic initiatives to defeat adversaries

•Implementing corporate security priorities and external compliance and regulatory mandates

Master Class

10:20 AM - 11:05 AM Strengthening Common Vulnerabilities for Application Security

Gain insights from real world examples of effective application security strategies. Discuss approaches to finding the right tools. Change the conversation with application developers; how does it affect the enterprise from day-to-day. Shift from competing to complimentary priorities and strategies. View personal and corporate perspectives of application security with the proliferation of mobile devices in use in the work place. Discuss best practices for implementing application security programs, which provide return on investment.

In this session:

•Baselining common processes and architectures to secure

•Matching metrics to a progression of application security capabilities

•Creating, implementing and scaling application security programs

11:05 AM - 12:05 PM Case Study: Integration of the Electronic Storage Detection K-9

This session will introduce attendees to the newest concept in K-9 training that has a technology component to it within the cyber crime fight. It will provide an overview of the Electronic Storage Detection (ESD) K-9 program as well as discuss both the law enforcement and civilian applications in today’s evolving physical and cyber security world.
Following the investigation and subsequent arrest of Subway pitchman Jared Fogle, with the assistance of a black lab named “Bear”, Ian reached out to the trainer and initiated a plan to purchase Bear and bring him back to Seattle.

Since September of 2015 Ian and Bear have continued to support the Internet Crimes Against Children Task Force, where they focus on assisting investigators in the recovery of digital evidence that might otherwise have gone undetected, but for the power of the nose!

12:10 PM - 1:10 PM Networking Lunch

Roundtable Discussions

1:10 PM - 2:15 PM Navigating Cyber Security Legislation and Regulation

Roundtable Discussions

1:10 PM - 2:15 PM Strengthening Data Center Security in Face of Breaches

Roundtable Discussions

1:10 PM - 2:15 PM Utilizing Artificial Intelligence in Incident Response

2:15 PM - 2:45 PM Business Meetings

2:45 PM - 3:15 PM Business Meetings


3:20 PM - 4:05 PM Safeguarding Privileged Access- Insider Threats

Traditional corporate security focuses on strengthening the external perimeter. But recent cyber breaches have shown a shift to attacks from within the enterprise’s corporate network using privileged accounts. Once cyber criminals gain access, they have the ability to elevate privileges and move about the network undetected. Understanding this approach to compromise systems is essential to developing ways to mitigate the risk.

In this session, we’ll

• Review a case study demonstrating abuse of privileged credentials

•Illustrate how privilege is used in these attacks

•Discuss effective mitigation and prevention strategies


3:20 PM - 4:05 PM Utilizing Big Data and Predictive Analytics to Navigate Risk

Enterprise risk assessment and modelling using predictive analytics is a major tool for insurance, financial services and government. The availability of big data and the tools used to process data from multiple sources has led to a more comprehensive understanding of customers’ risk for actions ranging from defaulting on debt to suffering a major security incident. Using these tools and techniques to their fullest capacity will save enterprises money and time in the long run by avoiding less-desirable outcomes.

4:05 PM - 4:20 PM Networking Break

4:20 PM - 4:50 PM Business Meetings

4:50 PM - 5:20 PM Business Meetings

5:15 PM - 6:00 PM Workshop on Integrating Artificial Intelligence into Security

While the idea of artificial intelligence may create images of robots leading the security team. AI now can help with identifying cyber security threats more rapidly with greater visibility. The new cyber threat landscape often goes beyond taking data and includes deliberate disruptions and attacks to the integrity of the data. Securing in an Internet of Things environment means a much wider attack surface with extra security challenges.

In this session examine:

•Eliminating time consuming and repetitive tasks

•Using machine learning to model user, device and network behaviors

•Expanding beyond rules and signatures to mitigate evolving attacks

6:00 PM - 6:00 PM Networking Reception