Mike is the CEO of Tomorrow, a global consultancy on designing companies for the 21st century. He advises leaders on how to thrive in the current era of disruptive technological change. Mike’s bestselling books include Futuretainment and The Dictionary of Dangerous Ideas. Each week he interviews provocative thinkers, innovators and troublemakers on his weekly podcast, ‘Between Worlds’. A true nomad, Mike travels over 300 days a year worldwide, researching trends, collecting innovation case studies and presenting on the future of business.
Are you ready to survive and thrive in an age of AI, automation, and algorithms? Do you know how disruption affects cybersecurity and privacy? Mike will explore these topics and challenge us to adopt new approaches.
Todd Fitzgerald has built and led information security programs for 20 years. He was named 2016–17 Chicago CISO of the Year, ranked a Top 50 Information Security Executive, has authored three books – Information Security Governance Simplified: From the Boardroom to the Keyboard, CISO Leadership: Essential Principles for Success, and E-C Council Certified Chief Information Security Officer Body of Knowledge – and has contributed to a dozen others. He has held senior leadership positions at Northern Trust, Grant Thornton International, Ltd., ManpowerGroup, WellPoint (now Anthem) Blue Cross Blue Shield National Government Services, Zeneca/Syngenta, IMS Health and American Airlines. He earned a BS from the University of Wisconsin–La Crosse and an MBA with highest honors from Oklahoma State University.
We have entered into a new era where understanding privacy is no longer just the domain of the Data Privacy Officer. CISOs, information/cybersecurity leaders, and security professionals alike must understand ‘the language of privacy’ to adequately protect the information assets. Recent events such as social media platform privacy concerns, government officials seeking access to information on our devices, and General Data Protection Regulation (GDPR) impact have accelerated the need to ask the tough questions. This session will equip the security professional an understanding of what this ‘privacy stuff’ is all about.
Lawrence Dietz is an attorney, information security professional, retired Colonel (US Army) and instructor for American Military University. As such he has addressed privacy, crime and national security from multiple vantage points. Dietz counsels private firms and is a long standing consultant to the Defense Information School. A sought-after speaker Dietz is a regular at RSA where his April 2018 presentation was “The GDPR is only for the EU – right?” He is a member of the Bar of the US Supreme Court, California and the District of Columbia and pro bono part time judge in Small Claims Court. COL Dietz has been an instructor at American Military University since 2009 where he teaches intelligence and cyber courses.
The EU’s GDPR and other privacy and breach laws around the world are fueling the conflict between privacy, crime and national security. The use of Social Media by ISIS as a recruiting tool and allegedly by Russia to influence the US Presidential election have brought this conflict to a head. On the one hand governments have a duty to protect their citizens and on the other they must insure national security through intelligence collection and law enforcement. Historically these three areas are thought of as independent universes. In this session you'll learn how they are actually all connected.
Chris is a globally recognized cybersecurity expert, thought leader, entrepreneur, investor, and board advisor. He is a strategic business and technology executive who has led teams to success at both start-ups with successful exits and large global companies, including the 3rd largest global bank. At Binary Sun Cyber Risk Advisors he advises Boards, C-Suite, and investors on cybersecurity, risk, law, and privacy.
Dr. Pierson serves as a Special Government Employee on the Department of Homeland Security Data Privacy & Integrity Advisory Committee (Policy Chair) and Cybersecurity Subcommittee, is a Distinguished Fellow of the Ponemon Institute, Board Advisor, and angel investor in tech startups. He is regularly quoted in leading cybersecurity publications.
Everywhere we go, cameras and facial scanning technologies are being implemented. Now it is on our phones. Chris will discuss the benefits and concerns of facial scanning software from a security and privacy perspective. In this session, you will learn where the technology is, the privacy concerns and impacts, security enhancements, and how to mitigate concerns of continuing use of this data for other purposes.
Chester has been involved in the information security space since the late 1980s, and is currently a Principal Research Scientist in the Office of the CTO at Sophos. He divides his time between research, public speaking, writing and attempting to communicate the complexities of security to the press and public in a way they can understand.
Chester has spoken at RSA, InfoSec Europe, LISA, USENIX, Virus Bulletin and many Security BSides events around the world in addition to regularly consulting with NPR, CNN, CBC, The New York Times and other media outlets.
We often hear that malware attacks are characteristic of country Y and nation-state X. Some companies even restrict connections to and from certain countries. Does this work? Chester used the data from SophosLabs to look at where the threats are coming from and whether location matters. This talk will present his findings along with advice on how threat location data can aid security policies.
Don Anderson is the Senior Vice President and Chief Information Officer (CIO) at the Federal Reserve Bank of Boston. In this capacity, he is responsible for the Federal Reserve System’s Internet Cyber and Network Security services and Financial Management Technology services, the Bank’s IT functions, Real Estate Services, and Law Enforcement units. Don is currently a member of the Bank’s Executive Committee and represents the Bank on the System’s CIO committee. In 2017, Don was awarded the Boston CIO of the Year ORBiE award by the Boston CIO Leadership Association. He is a frequent speaker on Cybersecurity, Financial Technology and Digital Transformation.
The amount of data and intelligence being collected on users, customers, and even employees is growing at a substantial rate and quickly becoming an organization's crown jewels that now must be protected. This session will discuss how this increasing collection of data can be used to improve cyber security outcomes, while still respecting an individual’s privacy.
Summer is the Technical Director of Cybersecurity Risk & Resilience in the CERT at Carnegie Mellon University, where she is responsible for a research and development portfolio focused on improving the security and resilience of the Nation’s critical infrastructure and assets. She has 18 years of experience in software engineering, cybersecurity, and technical management. Summer currently teaches two graduate level courses on Information Technology Project Management and Cybersecurity Policy at the CMU Heinz School. She is also the Technical Sponsor of the CISO Executive Certificate Program, the lead for Cyburgh, PA and a Cybersecurity Fellow for the Center for Strategic and International Studies.
Countless executives have noted that measurement is a key for improvement and progress. However, measuring cybersecurity is a challenging and often frustrating experience for all levels of an organization. During this session, you will learn about and walk through an exercise that teaches participants where to start and how to derive cybersecurity measures that drive decision-making. “Measuring what matters” is important to ensure that limited resources are focused on collecting, analyzing, and reporting on data that leads to business success. The exercise will walk through a 7-step process suitable for the needs of organizations of all sectors and sizes.
Phil Bickford is a 25-year accomplished technologist thought leader in software engineering, IoT, mobile, enterprise SaaS API platforms, and digital design UX architecture, working at industry leaders like Microsoft, AT&T, and DHS|FEMA. He has released over 250 launch cycles emphasizing security, privacy, and CPNI protections. His contagious problem-solving enthusiasm continues currently as MediaPRO's Senior Technical Product Manager, leading their new cybersecurity and privacy awareness content delivery platform, LearningLAB. His vision is vigilantly driving next-generation client-centric features, functions, and UX designs into iterative cybersecurity awareness campaigns, while enriching data-driven results and targeting precision learning opportunity decisions.
Offline, Phil continues his technical leadership by designing computer-vision, AI, and IoT solutions for his local Emergency Response Community as their Chief FAA Commercial UAV/UAS (Drone) Emergency Response Pilot. He is currently developing the first DHS|FEMA Community Emergency Response Team (CERT) Drone training and certification program in the country. He personifies “pressure under fire and leadership by design”.
Security isn’t just a technical problem. It’s also a people problem. This means you’ve got to arm your people with the right level of security know-how to detect and prevent data loss. Enter the comprehensive security awareness program.
So here’s the situation: Your organization decides that it’s finally time to get serious about security awareness.
As the CISO of your company, you’re called in to present a plan to the management team about how you’ll get the job done. Starting today, the clock is ticking! So where do you start? We know how daunting it is to start a comprehensive security awareness program from scratch.
This talk brings best practice recommendations in developing, deploying, and maintaining a year-long security awareness program, and offers exclusive insight into awareness initiatives at the world’s most risk-aware organizations.