CISO Public Sector Summit | February 21, 2019 | Convene - 1201 Wilson Blvd - Arlington, VA, USA
↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
8:00 am - 8:45 am
8:35 am - 8:45 am
Presented by:
Stan Kizior, FORMER COO - Department of IT, State of Maryland
Aaron Rinehart, Former Chief Enterprise Security Architect, UnitedHealth Group
8:45 am - 9:15 am
With the role of the CIO expanding, CIOs are being pushed to increase digital business by using IT in ways that deliver cost saving methods and increased levels of productivity as well as new opportunities. However, many believe that current methods for these opportunities have reached their end. As a result, it is time to reconfigure these methods in new, unique ways.
Takeaways:
Presented by:
Francisco Salguero, CIO, USDA
9:20 am - 10:00 am
Change is inevitable, and one is desperately needed in the complex world of Cyber and the CISO's role in an organization. By exploring a ?whole-istic? Integrative Medicine approach to Cyber, organizations can benefit from looking at Cyber with a new change in perspective vs the same old techniques. A Whole360 approach to Cyber entails diving into the ?mind-body-energy? connections as they pertain to the business and Cyber worlds. The Science of Diversity, Implicit Bias, Women in Cyber, and the Psychology behind the Security all fit together as pieces of the puzzle that need to be brought to light and explored.
Takeaways:
Presented by:
Jothi Dugar, Chief Information Security Officer, National Institute of Health
10:05 am - 10:30 am
Augmented Analytics focus on specific areas of augmented intelligence, using machine learning to enhance how data and analytics are presented and shared. As the capabilities of this technology advance rapidly, it is pivotal to understand these advancements.
Takeaways:
Presented by:
Ken Hartling, Chief Digital Operations & Business Services, Barrick Gold Corporation
10:30 am - 10:40 am
10:45 am - 11:10 am
Knowing is half the battle when it comes to protecting applications and their sensitive data.
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection (RASP) changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre-production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc.
Chris Prevost, Vice President, Solutions, Prevoty, Inc.
11:15 am - 11:40 am
Due to market shifts, the need for collaboration between professional data scientists and application developers is no longer necessary. Today, professional developers can operate alone using predefined models to deliver the top, AI-enhanced solutions. These models allow for developers to utilize tools tailored to integrating AI capabilities into your organization's solution.
Takeaways:
Presented by:
Dean Lane, Senior Vice President Cyber Intelligence, Institute of World Politics
11:45 am - 12:10 pm
In this session, we will explore one of the of the key-capabilities of software-defined networking: a relentless focus on a solution's quality-of-experience and how that drives value to the modern enterprise network and those who manage it day-to-day. Through discussion and demonstration, you will see how Silver Peak and zScaler can simplify a traditionally complex network integration process through a centrally-orchestrated solution that dramatically saves on the hidden operational costs of network operations.
Sponsored by:
Silver Peak Systems
Brian Kovatch, Director of Enterprise Sales, Silver Peak Systems
Ken Nodland, Regional Sales Manager, Silver Peak Systems
12:15 pm - 12:40 pm
Sponsored by:
Insight Cloud + Data Center Transformation
Kim Knickle, Senior Architect, Digital Innovation Services, Insight Cloud + Data Center Transformation
12:40 pm - 1:50 pm
A CIO's role, goals and objectives have drastically changed over the years as most CIOs supervise teams and units beyond their IT department. Because of these changes in responsibilities, a CIO's success is measured in greater business metrics. As a result, the role of a CIO has become both more attractive and more demanding.
Moderated by:
Stan Kizior, FORMER COO - Department of IT, State of Maryland
Aaron Rinehart, Former Chief Enterprise Security Architect, UnitedHealth Group
Panelists:
Marvin Onyemaechi, CIO, The George Washington University Hospital
Don Spicer, Associate Vice Chancellor & Chief Information Officer, University System of Maryland
Jothi Dugar, Chief Information Security Officer, National Institute of Health
1:55 pm - 2:20 pm
Analysts claim that 50% of today's public cloud data and workloads will migrate to private clouds in the next two years. But, don't worry about the public cloud behemoths because their average CAGR continues above 20%. However, the result is that cloud data is spreading across multiclouds and increasingly migrating to private clouds that offers the Enterprise more control. This acceleration in lift and shift of workloads creates data security and compliance risks as well as management complexities. In this discussion, we'll share trends and best practices for enabling data portability without compromising security, compliance, and operational efficiencies.
Take Aways:
Sponsored by:
Thales eSecurity, Inc.
Nick Jovanovic, VP of Federal, Thales eSecurity, Inc.
2:25 pm - 2:50 pm
Cloud enables a financial organization to achieve better business agility, speed to the market, long?term cost saving, and great security and compliance at a scale and speed that cannot be matched by a traditional on?premise data center. To achieve the most benefits, the organization may want to use services from multiple clouds with different service models (e.g., SaaS - O365, PaaS - Azure, and IaaS - AWS), and deployment models (e.g., public, private, community). The security risks must be addressed systemically and comprehensively to maintain confidence in the cloud system and trust in the financial institution. The defense needs to be built?in from the beginning rather than bolted?on later. Once builtin, the security controls can be inherited or leveraged by business applications and data deployed in the cloud?hybrid data center, increasing speed to the market and better system security and compliance. This session introduces a Cloud Security Architecture (CSA) Capability framework that enables an organization to build the state?of?art defenses into a cloud?hybrid data center, and allows the organization to safely deploy high?risk workloads and process regulated and sensitive data in multiple clouds with a built?in compliance to multiple regulatory mandates and industry standards, such as FFIEC, GLBA, SOX, FISMA, PCI, and NIST 800?53. The framework also allows the organization to rationalize its security tools and cloud security services to clarify & simplify tools portfolio, identify saving potential, improve cost efficiency, and reduce security risks.
Takeaways:
Presented by:
Lian Jin, Chief Security Architect, MUFG Union Bank, N.A.
2:55 pm - 3:20 pm
The way we work has changed. Many of us no longer work in factories, we do not work 9-5 jobs. Our legacy phone systems and contact center solutions are not meeting the challenges for the future of work. We have a mobile workforce, our clients are highly digital and also mobile. There is no tolerance for gaps in communication, no tolerance for downtime, no excuse for missing that tweet and catching that sentiment. RingCentral Unified Communication As A Service and Contact Center as a Service are removing friction and enabling the ?flow? in your teams. It is not about replacing the traditional phone system with one in the cloud but rather removing risks of outages and using machine learning and AI to sidekick your teams to improve training, communication and get to the right answers that serve our clients and customers.
Naveed Husain, VP of the Office of the CIO takes you on a journey on how RingCentral will remove these barriers.
Presented by:
Naveed Husain, Vice President Office of the CIO, RingCentral
RingCentral
3:20 pm - 3:30 pm
3:35 pm - 4:00 pm
Presented by:
Charles Sun, Technology Co-Chair of the Federal IPv6 Task Force, U.S. Federal Government
4:05 pm - 4:30 pm
Mobility has changed everything. Customers expect to engage and consume where and how they want. This power shift from company to customer has put increased pressure on on businesses to change. However, mobility can also be the beacon that drives a company's digital transformation due to its universality in experience and understanding.
Takeaways:
1. Mobility is changing both how employees and customers think about and interact with a company.
2. Mobility can also be the overarching driver that enables a CIO to rally an organization to the next step on the digital transformation journey.
4:35 pm - 5:00 pm
Internet 1.0 servers and endpoints were static. Internet 2.0 servers were static and endpoints were mobile. In the Internet 3.0 world, servers utilizing cloud, containers and "server-less" apps and endpoints (mobile devices, tablets, IoT, etc.) are highly mobile. The traditional perimeter-based security architecture used in various sectors (.edu, .gov, .com, .org, etc.) has basically failed to protect internal assets. New technologies such as IoT and mobile devices will force a new approach to network security architecture. Zero-trust networks (ZTNs) assume that the network is hostile, attackers are already inside the net, and segmentation is not sufficient for determining trust among other characteristics.
Takeaways:
Presented by:
Randy Marchany, CISO, Virginia Tech
5:00 pm - 5:15 pm
Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs where common issues can be addressed and success stories can be shared.
Takeaways:
Presented by:
Stan Kizior, FORMER COO - Department of IT, State of Maryland
Aaron Rinehart, Former Chief Enterprise Security Architect, UnitedHealth Group
5:15 pm - 6:30 pm