EVENT
CISO Public Sector Summit | February 21, 2019 | Convene - 1201 Wilson Blvd - Arlington, VA, USA
agenda
Download Agenda (PDF)↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session 
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
Thursday, February 21, 2019 - CISO Public Sector Summit
8:00 am - 8:45 am
Registration & Networking Breakfast
8:35 am - 8:45 am
Welcome Address & Opening Remarks 
Presented by:
Stan Kizior, FORMER COO - Department of IT, State of Maryland 
Aaron Rinehart, Former Chief Enterprise Security Architect, UnitedHealth Group
8:45 am - 9:15 am
Keynote Presentation
Bringing Down the Barriers
With the role of the CIO expanding, CIOs are being pushed to increase digital business by using IT in ways that deliver cost saving methods and increased levels of productivity as well as new opportunities. However, many believe that current methods for these opportunities have reached their end. As a result, it is time to reconfigure these methods in new, unique ways.
Takeaways:
- Latest strategies or methods to increase digital business
- How to confront resiliency or resistance to new digital initiatives
- The different types of behavioral patterns or mindsets to confront
Presented by:
Francisco Salguero, CIO, USDA
9:20 am - 10:00 am
Keynote Presentation
Operation Cyber Wellness - The Wholistic Approach to Security & Beyond?
Change is inevitable, and one is desperately needed in the complex world of Cyber and the CISO's role in an organization. By exploring a ?whole-istic? Integrative Medicine approach to Cyber, organizations can benefit from looking at Cyber with a new change in perspective vs the same old techniques. A Whole360 approach to Cyber entails diving into the ?mind-body-energy? connections as they pertain to the business and Cyber worlds. The Science of Diversity, Implicit Bias, Women in Cyber, and the Psychology behind the Security all fit together as pieces of the puzzle that need to be brought to light and explored.
Takeaways:
- The Holistic Integrative Medicine (H.I.M) Approach to Cyber
- Exploring the Science of Diversity & Implicit Bias in Cyber
- The art of women in the Cyber Workforce
- Exploring how Pieces of the puzzle all fit together (Diversity, Women, Psychology, Cybersecurity, Healthcare)
Presented by:
Jothi Dugar, Chief Information Security Officer, National Institute of Health
10:05 am - 10:30 am
Executive Exchange
Think Tank
How Augmented Analytics Will Help Your Organization
Augmented Analytics focus on specific areas of augmented intelligence, using machine learning to enhance how data and analytics are presented and shared. As the capabilities of this technology advance rapidly, it is pivotal to understand these advancements.
Takeaways:
- Learn more about Augmented Analytics' role as a key feature of data preparation and management, process management, process mining and data science platforms.
- How to optimize the decisions and actions of all entire team, not just those of analysts and data scientists
- Using Augmented Analytics to automate the process of data preparation, insight generation and insight visualization
Presented by:
Ken Hartling, Chief Digital Operations & Business Services, Barrick Gold Corporation
10:30 am - 10:40 am
Morning Networking Coffee Break
10:45 am - 11:10 am
Executive Exchange
Thought Leadership
Say Goodbye to Vulnerability Backlogs: Using RASP to Reclaim Control and Reduce Risk
Knowing is half the battle when it comes to protecting applications and their sensitive data.
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection (RASP) changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre-production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc.
Chris Prevost, Vice President, Solutions, Prevoty, Inc.
11:15 am - 11:40 am
Executive Exchange
Think Tank
AI-Driven Development
Due to market shifts, the need for collaboration between professional data scientists and application developers is no longer necessary. Today, professional developers can operate alone using predefined models to deliver the top, AI-enhanced solutions. These models allow for developers to utilize tools tailored to integrating AI capabilities into your organization's solution.
Takeaways:
- Learn more about how to utilize predefined AI integration models
- Learn how to apply AI to various data sciences, application development and testing functions
- Understand the potential benefit of self-governing programs over large data sets
Presented by:
Dean Lane, Senior Vice President Cyber Intelligence, Institute of World Politics
11:45 am - 12:10 pm
Executive Exchange
Thought Leadership
Transforming Your WAN Edge thru SD-WAN & Cloud Security
In this session, we will explore one of the of the key-capabilities of software-defined networking: a relentless focus on a solution's quality-of-experience and how that drives value to the modern enterprise network and those who manage it day-to-day. Through discussion and demonstration, you will see how Silver Peak and zScaler can simplify a traditionally complex network integration process through a centrally-orchestrated solution that dramatically saves on the hidden operational costs of network operations.
Sponsored by:
Silver Peak Systems
Brian Kovatch, Director of Enterprise Sales, Silver Peak Systems
Ken Nodland, Regional Sales Manager, Silver Peak Systems
12:15 pm - 12:40 pm
Executive Exchange
Innovation Partner Showcase
Sponsored by:
Insight Cloud + Data Center Transformation
Kim Knickle, Senior Architect, Digital Innovation Services, Insight Cloud + Data Center Transformation
12:40 pm - 1:50 pm
Working Lunch & Panel
The Revitalizing Change in the Role of the CIO
A CIO's role, goals and objectives have drastically changed over the years as most CIOs supervise teams and units beyond their IT department. Because of these changes in responsibilities, a CIO's success is measured in greater business metrics. As a result, the role of a CIO has become both more attractive and more demanding.
- What are the significant changes regarding the role of the CIO?
- How to keep up with the changing requirements
- How to properly measure a CIO's success
Moderated by:
Stan Kizior, FORMER COO - Department of IT, State of Maryland
Aaron Rinehart, Former Chief Enterprise Security Architect, UnitedHealth Group
Panelists:
Marvin Onyemaechi, CIO, The George Washington University Hospital
Don Spicer, Associate Vice Chancellor & Chief Information Officer, University System of Maryland
Jothi Dugar, Chief Information Security Officer, National Institute of Health
1:55 pm - 2:20 pm
Executive Exchange
Executive Boardroom 
Scaling Multicloud and Hybrid Cloud Usage without Sacrificing Data Security and Compliance
Analysts claim that 50% of today's public cloud data and workloads will migrate to private clouds in the next two years. But, don't worry about the public cloud behemoths because their average CAGR continues above 20%. However, the result is that cloud data is spreading across multiclouds and increasingly migrating to private clouds that offers the Enterprise more control. This acceleration in lift and shift of workloads creates data security and compliance risks as well as management complexities. In this discussion, we'll share trends and best practices for enabling data portability without compromising security, compliance, and operational efficiencies.
Take Aways:
- Sharing trends seen by analysts and your peers on multicloud adoption and challenges
- Discussion of best practices for leveraging native cloud data security services effectively to maintain compliance and control
- Methodology for efficiently applying data security techniques that allow for secure lift and shift between public and private clouds
Sponsored by:
Thales eSecurity, Inc.
Nick Jovanovic, VP of Federal, Thales eSecurity, Inc.
2:25 pm - 2:50 pm
Executive Exchange
Think Tank
Cloud Security Architecture (CSA) Framework to Create a Built-in Security for a Multi-Cloud Data Center
Cloud enables a financial organization to achieve better business agility, speed to the market, long?term cost saving, and great security and compliance at a scale and speed that cannot be matched by a traditional on?premise data center. To achieve the most benefits, the organization may want to use services from multiple clouds with different service models (e.g., SaaS - O365, PaaS - Azure, and IaaS - AWS), and deployment models (e.g., public, private, community). The security risks must be addressed systemically and comprehensively to maintain confidence in the cloud system and trust in the financial institution. The defense needs to be built?in from the beginning rather than bolted?on later. Once builtin, the security controls can be inherited or leveraged by business applications and data deployed in the cloud?hybrid data center, increasing speed to the market and better system security and compliance. This session introduces a Cloud Security Architecture (CSA) Capability framework that enables an organization to build the state?of?art defenses into a cloud?hybrid data center, and allows the organization to safely deploy high?risk workloads and process regulated and sensitive data in multiple clouds with a built?in compliance to multiple regulatory mandates and industry standards, such as FFIEC, GLBA, SOX, FISMA, PCI, and NIST 800?53. The framework also allows the organization to rationalize its security tools and cloud security services to clarify & simplify tools portfolio, identify saving potential, improve cost efficiency, and reduce security risks.
Takeaways:
- The CSA Capability framework can help an organization to achieve better business agility, longterm cost saving, and great security by building security into a cloud?hybrid data center
- The framework can handle top cloud security risks and security requirements from multiple regulatory mandates and the organization's control objectives & controls
- It can clarify & simplify your organization's security tool portfolio, identify saving potential, improve cost efficiency, and reduce security risks.
Presented by:
Lian Jin, Chief Security Architect, MUFG Union Bank, N.A.
2:55 pm - 3:20 pm
Executive Exchange
Thought Leadership
The Future of Work
The way we work has changed. Many of us no longer work in factories, we do not work 9-5 jobs. Our legacy phone systems and contact center solutions are not meeting the challenges for the future of work. We have a mobile workforce, our clients are highly digital and also mobile. There is no tolerance for gaps in communication, no tolerance for downtime, no excuse for missing that tweet and catching that sentiment. RingCentral Unified Communication As A Service and Contact Center as a Service are removing friction and enabling the ?flow? in your teams. It is not about replacing the traditional phone system with one in the cloud but rather removing risks of outages and using machine learning and AI to sidekick your teams to improve training, communication and get to the right answers that serve our clients and customers.
Naveed Husain, VP of the Office of the CIO takes you on a journey on how RingCentral will remove these barriers.
Presented by:
Naveed Husain, Vice President Office of the CIO, RingCentral
RingCentral
3:20 pm - 3:30 pm
Afternoon Networking Coffee Break
3:35 pm - 4:00 pm
Executive Exchange
Think Tank
IPv6 and the Future of Cybersecurity or IPv6 and the Future of Internet Security in the Era of IoT and Blockchain
In the era of Internet of Things (IoT) and blockchain, it is a daily nightmare encountered by organizations from both public and private sectors, big and small, struggling to react to the aftermath of the constant cybersecurity breaches and ransomware attacks. The situation can only get worse every year if we do not change our strategy dramatically to efficiently secure and effectively defend the global network infrastructure against all enemies in this new cyberwarfare. However, we may still have a fighting chance to win this cyberwar only if we stop using IPv4 and adopt the strategy of supporting only one single stack of IPv6 for the Internet.- IoT and Similar Emerging Technologies Using the Internet Depend on the Successful Global Adoption and Secure Deployment of IPv6
- Adopting IPv6-Only Policy Will Dramatically Reduce the Cyber Security Threats and Attacks
- The Global Deployment of Single Stack of IPv6 Will Immediately Reduce More Than 50% Cyber Attacks
- It Is A Matter of Leadership, Vision, And Competitive Edge in a Global Environment
- IPv6 is the Future of the Internet!
Presented by:
Charles Sun, Technology Co-Chair of the Federal IPv6 Task Force, U.S. Federal Government
4:05 pm - 4:30 pm
Executive Exchange
Thought Leadership
Going Mobile: Mobility as a Driver of Enterprise Transformation
Mobility has changed everything. Customers expect to engage and consume where and how they want. This power shift from company to customer has put increased pressure on on businesses to change. However, mobility can also be the beacon that drives a company's digital transformation due to its universality in experience and understanding.
Takeaways:
1. Mobility is changing both how employees and customers think about and interact with a company.
2. Mobility can also be the overarching driver that enables a CIO to rally an organization to the next step on the digital transformation journey.
4:35 pm - 5:00 pm
Executive Exchange
Think Tank
Internet 3.0 - Adapting to the New
Internet 1.0 servers and endpoints were static. Internet 2.0 servers were static and endpoints were mobile. In the Internet 3.0 world, servers utilizing cloud, containers and "server-less" apps and endpoints (mobile devices, tablets, IoT, etc.) are highly mobile. The traditional perimeter-based security architecture used in various sectors (.edu, .gov, .com, .org, etc.) has basically failed to protect internal assets. New technologies such as IoT and mobile devices will force a new approach to network security architecture. Zero-trust networks (ZTNs) assume that the network is hostile, attackers are already inside the net, and segmentation is not sufficient for determining trust among other characteristics.
Takeaways:
- Looking at the future of Internet 3.0
- Learning more about ZTN properties
- Integrating ZTN architecture with existing cybersecurity defense strategies
Presented by:
Randy Marchany, CISO, Virginia Tech
5:00 pm - 5:15 pm
What's the Next Stop On the Transformation Journey?
Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs where common issues can be addressed and success stories can be shared.
Takeaways:
- Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you.
- Sharing stories of success (and failures) is not reserved to a one-day CIO Summit, but should be shared on a regular basis with your peers.
Presented by:
Stan Kizior, FORMER COO - Department of IT, State of Maryland
Aaron Rinehart, Former Chief Enterprise Security Architect, UnitedHealth Group
5:15 pm - 6:30 pm