EVENT
CISO Public Sector Summit | February 22, 2018 | Washington Plaza - Washington, DC, USA
agenda
Download Agenda (PDF)↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session 
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
Thursday, February 22, 2018 - CISO Public Sector Summit
7:30 am - 8:10 am
Registration and Networking Breakfast
8:15 am - 8:25 am
Welcome Address and Opening Remarks 
Moderated by:
Robert Knake, Senior Fellow for Cyber Policy, Council of Foreign Relations 
8:25 am - 8:55 am
Keynote Presentation
Digital Transformation: A Journey Not a Destination
There are many forces that are driving companies to continue to transform how they do business. Technological advances such as IoT, AI, machine learning, virtual reality and augmented reality are creating demanding expectations from customers, employees and boards. Adding to the complexity of CIOs and CISOs is the increasing threats to the security of the data that is at the heart of digital transformation. This keynote presentation will focus on the realities that this transformation will never end and it is critical to implement both the mindset and processes to treat digital transformation as a journey...not a destination.
Takeaways:
- It is critical to realize that digital transformation will never end, but will always be unfolding.
- CIOs and CISOs must implement processes to ensure that not only their departments are forward thinking, but that their entire company is aware of what new technologies can bring to bear for customers and employees.
Presented by:
Beth Killoran, Chief Information Officer, US Department of Health and Human Services
9:00 am - 9:30 am
Keynote Presentation
What Did Your Data Do Last Night?
It is almost paradoxical that enterprises possessing incredible stores of unique data are often not prepared to take advantage of those valuable assets - resulting in negative or reduced ROI from the data, incorrect or biased decision making, risk of potential compliance or security violations, and lost opportunities to gain competitive advantage. We will share an approach to data that services the needs of the entire enterprise, enabling a truly data-driven culture that is based on three core principles:
- Hybrid data management - provide all data-driven professionals the ability to easily collect, transform and store all the data assets in the enterprise.
- Unified governance - allow self-service access to trusteddata for better and faster insights while maintaining the necessary controls
- Smarter data science and analytics - make it easy for everyone from analysts to data scientists to collaborate to discover and develop insights using all of the raw data sources across the enterprise with the tools and technologies they prefer.
Presented by:
Caitlin Halferty, Client Engagement Executive, IBM Global Chief Data Office, IBM
IBM
9:35 am - 10:00 am
Executive Exchange
Think Tank
Riding the right cloud - from Hybrid to Multi
What are the differences between hybrid and multi clouds? How do you decide what to use when in your digital transformation? We will discuss all of them and more.
Presented by:
Arya Choudhury, CIO, Shady Grove Fertility
10:05 am - 10:30 am
Executive Exchange
Think Tank
Introducing Security based Chaos Testing - "Security is Chaotic - Drive out failure and build software that is truly rugged with Security Chaos Engineering?"
ChaoSlingr is a Security Chaos Engineering Tool focused primarily on the experimentation on AWS Infrastructure to bring system security weaknesses to the forefront. The industry has traditionally put emphasis on the importance of preventative security control measures and defense-in-depth where-as our mission is to drive new knowledge and perspective into the attack surface by delivering proactively through detective experimentation. With so much focus on the preventative mechanisms we never attempt beyond one-time or annual pen testing requirements to actually validate whether or not those controls actually are performing as designed.
Our mission is to address security weaknesses proactively, going beyond the reactive processes that currently dominate traditional security models.
Presented by:
Aaron Rinehart, Chief Enterprise Security Architect, UnitedHealth Group
10:30 am - 10:40 am
Morning Networking Coffee Break
10:45 am - 11:10 am
Executive Exchange
Thought Leadership
The Connected Worker & the Enterprise of Things
The smartphone is the primary communication and computing device for many of today's consumers. This dependency on mobile devices will translate into a majority of enterprise computing outside of traditional PC computing. This will have the greatest impact with on campus (non-office-based) and off campus mobile workers who are becoming increasingly connected by rich real time communications powered by mobile applications running on wearable devices such as smart glasses. The rise of IoT in the enterprise, or the Enterprise of Things, will allow these workers to instantly connect with assets in the field to gain immediate understanding of the situation around them.
This session will explore the impact that these connected workers and endpoints will have on your enterprise and its ability to drive growth. Attendees will also learn security concerns that come with these new tools and how to best address them.
Sponsored by:
BlackBerry
11:15 am - 11:40 am
Executive Exchange
Fireside Chat
Interconnection Oriented Architecture: Methods, Innovations and Opportunities
Next generation digital services such as Internet of Things, Big Data Analytics, Machine Learning, Hybrid Cloud, and Software-Defined Everything are increasingly reliant on proximal, high-speed, low-latency interconnectivity and adjacency to massive compute, storage, and Software as a Service.
Enterprises, service providers, and governmental communities of interest can reduce costs and time to market by moving to a regionally-distributed Interconnection Oriented Architecture where geo-strategic alignment of applications, data and consumers is achieved at the network edge.
Sponsored by:
Equinix
11:45 am - 12:10 pm
Executive Exchange
Thought Leadership
Knowing Is Half the Battle - Protecting Applications & Their Sensitive Data
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection RASP changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc.
12:15 pm - 1:25 pm
Working Lunch & Panel
CIOs/CISOs as the Consummate Communicator
It is also changing the role of the CIO and CISO to be a business leader and internal sales leader for transformation. CIOs are now responsible for communicating strategies and recommendations to CxOs, boards and key stakeholders within a company. Join us, during lunch, for a passionate panel discussion with your peers as they share how they are successfully communicating internally to accomplish the company's goals.
Takeaways:
- CIOs must be great communicators, not only with their teams, but the rest of the organization.
- CIOs must learn the best ways to communicate clarity and urgency with boards and CXOs.
Panelists:
Michael Dent, Chief Information Security Officer, Fairfax County Government
Don Spicer, Chief Information Officer, University System of Maryland
Tony Cossa, Acting CTO, USDA
Aaron Rinehart, Chief Enterprise Security Architect, UnitedHealth Group
1:30 pm - 1:55 pm
Executive Exchange
Think Tank
Shifting Left - Moving Security Into the Application Development Teams
Shifting Left means starting earlier. The earlier we start thinking about security in the design and development process the better our results. Some of the key things we will discuss include embedding security minded staff into the development teams, teaching engineers security basics, running internal security hackathons to promote security thinking and using bug bounty programs.
Takeaways:
- Security should not be the exclusive responsibility of the "security staff".
- There are proven techniques to expand those thinking about security as well as thinking about security earlier in the design process.
Presented by:
Keith Forsythe, Vice President of Software Engineering, Capital One
2:00 pm - 2:25 pm
Executive Exchange
Executive Boardroom 
Year of the Defender - Cybersecurity Predictions for 2018
Cybersecurity dominated the news cycle in 2017. There were headlines about viral ransomware, global destructive wipers posing as ransomware, leaks of spy tools from U.S. intelligence agencies, and breaches at major companies.
What does 2018 hold in store for the defenders? Come discuss the largest security trends Cybereason researchers have identified for 2018.
Sponsored by:
Cybereason
2:30 pm - 2:55 pm
Executive Exchange
Think Tank
Data is the Fuel for the Customer Journey
Digital Transformation must take into account the Customer Journey. Great customer experience is brought on by having great data. First, employees can't provide great customer experience without great data...which means data that is readily available, consistent, accurate and secure. Second, Digital Transformation is making "self service" a preferred approach from customers instead of a cost savings effort..
Takeaways:
- Employees can provide great customer experience only if they have accurate data at their fingertips.
- Digital Transformation are making"self-service" options a preferred approach to provide great Customer Experience
Presented by:
Tony Cossa, Acting CTO, USDA
3:00 pm - 3:10 pm
Afternoon Networking Coffee Break
3:15 pm - 3:40 pm
Executive Exchange
Think Tank
Disrupt or Be Disrupted: The Digital Transformation Journey Has No Parking Lots
The seemingly ever expanding cadre of technological tools available to incumbent industry leaders are also available to myriad start-ups. Start-ups are using these new technologies to disrupt industries of all types, changing how customers think about tried and true industries. Disruption is found on every corner and it is critical for CISOs to lead their organizations in a way that make them as nimble as their competitors.
Takeaways:
- Technology enables companies, especially start-ups with no legacy infrastructure, to disrupt industries overnight.
- CISOs need to lead their companies in ways that disrupt before they are disrupted by others.
Presented by:
Steve Dimmitt, Vice President, Marketing and Customer Success, CDM Media
3:45 pm - 4:05 pm
Executive Exchange
Innovation Partners Showcase
A brief, but compelling review of three new innovative technologies supporting digital transformation.
Sponsored by:
Datalink, a division of Insight
4:10 pm - 4:40 pm
What's the Next Stop On the Transformation Journey?
Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs and CISOs where common issues can be addressed and success stories can be shared.
Takeaways:
- Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you.
- Sharing stories of success (and failures) is not reserved to a one-day CISO Summit but should be shared on a regular basis with your peers
Presented by:
Robert Knake, Senior Fellow for Cyber Policy, Council of Foreign Relations
Steve Dimmitt, Vice President, Marketing and Customer Success, CDM Media
4:45 pm - 6:00 pm