The 2018 National Security Leaders Symposium was held October 20-23, 2018 at The Breakers Beach Resort. This year's Symposium was all about the future of cyber security and the ways that execs can convey the information gleaned to their team, senior management and the board. The attendees represented some of the most forward thinking and innovative companies and the sessions covered an array of topics that were top of mind for leaders in the space. As always, the roundtables and live polling brought out the collaborative nature of this group and led to meaningful takeaways that their organizations will benefit from. The Executive Alliance community sincerely thanks all who attended and made this an outstanding Symposium.
“This is the best conference I attend each year. The networking and insight from peers is very valuable in shaping strategy in a challenging space.”
- Chuck Herrin, SVP & CISO, Head of IT Infrastructure, Security, Risk & Compliance at Athene Holding Ltd.
“Executive Alliance has created an executive “ecosystem” for guests and vendors that balances content, interaction and knowledge.”
-David Less, CIO, JL Audio, Inc.
“Success is no accident, love what you do or learning to do and surround yourself with happy and genuine people.”
-Sabastian High, Senior Director, Global Application Security & IT Systems Assurance, McKesson Corp
“Unparalleled opportunity to engage and tackle leading security concerns across different sectors.”
-Carl Seid, Operations Risk Manager – Enterprise Compute Services, Wells Fargo
“The depth and breadth of experience to enjoy from participating is of immeasurable value.”
-Patrick Benoit, Deputy CISO, Cheetah Digital
Sunday Morning, October 21st - Bocce and Bikes
The first annual Executive Alliance Bocce Ball Tournament was a great success, with the competition getting fierce! Congrats to First place winners "The Car Salesmen" and second place, "The Ninja Bulldogs!"
Attendees enjoyed a self- guided tour of the resort and fantastic views along the Intracoastal Waterway.
Opening Welcome Reception, Chef’s Dinner and Beach Music at the Breakers Beach Club.
Welcome and Opening Remarks
After a warm welcome from Executive Alliance CEO Mary Lou Heastings, the Symposium Moderator, Richard Warner, discussed the current state of affairs in cyber security today and the landscape that execs are currently navigating.
Morning Keynote - The Business Side of Defending Businesses
Jay Leek, Managing Director of ClearSky, and previous CISO of Blackstone, provided insights into the shifts he is seeing in information security, critical factors that will poise companies for success in the future, and what it takes to get there.
Brian Lawhorn, CISO at Kroger, provided an excellent overview of the future challenges he sees and the key skills and strategies needs for his organization to be successful.
Think like a CISO
Chip Crane, North American Technical Executive, IBM, Gold Sponsor led an interactive session to find out how many CISOs learn to face and overcome the problems of modern business.
Morning Break and Networking
The Shift in Information Security
JD Rogers, CISO at The Great American Insurance Company focused on the latest thought leadership pertaining to problem solving as the current information security landscape becomes more diverse and complex.
#NoDarkspace: Learn why, what, and how to monitor and automate east-west and cloud security investigations using Network Traffic Analytics
Matt Cauthorn, VP of Security, ExtraHop, Platinum Sponsor walked everyone through the necessity of Network Traffic Analytics (NTA) due to the new blind spots and attack risks associated with the darkspace.
Paul Horn, CISO of HD Vest Financial Services and Raymond Lipps, CISO of Celgene explained their secrets to building an "A" team and executing on a vision that plays to the strengths of their senior management team.
Privileged Attack Vectors - Building Effective Defense Strategies to Protect Organizations
Morey Haber, Chief Technology Officer, BeyondTrust, Gold Sponsor provided a comprehensive view of how privileges, passwords, and vulnerabilities are being leveraged as attack vectors and how you can properly take measurable steps to defend against them.
Lunch and Networking in the Courtyard
Attendees and sponsors had the opportunity to enjoy the beautiful Florida weather as they continued discussions and getting to know each other over lunch.
Live interactive polling session on top concerns of information security executives. Differing opinions about the outcomes led to heated exchanges that really got the room buzzing!
“And Then There Was Light...”
Phil McQuitty, Sr Director, Identity & Data Governance Strategy, Office of CTO, Sailpoint, Gold Sponsor discussed the historical and notable absence of unstructured file stores (e.g. file shares, cloud shares, MS SharePoint, etc.) from the Identity Governance coverage umbrella. Phil showed why this space has been long isolated from good access governance / controls, discussed a bit about how the enterprise has been keeping that data secure up until now, and how things have recently taken a significant turn for the better.
Innovative Approaches to Information Security
Patrick Benoit, Deputy CISO of Cheetah Digital, and John Masserini, Global CISO of Millicom provided insights into what their organizations are doing to drive innovative approaches in information security through processes, people and technology.
Your Bank’s Digital Side Door
Ed Adams, Distinguished Research Fellow at The Ponemon Institute, President and CEO, Security Innovation, Silver Sponsor spoke about the 20 year old Open Financial Exchange (OFX) protocol and the 3000+ North American banks that support it. 30 different implementations running in the wild amount to an inviting attack surface — a digital side door into millions of consumers’ privacy and personal savings.
Evening Cocktail Reception
The networking continued into the evening with laughs, stories, and catching up!
SYMPOSIUM RECAP – Tuesday, October 23rd
Leadership During Challenging Times
Diane McCracken, CSO of Customers Bank, and Ann Delenela, VP and CISO of Ameren Services, shared their insights into the challenges they are facing, how they expect to overcome obstacles, and key traits that will be needed by leaders of the future in order to be successful.
Autonomous Cyber Defense: AI and the Immune System Approach
AJ Greenway, Regional Director for Darktrace, Silver Sponsor led a riveting discussion about why autonomous response and machine learning is the future of defense and how the ‘immune system’ approach to cyber security provides complete network visibility and the ability to prioritize threats in order to better allocate time and resources.
Senior Management’s Toughest Questions
In this interview session with Kevin McMahon, SVP of Compliance and Audit at Calpine Corporation, and Michael Marsilio, Chief Information Security Officer with Paradies Lagardere, they discussed their accountability to senior management and how they are responding.
Where AI Meets Your Network—Learning from Your Data to Improve Cyber-Resilience
Chad Skipper, Executive Security Technologist, Lastline, Silver Sponsor discussed how AI and ML technologies are reshaping the network security landscape, some pitfalls, and how to leverage the wealth of your network information to discover evasive advanced attacks in your network.
Making Cyber Security Second Nature to Your Employees
Richard Warner , Symposium Moderator spoke about how more than 90% of cyber breaches involve employees and offered actionable recommendations for more effectively engaging their workforces in cyber security.
My CEO told me we have to move our datacenter to the public cloud...so, what’s the big deal?
Grant Asplund, Principal Evangelist, Dome9 Security, Silver Sponsor presented how the Dome9 Arc platform allows enterprises to easily manage the security and compliance of their public cloud environments at any scale across Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).
Executive Roundtables with Debriefs
Peer-to-peer breakout sessions based on topics determined by attendees during registration.
Closing Reception and Prize Giveaway
All of the attendees enjoyed the camaraderie and friendship that the Symposium imbued and the ocean breeze allowed for a extended night on the lawn for another round of Bocce!
See you next year, where we will be back in Naples at the Ritz Carlton on 10/20/2019!
Congrats to Pennie Turgeon, VP for Information Technology and CIO, at Clark University for winning a 2 night stay at the Breakers for her and a guest!
Using real-time wire data analytics and machine-learning behavioral detection, Reveal(x) enables security operations teams to automate investigations, get full packets for forensic evidence in a few clicks, and confidently orchestrate responses against urgent threats. With decryption, powerful security-focused workflows, and a rich integration ecosystem, Reveal(x) delivers unprecedented visibility, definitive insights, and immediate answers so security operations teams can act with confidence.
Are you looking for a better way to manage privileged access? BeyondTrust can provide control and visibility over privileged accounts and users by helping you:
This approach has been recognized by top analysts from Gartner and other experts as leaving fewer gaps in privileged account coverage. BeyondTrust is also trusted by more than 4,000 customers worldwide, including over half of the Fortune 100.
If you have an upcoming project or are currently evaluating PAM solutions, please contact Patrick Dillon, VP Sales, email@example.com.
Cybercriminals are growing in number and sophistication, rendering traditional solutions powerless against today’s advanced threats. IBM Security, with 7,500 security professionals worldwide, helps more than 12,000 clients address their most critical needs: transforming their security programs; optimizing security operations and response systems; and protecting critical information.
Over the past decade, IBM has invested more than $2 billion in security research and development, resulting in 3,700+ security-related patents, and acquired 19 security companies to grow its portfolio. Today, IBM Security delivers next-generation security technology and services, including cognitive and Watson analytics, automated incident response, cloud-based solutions and state-of-the-art security operations centers. For more information, please visit www.ibm.com/us-en/.
For more information contact: William “Chip” Crane at firstname.lastname@example.org
SailPoint, the leader in enterprise identity management, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint's customers are among the world’s largest companies in a wide range of industries, including: 6 of the top 15 banks, 4 of the top 6 healthcare insurance and managed care providers, 8 of the top 15 property and casualty insurance providers, 5 of the top 15 pharmaceutical companies, and six of the largest 15 federal agencies.
To learn more about SailPoint, please visit www.sailpoint.com
Darktrace is the world’s leading machine learning company for cyber security, having developed AI algorithms that mimic the human immune system to defend enterprise networks of all types and sizes. Created by mathematicians from the University of Cambridge, Darktrace’s Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal’ for all devices and users, updating its understanding as the environment changes.
By applying its unique, unsupervised machine learning, Darktrace has identified 30,000 previously unknown threats in over 2,4000 networks, including zero-days, insider threats and subtle, stealthy attacks. The company has experienced 600% year-on-year revenue growth. With 500 employees in 24 offices and dual headquarters in San Francisco and Cambridge UK, Darktrace was named ‘Most Innovative Security Company of the Year 2017,’ ‘Bloomberg Innovator,’ and ‘GSN Homeland Security’ award winner. The company’s valuation is $.5 billion and its investors include KKR, Softbank, Summit, Invoke Capital, and Samsung. https://www.darktrace.com/
Managing security and compliance in the public cloud requires a new breed of cloud-native security solutions that combine automation with continuous compliance and active protection.
With the Dome9 Arc platform, organizations gain full visibility and control of their security posture, allowing them to detect misconfigurations, model and enforce gold standard policies, protect against attacks and insider threats, and comply with regulatory requirements and best practices. Dome9’s agentless SaaS solution provides operational efficiency for faster time-to-protection.
For more information contact: Patrick Pushor Patrick@dome9.com or Grant Asplund at email@example.com
Lastline provides innovative AI-powered network and email security products that detect and defeat cyber attacks. We deliver automated detection, analysis, and response to completely remediate advanced threats before damaging and costly data breaches occur, with fewer resources and at lower cost.
We have won dozens of awards, including being named to the Red Herring 100 and Inc 5000 fastest growing private companies. And we're the only company to achieve 100% breach detection and 100% security effectiveness in tests conducted by NSS Labs.
For more information visit us at: www.lastline.com or
Lastline - An Introduction to Advanced Malware
Lastline - NSS Labs Report
Lastline - Webinar - Ransomware - How to Strategically Fight It
Security Innovation focuses on the most difficult IT Security problem, and the root cause of most data breaches — insecure software applications. For more than a decade, we’ve helped organizations build internal expertise, uncover critical vulnerabilities, and improve the process by which applications are built. The company’s solutions are based on the three pillars of a secure Software Development Lifecycle (SDLC), which feed into one another to create an ecosystem of repeatable, secure software development: Standards, Education, and Assessment. Our flagship products include TeamProfessor, the industry’s largest library of application security eLearning courses, and TeamMentor, “out of the box” secure development standards.
For more information, please visit www.securityinnovation.com or contact Joe Mundy at
Wombat Security, a division of Proofpoint
Wombat Security, a division of Proofpoint, is the leading provider of information security awareness and training software to help organizations teach their employees secure behavior for enterprises. Their SaaS-based cybersecurity education solutions include an integrated platform of knowledge assessments, simulated attacks, and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90%. The company has been recognized by Gartner as a Leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors for four years in a row. Founded in 2008, Wombat is helping mid-market, Fortune 1000, and Global 2000 customers to strengthen their cybersecurity defenses.