Strategies for Foundational Cloud Security: Visibility, Governance and Compliance

CISO Council

January 20, 2022 - United States

Attend this event

Company is Required

By clicking the “Register" button, you are agreeing to the Privacy Policy and Terms of Use

Speakers

Bill Merritt Gilead Sciences
Bill Merritt

Principal Architect, IT Security (Security & Privacy)

Gilead Sciences

Council Speaker

Senior Architect/Manager with extensive experience in managing enterprise risk, network system architecture, security design, and administration. Experience includes managing and assessing in house, co-located and Cloud hosted enterprise network environments, large messaging environments, as well as disaster recovery, business continuity, information security, and local and network software development and deployment. Experience also includes management of large and complex projects including application and datacenter deployments and migrations, and the use of SDLC processes including Agile and Six Sigma methodologies. Also, large integration projects matching business needs to the proper technology and implementing the solution in Enterprise and mobile environments. Managing and supervising direct staff of 5 to 140, as well as personnel from technology consulting partners.

Mahesh Reddy Prime Healthcare Services
Uma Mahesh Reddy

CISO

Prime Healthcare Services

Council Speaker

CISO and Director of Telecommunications in the healthcare industry. Skilled in Healthcare Information Technology (HIT), Security, Management, Business Strategy, Vendor Management, Software development. Strong information technology professional with a Master's degree focused in Information Technology (Security) from Central Queensland University, Melbourne Campus.

Marcelo Peredo City of San Jose
Marcelo Peredo

CISO

City of San Jose

Council Speaker

Over 30 years of experience as a C level executive as well as in the areas of information security, software engineering, and IT program management. Currently supporting the City of San Jose as the Chief Information Security Officer. Prior roles include supporting the County of San Diego 1.2 billion dollar account as the Chief Information Security Officer (CISO). Worked at the Federal Bureau of Investigation (FBI) as a Project Manager providing ISSO support to field offices across the country. Also worked at the United States Secret Service (USSS) as the Project Manager for the Information Systems Security Officer (ISSO) support team under the CISO where won the ISSO of the year award. Served as DHS FISMA Inventory Management System team lead at the Department of Homeland Security (DHS) under the Office of the Chief Information Officer (OCIO). Other organizations include TSA, HUD, and the DC Government; Engineered several applications using state-of-the-art technology for various industries. Possess the ability to build and manage IT teams providing strong leadership and delivery of products and services on time and within budget in complex heterogeneous environments.

Matthew Chiodi Prisma Cloud
Matthew Chiodi

Chief Security Officer, Public Cloud

Prisma Cloud

Council Speaker

Matt Chiodi has over two decades of security leadership experience and is currently the Chief Security Officer of Public Cloud at Palo Alto Networks. He works with organizations to develop and implement security strategies for public cloud adoption and maturity. He does this through advisory meetings with clients, blogging, podcasts, and speaking at industry events such as RSA. He currently leads the Unit 42 Cloud Threat team which is an elite group of security researchers exclusively focused on public cloud concerns. Chiodi has served on the board of various non-profits including Board VP and Governor of Philadelphia’s InfraGard. He is currently on faculty at IANS Research.

Eric Staffin IHS Markit
Eric Staffin

Partner & SVP, CISO

IHS Markit

Council Speaker

Eric has extensive leadership and practical C-suite experience working as a Chief Information Security Officer, Chief Risk Officer and Risk Policy Committee Chair in regulated and non-regulated companies. He has a proven track record of building high performance teams and partnering with both clients and colleagues to drive the recognition and treatment of franchise level strategic, cyber, privacy, operational and regulatory compliance risks within interconnected global companies. Eric currently serves as the Chief Information Security Officer (CISO) for IHS Markit (INFO), a $45 billion public company that is a global leader in information, analytics and solutions for the major industries and markets that drive economies worldwide. He is charged with driving the design, implementation and continuous improvement of a global cyber security program that supports innovation as an enabler of business and revenue growth, establishes a stronger enterprise-wide posture that reduces risk, improves decision-making, and accelerates business priorities, and, cost effectively mitigates and reduces the risk and impact of client, market and regional disruptions caused by physical, technology and cybersecurity related incidents. Previously, Eric held senior leadership team roles at S&P Global (Chief Risk Officer, S&P Global Market Intelligence) and Thomson Reuters (Chief Resiliency and Business Information Security Officer, Wealth Management), and senior product, operational and risk management roles at Citibank and Bankers Trust. Eric received his Bachelor of Arts degree in Economics from the University of Michigan and his Master’s Degree in Business Administration in Finance and Management from New York University’s Stern School of Business. He is a co-Chair for the New York CISO Advisory Forum, holds the CISSP certification from (ISC)2, the FBCI (Fellow) certification from the Business Continuity Institute (BCI), and serves as a speaker, trainer, contributor, moderator and panelist for (ISC)2, the BCI, DCRO, ISACA, and several New York metropolitan area business schools on topics including Operational Risk, Crisis & Incident Management, Data Privacy, Supply Chain Resiliency, and Cybersecurity and Business Resiliency Convergence.

Howard Holton Rheem
Howard Holton

CISO

Rheem

Council Speaker

Howard is the CISO/Enterprise Architect for Rheem Manufacturing Company Inc located in Atlanta, GA and is part of the Ventilation, Heating, Air-Conditioning, and Commercial Refrigeration Equipment Manufacturing Industry. Rheem Manufacturing Company Inc has over 6,200 total employees across all of its locations and generates over $2.10 billion in sales (USD). There are 149 companies in the Rheem Manufacturing Company Inc corporate family Howard has focused his career developing a mind for leadership – the successful execution of vision and culture to inspire. He believes that successful leadership is all about maximizing your team’s potential. He is also a technologist at heart and passionate about how his team can use data science and new technologies to accelerate time-to-market and better serve the customer, now and in the future. His passion is to be a trusted advisor and agent of change to organizations

Jim Cooper HP
James Cooper

Chief Technologist

HP

Council Speaker

James “Coop” Cooper is a Technologist and Futurist helping enterprises break the legacy bonds that constrain employees from increasing shareholder wealth. He is Internationally recognized as an innovator for new technologies, processes and business models that impact the User Experience. Coop regularly predicts disruptions in technology, economics, government policies that corporations need to consider as part of their strategy to improve the user experience and create an environment where discovering new ideas to create value is more important than end to end management of devices. Coop is a global pioneer in simplification of technology management, virtualization, social networking services. Prior roles include Chief Technologist for the $4 Billion Mobility and Workplace business at Hewlett Packard Enterprise, Strategist for applied innovation, Chief Architect for workplace services and Sr. Consultant with HP Consulting.

John Tryon Health Care Service Corporation
John Tryon

AVP - Security Design & Architecture

Health Care Service Corporation

Council Speaker

Joined Health Care Service Corporation, the nation’s largest customer owned health insurer offering Blue Cross Blue Shield plans in Illinois, Montana, Oklahoma, New Mexico and Texas, in September of 2017 as DVP Information Security Architecture and Design. In this role, John was responsible for driving the future state Cyber Security Architecture with a focus on securely enabling HCSC’s use of the public cloud for sensitive workloads, overall modernization of HCSC’s Member facing and Enterprise Identity & Access Management products and enhancements to Cyber Defense capabilities. Promoted to Deputy CISO / Head of Information Security for Health Care Service Corporation (HCSC) in Fall of 2021. John is responsible for delivering a fiscally responsible and pragmatic Information Security program that securely enables the HCSC enterprise, systems development entities, and strategic initiatives. He is an Information Services Security thought leader with over twenty-five years combined experience with Fortune 500 firms in life sciences, healthcare and consumer products industries. Actively participates on Executive Customer Advisory Boards and Healthcare Industry Executive Leadership forums. John has a bachelor’s degree in computer science from Temple University and holds CISSP certification.

Agenda

All times Eastern Time

3:00 PM-4:15 PM

Strategies for Foundational Cloud Security: Visibility, Governance and Compliance

Every organization today is in pursuit of digital transformation - enabled by cloud computing. The ability to build and deploy applications with worldwide reach without any large upfront investment or datacenter management expertise has transformed enterprise IT and security.

However, the cloud is perpetually evolving, forcing teams to continually investigate, learn, and apply new architectures and technologies. In this environment of relentless change and persistent threat, security professionals struggle to keep their companies’ cloud networks secure. Protecting your enterprise requires not just more security, but new approaches to security

The rise of DevOps and self-owned infrastructure has led to dynamic, highly distributed environments - where organizations often have dozens to hundreds of different environments (or “projects”). The security paradigm for cloud must shift where DevOps and SecOps can collaborate, and the SOC isn’t overwhelmed with alerts that lack context.


In Partnership With