Future of Cybersecurity

CISO Summit

November 16, 2023 - New York, NY

Visionaries

Octavia Howell
CISO
Equifax Canada

Summit Speaker

Recognized as one of the 2022 Top 20 Women in Canada, Octavia Howell has spent her career protecting some of the world’s largest financial institutions from cyber attacks. Today, she serves as Equifax Canada’s Chief Information Security Officer and is the Founder and CEO of Augustus Redefined, an organization focused on the advise ent of Black Women in Cyber. Octavia believes a security leader should mentor, motivate trust, and lead their teams to act with integrity and transparency. She often says, “A team is only as strong as their leaders and each leader casts a shadow that they will be held accountable for.” Octavia is motivated by the belief that we are placed on this earth to help each other achieve greatness (whatever that may be).
Shaun Khalfan
SVP & CISO
Discover Financial Services

Summit Speaker

Shaun Khalfan is the Senior Vice President and Chief Information Security Officer at Discover Financial Services. He leads the Information Security organization and has the overall responsibility of implementing its strategy and objectives in order to build a strong cyber engineering function. Shaun has over 20 years of IT experience with specialization in information security and risk management. He was formerly the Managing Director and Chief Information Security Officer of Barclays International where he led a team focused on enabling business partners and managed cyber risk across a diverse global banking environment. Previously, he was the Vice President and Chief Information Security Officer at Freddie Mac where he was responsible for company-wide cybersecurity risk reduction efforts, security architecture, securing cloud transition, modern software delivery transformation, and end-user experience enhancement initiatives. Shaun has held roles in increasing responsibility at the Department of Defense, culminating in the role of Chief Information Security Officer for the Department of Homeland Security, U.S. Customs and Border Protection. Shaun is a fellow with the American Council for Technology, and an adjunct professor at Carnegie Mellon University. He holds an MBA from George Washington University and is a graduate of the University of Maryland. He is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a graduate of the Department of Defense Executive Leadership Development Program.
Devon Bryan
Global CIO
Carnival Corporation

Summit Speaker

DEVON BRYAN was appointed as the Global Chief Information Officer (CIO) for Carnival Corporation effective December 14, 2022. He joined Carnival Corporation in October 2021 as the Global Chief Information Security Officer with responsibilities for conceiving, implementing and leading technology solutions that assure compliance, protect personal data and corporate assets, increase organizational capability and advance productivity within Carnival Corporation and our world-leading cruise line brands. Prior to Carnival Corporation, Devon was Managing Director, Chief Information Security Officer, MUFG Union Bank N.A where he was responsible for establishing and maintaining a comprehensive information security strategy and program to ensure that information assets and technologies were appropriately protected. He was also responsible for ensuring that information security risks were identified, evaluated, mitigated, and reported in a manner that meets compliance and regulatory requirements and aligns with the risk tolerance for MUFG in the Americas region. Most recently, he served as the CISO for KPMG LLC where he was charged with effectively designing and executing a best-in-class information and data security function with a proactive approach to enable business results. Prior to KPMG, Devon was the Executive Vice President and Chief Information Security Officer for the National IT Organization of the US Federal Reserve System. As the System-level CISO, he was responsible for ensuring the Fed’s information security policies, architecture, programs and incident response team remain effective and efficient. Prior to the Fed, Devon was the Global Chief Information Security Officer (CISO for Fortune 500 outsourced payroll and human resources provider ADP. As Global CISO for ADP, Devon led ADP’s information security strategy, collaborating across the company’s geographically dispersed business operations to ensure coordination, consensus, and effective cybersecurity protections across global operations. Prior to joining ADP in 2011, he served as the Deputy Chief Information Security Officer (CISO) for the Internal Revenue Service (IRS) where he was appointed to the Senior Executive Services (SES) and directed the IRS’s FISMA-compliant information security program and the IRS’s cybersecurity incident response team. His information security career began in the U.S. Air Force, where he served as a Captain and Lead Network Security Engineer working on systems and programs to protect the critical network and communications networks of the Air Force’s Air Combat Command. Devon is a co-founder of Cyversity, a 501c3 non-profit which he helped launch in 2014 and geared toward improving the underrepresentation of women and minorities in the field of cybersecurity through academic scholarships, certifications, mentoring and networking opportunities. Devon received a Bachelor of Science, Applied Mathematics from South Dakota Technological University and a Master of Science, Computer Science from Colorado Technological University, graduating Summa Cum Laude. He holds multiple industry recoginized certifications serves on several non-profit boards and participates in select industry forums as a sought-after speaker and writer on emerging technology trends and issues.
Gal Tal-Hochberg
Group CTO
Team8

Summit Speaker

Gal is Group CTO of Team8, advising foundry and portfolio companies in their creation process and as they scale. Gal is an entrepreneur with over 15 of years of experience building and leading software companies in the areas of cyber security, artificial intelligence, fintech and blockchain. Prior to joining Team8, Gal was co-founder and CEO at Clear, an enterprise blockchain company that builds decentralized clearing networks for global industries, serving companies such as Vodafone, Telefonica, and Deutsche Telekom. Previously, he worked as a consultant in the fields of cyber security, computer graphics, machine learning, big data, web applications, and scalable systems, and as an engagement manager at Sygnia helping protect global corporations from cyber threats. Gal also co-founded HiredScore as CTO, an AI HR company used by Fortune 500 companies to identify the best candidates in their funnel and served in the Israel Defense Force’s Technology & Intelligence Unit 8200.
Laura Deaner
CISO
Northwestern Mutual

Summit Speaker

As Chief Information Security Officer (CISO), Laura Deaner is accountable for establishing and steering Northwestern Mutual’s enterprise-wide information risk management and security strategy. In this role she will champion the build out of an integrated risk culture, driving effective operation of technical and administrative controls. Laura works closely with the executive leadership and the Board of Trustees, matching effective controls to an appropriate level of risk tolerance. Leading the enterprise’s second line of defense, she is responsible for prioritizing and sequencing the treatment of information security risks, aligned with industry-standard risk management frameworks. Prior to coming to Northwestern Mutual early in 2021, Laura was the Chief Information Security Officer at S&P Global, responsible for establishing and driving the enterprise information security vision and program. She leverages her twenty-two years working in security for multi-national Fortune 500 companies to build effective and robust information security programs by aligning deep technical expertise with executive business vision and support. She was previously the first named CISO at PRNewswire, where she built a comprehensive security practice from the ground up. Laura holds a Bachelor’s degree in Computer Science from Old Dominion University in the state of Virginia in the United States. She is a member of several information security and technology societies including OWASP, WiCyS, ISC2, and Society of Women Engineers (SWE). She’s featured in Women Know Cyber – 100 Fascinating Females Fighting Cybercrime. Laura is an advocate for diversity and inclusion in technology as well as her field of Cyber Security. She served as a council member of the S&P Global Diversity Equity and Inclusion Council whom are tasked with fostering a diverse and inclusive environment. Her accomplishments as a council member have included revamping the Employee Resource Groups, adding sentiment and data driven metrics to enhance the community goals. She worked to establish partnerships with various organizations to build in diverse talent pipelines in the technology organizations such as Girls Who Code. Laura is a frequently requested speaker and respected thought leader, recognized for her innovative leadership and strong business acumen. She has participated in the World Economic Forum’s Global Futures Council on Cyber Security as a co-chair leading a group of subject matter experts in solving cyber challenges. She serves on the Board of Directors for the Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry consortium dedicated to reducing cyber-risk in the global financial system. FS-ISAC has 7000 plus financial institutions, 15,000 users in the 70 jurisdictions to ensure the mission is accomplished. As a board member, she continues to encourage more participation in sharing timely cyber information which is action oriented at a global scale. Laura loves spending time with her family. She and her partner Murray are proud parents of four boys. They live in Brooklyn, NY where they love getting outdoors as a family for hiking, bike rides and amateur astronomy star gazing. She is also a big fan of science fiction and tinkering with technology at home. Don’t ask her how many raspberry pi’s she has.
Richard Rushing
CISO
Motorola Mobility Inc

Summit Speaker

Mr. Richard Rushing is the Chief Information Security Officer for Motorola Mobility LLC.; Richard participates in several corporate, community, private, and government Security Council’s and working groups setting standards, policies, and solutions to current and emerging security issues. As Chief Information Security Officer for Motorola Mobility, he has led the security effort by developing an international team to tackle the emerging threats of mobile devices, targeted attacks, and cyber-crime. He organized developed and deployed practices, tools and techniques to protect the intellectual property across the worldwide enterprise. A much-in-demand international speaker on information security Richard has presented at many leading security conferences and seminars around the world.
Erik Hart
CISO
Cushman & Wakefield

Summit Speaker

Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, InfraGard Chicago Members Alliance and Western Illinois University. Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries. Erik earned his Bachelors from Western Illinois University and Masters from Western Governors University.
Ivan Durbak
CIO
Bronx Lebanon Hospital Center

Summit Speaker

Ivan Durbak is CIO at Bronx-Lebanon Hospital Center. In this role he leads an IT organization that supports the Bronx-Lebanon Hospital Center community, including two major hospitals, two nursing homes, a large emergency room and a large clinic ambulatory environment that sees nearly one million patients a year
Rick Patterson
EVP CISO
Clear

Summit Speaker

Rick Patterson is the Chief Information Security Officer (CISO) at CLEAR since December 2020. Prior to CLEAR, he held leadership roles at Bridgewater Associates, PetSmart, and Sidley Austin. With a background in the U.S. Secret Service and U.S. Army Criminal Investigative Division, Rick brings extensive expertise in cybersecurity. He holds a Bachelor's degree from California State University, Fullerton, and a Master's degree from DePaul University. Recently, Rick served on the Selection Board for the 2023 CISOs Connect™ Top 100 CISOs (C100) Award.
Allison Miller
CISO & SVP
Optum

Summit Speaker

Allison Miller serves as the Chief Information Security Officer and Senior Vice President for Optum. As SVP & CISO at Optum, Miller has accountability for the Enterprise Information Security Officers and the Global Cyber Regulatory Programs. In addition, she has developed a global security framework focusing on patient safety, the security of clinical operations, and a global cyber crisis response plan Prior to her role with the Global Enterprise Information Security Office, Allison was the Director of National Healthcare Compliance for UnitedHealthcare, Chief Privacy Officer for OptumHealth, and Deputy Chief Privacy Officer, National Privacy Director for UnitedHealthcare. In addition to global cybersecurity, Allison has over 20 years of experience in health information systems and crisis management. During her tenure at UnitedHealth Group, Allison has developed methods to identify gaps in care and predict health outcomes for individuals with chronic conditions. Additionally, Allison is a volunteer EMT and First Responder in Louisiana, serving residents during Hurricanes Katrina and Isaac. Most recently, Allison was privileged to serve refugees in Greece, providing healthcare support to front-line clinicians. Allison has earned various degrees and certificates from Upsala College, the Wharton School, Kellogg Executive Education, ISC2, and MIT Sloan School of Management. She holds certifications from GIAC, ISACA, HCCS, and other technology areas of focus beyond security. She is also involved with several groups, including UHCL Cyber Security Institute, Health Care Compliance Association, NIST Cybersecurity Framework, and HIPAA Security Officers. Allison continues to volunteer her time across organizations to help raise awareness regarding the emerging cybersecurity landscape and the global threats they present to patient care. Allison is passionate about diversity and inclusion. She serves on the Board of Directors for Women in Cybersecurity (WiCyS) and speaks publicly at schools and colleges around the globe.
Kelly Moan
CISO
City of New York

Summit Speaker

Kelly Moan serves as the Chief Information Security Officer (CISO) of the City of New York (NYC). In this role, Ms. Moan leads the Office of Technology and Innovation’s (OTI) Cyber Command to protect, defend, and respond to cyber threats across the city. Prior to her appointment as the City’s CISO, Ms. Moan served as the CISO for the New York Police Department (NYPD). Throughout her career, she has taken a holistic and mission driven approach to cybersecurity, with a strong focus on collaboration. Prior to joining the NYPD, Ms. Moan was a Division Chief for the Department of Homeland Security (DHS) in Washington, DC. She led the security architecture and engineering team, building and deploying emerging technology to enhance cybersecurity defenses for the Department. She also served as the FedRAMP Joint Authorization Board (JAB) Technical Representative to the CIO, providing subject matter expertise on securing cloud technologies. At other points in her career, Ms. Moan held roles supporting the DoD and USCERT. She also served as an Intelligence and Operations Briefer for the Secretary of Homeland Security. Ms. Moan holds an undergraduate degree from American University and a graduate degree from Pennsylvania State University.
Ponnarasi Raj
VP Technology Programs
BNY Mellon

Summit Speaker

The Bank of New York Mellon Corporation provides financial products and services to institutions, corporations, and high net worth individuals in the United States and internationally. It operates through two segments, Investment Management and Investment Services. The company offers investment management; trust and custody; foreign exchange; fund administration; global collateral services; securities lending; depositary receipts; corporate trust; global payment/cash management; banking services; and clearing services. It also provides mutual funds, separate accounts, wealth management, and private banking services; and broker-dealer services and registered investment advisory services. In addition, the company is involved in credit-related activities, business exits, leasing operations, corporate treasury activities, and derivatives and other trading, as well as corporate and bank-owned life insurance and renewable energy investments activities. Further, it provides global markets services. The Bank of New York Mellon Corporation was founded in 1784 and is headquartered in New York.
November 16, 2023

Attend this event

Not available on November 16, 2023?
View other dates for the Summit

Agenda

All times Eastern Time
9:30 AM-10:00 AM
Welcome & Registration

10:00 AM-10:30 AM
Morning Networking

10:30 AM-10:40 AM
Opening Remarks

10:40 AM-11:25 AM
Panel
Social Engineering: New in 2023

Social engineering attacks are a growing concern for businesses and individuals alike, as cybercriminals continue to use advanced techniques to trick people into divulging sensitive information or performing actions that can lead to data breaches. In 2023, these attacks are expected to become even more sophisticated, making it increasingly challenging for individuals and businesses to identify and prevent them. To protect themselves, individuals and businesses must be vigilant and aware of these tactics. They must also implement comprehensive security measures, such as security awareness training, anti-phishing software, two-factor authentication, and access controls. Additionally, businesses must establish policies and procedures for responding to social engineering attacks, including incident response plans, data backup and recovery, and regular security assessments. By taking these proactive steps, businesses and individuals can better protect themselves from the risks associated with social engineering attacks in 2023 and beyond.

Shaun Khalfan
SVP & CISO
Discover Financial Services
Shaun Khalfan is the Senior Vice President and Chief Information Security Officer at Discover Financial Services. He leads the Information Security organization and has the overall responsibility of implementing its strategy and objectives in order to build a strong cyber engineering function. Shaun has over 20 years of IT experience with specialization in information security and risk management. He was formerly the Managing Director and Chief Information Security Officer of Barclays International where he led a team focused on enabling business partners and managed cyber risk across a diverse global banking environment. Previously, he was the Vice President and Chief Information Security Officer at Freddie Mac where he was responsible for company-wide cybersecurity risk reduction efforts, security architecture, securing cloud transition, modern software delivery transformation, and end-user experience enhancement initiatives. Shaun has held roles in increasing responsibility at the Department of Defense, culminating in the role of Chief Information Security Officer for the Department of Homeland Security, U.S. Customs and Border Protection. Shaun is a fellow with the American Council for Technology, and an adjunct professor at Carnegie Mellon University. He holds an MBA from George Washington University and is a graduate of the University of Maryland. He is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a graduate of the Department of Defense Executive Leadership Development Program.
Arvin Bansal
CISO
Fortune 500 Company
Damon Becknel
CISO
ID.me

11:30 AM-11:55 AM
Keynote
The Promising Future of Artificial Intelligence (AI): Opportunities and Challenges Ahead

The potential of Artificial Intelligence (AI) is vast, as it is now being utilized across all industries. With the combination of machine learning, AI has made significant improvements in the field of cybersecurity. Automated security systems, natural language processing, face detection, and automatic threat detection are some examples of how AI is revolutionizing cybersecurity. However, AI is also being used to create intelligent malware and attacks, which can bypass the most up-to-date security protocols, making it a double-edged sword. On the positive side, AI-enabled threat detection systems have the ability to predict new attacks and immediately notify administrators in case of a data breach.

Devon Bryan
Global CIO
Carnival Corporation
DEVON BRYAN was appointed as the Global Chief Information Officer (CIO) for Carnival Corporation effective December 14, 2022. He joined Carnival Corporation in October 2021 as the Global Chief Information Security Officer with responsibilities for conceiving, implementing and leading technology solutions that assure compliance, protect personal data and corporate assets, increase organizational capability and advance productivity within Carnival Corporation and our world-leading cruise line brands. Prior to Carnival Corporation, Devon was Managing Director, Chief Information Security Officer, MUFG Union Bank N.A where he was responsible for establishing and maintaining a comprehensive information security strategy and program to ensure that information assets and technologies were appropriately protected. He was also responsible for ensuring that information security risks were identified, evaluated, mitigated, and reported in a manner that meets compliance and regulatory requirements and aligns with the risk tolerance for MUFG in the Americas region. Most recently, he served as the CISO for KPMG LLC where he was charged with effectively designing and executing a best-in-class information and data security function with a proactive approach to enable business results. Prior to KPMG, Devon was the Executive Vice President and Chief Information Security Officer for the National IT Organization of the US Federal Reserve System. As the System-level CISO, he was responsible for ensuring the Fed’s information security policies, architecture, programs and incident response team remain effective and efficient. Prior to the Fed, Devon was the Global Chief Information Security Officer (CISO for Fortune 500 outsourced payroll and human resources provider ADP. As Global CISO for ADP, Devon led ADP’s information security strategy, collaborating across the company’s geographically dispersed business operations to ensure coordination, consensus, and effective cybersecurity protections across global operations. Prior to joining ADP in 2011, he served as the Deputy Chief Information Security Officer (CISO) for the Internal Revenue Service (IRS) where he was appointed to the Senior Executive Services (SES) and directed the IRS’s FISMA-compliant information security program and the IRS’s cybersecurity incident response team. His information security career began in the U.S. Air Force, where he served as a Captain and Lead Network Security Engineer working on systems and programs to protect the critical network and communications networks of the Air Force’s Air Combat Command. Devon is a co-founder of Cyversity, a 501c3 non-profit which he helped launch in 2014 and geared toward improving the underrepresentation of women and minorities in the field of cybersecurity through academic scholarships, certifications, mentoring and networking opportunities. Devon received a Bachelor of Science, Applied Mathematics from South Dakota Technological University and a Master of Science, Computer Science from Colorado Technological University, graduating Summa Cum Laude. He holds multiple industry recoginized certifications serves on several non-profit boards and participates in select industry forums as a sought-after speaker and writer on emerging technology trends and issues.

12:00 PM-1:00 PM
Networking Lunch

1:00 PM-1:45 PM
Panel
Cloud Vulnerabilities

Cloud computing services have become a cornerstone of modern business operations, providing organizations with the agility and scalability needed to thrive in the digital age. However, in 2023, the threat of cloud vulnerabilities will continue to grow as more companies adopt cloud services. Cybercriminals are constantly finding new ways to exploit vulnerabilities in cloud infrastructure, which can result in data breaches, unauthorized access, and financial losses. To mitigate the risks of cloud-related security incidents, businesses must prioritize implementing robust security measures such as multi-factor authentication, encryption, and regular penetration testing. Additionally, businesses must develop comprehensive incident response plans that take into account the unique challenges of cloud-based attacks. By taking these steps, businesses can protect themselves and their customers from the growing threat of cloud vulnerabilities in the digital age.

Amresh Mathur
SVP IT
Citizens Financial Group

1:50 PM-2:25 PM
Fireside Chat
Ransomware

Ransomware attacks are becoming increasingly prevalent and sophisticated, affecting businesses and individuals in all sectors. In 2023, these attacks are expected to continue to grow, resulting in significant financial losses, data theft, and reputational damage. Businesses should implement comprehensive security measures, including regular backups, employee training, and endpoint security, to minimize the risk of a ransomware attack. Additionally, it's important to have a response plan in place to minimize the impact of an attack if it does occur.


2:25 PM-2:45 PM
Networking Break

2:45 PM-3:30 PM
Panel
Data Management and Analytics

Data management and analytics are critical areas for CIOs to focus on as organizations continue to generate large volumes of data. CIOs must implement effective data management strategies to ensure that data is accurate, secure, and easily accessible. This involves developing processes for collecting, storing, and analyzing data, as well as ensuring compliance with data privacy regulations. Additionally, CIOs must leverage analytics to gain insights from this data and inform decision-making. By using advanced analytics tools and techniques, CIOs can identify trends, patterns, and opportunities that can drive business growth and enhance the customer experience. Overall, effective data management and analytics are essential for CIOs to help their organizations make data-driven decisions and stay ahead of the competition.


3:35 PM-3:50 PM
Disruptor
Insider Threats

Despite advancements in technology, human error remains one of the most significant causes of data breaches. Whether it's due to a bad day or intentional misconduct, a single vulnerability can lead to the theft of millions of pieces of sensitive information and even jeopardize an entire organization. According to a report by Verizon on data breaches, approximately 34 percent of all attacks can be directly or indirectly attributed to employees. Therefore, it is crucial to create a culture of awareness within the organization to safeguard data in every way possible. This involves educating employees on data security best practices and implementing stringent measures to prevent insider threats. By taking a proactive approach to data protection, organizations can mitigate risks and safeguard their reputation while maintaining the trust of their stakeholders.

Peter Rosario
CISO
USI Insurance

In partnership with

3:50 PM-4:10 PM
Networking Break

4:10 PM-4:30 PM
Disruptor
Enhancing Security in Digital Transformation

In the realm of digital transformation, CIOs hold a pivotal and security-centric role, closely collaborating with the Chief Information Security Officer (CISO) to drive their organization's digital evolution securely. Accelerated by the COVID-19 pandemic, the adoption of digital technologies necessitates CIOs' unwavering focus on security to maintain competitiveness and meet the evolving needs of customers and employees while mitigating risks. By deeply understanding the organization's goals, processes, and IT infrastructure, and working in tandem with the CISO, CIOs establish a comprehensive security framework, emphasizing a security-first mindset, robust data protection, network security, cloud security, incident response, business continuity, risk-based approaches, and staying updated with security trends. Through this collaboration, CIOs position their company for long-term success in a digitally transformed world, ensuring a secure and resilient digital future.


4:35 PM-5:20 PM
Panel
The Growing Importance of Cybersecurity for CIOs in 2023

In 2023, the threat of cyber attacks continues to grow, making cybersecurity a top priority for CIOs who must take proactive measures to ensure that their organization's information systems and data are secure from potential threats and vulnerabilities. To achieve this, CIOs should implement robust cybersecurity measures such as firewalls, intrusion detection systems, and encryption technologies to protect against unauthorized access and data breaches. They should also implement access controls to ensure that only authorized personnel have access to sensitive data and systems. Furthermore, CIOs should prioritize cybersecurity awareness and training for employees, regularly conduct security audits and vulnerability assessments, and comply with relevant regulations and standards to maintain the highest level of cybersecurity.

By taking these steps, CIOs can help protect their organization's sensitive data, intellectual property, and reputation from the growing threat of cyber attacks.

Sajed Naseem
CISO
New Jersey Judiciary

5:20 PM-5:30 PM
Closing Remarks & Raffle Giveaway

5:30 PM-6:30 PM
Cocktail Reception