The Future of Cybersecurity
CISO Think Tank
February 23, 2022 - New York, NY
Speakers
Anthony Gonzalez
Former VP & CISO
QBE North America
Think Tank Speaker
Visionary, results and solutions-driven professional with 20+ years of experience in progressively responsible Cyber Security and IT leadership roles in the financial services, insurance, pharmaceutical, biotechnology, consumer goods,and chemical manufacturing industries. Adept in building and leading global Cyber Security, IT technical and support functions. Creative, resourceful problem solver with a track record of success in delivering cost-effective and value-added services to his customers. Additional experience in industrial engineering and process improvement.
Specialties: Areas of expertise include:
Cyber Security, Network Security,Application Security, Infrastructure Management and Security Incident Management, Disaster Recovery, Forensic Investigations, Operations Management, Financial Management, Project/Portfolio Management, Policy/Procedure Development, Budget Preparation, Strategic Planning, Process Design/Implementation, Risk Mitigation, Enterprise Architecture, IT Governance, Manufacturing/Laboratory Automation, Organizational Design, Vendor Audits, System, Start-Up Operations, Sarbanes-Oxley (SOX), Talent Development/Mentoring, International Team Management, and Regulatory Compliance
Jordan Tannenbaum MD
CIO/CMIO
Saint Peter's Healthcare System
Think Tank Speaker
Jordan Tannenbaum, MD, MBA, MPH, PgC Healthcare Informatics is Vice President/Chief Information Officer and Chief Medical Officer and a CHIME Certified Healthcare Chief Information Officer (CHCIO). Saint Peter’s Healthcare System, sponsored by the Roman Catholic Diocese of Metuchen, is the parent company of Saint Peter’s University Hospital, a 478-bed acute-care teaching hospital and acute care children’s hospital; Saint Peter’s Physician Associates, a network of primary and specialty care physicians; Saint Peter’s Foundation, the fundraising arm of the healthcare system; and Saint Peter’s Health & Management Services Corporation, which focuses on the wide group of the system’s non-hospital related healthcare services, including the CARES Surgicenter. Saint Peter’s University Hospital, received its sixth consecutive designation as a Magnet® hospital for nursing excellence by the American Nurses Credentialing Center in 2020, is a state-designated children’s hospital and a regional perinatal center, and is a regional specialist in diabetes, gastroenterology, head and neck surgery, oncology, orthopedics, and women’s services. The Children’s Hospital at Saint Peter’s University Hospital provides families with access to a full range of pediatric specialties, including a nationally recognized Level III Neonatal Intensive Care Unit, pediatric surgery and orthopedic surgery featuring innovative anterior scoliosis correction.
Todd Gordon
CISO
EisnerAmper
Think Tank Speaker
EisnerAmper clients are based in the U.S., or comprised of U.S. business interests of foreign entities. To serve domestically-based clients with interests in financial services opportunities overseas, Eisner Amper offers the resources of offices in the UK, Israel, India and EisnerAmper Global, with offices in the Cayman Islands, Singapore, and Ireland; as well as the services of Allinial Global.
Todd, leads the information security team and is an experienced, detail-oriented, and innovative professional with proven performance in information security, enterprise-level systems administration, and project management.
Ariel Weintraub
CISO
MassMutual
Think Tank Speaker
Ariel Weintraub is the Head of Enterprise Cyber Security at MassMutual. Ariel joined MassMutual in the fall of 2019 as the Head of Security Operations & Engineering, responsible for the Global Security Operations Center, Security Engineering, Security Intelligence and Identity & Access Management (IAM). Prior to joining MassMutual, Ariel served as Senior Director of Data & Access Security within Cybersecurity Operations at TIAA where she led a three-year business transformation program to position IAM as a digital business enabler. Before working at TIAA, Ariel was Global Head of Vulnerability Management at BNY Mellon and was part of the Threat & Vulnerability Management practice at PricewaterhouseCoopers (PwC).
Ariel holds a Master of Science in Cybersecurity from New York University (NYU) Tandon School of Engineering and a Bachelor of Science in Business Administration from the University of Southern California (USC) Marshall School of Business. Ariel has a passion for empowering women, especially the next generation of female cybersecurity leaders, and for tackling the cybersecurity workforce shortage. To help address these important issues, she serves on the Board for the Executive Women’s Forum (EWF) and the ISACA One in Tech Foundation, which is focused on building a digital world that is safe, secure and accessible for all. Most recently, Ariel also joined the FS-ISAC Board of Directors on which she is furthering her other passion for maximizing the value of threat intelligence sharing across the financial services sector.
Cindy Cullen
Global Director of Information Security
NDegrees
Think Tank Speaker
A cyber security professional well versed in Product/Application Security, Cloud Security, Enterprise Security Architecture (ESA), Risk Management, Identity & Access Management, Software Design, Data Security, Mobile Security, Project Management, Compliance and Large Scale Integration.
A known international speaker and leader in the cyber security space with an extensive background in managing local cyber security associations and mentoring talent. Solid reputation for innovation, versatility excellent leadership and communications skills with a proven ability to analyze, prioritize, and implement complex and highly impactful programs.
Johnny Wong
Senior Director, Solutions Architecture
Veracode
Think Tank Speaker
Johnny Wong is the Sr. Director of Solutions Architecture Veracode. He oversees the East technical sales team for Strategic, Enterprise, and Channel regions. Johnny has been in security his entire career. The first part of his career, he was focused on identity and access management. Johnny started his career as a software developer and after nearly five years of creating insecure code, he was offered an opportunity to not be a software developer and to join the world of pre-sales.
Johnny received a BS in computer Engineering from Tufts University. He and his family reside in Boston and he has no plans to ever leave because of the Boston Celtics! He loves to travel specifically to find and eat at the best restaurants across the world. At this point, the only animal he hasn’t eaten are the endangered or extinct ones.
Ivan Durbak
CIO
Bronx Lebanon Hospital Center
Think Tank Speaker
Ivan Durbak is CIO at Bronx-Lebanon Hospital Center. In this role he leads an IT organization that supports the Bronx-Lebanon Hospital Center community, including two major hospitals, two nursing homes, a large emergency room and a large clinic ambulatory environment that sees nearly one million patients a year
Adam Healy
CSO
BlockFi
Think Tank Speaker
Adam Healy has 20 years of technology and security experience having held senior roles at Intercontinental Exchange’s Bakkt subsidiary, Palantir Technologies, Microsoft, and the U.S. Intelligence Community. He’s been responsible for leading the implementation of numerous strategic cybersecurity, physical security, and technology initiatives within the U.S. government, as well as enabling enterprise data efforts at several Fortune 100 companies. Currently, Adam serves as BlockFi’s chief security officer overseeing a cross-functional team of over 100 employees and contractors responsible for an array of functions including cybersecurity, fraud, physical security, corporate information technology services, cloud engineering and SRE, and data science and machine learning.
Skills:
Cybersecurity | Information Security | Project Management | Leadership | Penetration Testing | Network Security | IT Operations | Vendor Management | Consulting | Enterprise Architecture | National Security | Bitcoin | Blockchain | ISO 27001 | NIST CSF | FIPS | Threat Modeling | Team Building | SDLC | Incident Response | Security Operations | ITIL | CISSP-ISSAP | PMP | PCI DSS | HIPAA | SOC 1 | SOC 2 | P&L | Insider Threat | Custody | Digital Assets | Multiple-Party Computation | MPC | Cryptocurrencies | Cryptographic Systems | FedRAMP | Physical Security | Insider Threat | CCSS | Digital Assets
Chris Strand
Chief Risk and Compliance Officer
Cybersixgill
Michael Gross
Manager, Cybersecurity Intelligence
Cleveland Clinic
Think Tank Speaker
With over 30 years of experience in the IT industry, including more than two decades specializing in cybersecurity, I am a seasoned professional known for visionary leadership and comprehensive expertise in safeguarding organizations from evolving cyber threats.
Key Highlights:
* Cybersecurity Visionary: Throughout my career, I have consistently developed and executed robust
cybersecurity strategies that align seamlessly with organizational objectives. I excel at protecting
critical assets, data, and systems while proactively identifying and mitigating risks. My specialties
encompass advanced threat analysis, cyber risk management, incident response, security
architecture design, and regulatory compliance. As a cybersecurity visionary, I have pioneered
solutions that fortify organizations against emerging threats.
* Agility and Problem-Solving: My career has been marked by my ability to tackle complex challenges
with agility and innovation. I leverage my expertise in cybersecurity methodologies, industry best
practices, and compliance standards to provide effective solutions.
* Mentorship and Leadership: I take pride in guiding and mentoring cybersecurity teams to excel in
vulnerability assessment, threat detection, incident response, and recovery. I am deeply committed to
fostering a culture of continuous learning and professional growth.
* Communication and Work Ethic: My strong work ethic, exceptional interpersonal skills, and adept
relationship-building capabilities are complemented by my proficiency in multitasking and effective
communication. I thrive on embracing challenging tasks and delivering results.
I am passionate about the ever-evolving field of cybersecurity and committed to contributing my expertise to secure and protect businesses in the digital age. Let's connect and explore opportunities to collaborate or share insights in this dynamic industry.
Tim Swope
CISO
Catholic Health System
Think Tank Speaker
Mr. Swope brings over 20 years of experience in IT Project Management, BI Solutions Development, IT Security, IT Controls (CoBIT, SOX 404/MAR, etc) IT Risk Management, and HealthCare Compliance, to both the public and private sectors. His focus is on identifying gaps relating to key IT security processes and the implementation of IS Security and Risk Management programs to Health Care, Pharmaceutical and various commercial clients.
Has a proven track record of delivering the following:
• Interpreting and applying 21 CFR Part 11, GLP, GMP, GCP, and QSR regulations
• MDM and Data Governance
• Identity Access Management
• HIPAA Risk Assessments and GAP analysis
• Information Assurance Program Management - SCRUM, AGILE, SDLC, Six Sigma
• Implemented large security, risk and compliance initiatives of SOX-404 IT, HIPAA/HITECH, including security policies, procedures and controls.
• "Big Data", Data Management and Health Care Data Analytics
• Federal Information Security Management Act (FISMA) Compliance Reviews
• Implemented the security standards - 45 CFR Parts 160, 162, and 164 Health Insurance Reform: Security Standards; Final Rule
He has supported these Information Assurance and IS Security initiatives for organizations that include: Excellus BCBS, Medimmune/Astra Zeneca, ENDO Pharmaceuticals, Novo Nordisk, Daiichi-Sankyo Solutions, Catalent Pharma Solutions, Johnson and Johnson, District of Columbia Government office of the Chief Financial Officer, District of Columbia Water and Sewer Authority, City of Richmond, Virginia Department of Public Utilities, Virginia State Department of Health, and the Kentucky Department of Health Services, as well as the U.S. Department of Labor.
Chris Williamson
SVP Information Systems and Security
Myriad Genetics
Ganesh Pai
Founder & CEO
Uptycs
Think Tank Speaker
Ganesh Pai is the Founder & CEO of Uptycs. Ganesh is a Boston-based entrepreneur and technologist who has been awarded multiple U.S. patents.
Ganesh is a Featured Speaker at the CXO Think Tank in Boston, MA and will be discussing “Security Controls: Measuring Efficacy for Business Growth” in partnership with
Martin Howard
EVP/IT & IS
Avesis
Think Tank Speaker
Martin is the EVP & CIO of Avesis. In 1978, Avēsis began as a regional ancillary benefits administrator. Today, Avesis
is a national enterprise with 14 regional offices.
Today, Avesis is a benefits provider for more than one million commercial members
and more than eight million government members across the country.
An insightful IT executive, Martin collaborates with his team to assess their technology
capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a
history of implementing complex enterprise systems – enterprise risk planning, electronic
medical records, and customer relationship management – on time and under budget. He
demonstrates a calm, cool and collected leadership style when considering security matters and
handling compliance and data breach concerns. Whether working with a start-up or at a
company with international operations, Martin embraces innovation and promotes utilizing IT to
drive business transformation.
Amit Basu
CIO & CISO
International Seaways
Lena Smart
CISO
MongoDB
Think Tank Speaker
MongoDB is one of the most popular NoSQL databases in the world. It is an open-source platform that provides the querying and indexing capabilities of a NoSQL database. Lena joined MongoDB with more than 20 years of cyber security experience. Before joining MongoDB, she was the Global Chief Information Security Officer for the international fintech company, Tradeweb, where she was responsible for all aspects of cybersecurity. She also served as CIO and Chief Security Officer for the New York Power Authority, the largest state power organization in the country, where she was responsible for physical and cyber security. She also has previously served as a Sector Chief with FBI InfraGard. Lena is a founding partner of Cybersecurity at MIT Sloan, formerly the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity, which allows security leaders in academia and the private sector to collaborate on tackling the most challenging security issues.
David Cass
CISO
Law and Forensics
Think Tank Speaker
David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking.
He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies.
He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks.
Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer.
David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney.
In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.
Johnny Wong
Senior Director, Solutions Architecture
Veracode
Think Tank Speaker
Johnny Wong is the Sr. Director of Solutions Architecture Veracode. He oversees the East technical sales team for Strategic, Enterprise, and Channel regions. Johnny has been in security his entire career. The first part of his career, he was focused on identity and access management. Johnny started his career as a software developer and after nearly five years of creating insecure code, he was offered an opportunity to not be a software developer and to join the world of pre-sales.
Johnny received a BS in computer Engineering from Tufts University. He and his family reside in Boston and he has no plans to ever leave because of the Boston Celtics! He loves to travel specifically to find and eat at the best restaurants across the world. At this point, the only animal he hasn’t eaten are the endangered or extinct ones.
John Whiting
Global CSO
DDB Worldwide (An Omnicom Co.)
Anthony Gonzalez
CISO NA
QBE North America
Think Tank Speaker
Visionary, results and solutions-driven professional with 20+ years of experience in progressively responsible Cyber Security and IT leadership roles in the financial services, insurance, pharmaceutical, biotechnology, consumer goods,and chemical manufacturing industries. Adept in building and leading global Cyber Security, IT technical and support functions. Creative, resourceful problem solver with a track record of success in delivering cost-effective and value-added services to his customers. Additional experience in industrial engineering and process improvement.
Specialties: Areas of expertise include:
Cyber Security, Network Security,Application Security, Infrastructure Management and Security Incident Management, Disaster Recovery, Forensic Investigations, Operations Management, Financial Management, Project/Portfolio Management, Policy/Procedure Development, Budget Preparation, Strategic Planning, Process Design/Implementation, Risk Mitigation, Enterprise Architecture, IT Governance, Manufacturing/Laboratory Automation, Organizational Design, Vendor Audits, System, Start-Up Operations, Sarbanes-Oxley (SOX), Talent Development/Mentoring, International Team Management, and Regulatory Compliance
David Cass
CISO
GSR
Think Tank Speaker
David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking.
He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies.
He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks.
Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer.
David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney.
In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.
Martin Howard
EVP/CIO
Avesis
Think Tank Speaker
Martin is the EVP & CIO of Avesis. In 1978, Avēsis began as a regional ancillary benefits administrator. Today, Avesis
is a national enterprise with 14 regional offices.
Today, Avesis is a benefits provider for more than one million commercial members
and more than eight million government members across the country.
An insightful IT executive, Martin collaborates with his team to assess their technology
capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a
history of implementing complex enterprise systems – enterprise risk planning, electronic
medical records, and customer relationship management – on time and under budget. He
demonstrates a calm, cool and collected leadership style when considering security matters and
handling compliance and data breach concerns. Whether working with a start-up or at a
company with international operations, Martin embraces innovation and promotes utilizing IT to
drive business transformation.
February 23, 2022
Attend this event
Not available on February 23, 2022?
View other dates for the Think Tank
View other dates for the Think Tank
12:00 PM-12:30 PM
Welcome & Registration
12:30 PM-1:25 PM
Keynote Panel
Keynote Panel: Security Controls: Measuring Efficacy for the Business Growth
The industry is spending record amounts on cybersecurity tooling, but somehow CISOs still are at times left scrambling to respond to the vulnerabilities like Log4j. Assuming that these types of critical and far-reaching events are inevitable, how can CISOs further improve their organization’s preparedness for future cyberattacks?
This panel will discuss potential strategies for determining the critical security controls - both technology and behavioral - that can minimize cyber-risks and give the organization the competitive advantage to grow and innovate. We will explore frameworks for measuring the efficacy of cybersecurity investments, and KPIs that show the board the investment is safeguarding the company's digital infrastructure for the long term.
Chris Williamson
SVP Information Systems and Security
Myriad Genetics
Ganesh Pai
Founder & CEO
Uptycs
Ganesh Pai is the Founder & CEO of Uptycs. Ganesh is a Boston-based entrepreneur and technologist who has been awarded multiple U.S. patents.
Ganesh is a Featured Speaker at the CXO Think Tank in Boston, MA and will be discussing “Security Controls: Measuring Efficacy for Business Growth” in partnership with
John Whiting
Global CSO
DDB Worldwide (An Omnicom Co.)
Anthony Gonzalez
CISO NA
QBE North America
Visionary, results and solutions-driven professional with 20+ years of experience in progressively responsible Cyber Security and IT leadership roles in the financial services, insurance, pharmaceutical, biotechnology, consumer goods,and chemical manufacturing industries. Adept in building and leading global Cyber Security, IT technical and support functions. Creative, resourceful problem solver with a track record of success in delivering cost-effective and value-added services to his customers. Additional experience in industrial engineering and process improvement.
Specialties: Areas of expertise include:
Cyber Security, Network Security,Application Security, Infrastructure Management and Security Incident Management, Disaster Recovery, Forensic Investigations, Operations Management, Financial Management, Project/Portfolio Management, Policy/Procedure Development, Budget Preparation, Strategic Planning, Process Design/Implementation, Risk Mitigation, Enterprise Architecture, IT Governance, Manufacturing/Laboratory Automation, Organizational Design, Vendor Audits, System, Start-Up Operations, Sarbanes-Oxley (SOX), Talent Development/Mentoring, International Team Management, and Regulatory Compliance
1:30 PM-2:15 PM
Fireside Chat: Technology Supply Chain
Many large enterprises in today’s fiercely competitive climate look toward optimizing its supply chain to increase business scale and agility. By harnessing a combination of technologies like artificial intelligence, machine learning, and predictive analytics, companies can automate and create new customer experiences that increase satisfaction and boost sales. Gaps remain in supply chain cyber security even as digitalization accelerates. By doing so, companies are left vulnerable to the growing risk of a cyber-attack. There are no shortage of stories illustrating the dangers of lax cyber security, with the biggest attacks able to utterly paralyze an operation and cause millions in losses. Despite this obvious danger, efforts to improve cyber security are progressing slowly. Future risks to the supply chain will involve software, cloud-based infrastructures, and hyper-converged products, rather than simply hardware. Even after many years of experience, capable CISOs find they may not be equipped to overcome the cybersecurity concerns that arise from building control contractors.
Chair
Chris Strand
Chief Risk and Compliance Officer
Cybersixgill
Panelists
Ariel Weintraub
CISO
MassMutual
Ariel Weintraub is the Head of Enterprise Cyber Security at MassMutual. Ariel joined MassMutual in the fall of 2019 as the Head of Security Operations & Engineering, responsible for the Global Security Operations Center, Security Engineering, Security Intelligence and Identity & Access Management (IAM). Prior to joining MassMutual, Ariel served as Senior Director of Data & Access Security within Cybersecurity Operations at TIAA where she led a three-year business transformation program to position IAM as a digital business enabler. Before working at TIAA, Ariel was Global Head of Vulnerability Management at BNY Mellon and was part of the Threat & Vulnerability Management practice at PricewaterhouseCoopers (PwC).
Ariel holds a Master of Science in Cybersecurity from New York University (NYU) Tandon School of Engineering and a Bachelor of Science in Business Administration from the University of Southern California (USC) Marshall School of Business. Ariel has a passion for empowering women, especially the next generation of female cybersecurity leaders, and for tackling the cybersecurity workforce shortage. To help address these important issues, she serves on the Board for the Executive Women’s Forum (EWF) and the ISACA One in Tech Foundation, which is focused on building a digital world that is safe, secure and accessible for all. Most recently, Ariel also joined the FS-ISAC Board of Directors on which she is furthering her other passion for maximizing the value of threat intelligence sharing across the financial services sector.
Adam Healy
CSO
BlockFi
Adam Healy has 20 years of technology and security experience having held senior roles at Intercontinental Exchange’s Bakkt subsidiary, Palantir Technologies, Microsoft, and the U.S. Intelligence Community. He’s been responsible for leading the implementation of numerous strategic cybersecurity, physical security, and technology initiatives within the U.S. government, as well as enabling enterprise data efforts at several Fortune 100 companies. Currently, Adam serves as BlockFi’s chief security officer overseeing a cross-functional team of over 100 employees and contractors responsible for an array of functions including cybersecurity, fraud, physical security, corporate information technology services, cloud engineering and SRE, and data science and machine learning.
Skills:
Cybersecurity | Information Security | Project Management | Leadership | Penetration Testing | Network Security | IT Operations | Vendor Management | Consulting | Enterprise Architecture | National Security | Bitcoin | Blockchain | ISO 27001 | NIST CSF | FIPS | Threat Modeling | Team Building | SDLC | Incident Response | Security Operations | ITIL | CISSP-ISSAP | PMP | PCI DSS | HIPAA | SOC 1 | SOC 2 | P&L | Insider Threat | Custody | Digital Assets | Multiple-Party Computation | MPC | Cryptocurrencies | Cryptographic Systems | FedRAMP | Physical Security | Insider Threat | CCSS | Digital Assets
2:15 PM-2:30 PM
Networking Break
2:30 PM-3:25 PM
Keynote Panel: Being Effective…. Securely
In the post pandemic era, remote employment is the new status quo. Employers are forced to implement and improve the digital workplace by providing productivity tools and accessibility to company resources. In this session, we will share case studies of successful digital workplace implementations, including how to deal with the inherent security risks of expanded accessibility to company resources. In this session you will learn from real working examples the keys to implementing a successful digital workplace including how to evaluate the potential ROI from the different security strategies available.
Panelists
Ivan Durbak
CIO
Bronx Lebanon Hospital Center
Ivan Durbak is CIO at Bronx-Lebanon Hospital Center. In this role he leads an IT organization that supports the Bronx-Lebanon Hospital Center community, including two major hospitals, two nursing homes, a large emergency room and a large clinic ambulatory environment that sees nearly one million patients a year
Martin Howard
EVP/IT & IS
Avesis
Martin is the EVP & CIO of Avesis. In 1978, Avēsis began as a regional ancillary benefits administrator. Today, Avesis
is a national enterprise with 14 regional offices.
Today, Avesis is a benefits provider for more than one million commercial members
and more than eight million government members across the country.
An insightful IT executive, Martin collaborates with his team to assess their technology
capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a
history of implementing complex enterprise systems – enterprise risk planning, electronic
medical records, and customer relationship management – on time and under budget. He
demonstrates a calm, cool and collected leadership style when considering security matters and
handling compliance and data breach concerns. Whether working with a start-up or at a
company with international operations, Martin embraces innovation and promotes utilizing IT to
drive business transformation.
Cindy Cullen
Global Director of Information Security
NDegrees
A cyber security professional well versed in Product/Application Security, Cloud Security, Enterprise Security Architecture (ESA), Risk Management, Identity & Access Management, Software Design, Data Security, Mobile Security, Project Management, Compliance and Large Scale Integration.
A known international speaker and leader in the cyber security space with an extensive background in managing local cyber security associations and mentoring talent. Solid reputation for innovation, versatility excellent leadership and communications skills with a proven ability to analyze, prioritize, and implement complex and highly impactful programs.
Lena Smart
CISO
MongoDB
MongoDB is one of the most popular NoSQL databases in the world. It is an open-source platform that provides the querying and indexing capabilities of a NoSQL database. Lena joined MongoDB with more than 20 years of cyber security experience. Before joining MongoDB, she was the Global Chief Information Security Officer for the international fintech company, Tradeweb, where she was responsible for all aspects of cybersecurity. She also served as CIO and Chief Security Officer for the New York Power Authority, the largest state power organization in the country, where she was responsible for physical and cyber security. She also has previously served as a Sector Chief with FBI InfraGard. Lena is a founding partner of Cybersecurity at MIT Sloan, formerly the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity, which allows security leaders in academia and the private sector to collaborate on tackling the most challenging security issues.
In partnership with
3:25 PM-3:40 PM
Networking Break
3:40 PM-4:05 PM
Disruptor: Guarding the Doors: Navigating Risk From Third-Party Code
Open source libraries are widely leveraged by developers. In fact, 97 percent of the typical Java application is made up of open source libraries. But nearly 80 percent of developers never update third-party libraries after including them in codebase.
What does this mean for your applications? There is a good chance that your third-party libraries have undetected vulnerabilities. Scary, right?
The good news is that when alerted to vulnerabilities in open source libraries, developers tend to act quickly. This is especially true when developers understand how the vulnerability could impact their application.
Join us as we review our annual study on open source libraries, State of Software Security (SOSS) v12: Open Source Edition. We will explore the most popular open source libraries, how libraries are evaluated and selected, and how to eliminate risk by fixing vulnerabilities.
In partnership with
4:10 PM-5:05 PM
Panel: Human Security Engineering
90%+ of all losses result from attacks targeting users, honest users. A common solution to user error is awareness, but we need to fix the system that facilitated the creation of the error, the action, and the results, which means not just stopping errors but also accidents and malice. In this session we will share a model of Human Security Engineering identifying the optimal suite of countermeasures, and work through user targeting attacks to experience implementing the model. This talk will also look at a comprehensive strategy to address the insider threat, whether it results from malicious or well-meaning insiders, while detailing HSE and providing the resources required for attendees to follow up and consider how they can implement HSE to better mitigate their own insider threats.
Panelists
Todd Gordon
CISO
EisnerAmper
EisnerAmper clients are based in the U.S., or comprised of U.S. business interests of foreign entities. To serve domestically-based clients with interests in financial services opportunities overseas, Eisner Amper offers the resources of offices in the UK, Israel, India and EisnerAmper Global, with offices in the Cayman Islands, Singapore, and Ireland; as well as the services of Allinial Global.
Todd, leads the information security team and is an experienced, detail-oriented, and innovative professional with proven performance in information security, enterprise-level systems administration, and project management.
Jordan Tannenbaum MD
CIO/CMIO
Saint Peter's Healthcare System
Jordan Tannenbaum, MD, MBA, MPH, PgC Healthcare Informatics is Vice President/Chief Information Officer and Chief Medical Officer and a CHIME Certified Healthcare Chief Information Officer (CHCIO). Saint Peter’s Healthcare System, sponsored by the Roman Catholic Diocese of Metuchen, is the parent company of Saint Peter’s University Hospital, a 478-bed acute-care teaching hospital and acute care children’s hospital; Saint Peter’s Physician Associates, a network of primary and specialty care physicians; Saint Peter’s Foundation, the fundraising arm of the healthcare system; and Saint Peter’s Health & Management Services Corporation, which focuses on the wide group of the system’s non-hospital related healthcare services, including the CARES Surgicenter. Saint Peter’s University Hospital, received its sixth consecutive designation as a Magnet® hospital for nursing excellence by the American Nurses Credentialing Center in 2020, is a state-designated children’s hospital and a regional perinatal center, and is a regional specialist in diabetes, gastroenterology, head and neck surgery, oncology, orthopedics, and women’s services. The Children’s Hospital at Saint Peter’s University Hospital provides families with access to a full range of pediatric specialties, including a nationally recognized Level III Neonatal Intensive Care Unit, pediatric surgery and orthopedic surgery featuring innovative anterior scoliosis correction.
Tim Swope
CISO
Catholic Health System
Mr. Swope brings over 20 years of experience in IT Project Management, BI Solutions Development, IT Security, IT Controls (CoBIT, SOX 404/MAR, etc) IT Risk Management, and HealthCare Compliance, to both the public and private sectors. His focus is on identifying gaps relating to key IT security processes and the implementation of IS Security and Risk Management programs to Health Care, Pharmaceutical and various commercial clients.
Has a proven track record of delivering the following:
• Interpreting and applying 21 CFR Part 11, GLP, GMP, GCP, and QSR regulations
• MDM and Data Governance
• Identity Access Management
• HIPAA Risk Assessments and GAP analysis
• Information Assurance Program Management - SCRUM, AGILE, SDLC, Six Sigma
• Implemented large security, risk and compliance initiatives of SOX-404 IT, HIPAA/HITECH, including security policies, procedures and controls.
• "Big Data", Data Management and Health Care Data Analytics
• Federal Information Security Management Act (FISMA) Compliance Reviews
• Implemented the security standards - 45 CFR Parts 160, 162, and 164 Health Insurance Reform: Security Standards; Final Rule
He has supported these Information Assurance and IS Security initiatives for organizations that include: Excellus BCBS, Medimmune/Astra Zeneca, ENDO Pharmaceuticals, Novo Nordisk, Daiichi-Sankyo Solutions, Catalent Pharma Solutions, Johnson and Johnson, District of Columbia Government office of the Chief Financial Officer, District of Columbia Water and Sewer Authority, City of Richmond, Virginia Department of Public Utilities, Virginia State Department of Health, and the Kentucky Department of Health Services, as well as the U.S. Department of Labor.
Michael Gross
Manager, Cybersecurity Intelligence
Cleveland Clinic
With over 30 years of experience in the IT industry, including more than two decades specializing in cybersecurity, I am a seasoned professional known for visionary leadership and comprehensive expertise in safeguarding organizations from evolving cyber threats.
Key Highlights:
* Cybersecurity Visionary: Throughout my career, I have consistently developed and executed robust
cybersecurity strategies that align seamlessly with organizational objectives. I excel at protecting
critical assets, data, and systems while proactively identifying and mitigating risks. My specialties
encompass advanced threat analysis, cyber risk management, incident response, security
architecture design, and regulatory compliance. As a cybersecurity visionary, I have pioneered
solutions that fortify organizations against emerging threats.
* Agility and Problem-Solving: My career has been marked by my ability to tackle complex challenges
with agility and innovation. I leverage my expertise in cybersecurity methodologies, industry best
practices, and compliance standards to provide effective solutions.
* Mentorship and Leadership: I take pride in guiding and mentoring cybersecurity teams to excel in
vulnerability assessment, threat detection, incident response, and recovery. I am deeply committed to
fostering a culture of continuous learning and professional growth.
* Communication and Work Ethic: My strong work ethic, exceptional interpersonal skills, and adept
relationship-building capabilities are complemented by my proficiency in multitasking and effective
communication. I thrive on embracing challenging tasks and delivering results.
I am passionate about the ever-evolving field of cybersecurity and committed to contributing my expertise to secure and protect businesses in the digital age. Let's connect and explore opportunities to collaborate or share insights in this dynamic industry.
Amit Basu
CIO & CISO
International Seaways
5:05 PM-5:15 PM
Raffle & Closing Remarks
5:15 PM-6:30 PM
Cocktail Hour
C-Vision laid out an articulate plan for us to be much more targeted, presented a stronger ROI and on top have come through with the Results they Promised. They really have become an adjunct "team for hire" building trust with us all along the way. There is no second guessing on this relationship and consistently over-deliver. My kind of Partner.
Mark Musselman
CRO
LogicHub
CRO
LogicHub
I had the pleasure of joining the C-Vision International, Nordics CISO Council Roundtable with a wonderful group of cyber executives. We had a wonderful, insightful conversation and the whole experience was enjoyable. I made great new contacts and reconnected with existing contacts on really important topics that matter to CISO’s and all in cybersecurity. I’d highly recommend joining in any C-Vision event.
Connie McIntosh
Head of Security Assurance & Head of Solution Security
Ericsson
Head of Security Assurance & Head of Solution Security
Ericsson
C-Vision has helped my company a great deal. They have trusted deep relationships that make the sales process a lot easier. Everyone wants to get in front of C-level execs today. C-Vision cuts through the noise to help build long lasting business relationships!
Rob Dorney
Senior Director of Sales - North America
Cybersixgill
Senior Director of Sales - North America
Cybersixgill
C-Vision was really professional, responsive, listened and are very thoughtful in their approach. They are very high touch and truly care about the customer and end result. Our speakers were impressed with the format, and who they brought to the table. I can't recommend them enough and with so many out there, it is hard to find the right fit!
Marla Jaeger
CMP | Marketing Programs Manager Demand Generation & Marketing Operations
Palo Alto Networks
CMP | Marketing Programs Manager Demand Generation & Marketing Operations
Palo Alto Networks
Intimate, immersive experiences provided by a group of individuals always available to support our needs. Fantastic organization and very high-level executives. The promise was delivered!
Maarten Ectors
Chief Innovation Officer
Legal & G
Chief Innovation Officer
Legal & G
C-vision's events combine relevant topics with a suitable audience. I found great value at my last attendance, and would definitely consider upcoming events.
Bjørn R. Watne
SVP & CISO
Storebrand
SVP & CISO
Storebrand
Thoughtful discussion among experienced leaders regarding current challenges and complexities, and valuable exchange of pragmatic approaches and best practices. Well organized and facilitated.
Dorothy Yu
Principal
DY Partners, Ltd.
Principal
DY Partners, Ltd.
A group very focused in bringing diversity to the discussion table
Larry Whiteside Jr.
CISO
RegScale
CISO
RegScale
I love the engaging format of the councils. Very high level discussions and never a sales pitch. The C-Vision staff members are amazing.
Jeffrey Vinson
SVP CISO
Harris Health System
SVP CISO
Harris Health System
A very warm welcome and interesting speakers. I was very pleased to be among such a dynamic group.
Allison Miller
CISO
Optum
CISO
Optum
The process was very well organized by C-Vision. Perfect organization, honest and authentic speakers of high level.
Paige Adams
Group CISO
Zurich Insurance Group
Group CISO
Zurich Insurance Group
