Risk Based Security Badge

 

 

Has Your Company Been Hacked – YET?

Virtually every company will be hacked, and today, experts accept that a 100% security solution is not feasible. Advanced risk assessment and mitigation is the order of the day.

Rock Stars of Risk-Based Security is the must attend symposium of its kind in 2016 on this critical new reality. What attacks can you expect? How can you be prepared? On April 12, 2016 you’ll learn the answers to those questions straight from the people who are driving innovation in risk-based security.

 
 

What You Need to Know 

  • That you can’t expect firewalls and perimeter defense to keep your enterprise safe
  • That only a multifaceted approach involving security-aware and self-protective application design and dynamic and static application security testing can meet the needs of today’s companies
  • All hacks can’t be prevented, but runtime application self-protection combined with active context-aware and adaptive access controls constitute today’s security solution
  • That security conflict is human-to-human and grasping this enables the establishment of better human-to-machine interfaces

 

 

 

What You'll Learn

  • The keys to anticipating attacks rather than having fire drills after the fact
  • How to recognize cyber-warfare as a human-to-human conflict that can be met by an effective combination of people, processes, and products
  • Whether cyber liability insurance is worth the money
  • How to find affordable, open-source toolsets for building cyber-risk solutions
  • How to find hidden IT risks that can sink your organization if not uncovered

What You'll Experience

  • Inspiration, challenge, and warning
  • The very latest thinking from companies and organizations like U.S. Cyber Consequences Unit, IBM, Arbor Networks, National Instruments, Risk Based Security, and CERT
  • An in-depth interaction with the leading thinkers in the field – Q&A and collaboration
  • An unmatched opportunity for networking
  • An up-close view of exciting new products and solutions in the field
  • A chance for interaction over lunch and cocktails

Rock Stars of Risk-based Security will inspire you, challenge you, and warn you. You have the chance to dig deep, ask questions, collaborate, network, and problem-solve. Food is served, exhibits are exciting. It’s a must-attend event.  

 

April 12, 2016 - Washington, DC Metropolitan Area

Register now to take advantage of the Early Pricing discount.

 

 

Rock Star Audience
 

Hear What Our Audience is Saying About the Rock Star Events:

"This was a really valuable event. The speakers and venue were excellent!" - J. Burroughs

"Great way to network with other people in my field looking for answers." - B. Swift

 

 

 

 

 

Speakers


Scott Borg
Borg
Diana Kelly
Kelly
Gary Sockrider
Sockrider
Josh Greenbaum
Greenbaum
Ben Bergersen
Bergersen

Scott Borg

Director (CEO) and Chief Economist
U.S. Cyber Consequences Unit

Scott is the Director of the U.S. Cyber Consequences Unit, a non-profit research institute that advises corporations and governments on how to apply a quantitative, risk-based approach to cyber security. He is widely regarded as the leading authority on the economics of cyber security, as well as several technical topics. He began working on cyber security after doing pioneering quantitative work on the ways information can be used to create, capture, and destroy value. The concepts he developed apply equally well to cyber attackers and cyber defenders. This economic analysis has enabled Scott to predict new cyber attacks and related developments with an unequaled level of success. It has also allowed him to provide credible estimates of loses due to attacks, including those that seem too intangible to measure, such as damage to customer relationships and loss of competitively important business information. Scott appears frequently on TV and radio, has served on many advisory bodies, and has been a guest lecturer at leading universities.

Diana Kelly

Executive Security Advisor
IBM

Diana leverages her 25 years of IT security experience to provide guidance to CISOs and security professionals. She also works closely with IBM Security product management teams to help set strategic vision. She contributed to the IBM X-Force report and publishes on the SecurityIntelligence and SmarterPlanet blogs. She is a faculty member with IANS Research where she leads forums and symposiums on topics including Compliance and Risk, Mobile, Security in the Cloud, DevOps, Security Awareness and Application Security. She also served on the Advisory Board for InfoSec World 2015 and on the IBM Network Science Research Center Smart Grid Advisory Group. Diana speaks frequently at major conferences including: Pulse, Innovate, Mobile and Smart Device Security, InfoSec World, Burton Group Catalyst, RSA, BlackHat and ComDex.

Gary Sockrider

Principal Security Technologist
Arbor Networks

Gary is an industry veteran bringing over 25 years of broad technology experience ranging from network security to routing and switching, data center, mobility and collaboration. His previous roles include security SME, consultancy, customer support, IT and product management. He seeks to understand and convey the constantly evolving threat landscape, as well as the techniques and solutions that address the challenges they present. Prior to joining Arbor in 2012, he spent 12 years at Cisco Systems and held previous positions with Avaya and Cable & Wireless.

Joshua Greenbaum

Principal
Enterprise Applications Consulting

Joshua has over 30 years of experience in the industry as a computer programmer, systems analyst, author, consultant, and industry analyst. Josh regularly consults with leading public and private enterprise software, database, infrastructure, implementation, and hardware companies, and advises end users on technology infrastructure and applications selection, development, and implementation issues.

Ben Bergersen

Information Security Officer
MAX.gov

Ben Bergersen is the Information Security Officer for MAX.gov, the SaaS and PaaS federal cloud for use governmentwide at Office of Federal CIO, Executive Office of the President.
Prior to his work at MAX.gov, Ben served as the Chief Information Officer (CIO) for the Office of Inspector General in the Department of Commerce. He provided collaborative nationwide services for mission security and assurance. This included developing technology services to accelerate and enhance the capabilities of the special agents, auditors, and attorneys to perform investigations and audits in the United States Commerce Department. Ben has designed and implemented new IT performance measurements, technologies, virtualization, clustering, high availability, cyber security systems, customer relationship management (CRM) systems, workflow management services, and collaboration portals.
Ben served as Information Security Program Manager in the U.S. Antarctic Program for the U.S. Navy and the National Science Foundation. He also created the Chief Information Security Officer (CISO) executive education and graduate level certification program at Carnegie Mellon University's Heinz College, CIO Institute and holds an MBA from George Mason University.

Sam Phillips
Phillips
Ben Cody
Cody
Jake Kouns
Kouns
Arnold Bell
Bell
Dale Guise
Guise

Sam Phillips

Vice President and General Manager of Security Services and Chief Information Security Officer
Samsung

Sam Phillips is Vice President and General Manager of Security Services and Chief Information Security Officer for Samsung Business Services, responsible for building security support services for Samsung customers and building out the information security program. Sam has extensive security industry experience in driving strategic business initiatives, educational development programs, and chairing or participating in large-scale projects focused on improving and implementing security at an industry level. Prior to joining Samsung, Sam served as Chief Security Officer for Blackberry, where he developed one of the first integrated physical and logical corporate security programs as well as providing global security advisory services for Blackberry’s enterprise customers. Prior to joining BlackBerry in 2009, Sam worked at Bank of America and The Boeing Company in various leadership and consulting roles focusing on IT Risk. As Senior Vice President of Information Security at Bank of America, Sam was responsible for enterprise security architecture, identity and access management, security policy and standards, compliance and assessments, product and infrastructure security, risk management, and security innovation. Sam holds a Bachelor of Science degree in Computer Science from Montana State University and a Master of Science degree in Information Systems Management from Seattle Pacific University. He is also a Certified Information Systems Security Professional and a Certified Information Security Manager. Sam participates in several professional organizations including: the Institute of Electrical and Electronic Engineering, ASIS, and ISACA. He also has served as an advisor to the Collage of Informatics at the University of North Carolina Charlotte and on the Georgia Institute of Technology Information Security Center (GTISC) industry advisory board. In his spare time Sam enjoys being out of doors kayaking, skiing, mountain biking, camping or backpacking.

Ben Cody

Vice President of Product Management – Data Loss Prevention
Intel Security

Ben Cody is an Intel Security Group Vice President responsible for the McAfee Data Loss Prevention Product Line. In this role Ben is responsible for the strategic direction of the product, as well as the overall financial health of the business. Ben has over 20 years’ experience in enterprise software, both in R&D leadership roles, as well as sales and marketing leadership roles. Prior to joining Intel, Ben was the Vice President of Product Management for Serena Software. Ben oversaw the successful launch and growth of both an ITSM and DevOps product offering. Prior to that, Ben was the Senior Director of Product Management for the Remedy business at BMC Software. During his tenure Remedy enjoyed double-digit market growth and climbed to the top spot in Gartner’s ITSM MQ. Prior to BMC, Ben was the Vice President of Product Management and Marketing at Global 360, where the company gained leadership status in two separate Forrester BPM waves. Ben was a key member of the executive team that led a management buyout effort that created over 200% in shareholder return. Ben worked within the office of the CTO at Peregrine Systems and held technical roles within the Corporate Business Systems’ IT organization at Texas Instruments earlier in his career.

Jake Kouns

Chief Information Security Officer
Risk Based Security

Jake is the CISO for Risk Based Security, which provides vulnerability and data breach intelligence. He also oversees the operations of OSVDB.org and DataLossDB.org. Jake has presented at many security conferences including RSA, Black Hat, DEF CON, DerbyCon, CISO Executive Summit, EntNet IEEE GlobeCom, FIRST, CanSecWest, InfoSecWorld, SOURCE and SyScan; also at cyber liability forums such as AAMGA events, ACI’s Cyber and Data Risk Insurance, NetDiligence’s Cyber Risk & Privacy Liability Forum and PLUS. He is the co-author of the book Information Technology Risk Management in Enterprise Environments, Wiley, and The Chief Information Security Officer, IT Governance. He has briefed the DHS and Pentagon on Cyber Liability Insurance issues and is frequently interviewed as a security expert by Information Week, eWeek, Forbes, PC World, CSO, CIO and SC Magazine.

Arnold Bell

CISO
SLAIT Consulting

Arnold joined SLAIT consulting as Chief Security Officer and Director of Security Solutions in January 2015, bringing over 27 years of security experience. Arnold comes to SLAIT from the GE IT RISK organization where he developed and lead GEs IT Risk Cyber Relations program. In that role, he served as GEs primary point of contact to the US Government, industry partners and other stakeholders to GE.
Arnold retired from the FBI after nearly 25 years of service as Director of the Domestic Security Alliance Council. During his tenure with the FBI, Arnold worked primarily violent crime and cyber-crime matters. As a Chief in the FBI Cyber Division, he led several international cyber-crime investigations. Arnold retired from the FBI as the Director of its Domestic Security Alliance Council.
Arnold is a recipient of the Director’s Award for Special Achievement, the Commissioners Award, Queensland Australia, and numerous other awards.

Dale Guise

Vice President of Cyber Services
BAE Systems

Dale Guise joined BAE Systems in early 2013 and currently serves as Vice President of Cyber Services. In this capacity, he oversees business operations for Cyber Services including consulting, technical services and incident response in the Americas region.
Mr. Guise brings to BAE Systems over 25 years of cyber, data networking and telecommunications experience with a strong track record of creating and delivering advanced products and solutions. His broad technical expertise in security, networking and surveillance coupled with extensive systems knowledge results in the continued creation and promotion of successful solutions, delivered to major enterprises and network operators around the world.
Prior to joining BAE Systems, Mr. Guise held leadership positions in solution architecture, presales, product management and product engineering at Boeing (Narus), Spirent Communications and Hekimian.
Mr. Guise received a Bachelor of Science degree in Computer Science from the University of Maryland, and a Master’s Degree in Computer Science from the Johns Hopkins University.

 

 

 

 

 

Agenda


 
Risk Based Security Badge
 

Morning Session: 9:00 a.m. – Noon

Scott Borg

Director (CEO) and Chief Economist
U.S. Cyber Consequences Unit

14 Years of Cyber Risk Analysis: What We've Discovered, What We Still Need to Figure Out

This talk will provide an overview of the work carried out by Scott and his colleagues in the U.S. Cyber Consequences Unit, during the period when they have been leaders in anticipating new types of cyber attacks and quantifying their consequences. In addition to outlining what practical frameworks, concepts, and models are now available, it will identify further research that is urgently needed.
 

Diana Kelly

Executive Security Advisor
IBM

It’s a Jungle Out There: What the Animal Kingdom Can Teach Us About Security and Risk Management

Sometimes knowledge and insights come from unexpected places. In this talk, Diana presents a series of examples from the natural world and shows how they can help organizations learn valuable risk management lessons and use them to build more successful IT risk management programs. Some topics covered are: Herd Immunity, Monoculture and Colony Collapse Disorder.
 

Ben Cody

Vice President of Product Management – Data Loss Prevention
Intel Security

Data Exfiltration Demystified — Actors, Tools, and Techniques

Take a deep dive into how data leaves the network during an attack and hear the latest research results on common exfiltration techniques used by both external and internal threats, quantitative data with regard to data loss attempts, and data loss prevention processes and tools used by companies.
Key takeaways for attendees:
  • Learn about top exfiltration actors and the data they target
  • Understand common exfiltration tools and techniques
  • Learn how to prepare your data protection defense

Jake Kouns

Chief Information Security Officer
Risk Based Security

Cyber Liability Insurance: A No-Brainer?

Many believe that there are only two types of companies: those that have been hacked, and those that will be. Regardless of your viewpoint and no matter how many new shiny information security appliances are purchased, data breaches continue to happen at alarming rates. It doesn’t matter what industry or the size of an organization. No company seems to be immune. Yet, most information security professionals seem more willing to buy insurance for their latest tech gadget instead of purchasing Cyber Liability insurance to transfer a portion of their risk. If you knew your house was going to burn down or your car was going to be stolen, you would insure it. Do you have Cyber Liability insurance for your organizations's most important assets? This session will provide information on the data breach landscape and a behind the scenes look into Cyber Liability insurance. It will then discuss how this coverage can be integrated into a risk management plan and outline the risk transfer options that exist for organizations.
 

Lunch: Noon - 1:30 p.m.

Afternoon Session: 1:30 p.m. – 5:30 p.m.

Joshua Greenbaum

Principal
Enterprise Applications Consulting

Risk-based Security – Getting It Right, Making It Stick (panel)

Panelists: Arnold Bell, CISO, SLAIT Consulting; Ben Bergersen, Information Security Officer, MAX.gov; Dale Guise, Vice President of Cyber Services, BAE Systems

Risk-based security is becoming an important new weapon in the cybersecurity arsenal. While it holds great promise for a more effective way to combat the growing cybersecurity threat, risk-based security requires a different mindset, an expanded set of stakeholders, and a different set of tools and methodologies than other cybersecurity regimes. This panel will explore the value of risk-based security and the practicalities of implementing and maintaining an effective risk-based security regime, as well as provide guidance on how to make the move as easily and effectively as possible.

Gary Sockrider

Principal Security Technologist
Arbor Networks

The Human Dimension of Risk-Based Security

Internet conflict is fundamentally human-to-human conflict, so understanding users, attackers and defenders is core to containing and minimizing the threats our Internet-based society faces. The term “risk-based” is often a euphemism for a magical correlation, but it refers to all parts of the solutions deployed: people, processes and products. Risk-based doesn't elevate Internet-based conflict to the level of machine-to-machine or human-to-machine conflict. The enemy has a face, and risk-based solutions can help fight the attackers. Understanding the human dimension of security enables us to optimize machine / person boundaries and implications for security doctrine and will make it possible to limit and manage the seemingly constant state of crime, warfare and violence that we see online. It is also important for us to realize the benefits and promises of technology for society as a whole; without this we will face a less vibrant, exciting and enabling future.
 

Sam Phillips

Vice President and General Manager of Security Services and Chief Information Security Officer
Samsung

Reducing Risk in Mobility

Before you can truly reduce risk in Mobility you need to determine what mobility really means and what your organization needs it to be. The assumptions of yesterday have changed in a world of the Internet of Things, where business operations become highly efficient through tailored mobile devices, but also highly dependent on those technologies. Sam will cover some of the areas of consideration Samsung Business Services security practice considers in reducing risk in this new world of mobility.
 

Cocktail Reception 5:15 p.m.– 7:00 p.m.

 

 

 

 

Sponsorships

 

Current Sponsors
BAE Logo            

                                    

 
 
 
 
 
Attendee Industries
 
Attendee Industries

 

Reach the Decision-makers in Risk-Based Security – Present and Future

Risk-Based Security is one of the Fastest-growing Markets in the World! Only IEEE Computer Society Attracts the C-Levels, the Top Techs, and the Hands-on Specifiers Who Are Driving This Rapidly Evolving Issue.

When you sponsor Rock Stars of Risk-Based Security, you reach a unique audience – a level of decision-makers who don’t attend other symposia.

With an agenda aimed at real-world, business-critical decisions, and a lineup of experts unequaled at other risk-based security events, Rock Stars of Risk-Based Security is an obvious investment for any organization interested in influencing the future of risk-based security technology.

  • Meet this influential group of users and potential users face-to-face
  • Enjoy the highly personal nature of the event to network and enhance your brand
  • Generate leads in a group where every attendee is a prospect
  • Share lunch and cocktails with people you want and need to know
  • Stimulate discussions resulting from the engaging, leading-edge presentations
  • Showcase your products and services in a dynamic, engaged environment

Sponsors at Rock Stars of Risk-Based Security are integral parts of both the content and success of the event. Take advantage of these unique sponsorship opportunities –

Platinum Sponsor  

Gold Sponsor

Silver Sponsor

Panel Speaker Slot

Registration Sponsor

Luncheon Sponsor

Cocktail Reception Sponsor

Lunch Roundtable Sponsor – Bring a current customer and share your company’s technology story with a captive audience during lunch.

Table Top

Official Program Advertising

Conference Bag Insert

Sponsorship Contact

For more information and to secure your Cybersecurity Rock Stars sponsorship and/or exhibit space, please contact:
Sandy Brown
sbrown@computer.org
714-816-2144

 

Venue


 

Staying at the National Conference Center

 

The National Conference Center offers 917 hotel guest rooms, including 78 suites.

The Rock Stars of Risk-based Security attendees can make hotel and lodging reservations at The National Conference Center by calling:

1-800-640-2684

Monday-Friday 9 am -5 pm.

Rock Stars of Risk Based Security will be held at the The National Conference Center. The National offers unique, individualized meeting communities where conference rooms and guest lodging are grouped in self-contained wings to optimize opportunities for collaboration and camaraderie.  

 

 
 

Attend the Rock Stars of Risk Based Security

The Rock Stars of Risk Based Security will be held on April 12, 2016 at the The National Conference Center.

The National Conference Center
 

The National Conference Center

18980 Upper Belmont Pl

Leesburg, VA 20176, USA

Phone: (703) 729-8000
 

Directions from Washington Dulles International Airport

 
When leaving the airport terminal on airport road, stay in right-hand lane and take the exit marked 'Route 267 Leesburg,' and travel West through the Toll Gate. Follow Route 267 West (Dulles Greenway) for about 6 miles, exiting at Route 659 North (Exit 4), which is Belmont Ridge Road. Proceed on Route 659 North for about 3 1/2 miles (crossing Route 7, Harry Byrd Hwy and Riverside Parkway) to Upper Belmont Place. Belmont Ridge Road becomes Upper Belmont Place at the intersection of Riverside Parkway (2nd traffic light after Rt. 7 intersection). Follow signs to the entrance of The National Conference Center located at the end of Upper Belmont Place. Please proceed past the Welcome Center at our entrance and follow signs to the Front Desk.

Distance from hotel: 14 miles

 

 

Presentations


Presentations

Ben Cody

Vice President of Product Management - Data Loss Prevention
Intel Security

Data Exfiltration Demystified - Actors, Tools, and Techniques

 
 

Diana Kelley

Executive Security Advisor
IBM

It's a Jungle Out There: What the Animal Kingdom Can Teach Us About Security and Risk Management

 
 

Jake Kouns

Chief Information Security Officer
Risk Based Security

Cyber Liability Insurance: A No-Brainer?

 
 

Sam Phillips

Vice President and General Manager of Security Services and CISO
Samsung

Reducing Risk in Mobility

 
 

Gary Sockrider

Principal Security Technologist
Arbor Networks

The Human Dimension of Risk-Based Security

 

ContentAdvanced