As malware, business email compromises, phishing and vishing scams, etc. continue to evolve and proliferate, the same is true with cyber insurance.
In the past two years, the cyber insurance market has matured, as growing numbers of insurers, brokers and policyholders have gained a greater understanding of the ...
In the modern cybersecurity regime, it is no longer about whether or even if an entity will suffer a breach, but rather how it will respond. This session will focus on the roles and responsibilities of the Board of Directors and senior management in the prevention of and response to data security and privacy ...
Making his first appearance at an ISMG Summit, Jeremiah Osburn draws upon his nearly two decades of experience in the military, government and private sector to discuss a variety of topics, including:
Mitigating the insider threat
Staffing up in a post-breach environment
How to address the cybersecurity staffing ...
In the wake of Equifax and other major breaches, and armed with all of the personally identifiable information that they will ever need and a keen sense of the security controls that modern organizations use, sophisticated fraudsters are finding success as never before. At the center of it all is a new fraud trend: ...
Snowden proved you can't trust on the inside. OPM proved you can't trust the outside. Who should you trust when it comes to your data? No one! In this provocative and informative presentation, retired Brigadier General Greg Touhill, the first Chief Information Security Officer of the U.S. government and current ...
To combat cyber threats like the exposure of Personally Identifiable Information (PII), solutions need to keep pace with fraudsters through prevention and quick response when attacks happen.
The application of intelligence-driven fraud mitigation has transformed security and fraud management strategies by ...
"Know your customer" is a familiar refrain in business circles. But as threat actors grow in number, sophistication and cross-channel schemes, it is increasingly important for organizations to also have a clear picture of their potential attackers - whether they are nation states, cybercrime gangs or lone actors. Join ...
Financial fraud can be notoriously hard to detect and easy to cover up. But does blockchain technology with its distributed digital ledger now offer a new tool to help organizations reduce risk and prevent fraud? Which key business and technical factors will help blockchain scale for the large enterprise? Attend this ...
As we push computers to "the edge," building an increasingly complex world of interconnected information systems and devices, security and privacy continue to dominate the national dialogue. The Defense Science Board in its 2017 report, Task Force on Cyber Defense, provides a sobering assessment of the current ...
Brett Johnson, referred to by the United States Secret Service as "The Original Internet Godfather" has been a central figure in the cybercrime world for almost 20 years. He founded and was the leader of Counterfeitlibrary.com and Shadowcrew.com. Working alongside the top cyber criminals of our time, he helped design, ...
Stolen data is one thing - the consequences are obvious. But what if data is not stolen or leaked, but rather altered? What could be the damage? Diana Kelley of Microsoft discusses data integrity and how to preserve it.
Join this session, as Kelley discusses:
How and where data can be altered - and the potential ...
Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risk. Vulnerabilities in components are a hidden cost of free software. And their widespread use creates opportunities for attackers looking to exploit the most possible victims by ...
There is no shortage of security tools in any large government IT environment that are targeting specific cyber threats for a specific outcome. Yet, most agencies lack an always-on, in-line capability that allows them to operationalize their cyber threat intelligence programs. Blocking suspicious connections to ...
Nation States have unlimited resources to build cyberweapons. Coordinated Crime Syndicates steal those cyberweapons & use them or sell them, causing massive destruction. We need a cyber "red phone" dialogue available with other nations, but the internet is a nefarious nation's best friend.
Come & hear how just a few ...
In October of this year, the banking industry unveiled its new Cybersecurity Profile to help financial institutions develop and maintain cyber risk management programs. This groundbreaking document - the culmination of two years' work - marries the NIST Cybersecurity Framework with the finance sector's highly complex ...
Bortnick litigates and counsels clients on cyber and technology risks, exposures and best practices; directors' and officers' liability; professional liability; insurance coverage; and commercial litigation matters. He also drafts professional liability insurance policies of varying types, including cyber, privacy and technology forms, and is Publisher of the cyber industry blog, Cyberinquirer.com. He serves as a member of the Executive Corporate Board of The Franklin Institute science museum and is Co-Chair of the Computer & Technology Subcommittee of the ABA Section of Litigation, Insurance Coverage Litigation Committee. Bortnick is a regular contributor and columnist for Advisen and was named by Advisen as their Cyber Risk Network 2015 Person of the Year.
Principal, Rasch Technology and Cyber Law; former Chief Security Evangelist, Verizon
Rasch is an attorney and author, working in the areas of corporate and government cybersecurity, privacy and incident response. He is currently the chief security evangelist for Verizon Communications after having been VP, deputy general counsel, and chief privacy and data security officer for SAIC. From 1983-1992, Rasch worked at the U.S. Department of Justice within the Criminal Division's Fraud Section. Rasch earned a J.D. in 1983 from State University of New York at Buffalo and is a 1976 graduate of the Bronx High School of Science.
Director of Cybersecurity at Executive Office of the President
Jeremaih Osburn is a senior leader possessing a unique combination of both hands on technical skills and seasoned management experience supporting government, military, and private sector organizations. He has over 20 years of experience leading in a hands-on manner threat management and cyber defense teams and 12 years' experience working in 24/7 Security Operations Centers and information security environments supporting cyber threat analysis, forensic investigations, insider threat, and vulnerability analysis. Leadership skills have been awarded at the highest level for creating and developing world-class cyber defense teams in high-pressure environments.
SVP, Research Director Head of Fraud & Security, Javelin Strategy and Research
As SVP of Research, Al Pascual leads Javelin's Advisory Services and Custom Research businesses. He provides clients actionable insights on a variety of fraud and security issues, acts as a partner in developing strategies for managing risk, and identifies and raises awareness of future threats and solutions. He researches a range of topics, including the applicability of biometrics in banking and payments, the effect of data breaches on the integrity of consumer identities, the relationship between identity fraud and loyalty, and the best methods for securing payment data and transactions. Pascual has presented findings from Javelin's rigorous, industry-leading research at conferences around the world, including BAI, CARTES, Money20/20, NACHA and RSA. He has also provided commentary on fraud and security issues to American Banker, Bloomberg, CNNMoney, Fox Business, Reuters, The New York Times, The Wall Street Journal, The Washington Post, and Wired.
Previously Pascual held risk management roles at HSBC, Goldman Sachs, and FIS. He is a member of the Association of Certified Fraud Examiners, the International Association of Financial Crimes Investigators, and the Federal Reserve Secure Payments Task Force.
Greg Touhill is one of the nation's premier cybersecurity and information technology senior executives. A highly experienced leader of large, complex, diverse and global cybersecurity and information technology operations, Touhill was selected by President Obama as the US government's first Chief Information Security Officer (CISO). His other civilian government service includes duties as the Deputy Assistant Secretary for Cybersecurity and Communications in the US Department of Homeland Security and as Director of the National Cybersecurity and
Communications Integration Center, where he led national programs to protect the United States and its critical infrastructure. Touhill is a retired Air Force general officer, a highly-decorated combat leader, an accomplished author, a former American diplomat, and a senior executive with documented high levels of success on the battlefield and in the boardroom.
Director, Intelligence Services Global Cyber Security & Fraud, FirstData
Jaclyn Blumenfeld's career in security began at a young age, dodging rockets on the border between Israel and Lebanon during the 2006 war. This encounter paved the way for her career in intelligence analysis where she spent several years covering Middle East and security issues in the Intelligence Community and the private sector, before joining the tech industry. In 2016, Blumenfeld joined First Data from one of the leading cyber security firms FireEye. As the Director of Intelligence Services, she heads up First Data's fraud intelligence program. She oversees an innovative product that uses Dark Web monitoring and advanced analytics to stop fraud before it occurs and leads the industry in identifying payment card breaches.
Senior Information Technology Security Specialist, FBI
Manuel "Manny" Castillo is an information security executive with experience in cyber security, threat hunting, network security monitoring, and threat intelligence. Currently serving as the Chief of Cyber Defense for the FBI, he is responsible for directing and implementing IT security strategies across Divisions in order to defend and protect FBI IT systems worldwide. Castillo also worked at the National Security Agency for six years, serving in a variety of leadership roles. Prior to joining the FBI, he served as a law enforcement officer in New Hampshire.
Washington Field Office's Electronic Crimes Task Force (ECTF), US Secret Service
Special Agent Michael Moran has been with the United States Secret Service for four years. Currently he is assigned to the Washington Field Office's Electronic Crimes Task Force (ECTF). He is a certified Network Intrusion Response agent and a Critical Systems Protection agent. Prior to his time on the ECTF, he was a member of the Financial Fraud Task Force. Prior to the US Secret Service, he was a Forensic Accountant with the Federal Bureau of Investigation working for both the Counterterrorism and Cyber Divisions.
Vice Chair, Privacy & Data Protection Practice Group, Cooley LLP
A former NSA crypto-engineer, Sabett brings to Cooley LLP his extensive experience in data security, privacy, licensing and IP. Sabett has managed numerous data breach responses involving major retailers, financial and healthcare organizations, and on-line service providers. He served on the Commission on Cybersecurity for the 44th Presidency and has been recognized as a leader in privacy and data security in the 2007-2014 editions of Chambers USA. Sabett is a member of the board for the Georgetown Cybersecurity Law Institute and the Northern Virginia chapter of ISSA. He also is a frequent lecturer and author, and has appeared on or been quoted by a variety of national media sources.
Litan is a vice president and distinguished analyst at Gartner Research. Her areas of expertise include endpoint security, security analytics for cybersecurity and fraud, user and entity behavioral analytics, insider threats, fraud detection, and prevention and identity proofing.
Fellow, National Institute of Standards and Technology (NIST)
Ross specializes in information security, systems security engineering and risk management. He leads NIST's Federal Information Security Management Act Implementation Project, which includes the development of key security standards and guidelines for the federal government and critical information infrastructure. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, Office of the Director National Intelligence, the U.S. Intelligence Community and the Committee on National Security Systems, with responsibility for developing the Unified Information Security Framework for the federal government and its contractors. In addition to his responsibilities at NIST, Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. Ross has lectured at many universities across the country and has received numerous private sector cybersecurity awards.
Former Most Wanted and "The Original Internet Godfather"
Former United States Most Wanted, Brett Johnson, referred to by the United States Secret Service as "The Original Internet Godfather" has been a central figure in the cybercrime world for over 20 years. He built and was leader of ShadowCrew, the precursor to today's darknet markets. He was instrumental in developing many areas of online fraud while helping design, implement, and refine modern Identity Theft, Account Take Over Fraud, Card Not Present Fraud, IRS Tax Fraud, and countless other social engineering attacks, breaches, and hacking operations.
Upon his capture, the United States Secret Service hired Johnson to work as a consultant and informant. Johnson worked with the Secret Service for several months before going on a cross country crime spree, being placed on the US Most Wanted List, being captured again, sent to prison, escaping prison, being captured yet again, and finally accepting responsibility for his actions.
Today, Johnson works as a security consultant and public speaker. He is one of the world's foremost authorities on cybercrime and identity theft. During 2017, He has been featured in the book, "Kingpin" by Kevin Poulsen and on numerous media outlets, including the New York Times, NBC, CNN Money, Wired Magazine, Vice, RT TV, ArsTechnica, The Independent, and more.
Diana Kelley is the Cybersecurity Field CTO for Microsoft and a cybersecurity architect, practitioner, executive advisor and author. At Microsoft, she leverages her 25+ years of cyber risk and security experience to provide advice and guidance to CSOs, CIOs and CISOs at some of the world's largest companies and is a contributor the Microsoft Security Intelligence Report (SIR). She was the Global Executive Security Advisor at IBM Security where she built and managed the IBM Security Research Community Newsroom process and was a regular contributor to IBM X-Force research. Kelley is a faculty member with IANS Research, an Industry Mentor at the CyberSecurity Factory and a guest lecturer at Boston College's Master of Science in Cybersecurity program. She serves on the Board of Directors at the non-profit Sightline Security, was an IEEE "Rock Star of Risk" in 2016, speaks frequently at major conferences and co-authored the book Cryptographic Libraries for Developers.
Maria Loughlin currently serves as Vice President of Engineering at Veracode where she is leads development within Veracode's Application Security product suite. Loughlin has two decades of experience leading software teams at high-growth companies and has presented on security and DevOps at multiple technology events. Maria most recently served as VP of Engineering at Memento Security and held prior leadership positions at Kronos, Open Market and Digital Equipment Corporation.
Director of Product Management, NETSCOUT Systems, Inc.
Adam Bixler has had a distinguished career as Cybersecurity professional, an entrepreneur, a product management leader and a veteran of the United States Air Force. He has worked at all levels of information security and operations including: network design and configuration; data center management; certification and accreditation; network security analysis; compliance validation and systems auditing; and policy and plan development. Bixler currently serves as the Director of Product Management for NETSCOUT | Arbor leading the External Threat Detection offerings. He was Co-Founder and COO of Efflux Systems which was acquired by NETSCOUT in 2017 and was a Co-Founder of Morta Security which was acquired by Palo Alto Networks in 2014. He served in the United States Air Force and is currently in the US Air Force Reserve.
Global Security Strategist, Check Point Software Technologies
From English language teacher to cyber-security business executive, Eddie Doyle has the unique ability to articulate in non-technical language, the risks associated by avoiding internet security best practices.
With a particular interest in educating people to become human firewalls in the combat against social engineering, Doyle realizes that hackers exploit the DNA of trust within us, often as their first line of attack & he teaches people how to identify & resist the con man, while not interrupting business as usual.
With a focus on cyber-crime & cyber-terrorism, Doyle's keynotes help individuals & corporations alike, to stay ahead of the newest threats.
Protecting people online and in life has been his passion for over twenty years and he defines his success by his zealous love of education and training and his commitment to building rich, meaningful and key relationships.
VP & Senior Counsel - Center for Payments & Cybersecurity, American Bankers Association
DePierro joined the American Bankers Association in March 2008. Prior to joining the ABA, DePierro was Legislative Counsel of the Independent Community Bankers of America (ICBA) in Washington, D.C., and the California Independent Bankers in Newport Beach, Calif. At the ABA, DePierro focuses on the state, federal and international regulation of technology, cybersecurity, privacy, data security and emerging trends in banking, including fintech, blockchain, internet of things (IOT), artificial intelligence and social media.