In the wake of Equifax and other major breaches, and armed with all of the personally identifiable information that they will ever need and a keen sense of the security controls that modern organizations use, sophisticated fraudsters are finding success as never before. At the center of it all is a new fraud trend:...
SVP, Research Director Head of Fraud & Security, Javelin Strategy and Research
As SVP of Research, Al Pascual leads Javelin's Advisory Services and Custom Research businesses. He provides clients actionable insights on a variety of fraud and security issues, acts as a partner in developing strategies for managing risk, and identifies and raises awareness of future threats and solutions. He researches a range of topics, including the applicability of biometrics in banking and payments, the effect of data breaches on the integrity of consumer identities, the relationship between identity fraud and loyalty, and the best methods for securing payment data and transactions. Pascual has presented findings from Javelin's rigorous, industry-leading research at conferences around the world, including BAI, CARTES, Money20/20, NACHA and RSA. He has also provided commentary on fraud and security issues to American Banker, Bloomberg, CNNMoney, Fox Business, Reuters, The New York Times, The Wall Street Journal, The Washington Post, and Wired.
Previously Pascual held risk management roles at HSBC, Goldman Sachs, and FIS. He is a member of the Association of Certified Fraud Examiners, the International Association of Financial Crimes Investigators, and the Federal Reserve Secure Payments Task Force.
In the modern cybersecurity regime, it is no longer about whether or even if an entity will suffer a breach, but rather how it will respond. This session will focus on the roles and responsibilities of the Board of Directors and senior management in the prevention of and response to data security and privacy...
Principal, Rasch Technology and Cyber Law; former Chief Security Evangelist, Verizon
Rasch is an attorney and author, working in the areas of corporate and government cybersecurity, privacy and incident response. He is currently the chief security evangelist for Verizon Communications after having been VP, deputy general counsel, and chief privacy and data security officer for SAIC. From 1983-1992, Rasch worked at the U.S. Department of Justice within the Criminal Division's Fraud Section. Rasch earned a J.D. in 1983 from State University of New York at Buffalo and is a 1976 graduate of the Bronx High School of Science.
As malware, business email compromises, phishing and vishing scams, etc. continue to evolve and proliferate, the same is true with cyber insurance.
In the past two years, the cyber insurance market has matured, as growing numbers of insurers, brokers and policyholders have gained a greater understanding of the...
Bortnick litigates and counsels clients on cyber and technology risks, exposures and best practices; directors' and officers' liability; professional liability; insurance coverage; and commercial litigation matters. He also drafts professional liability insurance policies of varying types, including cyber, privacy and technology forms, and is Publisher of the cyber industry blog, Cyberinquirer.com. He serves as a member of the Executive Corporate Board of The Franklin Institute science museum and is Co-Chair of the Computer & Technology Subcommittee of the ABA Section of Litigation, Insurance Coverage Litigation Committee. Bortnick is a regular contributor and columnist for Advisen and was named by Advisen as their Cyber Risk Network 2015 Person of the Year.
Nation States have unlimited resources to build cyberweapons. Coordinated Crime Syndicates steal those cyberweapons & use them or sell them, causing massive destruction. We need a cyber "red phone" dialogue available with other nations, but the internet is a nefarious nation's best friend.
Come & hear how just a few...
Global Security Strategist, Check Point Software Technologies
From English language teacher to cyber-security business executive, Eddie Doyle has the unique ability to articulate in non-technical language, the risks associated by avoiding internet security best practices.
With a particular interest in educating people to become human firewalls in the combat against social engineering, Doyle realizes that hackers exploit the DNA of trust within us, often as their first line of attack & he teaches people how to identify & resist the con man, while not interrupting business as usual.
With a focus on cyber-crime & cyber-terrorism, Doyle's keynotes help individuals & corporations alike, to stay ahead of the newest threats.
Protecting people online and in life has been his passion for over twenty years and he defines his success by his zealous love of education and training and his commitment to building rich, meaningful and key relationships.
Snowden proved you can't trust on the inside. OPM proved you can't trust the outside. Who should you trust when it comes to your data? No one! In this provocative and informative presentation, retired Brigadier General Greg Touhill, the first Chief Information Security Officer of the U.S. government and current...
Greg Touhill is one of the nation's premier cybersecurity and information technology senior executives. A highly experienced leader of large, complex, diverse and global cybersecurity and information technology operations, Touhill was selected by President Obama as the US government's first Chief Information Security Officer (CISO). His other civilian government service includes duties as the Deputy Assistant Secretary for Cybersecurity and Communications in the US Department of Homeland Security and as Director of the National Cybersecurity and
Communications Integration Center, where he led national programs to protect the United States and its critical infrastructure. Touhill is a retired Air Force general officer, a highly-decorated combat leader, an accomplished author, a former American diplomat, and a senior executive with documented high levels of success on the battlefield and in the boardroom.
As we push computers to "the edge," building an increasingly complex world of interconnected information systems and devices, security and privacy continue to dominate the national dialogue. The Defense Science Board in its 2017 report, Task Force on Cyber Defense, provides a sobering assessment of the current...
Fellow, National Institute of Standards and Technology (NIST)
Ross specializes in information security, systems security engineering and risk management. He leads NIST's Federal Information Security Management Act Implementation Project, which includes the development of key security standards and guidelines for the federal government and critical information infrastructure. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, Office of the Director National Intelligence, the U.S. Intelligence Community and the Committee on National Security Systems, with responsibility for developing the Unified Information Security Framework for the federal government and its contractors. In addition to his responsibilities at NIST, Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. Ross has lectured at many universities across the country and has received numerous private sector cybersecurity awards.
Enterprises are challenged to move the process of accounting for data in a structured, systematic way higher on the list of priorities. One option to accomplish this challenge is by applying application threat modeling principles to data (data threat modeling). Application threat modeling provides value by allowing...
Fouad Khalil is the Vice President of Compliance at SecurityScorecard and is responsible for internal and external compliance programs, auditor education, alignment with industry best practices and global sales support. With extensive experience in the technology space with more than 25 years spanning disciplines in software development, IT support, program and project management and most recently IT Security and Compliance management. Khalil's career path in technology has provided him with keen insights in the areas of network, system and DB administration, software programming, system design, project and product development, and much more. For nearly the past two decades, Khalil has focused on data security, security investigations, security training and awareness, and security compliance-- serving as an industry expert in key areas such as IT, NIST, Internal Controls, SOX-404, PCI DSS and HIPAA/HITECH. Khalil holds a bachelor's degree in electrical and Computer Engineering from Marquette University and CISA and ITIL Foundations certifications.
Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risk. Vulnerabilities in components are a hidden cost of free software. And their widespread use creates opportunities for attackers looking to exploit the most possible victims by...
Maria Loughlin currently serves as Vice President of Engineering at Veracode where she is leads development within Veracode's Application Security product suite. Loughlin has two decades of experience leading software teams at high-growth companies and has presented on security and DevOps at multiple technology events. Maria most recently served as VP of Engineering at Memento Security and held prior leadership positions at Kronos, Open Market and Digital Equipment Corporation.
Making his first appearance at an ISMG Summit, Jeremiah Osburn draws upon his nearly two decades of experience in the military, government and private sector to discuss a variety of topics, including:
Mitigating the insider threat
Staffing up in a post-breach environment
How to address the cybersecurity staffing...
Director of Cybersecurity at Executive Office of the President
Jeremaih Osburn is a senior leader possessing a unique combination of both hands on technical skills and seasoned management experience supporting government, military, and private sector organizations. He has over 20 years of experience leading in a hands-on manner threat management and cyber defense teams and 12 years' experience working in 24/7 Security Operations Centers and information security environments supporting cyber threat analysis, forensic investigations, insider threat, and vulnerability analysis. Leadership skills have been awarded at the highest level for creating and developing world-class cyber defense teams in high-pressure environments.
To combat cyber threats like the exposure of Personally Identifiable Information (PII), solutions need to keep pace with fraudsters through prevention and quick response when attacks happen.
The application of intelligence-driven fraud mitigation has transformed security and fraud management strategies by...
Director, Intelligence Services Global Cyber Security & Fraud, FirstData
Jaclyn Blumenfeld's career in security began at a young age, dodging rockets on the border between Israel and Lebanon during the 2006 war. This encounter paved the way for her career in intelligence analysis where she spent several years covering Middle East and security issues in the Intelligence Community and the private sector, before joining the tech industry. In 2016, Blumenfeld joined First Data from one of the leading cyber security firms FireEye. As the Director of Intelligence Services, she heads up First Data's fraud intelligence program. She oversees an innovative product that uses Dark Web monitoring and advanced analytics to stop fraud before it occurs and leads the industry in identifying payment card breaches.
Despite the proliferation of social networks and messaging apps, email remains the primary means of communication today. Unfortunately, it also remains a persistent threat vector for cybersecurity abuse. We see these evil emails everywhere: at work, at home and in the news, attempting to sell something, or steal...
Andrew Coyle is an experienced Security Solutions Architect. With extensive experience designing secured infrastructure and networks, he continues to assist Federal Government agencies and enterprise companies with restoring their trust in email. In his current role at Agari, Coyle architects solutions to help solve emerging problems, such as detecting and preventing advanced phishing attacks that leverage impersonation techniques. His previous work at Cisco, developing and securing top Federal Government networks, allows Coyle to advise and implement security best practices for each unique network, brand, and organization.
Financial fraud can be notoriously hard to detect and easy to cover up. But does blockchain technology with its distributed digital ledger now offer a new tool to help organizations reduce risk and prevent fraud? Which key business and technical factors will help blockchain scale for the large enterprise? Attend this...
Litan is a vice president and distinguished analyst at Gartner Research. Her areas of expertise include endpoint security, security analytics for cybersecurity and fraud, user and entity behavioral analytics, insider threats, fraud detection, and prevention and identity proofing.
In October of this year, the banking industry unveiled its new Cybersecurity Profile to help financial institutions develop and maintain cyber risk management programs. This groundbreaking document - the culmination of two years' work - marries the NIST Cybersecurity Framework with the finance sector's highly complex...
VP & Senior Counsel - Center for Payments & Cybersecurity, American Bankers Association
DePierro joined the American Bankers Association in March 2008. Prior to joining the ABA, DePierro was Legislative Counsel of the Independent Community Bankers of America (ICBA) in Washington, D.C., and the California Independent Bankers in Newport Beach, Calif. At the ABA, DePierro focuses on the state, federal and international regulation of technology, cybersecurity, privacy, data security and emerging trends in banking, including fintech, blockchain, internet of things (IOT), artificial intelligence and social media.
Brett Johnson, referred to by the United States Secret Service as "The Original Internet Godfather" has been a central figure in the cybercrime world for almost 20 years. He founded and was the leader of Counterfeitlibrary.com and Shadowcrew.com. Working alongside the top cyber criminals of our time, he helped design,...
Former Most Wanted and "The Original Internet Godfather"
Former United States Most Wanted, Brett Johnson, referred to by the United States Secret Service as "The Original Internet Godfather" has been a central figure in the cybercrime world for over 20 years. He built and was leader of ShadowCrew, the precursor to today's darknet markets. He was instrumental in developing many areas of online fraud while helping design, implement, and refine modern Identity Theft, Account Take Over Fraud, Card Not Present Fraud, IRS Tax Fraud, and countless other social engineering attacks, breaches, and hacking operations.
Upon his capture, the United States Secret Service hired Johnson to work as a consultant and informant. Johnson worked with the Secret Service for several months before going on a cross country crime spree, being placed on the US Most Wanted List, being captured again, sent to prison, escaping prison, being captured yet again, and finally accepting responsibility for his actions.
Today, Johnson works as a security consultant and public speaker. He is one of the world's foremost authorities on cybercrime and identity theft. During 2017, He has been featured in the book, "Kingpin" by Kevin Poulsen and on numerous media outlets, including the New York Times, NBC, CNN Money, Wired Magazine, Vice, RT TV, ArsTechnica, The Independent, and more.
Security hygiene can be poor, and criminals know it. Fraudulent activity costs are in the billions worldwide across industries, and over 16 million consumers in the US were victims of identity theft or fraud in the past year. Learning to onboard new data at the speed of the business will ensure your fraud team can...
Apger, a 20-year veteran of the tech industry is a member of the Global Security Specialists team at Splunk. His digital hardware and software background paved a path for him to spend nearly 10 years as an innovator in the network intrusion prevention space. Before joining Splunk as a security architect in 2014, Apger worked in the fields of web fraud detection, anti-money laundering, security information/event management, security operations and cyber threat intelligence.