Sponsors

Black Hat CISO Summit

TUESDAY, JULY 25, 2017

FROM REACTIVE TO PROACTIVE: NEW DIRECTIONS IN IT SECURITY

Overview

In the past, IT security has been a reactive discipline: security teams built layered walls and then waited to respond. But today, as the IT environment becomes more complex and attackers become more sophisticated, it’s no longer enough to sit behind the wall and wait. Managing today’s risk means building a proactive defense – and advance planning in case that defense fails.

The 2017 Black Hat CISO Summit brings together IT security executives, industry experts, and security researchers to discuss these fundamental shifts in IT security strategy. Attendees will have the opportunity to learn from peers about new defense strategies such as threat hunting, deception, and mining the Dark Web. CISOs will discuss their proactive strategies to risk management and security operations, and threat experts will discuss the new wave of threat actors who are now targeting today’s enterprises. The discussion will include an in-depth look at how the geopolitical situation in cybersecurity is changing, and its potential impact on commercial organizations.

AGENDA

07:30 – 15:00 CISO Summit VIP Registration| Four Seasons Ballroom Foyer, Four Seasons
07:30 – 08:55 Networking Breakfast
09:00 – 9:15 CISO Summit Welcome and Introductions
09:15 –10:00 Keynote | Tomorrow's Computing Challenges
Michael Chertoff, Chairman and Co-Founder of the Chertoff Group; Former Secretary of Homeland Security
10:00 – 10:50 Researcher Panel | Emerging Practices for Proactive Security + Discussion
10:50- 11:10 Networking Break
11:10– 11:50 The Future of Cybersecurity Policy in a Post-Trump America
12:00– 13:25 Networking Lunch
13:40 – 14:10 The Russians are Coming! Or Are They?
14:10 – 15:00 CISO Panel | Strategies for Getting Ahead of Security Challenges + Discussion
15:00 – 15:20 Networking Break
15:20– 15:50 Proactive Solutions to the IT Staffing Challenge
15:50 – 16:30 IT Security: What to Expect in the Coming Year
16:30 - 16:55 Black Hat USA Briefings Preview
16:55-17:00 CISO Summit Closing Remarks
17:00– 18:00 Closing Networking Reception

*Admission to the Black Hat CISO Summit is not guaranteed; all applicants will be contacted within two business weeks after submitting. Please direct inquiries to cisosummit@blackhat.com.

Premium Sponsors

Cylance® is the first company to apply artificial intelligence and machine learning to cybersecurity, improving the way companies, governments, and end-users proactively solve the world's most difficult security problems. Cylance quickly and accurately identifies what is safe and what is a threat, not just what is in a blacklist or whitelist.

By coupling sophisticated technology with a unique understanding of an attacker's mentality, Cylance provides the products and services to be truly predictive and preventive against advanced threats.

Cylance's award-winning product, CylancePROTECT®, provides enterprise endpoint security without a cloud connection or frequent updates and uses a fraction of the system resources associated with legacy solutions.

Complementing CylancePROTECT, CylanceOPTICS™ is an AI driven endpoint detection and response (EDR) solution designed to extend prevention through root cause analysis, scalable threat hunting, and immediate response with consistent visibility into threats against endpoints.

Visit www.cylance.com or call +1-877-973-3336 for more information.


Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). For more information, please visit www.qualys.com.


Chairman and Chief Executive Officer

As CEO of Qualys, Philippe has worked with thousands of companies to improve their IT security and compliance postures. Philippe received the SC Magazine Editor's Award in 2004 for bringing on demand technology to the network security industry. He was also named the 2011 CEO of the Year by SC Magazine Awards Europe. He was previously Chairman and CEO of Signio until its acquisition by VeriSign.  He is also a member of the Board of Directors of StopBadware, a non-profit, anti-malware organization.


Sumedh Thakar, Chief Product Officer

As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform to meet the Payment Card Industry (PCI) Data Security Standard (DSS) requirements.


Chief Information Security Officer

As Chief Information Security Officer for Qualys, Mark focuses on driving with Qualys customers how to improve security across current computing environments and build security into digital transformation initiatives. Previously CISO of Fiserv, and with over 24 years of experience leading enterprise security teams, Mark has built and developed effective information security programs for executive management, IT leadership and legal counsel. He holds active CISSP, PCI-ISA and CIPP-IT certifications.


Foundation Sponsors

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber-attacks. FireEye has over 5,300 customers across 67 countries, including more than 825 of the Forbes Global 2000.


StrozFriedberg, an Aon company, is a specialized risk management firm built to help clients solve the complex challenges prevalent in today's digital, connected, and regulated business world. Our focus is on cybersecurity, with leading experts in digital forensics, incident response, and security science; investigation; eDiscovery; intellectual property; and due diligence. Stroz Friedberg works to maximize the health of an organization, ensuring its longevity, protection, and resilience. Founded in 2000 and acquired by Aon in 2016, Stroz Friedberg has thirteen offices across nine U.S. cities, London, Zurich, Dubai, and Hong Kong. Stroz Friedberg serves Fortune 100 companies, 80% of the AmLaw 100, and the Top 20 UK law firms. Learn more at https://www.strozfriedberg.com/.


Rocco Grillo, Executive Managing Director and Cyber Resilience Leader

Rocco Grillo is Stroz Friedberg's Cyber Resilience Leader and a member of the firm's executive management team. His cyber resilience team, which includes the company's incident responders and security scientists who deliver the firm's proactive and reactive cybersecurity capabilities, has successfully triaged some of the largest data breaches recorded in the last decade. Previously in his career, Mr. Grillo led Protiviti's Global Incident Response and Forensics Investigations, helped develop RedSiren Technologies (a leading managed security service provider and full services security firm that evolved out of Carnegie Mellon), and held management positions with Lucent Technologies and Bell Atlantic. Mr. Grillo is a CISSP, CRMA, PCI-QSA, and a Certified Third Party Risk Assessor. He is an affiliate board advisor for FS-ISAC and NH-ISAC, a member of the Shared Assessments Program Steering Committee board, and the CLM Cyber Liability Council.


Breakfast Sponsor

Cybereason was founded in 2012 by a team of ex-military cybersecurity experts to revolutionize detection and response to cyber attacks. The Cybereason Malop Hunting Engine identifies signature and non-signature based attacks using big data, behavioral analytics, and machine learning. The Incident Response console provides security teams with an at-your-fingertip view of the complete attack story, including the attack's timeline, root cause, adversarial activity and tools, inbound and outbound communication used by the hackers, as well as affected endpoints and users. This eliminates the need for manual investigation and radically reduces response time for security teams. The platform is available as an on premise solution or a cloud-based service. Cybereason is privately held and headquartered in Boston, MA with offices in Tel Aviv, Israel.


Rapid7 cybersecurity analytics software and services reduce threat exposure and detect compromise for 4,150 organizations, including 34% of the Fortune 1000. From the endpoint to cloud, we provide comprehensive real-time data collection, advanced correlation, and unique insight into attacker techniques to fix critical vulnerabilities, stop attacks, and advance security programs.


Welcome Reception Sponsor

Your enterprise needs to move faster, but lack of process and legacy tools hold you back. The ServiceNow System of ActionTM replaces unstructured work patterns of the past with intelligent workflows of the future. ServiceNow's Security solutions are part of the System of Action. ServiceNow Security Operations bring incident data from security tools into a structured enterprise security response engine. Workflows, automation, and a deep connection with IT help prioritize and resolve real threats fast. ServiceNow Governance, Risk, and Compliance (GRC) drives unified GRC programs. It transforms processes by continuously monitoring, prioritizing, and automatically responding to real risks in real-time. Learn more: www.servicenow.com/sec-ops


Networking Break Sponsors

Forcepoint is transforming cybersecurity by focusing on what matters most: understanding people's intent as they interact with critical data wherever it resides. Our uncompromising systems enable companies to empower employees with unobstructed access to confidential data while protecting intellectual property and simplifying compliance. Based in Austin, Texas, Forcepoint supports more than 20,000 organizations worldwide. For more about Forcepoint, visit www.Forcepoint.com and follow us on Twitter at @ForcepointSec.


Symantec Corporation (NASDAQ: SYMC), the world's leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec's Norton and Life Lock product suites to protect their digital lives at home and across their devices. Symantec operates one of the world's largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visitwww.symantec.com or connect with us on Facebook, Twitter, and LinkedIn.


Event Sponsors

Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. With approximately 401,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.


 


CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and cause irreparable business damage. CyberArk is trusted by the world's leading companies – including more than 45 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications, while ensuring tight regulatory compliance and audit requirements.


Splunk Inc. (NASDAQ: SPLK) is the market leader in analyzing machine data to deliver Operational Intelligence for security, IT and the business. Splunk® software provides the enterprise machine data fabric that drives digital transformation. More than 13,000 enterprises, government agencies, universities and service providers in over 110 countries use Splunk solutions in the cloud and on-premises to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce costs. Splunk products include Splunk® Enterprise, Splunk Cloud™, Splunk® Light and premium solutions. Join millions of passionate users by trying Splunk software for free: www.splunk.com/free-trials.