Black Hat CISO Summit



The Intelligent CISO: Becoming a Pacesetter for Cybersecurity Resiliency

In order to outpace the myriad threats facing the corporate enterprise today, CISOs must be armed with the latest technologies, techniques, and talent for predicting and mitigating potentially crippling cyber-attacks. For today's CISO, there's a constant need to understand adversaries and threats that are known and unknown and stay out in front of the next incident. At the Black Hat CISO Summit, you'll have an opportunity to join 200 CISO peers to discuss cutting-edge technologies and best-practices being deployed by pioneering security experts. Our speakers will demystify emerging strategies in AI, blockchain, IoT, DevSecOps, and more, and through interactive sessions, we'll map out concrete plans for increasing resiliency in 2018 and beyond. The intelligent CISO will have a competitive edge in the rapidly evolving digital transformation of cybersecurity.

*Please note: In order to create an open and candid environment that promotes the sharing of ideas and discussion, the CISO Summit will follow Chatham House Rule; neither media nor event coverage is permitted. This program was designed for executive security practitioners; solution providers and vendor attendees are limited to event sponsors.


Monday, August 6
17:00 - 19:00
CISO Summit Welcome Reception
Tuesday, August 7
08:00 – 08:15
Welcome and Introductions
  • Brian Gillooly, Co-Host, Black Hat CISO Summit and Moderator
  • Jeff Moss, Founder, Black Hat
08:15 – 12:00 Morning Sessions – A Focus on Technologies
08:15 – 08:45 Keynote: A Full Court Press Against Your Cybersecurity Adversaries
  • Alissa Johnson, Vice President and Chief Information Security Officer, Xerox
08:45 – 09:15 Black Hat Briefings Overview
  • Daniel Cuthbert, Black Hat Review Board
  • Robert Hansen, Black Hat Review Board
  • Kymberlee Price, Black Hat Review Board
  • Moderator: Kelly Jackson Higgins, Executive Editor, Dark Reading
09:15 – 09:45 The REAL Impact of AI on Cybersecurity
  • Rich Baich, CISO, Wells Fargo
  • Tim Piastrelli, Director of Security, Cruise Automation
  • Richard Rushing, CISO, Motorola
  • Moderator: Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group
09:45 – 10:00 Networking Break
10:00 – 10:30 Using Blockchain to Improve Security, Efficiency, and Trust
  • Sebastian Hess, CISO & Cyber Risk Executive, AIG
  • Jenna Pilgrim, Former Director of Business Development, Blockchain Research Institute
10:30 – 11:15 The Critical Security Future for IoT
  • Aditya Balapure, Team Lead, Information Security, GrubHub
11:15 – 11:55 Baking in Security: Why You Should Be Practicing DevSecOps
  • Jimmy Sanders, Information Security, Netflix DVD
12:00 – 13:10 Networking Lunch
13:15 – 17:00 Afternoon Sessions – A Focus on Strategy and Implementation
13:15 – 13:45 Bolstering Discovery/Repair While Improving Detection/Response
  • Satish Gannu, Chief Security Officer, ABB
  • Haroon Meer, Cyber Security Expert
  • Vanessa Pegueros, CISO, DocuSign
  • Moderator: Brian Gillooly, Co-Host, Black Hat CISO Summit
13:45 – 14:30 How to Excel at Measuring Risk: The Risk/Cost Ratio
  • Venky Anant, Partner, McKinsey & Co.
  • Fred Kwong, CISO, Delta Dental
  • Moderator: Tim Wilson, Editor-in-Chief, Dark Reading
14:30 – 14:45 Networking Break
14:45 – 15:30 The Evolution of the CISO's Role and the Importance of Workforce Diversity
  • Franklin Donahoe, Former CISO, Costco & CEO, Donahoe Advisory Group
  • Vanessa Pegueros, CISO, DocuSign
  • Gary Warzala, CISO, Fifth Third Bank
  • Moderator: Juliet Okafor, SVP, Global Security Solutions, Fortress
15:30 – 16:15 The Breacher Report
  • Chris Novak, Co-Founder & Director, Investigative Response Unit, Verizon
16:15 – 17:00 Future Threats & Criminals – A Whiteboarding Workshop Session
  • Discussion Leaders: John Johnson, Former CISO, John Deere
  • Brian Gillooly, Co-Host, Black Hat CISO Summit
  • Barry Suskind, Senior Director, IT, FINRA
  • Tim Wilson, Editor-in-Chief, Dark Reading
17:00 Closing Remarks
17:00– 18:00 Cocktail Reception


Alissa Johnson
Vice President and Chief Information Security Officer
John Johnson
CEO and Founder
Aligned Security
Juliet (Jules) Okafor
SVP of Global Security Solutions
Fortress Information Security
Richard Rushing

Alex Stamos
Mark Weatherford
SVP & Chief Cybersecurity Strategist


Brian Gillooly
Contributing Editor
Black Hat
Jeff Moss
Black Hat & DEF CON

Premium Sponsors

Cylance® is the first company to apply artificial intelligence and machine learning to cybersecurity, improving the way companies, governments, and end-users proactively solve the world's most difficult security problems. Cylance quickly and accurately identifies what is safe and what is a threat, not just what is in a blacklist or whitelist.

By coupling sophisticated technology with a unique understanding of an attacker's mentality, Cylance provides the products and services to be truly predictive and preventive against advanced threats.

Cylance's award-winning product, CylancePROTECT®, provides enterprise endpoint security without a cloud connection or frequent updates and uses a fraction of the system resources associated with legacy solutions.

Complementing CylancePROTECT, CylanceOPTICS™ is an AI driven endpoint detection and response (EDR) solution designed to extend prevention through root cause analysis, scalable threat hunting, and immediate response with consistent visibility into threats against endpoints.

Visit www.cylance.com or call +1-877-973-3336 for more information.

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 10,300 customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The Company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

Philippe Courtot
Chairman and CEO

Demonstrating a unique mix of technical vision, marketing and business acumen, Philippe Courtot has repeatedly built innovative companies into industry leaders. As CEO of Qualys, Philippe has worked with thousands of companies to improve their IT security and compliance postures.

Before joining Qualys, Philippe was the Chairman and CEO of Signio, an electronic payment start-up that he repositioned to become a significant e-commerce player. In February 2000, VeriSign acquired Signio for more than a billion dollars. Prior to Signio, Philippe was President and CEO of Verity, where he re-engineered the company to become the leader in enterprise knowledge retrieval solutions.

Philippe served on the Board of Trustees for The Internet Society, an international non-profit organization that fosters global cooperation and coordination on the development of the Internet. French and Basque born, he holds a master's degree in physics from the University of Paris.

Sumedh Thakar
Chief Product Officer

As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform.

A long time advocate of the SaaS model and cloud computing, Sumedh worked at Intacct, a cloud-based financial and accounting software provider, before working at Qualys. Previous to Intacct, Sumedh worked at Northwest Airlines to develop complex algorithms for yield and revenue management for their backend reservation system.

Sumedh is active in the PCI and security community working closely with the PCI Council on the development and enhancement of PCI DSS. He co-authored “PCI Compliance for Dummies,” an easy-to-read guide designed to educate merchant organizations about PCI. Sumedh has a bachelor's degree in computer engineering with distinction from the University of Pune.

Foundation Sponsors

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber-attacks. FireEye has over 5,300 customers across 67 countries, including more than 825 of the Forbes Global 2000.

Steven Booth
Vice President and Chief Security Officer

As Chief Security Officer, Steven Booth is in charge of leading and overseeing all aspects of IT security at FireEye. This includes the ongoing development and execution of enterprise-wide security architecture and monitoring programs, as well as technology risk and compliance. Steven directs the implementation of security controls, standards, policies and procedures to ensure protection of information systems and physical property while compliance is maintained against both corporate security policies and industry standards. Prior to FireEye, Steven was the AVP of Information Security and CISO at Manulife/John Hancock, Cybersecurity Architect at Microsoft, and ran security operations for VeriSign's MSSP.

David Kell
Director, Security Architecture & Engineering

As Director, Security Architecture & Engineering, David leads a blue team of security experts charged with design and implementation of technical security controls across the company's infrastructure. Prior to joining FireEye, David was the VP of Information Security and CISO at FBR, a mid-market investment bank, where he had responsibility for the bank's information security management program.

David has 20 years of experience in the information security profession and has previously held roles managing information security programs in the telecommunications, financial, and government sectors. David has served on various U.S. DHS and private working groups addressing Internet disruption. David is also a past member of the Network Security Information Exchange (NSIE) representing the telecommunications sector. David holds a Master's degree in Information Assurance from Norwich University.

StrozFriedberg, an Aon company, is a specialized risk management firm built to help clients solve the complex challenges prevalent in today's digital, connected, and regulated business world. Our focus is on cybersecurity, with leading experts in digital forensics, incident response, and security science; investigation; eDiscovery; intellectual property; and due diligence. Stroz Friedberg works to maximize the health of an organization, ensuring its longevity, protection, and resilience. Founded in 2000 and acquired by Aon in 2016, Stroz Friedberg has thirteen offices across nine U.S. cities, London, Zurich, Dubai, and Hong Kong. Stroz Friedberg serves Fortune 100 companies, 80% of the AmLaw 100, and the Top 20 UK law firms. Learn more at www.strozfriedberg.com.

Rocco Grillo
Cyber Resilience Leader

Rocco Grillo is Stroz Friedberg's Cyber Resilience Leader and a member of the firm's executive management team. His cyber resilience team, which includes the company's incident responders and security scientists who deliver the firm's proactive and reactive cybersecurity capabilities, has successfully triaged some of the largest data breaches recorded in the last decade. Previously in his career, Mr. Grillo led Protiviti's Global Incident Response and Forensics Investigations, helped develop RedSiren Technologies (a leading managed security service provider and full services security firm that evolved out of Carnegie Mellon), and held management positions with Lucent Technologies and Bell Atlantic. Mr. Grillo is a CISSP, CRMA, PCI-QSA, and a Certified Third Party Risk Assessor. He is an affiliate board advisor for FS-ISAC and NH-ISAC, a member of the Shared Assessments Program Steering Committee board, and the CLM Cyber Liability Council. Rocco is also a Distinguished Fellow of Ponemon Institute.

Jibran Ilyas
Managing Director

Jibran Ilyas is a Managing Director in the Stroz Friedberg's Incident Response practice. Jibran has over 15 years of experience in the field of Information Security, with 10 years specializing in the areas of incident response, digital forensics and threat intelligence. He has led investigations for some of the world's largest data breaches in the financial, technology and defense sectors. This included working closely with law enforcement agencies to track and ultimately arrest major threat actor groups. As a thought leader, Jibran has presented at several global security conferences including DEFCON, Black Hat, Thotcon, Microsoft Digital Crimes Conference, and Department of Homeland Security's ATTE conference. Furthermore, he has conducted forensics training for United States Secret Service (USSS). Jibran is an adjunct lecturer at Northwestern University for the Digital Forensics course. In 2017, he was honored as “40 under 40” by Crain's Chicago Business Magazine for his contributions in cybersecurity.

Breakfast Sponsors

Cybereason gives your company the upper hand by taking an entirely new approach to cybersecurity - EDR, next-gen antivirus, anti-ransomware, fileless malware protection, and security services, all powered by a purpose-built in-memory graph database. Gain unmatched visibility and collapse your security stack with Cybereason's cybersecurity data analytics platform. Learn more at cybereason.com.

Rapid7 powers the practice of SecOps by delivering shared visibility, analytics, and automation that unites security, IT, and DevOps teams. The Rapid7 Insight platform empowers these teams to jointly manage and reduce risk, detect and contain attackers, and analyze and optimize operations. Rapid7 technology, services, and research drive vulnerability management, application security, incident detection and response, and log management for more than 7,000 organizations across more than 120 countries, including 52% of the Fortune 100.

Networking Break Sponsors

Cofense, formerly known as PhishMe®, is the leading provider of human-driven phishing defense solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches.  Cofense customers include Global 1000 organizations in defense, energy, financial services, healthcare and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise. For more information on Cofense solutions, please visit www.cofense.com.

Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more. We enable this digital transformation on a foundation and capability for cybersecurity with products and services that have security built in from the start. Our unique approach combines a comprehensive, agile platform together with unparalleled intelligence and strategic partnerships in order to better protect your endpoints, move faster to detect threats, and respond to security breaches across even the largest of organizations. www.microsoft.com

Johnnie Konstantas
Sr. Director of Marketing Communication
Enterprise Cybersecurity Group

Johnnie is a veteran cybersecurity executive, bringing more than 19 years of security industry experience. Most recently she was the Sr. Director of Security Marketing and Business Development at Gigamon, responsible for driving strategy and relationships with technology partners and leading security campaigns, messaging development and distribution for field sales and channel enablement.

Prior to Gigamon, Johnnie was the Vice President of Marketing of machine learning platform Dato (acquired by Apple) where she led awareness, adoption and lead generation programs. While Senior Director of Cloud Security Sales at Juniper Networks, Johnnie managed accounts in Commercial and F1000 in the Pacific Northwest and Mid-West regions. As Vice President of Marketing at Altor Networks (acquired by Juniper), she successfully branded Altor as cloud security's leading innovator. Other posts include marketing, product management and engineering leadership roles at Varonis (VRNS), RedSeal Systems, Neoteris (acquired by Juniper), Check Point Software, Certicom and Motorola where she was a Lead Systems Engineer.

Johnnie received her B.S. in Electrical Engineering from University of Maryland.

Jonathan C. Trull
Global Chief Cybersecurity Advisor
Enterprise Cybersecurity Group

As Global Chief Security Advisor for the Microsoft Enterprise Cybersecurity Group, Jonathan leads Microsoft's team of worldwide Chief Security Advisors to provide thought leadership, strategic direction on the development of Microsoft security products and services, and deep customer and partner engagement around the globe.

Jonathan joined Microsoft in 2016 bringing more than 15 years of experience. Trull was Vice President and CISO with Optiv, responsible for developing and executing the company's information security strategy and program. Prior to Optiv, Trull was the CISO for Qualys where he was responsible for securing infrastructure and products, bringing security best practices to customers, providing strategic direction on the development of the QualysGuard Security Platform, researching real world threats and providing guidance on how to address them. Trull has established himself as an innovative security leader and was recently named by the SANS Institute as one of the "People Who Made a Difference in Cybersecurity."

Event Sponsors

Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world's largest delivery network – Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 411,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com.

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus, endpoint detection and response (EDR), and a 24/7 managed hunting service - all delivered via a single lightweight agent. The CrowdStrike Falcon™ platform, certified to replace legacy antivirus, has reinvented how endpoint security is delivered with its industry-leading, cloud native architecture.

CyberArk, the #1 provider of privileged access security, provides a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world's leading organizations, including more than 50% of the Fortune 100, to protect against external attackers and malicious insiders, and address audit and compliance requirements. CyberArk is the only public company 100% focused on privileged access security, delivering innovative solutions to stay one step ahead of attackers.

Splunk Inc. (NASDAQ: SPLK) turns machine data into answers. Organizations use market-leading Splunk solutions with machine learning to discover their "aha" moments with machine data and solve their security challenges, including risk mitigation, incident response and compliance. Use Splunk software in the cloud and on-premises to improve the detection of insider and advanced threats, fraud and ransomware. Join millions of passionate users by trying Splunk software for free: www.splunk.com/free-trials.

Veracode, now part of CA Technologies, enables the secure development and deployment of the software that powers the application economy. With its combination of automation, process and speed, CA Veracode becomes a seamless part of the software lifecycle, eliminating the friction that arises when security is detached from the development and deployment process. As a result, enterprises are able to fully realize the advantages of DevOps environments while ensuring secure code is synonymous with high-quality code. CA Veracode serves more than 1,600 customers worldwide across a wide range of industries. The CA Veracode Platform has assessed more than 6 trillion lines of code and helped companies fix more than 30 million security flaws.

Welcome Reception Sponsor

Your enterprise needs to move faster, but lack of process and legacy tools hold you back. The ServiceNow System of ActionTM replaces unstructured work patterns of the past with intelligent workflows of the future. ServiceNow's Security solutions are part of the System of Action. ServiceNow Security Operations bring incident data from security tools into a structured enterprise security response engine. Workflows, automation, and a deep connection with IT help prioritize and resolve real threats fast. ServiceNow Governance, Risk, and Compliance (GRC) drives unified GRC programs. It transforms processes by continuously monitoring, prioritizing, and automatically responding to real risks in real-time. Learn more: www.servicenow.com/sec-ops