InfoSec Leadership Summit
Date & Time
Sunday, March 29, 2020, 9:00 AM - 5:00 PM
Tim Callahan - Aflac
Rob Clyde - ISACA
Avani Desai - Schellman
Jack Nichelson - MRK Technologies
Jari Peters - Oracle
Ed Pollock - STERIS
Joshua Washington - Lee Malveaux
Keyaan Williams - Cyber Leadership and Strategy Solutions
As an InfoSec leader today your role is growing beyond worrying about cybersecurity risk and extends to catapulting your organization ahead of the competition. From building your team, developing long-term budgetary needs, and constructing and adopting a proactive defense organization, this year’s InfoSec Leadership Summit provides the tools and techniques you need to influence your employees, and your board, to follow your lead and achieve results.
Whether you are an army of one or the head of a large team, the InfoSec Leadership Summit brings you together with your peers to share successful strategies for driving and leading the business, while staying one step ahead of your attackers, and your competition.
InfoSec Leadership Summit Session Descriptions:
9:15 AM - 10:15 AM
ILS1 Protecting Your Blindside
Tim Callahan, Senior Vice President, Global Chief Security Officer, Aflac
The most dangerous thing for an organization and the CISO is what you don’t know: your blindside. Learn how Aflac successfully developed a strategy and architected a program to reduce its blindside. This session will cover building the team, constructing and adopting a proactive defense structure, developing bulletproof processes, and implementing an assurance program for complete effectiveness.
10:15 AM - 11:15 AM
ILS2 Raising the Red Flags in Cyber Risk and Keeping Ahead of the Competition
Rob Clyde, 2018-2019 Board Chair, ISACA
You know the scenario: you have allotted agenda time to explain complex cyber risk to the C-suite and boards of directors (who hope that you know what you’re doing, because they lack the time, desire or tech knowledge to delve deeper), and at the end of your presentation, blank stares or – worse – increased unease about your organization’s cyber readiness.
With a career spanning three decades, Rob Clyde has been on both sides of the table: he has served as CEO, CTO, and in other executive roles, and has also served as board director for many organizations and enterprises. His unique perspective allows you to see the presentation from both the board director’s and the security professional’s view. Clyde will offer helpful guidelines for creating a presentation that is clear, concise and transparent; you will learn how to articulate business impact, risk, and mitigation – but also how to tell the board what you need from them. Learn how to prepare key metrics and review examples of graphics, dashboards and helpful tools to summarize critical information.
Additionally, Clyde describes how to move your leadership beyond focusing on mitigating risk to understanding that the competitive risk of not adopting new technologies may be even more significant than security risk. This is the opportunity to go beyond the data to share your suggested strategies. Anticipate what questions might be asked and what data will ensure your board understands your cybersecurity program. Learn how you can share information on emerging technologies like IoT, AI and quantum computing so that your board can understand how they may impact your enterprise, and what can be done to mitigate security risks and safely adopt new technologies and opportunities. Take your leadership beyond worrying about cyber risk to adopting technologies that can catapult your organization ahead of the competition.
11:30 AM - 12:30 PM
ILS3 Cybersecurity Metrics and the Balanced Scorecard
Keyaan Williams, CEO, Cyber Leadership and Strategy Solutions, LLC
The best way for security to align with the business is to speak their language. About half of major companies in the US, Europe and Asia are using Balanced Scorecard (BSC) approaches. With so many business leaders using the BSC approach to align their practices to the mission and strategy of the organization, it is imperative that security and risk management leaders learn how to communicate using the same approach. This session will highlight the tools and techniques required to develop good metrics and present the data using the BSC to communicate the true value of security.
1:30 PM - 2:30 PM
ILS4 Developing the Leader Within You!
Joshua Washington, President, Lee Malveaux
Learn how to influence your team to follow your lead and achieve results. This session will review the 5 Levels of Leadership and its impact on team and organizational performance. Leaders across various organizations will have an increased ability to lead teams, develop and sustain high quality staff, and achieve consistent performance results.
2:45 PM - 3:45 PM
ILS5 Creating a Results Oriented Culture: By Measuring What Matters
Jack Nichelson, Chief Information Security Officer, MRK Technologies
Ed Pollock, Chief Information Security Officer, STERIS
Execution is everything. How simple goal setting with clear objectives and key results that are measurable will propel your team to exceed expectations.
What kind of operational data demonstrates cybersecurity leaders’ long-term budgetary needs for their programs and at the same time shows the progress they’ve made over the years? Learn how a duo of cybersecurity professionals used thought leadership and a goals-based approach to build the case for past capital and future spend—a system that won them both dollars and trust with peers and their boards.
In this session we will provide real-world examples of what metrics were chosen to show progress, and how the speakers have gone about gathering them. We’ll discuss how to make a difference and influence change in your organization if you are an army of one or a few more. You will leave this session not with abstract ivory-tower ideas on measurement, but with actionable tactics you can put in place within your own program today.
3:45 PM - 5:00 PM
ILS6 Overcoming Day-to-Day Challenges for Security, IT Risk and Privacy Workers
Jari Peters, Vice President, Cloud Security, Risk and Regulatory Compliance, Oracle
Avani Desai, President, Schellman
Workers in the area of Security, IT Risk and Privacy have extremely important roles that have very high stakes. These types of functions can at time feel thankless as if nothing negative happens work and effort often goes unnoticed. However, if there is a negative outcome in security or privacy the response will be extreme, and the impact can be extensive. Workers may feel unappreciated, overworked, underfunded and stressed. Stress can take an impact on work performance, happiness and health.
This session will review strategies to bolster the productivity, longevity, health and happiness of these workers.