EVENT
CIO New York Summit | November 1, 2018 | Grand Hyatt Hotel - New York, NY, USA
agenda
Download Agenda (PDF)↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session 
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
Thursday, November 1, 2018 - CIO New York Summit
7:15 am - 8:00 am
Registration and Networking Breakfast
8:00 am - 8:10 am
Welcome Address and Opening Remarks 
Presented by:
Paula Rizzo, Author, Individual
8:10 am - 8:40 am
Keynote Presentation
The Future of Operationalizing Your Cyber Capabilities
The industry finds itself in a situation where there is a gap in cyber security talent. There is plethora of different technologies being presented to help further advance the various cyber capabilities. This keynote will provide a view on how leaders can address these issues and turn these gaps into strengths through innovative practices.
Takeaways:
- Talent: How do develop your future Cyber Warriors
- Automation: How to utilize orchestration to enable your cyber operations
Presented by:
Rich Baich, EVP Chief Information Security Officer Corporate Risk, Wells Fargo 
8:45 am - 9:15 am
Keynote Presentation
Case Studies in Digital Transformation: Learnings Along the Journey
We will explore key learnings from various industries and verticals on the good, the bad and the ugly of digital transformation. We will have an opportunity to not only be exposed to successful use cases, but also ask the hard questions behind those successes.
Takeaways:
- One of the best ways to learn is to hear the stories of success (and failure) from companies similar to yours
- Asking questions of HOW the Journey unfolded are just as important as the end result
Sponsored by:
IBM
9:20 am - 9:45 am
Executive Exchange
Thought Leadership
Cyber Fatigue and What We Can Do About It
Fatigue seems to be the normal state for those working in the cybersecurity industry. Exhausted might be better word for it. But what is causing this fatigue and have we lost sight of the ?Righteous Fight?? Forcepoint Chief Scientist Dr. Richard Ford discusses why we've lost our way as security professionals and how we must recognize this truth in order to work smarter rather than harder.
Sponsored by:
Forcepoint LLC
Richard Ford, Chief Scientist, Forcepoint LLC
Thought Leadership
Digital Transformation Through the Lens of Customer Experience
Whatever your thoughts on digital transformation, there is a change happening in how technology is bought, sold, and used to deliver results. In this session, David will share a perspective and set of best practices that define the fundamental changes we're experiencing and how to execute against these changes. David will use examples from financial services and healthcare to demonstrate how attendees can develop a new perspective on their markets in order to execute more effectively.
Sponsored by:
CA Technologies
David Bressler, VP Presales, Agile Products, CA Technologies
9:50 am - 10:15 am
Executive Exchange
Think Tank
Cybersecurity - Complexity, Simplicity in Defensive Capability for the Year 3000
The United States accounts for over 50% of theft of intellectual property via cyber intrusions; amounting to over $250B per year. As a nation, consisting of a collective of small to large multi-national businesses and of US academic institutions, we have a call to arms to assure US innovations, ideas, and technologies are no longer stolen to propel those who intend harm to our nation and our future generations. This session will introduce the threats to our cybersecurity as well as discussing solution that you can take back with you.
Presented by:
Jennifer Gilbert, Senior Cybersecurity Advocate, NATIONAL SECURITY AGENCY
Think Tank
Designing the Digital Workplace
Employees are consumers of digital technologies such as IoT, AR and VR. The plethora of mobile devices has enabled them to work where they want and when they want which has raised the bar on employee expectations for tools and capabilities from their employers. In order for companies to retain the best and get the most out of their employees, it is vital to design and continually update the digital workplace. We will discuss the current trends as well as share case studies of successful digital workplace implementations.
Takeaways:
- Highly skilled employees will demand a mobile and efficient workplace.
- Keeping these skilled employees fully engaged and passionate about your company is critical to achieving the desired digital transformation.
Presented by:
Jason McKay, CIO, Napec
10:15 am - 10:25 am
Morning Networking Coffee Break
10:30 am - 10:55 am
Executive Exchange
Thought Leadership
Knowing Is Half the Battle - Protecting Applications & Their Sensitive Data
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection RASP changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc.
Chris Prevost, Vice President, Solutions, Prevoty, Inc.
Thought Leadership
Digital Transformation - Architecting Your Digital Edge
The digital economy is forcing enterprises to transform how they connect customers, partners, employees and operations. Today's market leaders credit their speed and business advantages to their digital platform. Equinix will discuss how an Interconnection Oriented Architecture (IOA(TM)) with a step-by-step playbook can redefine the edge - which is where to localize delivery of cloud-supported services to your customers, employees and partners - and architect your digital platform.
Sponsored by:
Equinix
Dan Eline, Head of Solutions Marketing, East Region, Equinix
11:00 am - 11:25 am
Executive Exchange
Thought Leadership
Sponsored by:
Illumio, Inc.
Thought Leadership
Sponsored by:
Celonis
11:30 am - 11:55 am
Executive Exchange
Executive Boardroom 
Reducing Risk in the Face of Cyberattacks & Data Loss Exposure: For Business-Critical Data, Recovery is Everything
As a security office, protecting against exposure to the risk of data loss is one of your major concerns. Cyberattacks and extended outages are just some of the threats your organization faces. It's likely that many of your critical enterprise-wide applications run on Oracle Database, so protecting them against these threats should be a top priority.
When a ransomware attack occurs, recovery is everything. Continuous protection eliminating exposure to the risks of database data loss. Cybercriminals are using ransomware to target mission-critical data and enterprise applications. If a ransomware attack gets past your security barriers, you have two options: pay to regain access to your data or restore as quickly as possible from the last successful backup prior to the attack. If you choose to restore instead of paying, your IT team will need to make sure you have a valid copy that can be recovered quickly. In addition, they'll need a recovery point as close as possible to the moment prior to the attack - seconds, not hours - to minimize data loss and business disruption.
Join us to discuss how Oracle's Zero Data Loss Recovery Appliance (Recovery Appliance) has been developed by Oracle specifically to protect Oracle Databases, it ensures optimal protection of your critical data. Who better to know the best way to protect your Oracle Database than Oracle itself? It not only protects each transaction down to the last sub-second, but also maps those changes to create an on-demand, ready-to-restore full database copy. This enables your IT team to rapidly recover data up to the very moment a ransomware attack or outage occurs -eliminating the risk to your organization's productivity, revenue, and reputation. And, because Recovery Appliance can cut recovery times by up to 90 percent - your business operations get fully up and running rapidly.
Sponsored by:
Oracle
Matthew O'Keefe, Corporate Technologist, Converged Infrastructure Division, Oracle
Christopher Craft, Senior Director, Product Management, Oracle
Executive Boardroom
Achieving Critical Outcomes with Next-Gen Service Management
You invest in IT Service Management (ITSM) to enable employee productivity and help ensure performance and availability of business-critical services. You are also looking to improve customer experience, support delivery of new services, ensure compliance, and often reduce costs. Have decade old traditional ITSM solutions helped you achieve the outcomes you expected? If not, you are not alone. We will present solutions and methods used by successful IT organizations to deliver more value, provide better support, and improve your customer satisfaction.
Takeaways:
- How a codeless service platform accelerates time-to-value and simplified administration.
- What Zero-Touch Management is and how to enhance your processes by adopting it.
- Using metrics to evaluate a $0 implementation.
Sponsored by:
Cherwell Software
Jesse White, President, Intact Technology, Cherwell Software
12:00 pm - 1:10 pm
Luncheon Keynote
Artificial Intelligence & Machine Learning Session with IBM
The session will cover the updates in the field of Artificial Intelligence & Deep Learning using cognitive solutions mostly on Modern Data Platforms and IBM PowerAI, and Power Systems. The goal is to help folks catch up with/refresh core data science concepts most relevant to AI. And optionally, get familiarity with H2O.ai, Data Science Experience, and IBM's AI suite.
We will start with data science concepts, then work towards building a simple Deep Learning/Neural Network/Model example. Moreover, we will cover mostly Data Visualization, Machine Learning, Model building, and Exploratory Data Analysis at this session.
Sponsored by:
IBM
, ,
1:15 pm - 1:40 pm
Executive Exchange
Executive Boardroom
IT & OT Cyber Security: Different Sides of the Same Coin
Organizational diversity makes it difficult to define and adopt an industry wide security framework. Additionally, IT and OT operations have historically operated independently from each other, creating a challenge for manufacturers to assess their specific cyber security risk. The challenge will become even more complex as the connectivity of information and operational technologies increase, providing new opportunities for cyber criminals to target and breach manufacturing organizations. It is critical for organizations to consider vulnerabilities in both information and operational technologies in order to implement effective risk management strategies and to better understand the impact of a cyber attack on their infrastructure or a data breach specific to their business.
Takeaways:
- Share successes and challenges in assessing cyber security risk across IT and OT operations.
- Discuss the use of scenario planning and impact analysis in development of a risk management strategy.
- The importance of threat intelligence to active cyber defense.
Sponsored by:
BAE Systems Applied Intelligence
Executive Boardroom
#NoDarkspace: Learn Why, What, and How to Monitor and Automate East-West and Cloud Security Investigations
What is darkspace, and what do you need to do about it? Once an attacker compromises a physical, virtual, or cloud host, their next step is to roam your extended (cloud, hosted, and on-prem) network looking for opportunity. The attacker looks like an insider: just one reason they are hard to identify. Another is the increasing use of encryption, including TLS 1.3, that will make it even less likely you can detect these activities without new tools. Gartner and other analysts are recommending Network Traffic Analysis (NTA) as an important element of a healthy risk posture, primarily because of its payoff in better threat detection and response.
We will walk through examples of blind spots and use cases for efficient and automated threat management for East-West and South-North attack activities. Then, as part of upgrading your security maturity, we will review case studies to leverage NTA's auto-discovery and visibility to reduce your attack surface, improve audit and pen test results, and make SOC analysts more productive.
Sponsored by:
Extrahop Networks Inc
Barbara Kay, Sr. Director - Security, Extrahop Networks Inc
1:45 pm - 2:10 pm
Executive Exchange
Think Tank
Which "Friends" Do I Trust? Realities of 3rd Party Risk
It is not a matter of if, but a matter of when. Organizations, more and more, and are outsourcing business activities to 3rd-parties because of cost-savings, revenue opportunities, expertise, etc. Thus collaborating with our business partners early to select the right 3rd-party vendor(s) with the appropriate security posture is essential, especially for vendors hosting, processing and/or transmitting sensitive/regulatory information, or having access to our IT assets.
Takeaways:
- Regardless of the reasons, outsourcing some business functions to a 3rd party seems inevitable in today's world
- It is critical to have a proper vetting procedure of 3rd parties before engaging them as business partners who have access to company systems and data
Presented by:
Richard Kessler, Global Director, Cyber Security Services Strategy and Governance, KPMG
Think Tank
Driving an Omni - Channel Experience in Financial Services
Maintaining a consistent client experience is key to ensuring a consistent client relationship, which in turn leads to greater client retention and spend. Maintaining that consistent experience is complicated by the fact that clients now interact with all providers, not just financial services ones, through a variety of channels that can number into the dozens. It is essential to not have just consistency of look and feel across all channels, but consistency of experience, and indeed to allow individual experiences to occur sequentially across all channels.
Takeaways:
- Client experience is the primary motivator in client retention and reducing client churn is essential to controlling costs
- Client experience degrades when channel experience conflicts or limits client choice or activity so consistency is key
- Optimal experience needs a seamless client ?experience ecosystem? that, done well, tightens bonds, reduces costs, and increases spend
Presented by:
Chirag Arora, CISO, Crum & Forster
2:15 pm - 2:40 pm
Executive Exchange
Thought Leadership
Cyber Threats Gone in 60 Seconds - The Bad, The Really Bad and The Ugly
Cyber attacks can happen very fast and can have varying degrees of impact. Threat actors continue to evolve the tactics and techniques they use in doing bad things.
Join Ladi Adefala and discover surprising and interesting new techniques used by threat actors from the cyber underground. It's not just the bad, but the really bad and the ugly.
Sponsored by:
Fortinet
2:45 pm - 3:10 pm
Executive Exchange
Think Tank
Back to basics- focusing on security architecture & strategy
In a world of increased sophistication, frequency and impact of cyber-attacks, security executives often struggle to juggle through priorities. How to stop the bleeding and staying ahead in the game with bad actors is a question that CISOs are often thinking in their minds. Considering cyber-attack is unavoidable, what should the security executives do to proactively prevent attacks and protect assets? This presentation will explain how going back to the basics and building a strong architecture practice helps cyber organizations to avoid shiny-toy syndrome and build a strategic risk-based controls maturity.
Takeaways:
- Only running after newer security controls is NEVER THE answer
- Building a control footprint that is risk based, absolutely needed for your organization and not driven by industry buzzwords
- Step by step approach on achieving architectural maturity in security space
Questions to address:
- Why focusing on architecture is so critical now?
- How to achieve maturity in establishing a security architecture practice?
Presented by:
Parthasarathi Chakraborty, AVP- Global Head Of Security Architecture, Strategy & Innovation, Guardian Life Insurance
Think Tank
Big Data, Little Data. Secure Data, Lost Data.
If digital transformation is a journey, then data is the fuel that will transport your company from here to there. What data do you have access to? How can you make sense out of the data and thus make decisions from it? How does a company use data to be a disruptor and not a victim? And how do you secure that data to ensure that the digital transformation journey does not end prematurely?
Takeaways:
- Digital transformation without constant access to usable and reliable data will be a slow and arduous journey.
- Digital transformation exposes increasing amounts of data potentially vulnerable to cyber attacks and must be addressed.
Presented by:
Peter Kapur, Head of Data Governance Operationalization and Data Stewardship, AIG
3:10 pm - 3:20 pm
Afternoon Networking Coffee Break
3:25 pm - 3:50 pm
Executive Exchange
Think Tank
Cloud Strategy Development
Presented by:
Vasee Sivasegaran, Corporate Director IS Infrastructure, Penn Medicine
Think Tank
Moneyball of IT Financial Management
Today, most of the organizations want to fund innovation (AI, Blockchain, AR/VR) and/or digital transformation. CFOs in conjunction with the CIOs must dramatically reinvent their Strategic IT Financial Management Strategy.
This presentation will introduce certain novel techniques such as the core-satellite approach towards portfolio management. The presentation content would mostly reflect my super-hit post with over 500K+ views at industry leading publication of TBM Council's Emerge.
Presented by:
Manik Patil, Global Senior Director, AIG
3:55 pm - 4:20 pm
Executive Exchange
Innovation Partners Showcase
A brief, but compelling review of three new innovative technologies supporting digital transformation.
Sponsored by:
Algosec
CenturyLink
4:25 pm - 5:00 pm
Executive Visions Panel
CIOs/CISOs as the Consummate Communicator
It is also changing the role of the CIO and CISO to be a business leader and internal sales leader for transformation. CIOs are now responsible for communicating strategies and recommendations to CxOs, boards and key stakeholders within a company. Join us, during lunch, for a passionate panel discussion with your peers as they share how they are successfully communicating internally to accomplish the company's goals.
Takeaways:
- CIOs must be great communicators, not only with their teams, but the rest of the organization
- CIOs must learn the best ways to communicate clarity and urgency with Boards and CXOs
Panelists:
Michael Palmer, Vice President Chief Information Security Officer, National Football League
Andre Bromes, CIO/CISO, Goodwill Industries of Greater NY and Northern NJ, Inc.
Sandip Sahota, Managing Director Head of Enterprise Data, Canada Pension Plan Investment Board
Gabrielle Wolfson, CIO, Xerox
Rich Baich, EVP Chief Information Security Officer Corporate Risk, Wells Fargo
5:00 pm - 5:10 pm
What's the Next Stop On the Transformation Journey?
Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs where common issues can be addressed and success stories can be shared.
Takeaways:
- Building an ongoing community with your peers can be an invaluable resource for tackling the Digital Transformation projects ahead of you
- Sharing stories of success (and failures) is not reserved to a one day CIO Summit but should be shared on a regular basis with your peers
5:10 pm - 6:30 pm