Keynote Speakers

Tuesday, April 9, 2019

8:00am to 9:15am

How to Survive the Weaponized Cyber World with IoT on the Horizon

A Former FBI Unit Chief's Insights on the Evolution from Virtual to Physical Threats

Speaker:

Donald Codling, President, Codling Group International LLC, Former FBI Unit Chief, Cyber Division

Overview:

Until recently the damage from cyber attacks has been largely restricted to cyber space. Data is stolen or compromised. Networks are infiltrated as hackers find useful information that they can, in various ways, turn into money, whether it’s in the form of trade secrets, business deals, banking and credit card information, private health data and much more. Today’s cyber risks involve actual bodily harm or property damage. Power can be cut-off to live-saving devices. Safety controls governing large industrial machinery, power plants, airlines, and shipping lanes can be hijacked in a way that causes significant harm to people and damage to essential infrastructure. As more and more machines are connected via the Internet, the so-called ”internet of things” provides enormous conveniences and efficiencies, but creates new ways for hackers, hacktivists, and terrorists to do their thing. Hear what this cyber expert has to say based on his continued work in this field and 23 years at the Federal Bureau of Investigation.

 

Tuesday, April 9, 2019

1:20pm to 2:30pm

The Art of the Cyber Tabletop Exercise

Test and Socialize Post-Cyber Event Processes with the FBI and Secret Service

Speakers:
Jacob Cinco, U.S. Secret Service, Special Agent in Charge Las Vegas Electronic Crimes Task Force

Hector Supulveda, FBI, Supervisory Special Agent, Las Vegas Cyber Squad, the Computer Forensics Program, and the Las Vegas Cyber Task Force

Overview:

Would you say your organization is ready for a cyber attack? How would you rate your team’s situational awareness? Does everyone at your organization know their role? The purpose of a cyber response tabletop exercise is to get answers to those questions and more before you face disaster. What is your ability to establish an effective command structure that integrates all critical stakeholders to ensure your resources are used efficiently to respond to and recover from a cyber incident? What are your capabilities to protect and restore systems, networks, and data? Are you able to provide timely and relevant information to critical decision-makers? Are you able to provide timely and actionable information to critical partners and stakeholders? In this interactive session, we are grateful to have U.S. Secret Service and FBI cyber experts on site to take you through the steps you may or may not be ready to take in the event of a real-life attack.

Wednesday, April 10, 2019

8:00am to 9:15am

Out Go the Lights: Critical Infrastructure Threats

Myths, Realities and Why You Should Care

Speakers:

Matthew J. Gardner, Partner, Privacy and Security, White Collar Crime, Government Investigations, Wiley Rein LLP

Jacob Dorval, Sr. Manager & Global Services Product Lead - RSA NetWitness Platform Global Services, RSA Security

Overview:

Our nation’s power grid may have been built well, but not when it comes to cybersecurity threats. And those threats just keep coming, threats that can stop or even destroy key parts of the grid. Think about all the things that we rely on to live the lives we do:  nuclear power plants; chemical manufacture and distribution; telecommunications; shipping and transportation; financial services; water supplies; emergency response services and more. When any part of our critical infrastructure goes down, the ramifications go way beyond having to find your flashlight. How will your organization deliver goods and services? How will you guard your data? Will your operations be crippled? What liabilities will you face from customers, suppliers, and government agencies?  Join our speakers – an attorney with a leading law firm in this area and a security expert with background in the intelligence community – as they share insights into crucial aspects of cybersecurity that you may have never considered.

Wednesday, April 10, 2019

1:20pm to 2:30pm

Congratulations! You Just Bought a Breach!

The Importance of Cyber Risk Assessments in Mergers and Acquisitions.

Speakers:

Doug Howard, Vice President, Global Services and Information Technology Innovation, RSA Security

Aravind Swaminathan, Partner, Cybersecurity and White Collar Crime, Orrick, Herrington & Sutcliffe LLP

Overview:

Even your everyday merger or acquisition has plenty of opportunities to go sideways. The bigger the organization the more complex it can be. Each party will often find itself responsible for the past mistakes of the other party, or inherit as-yet-uncovered vulnerabilities and liabilities. Cyber-related weaknesses or missteps add yet another wrinkle to the M&A process, which makes network and data due diligences a top priority in making deals. But how do you best assess industry-appropriate levels of cyber maturity, identify security gaps, validate necessary strategies, and remove friction from a challenging M&A process? What risks could negatively affect a transaction? How do you determine the appropriate investment levels to achieve cyber maturity across people, processes and technologies? Join an experienced global security experts and IT systems innovator and an accomplished attorney in the cyber risk field for an important and practical session.

Thursday, April 11, 2019

8:30am to 9:45am

This Time It's Personal
CISOs and Other Corporate Leaders Face Criminal and Civil Investigations

Speaker:

Aravind Swaminathan, Partner, Cybersecurity and White Collar Crime, Orrick, Herrington & Sutcliffe LLP

Overview:

Department of Justice, the Securities Exchange Commission, and a host of other state and federal regulators have initiated criminal and civil investigations into potential misconduct by the “victim” companies and their executives. As a result, Chief Information Security Officers and other members of the company’s information security team increasingly are coming under intense scrutiny, facing legal proceedings, and becoming the targets of regulators, plaintiffs, the press, and even their own company. On one end, security professionals are losing their jobs, reputation, and even their careers, as they are easy and obvious scapegoats. On the other end, federal criminal prosecutors are taking a hard look at whether CISOs or members of their team violated criminal laws, with well-publicized criminal investigations at Yahoo!, Uber, and Equifax, that last of which has already resulted in criminal insider trading charges filed against the deputy Chief Information Officer. In short, the stakes have never been higher. As a result, information security professionals need to become more aware of the personal risks that they face, the legal landscape for incident response and security generally, and how to best protect themselves, their jobs and their careers. 

 

In this session, our presenter will draw on his experience representing and advising information security professionals in their personal capacity in connection with large data security events, and offer practical advice on how to keep you and your career protected. 

 

• Personal liability risks to information security professionals, both civil and criminal

• Involvement in independent investigations, criminal investigations, litigation, and regulatory proceedings

• Getting your own personal legal counsel, and how to get the company to pay for it

• Risky conduct, common pitfalls, and best practices

• Negotiating protections and indemnification during the hiring process