Gartner Security & Risk Management Summit 2015

Transcription

1 Gartner Security & Risk Management Summit 2015 June 8 11 I National Harbor, MD gartner.com/us/securityrisk From learning how to re-evaluate and update your security and risk strategies and investments to meeting the evolving needs of the digital organization, Gartner Security & Risk Management Summit 2015 will cover the full spectrum of IT security, risk, BCM, the CISO and the business of IT security. 1 are the leadership skills needed to be an effective CISO today? A1. The New CISO s Crucial First 100 Days Tom Scholtz A2. Protecting Your House on the Prairie: Security Strategy for the Smaller Enterprise Rob McMillan, Tom Scholtz A3. The Path to High-Impact Security Awareness Andrew Walls A4. Business, Not Bytes A Practical View of Security Metrics Rob McMillan, Jeffrey Wheatman A7. The Nexus Is the Matrix: Everything I Need to Know About Digital Business I Learned From William Gibson Jay Heiser, Andrew Walls A8. Be Agile Not Fragile: Use Threat Intelligence Services to Defend Yourself Rob McMillan A9. General Session/CISO Circle: Pulling Back the Wizard s Curtain LabMD s CEO Michael J. Daugherty Reveals the FTC s Data Security Investigation Secrets, Tricks and Tactics Michael J. Daugherty, CEO, LabMD A11. Why Your Policy Is Broken and How You Can Fix It Rob McMillan A12. The Legality and Ethics of IoT and Employee Monitoring Avivah Litan, Andrew Walls A13. People-Centric Security: Experiences and Lessons Learned Tom Scholtz A16. Chief Data Officers and Chief Information Security Officers: Friends or Foes? Debra Logan CC1. The CISO Survey 2015 Executive Highlights F. Christian Byrnes (CISO Circle Only) CC2. CISO Circle Lunch F. Christian Byrnes CC3. Power Breakfast: Eccentric Leadership (CISO Circle Only) Tina Nunno CC4. CISO Circle Lunch: Strategic Thinking for CxOs F. Christian Byrnes, Tina Nunno CC5. Power Breakfast: A Staff Development Model for Security F. Christian Byrnes CC6. CISO Circle Lunch: People-Centric Intelligence Ash Ahuja; F. Christian Byrnes; Bob Jamieson, UL CC7. CISO Circle Breakfast: I Hacked Your Breakfast Ash Ahuja, Perry Carpenter 2 How do you transform security programs to deal with the challenges of digital business? B3. Your Network Security 2020: A Look Back Adam Hils, Greg Young B4. Managed Services for the Five Styles of Advanced Threat Defense Kelly M. Kavanagh B5. Technology Is Driving the Third Wave of Threat Intelligence in Enterprises? Craig Lawson B6. The Cyber Kill Chain Craig Lawson B7. Astounding Science Fiction and/or Internet of Things Security Scenarios John Girard, Greg Young B8. Mind the SaaS Security Gaps Craig Lawson B10. Pushing the Boundaries of SIEM Kelly M. Kavanagh B12. Lessons Learned on Advanced Threat Defense Strategies and Tools Lawrence Orans B14. Data Masking: Protecting Data Against Insiders Joseph Feiman B15. Overcoming Five Key Obstacles to Success in Content-Aware DLP Deployments Brian Reed C2. Case Study: Top Threats, Vulnerabilities and Hiring Challenges Is a CISO to Do? Mark Eggleston, CISSP, GSEC, CHPS, Director, Security & Business Continuity, Health Partners Plans; Adam Hils 1

2 C3. Network Security Guide to BYOD 2015 Update Claudio Neiva, Lawrence Orans C4. Who Needs a VPN? John Girard C5. Signature Series: Gartner s Adaptive Security Architecture New Approaches for Advanced and Insider Threats Neil MacDonald C6. DDoS Attacks Are Here to Stay Now? Lawrence Orans C7. The Canary in the Digital Age, Detecting the Persistent Attacker Before It Is Too Late Peter Firstbrook C8. Secure Use of AWS and Azure: Comparison and Best Practices Neil MacDonald C9. Securing the Next-Generation Data Center With Software-Defined Security Neil MacDonald C10. Defending Endpoints From the Persistent Attack Peter Firstbrook C11. Network Segmentation Best Practices Greg Young C16. Reduce the Risks and Implement Data Access Controls Now! Brian Lowans C15. Challenging Decisions: Third-Party Security Assurance Landscape D1. Network Security: How Much Is Enough? Brian Lowans D2. Signature Series: The Next Three Years in Threats Greg Young D7. Operational Technology Security Is Not Just for Industries Anymore Earl Perkins D11. SIEM for Hybrid Technology and Service Deployment Claudio Neiva D13. Case Study: Play How You Practice Securing Applications Across Development and Operations by Unifying IAST and RASP Brian Chess, SVP, NetSuite 3 are some of the practical methods to apply Gartner s three dimensions of risk management? F1./G1. General Session: Digital Business and Your New Relationship With Risk Paul E. Proctor F2. Magic Quadrant for Operational Risk Management John A. Wheeler F3. Changing Your Security Culture: Why Change Is Hard and to Do About It Debra Logan F4. Career Path: Digital Risk Officer Paul E. Proctor F8. Use a Vendor Risk Management Framework to Mitigate Regulatory, Compliance, Security and Performance Issues Christopher Ambrose F5. Building Advanced KRIs: Risk Metrics That Influence Business Decisions Paul E. Proctor F6. Eight New Trends Disrupt the E-Discovery Status Quo Jie Zhang F9. Crossfire: Quantitative vs. Qualitative Risk Assessment Perry Carpenter, Paul E. Proctor F12. One Simple Way to Get Your CEO to Embrace Risk Management John A. Wheeler F13. Vendor Intelligence Using Data Analytics to Monitor and Mitigate Vendor Risk Christopher Ambrose F14. Cyberinsurance: To Buy or Not to Buy? Juergen Weiss F15. Software Asset Management The Essentials Victoria Barber F16. GRC: Works, Doesn t Paul E. Proctor G5. Ten Critical Elements for Successful Risk Management Programs John A. Wheeler G6. Four Rules That Define the Boundaries of the Internal Auditor s Role in Risk Management G7. s New and Hot in GRC? John A. Wheeler G8. Software Licensing Is a Risk. Is Your Organization Managing It? Victoria Barber G9. Signature Series: Top Trends in Corporate Compliance and Oversight Jeffrey Wheatman G13. E-Discovery Magic Quadrant Jie Zhang G12. How to Present Risk to Board-Level Management: Key Take-Aways From Visa Jeremiah Kung, Visa; G2. How to Know If Your Vendor Is in Trouble Christopher Ambrose G14. Privacy and the Internet of Things: Risks, Benefits and How to Avoid Crossing the Creepy Line Carsten Casper G16. Using Storytelling to Get Your Risk Management Message Heard Jeffrey Wheatman 2

3 4 are the benefits of cloud computing, and how do you prepare for the costs of mitigating the risks associated with it? AURS5. Comparing Best Practices for Cloud Risk Management Jay Heiser AURS6. Secure Use of Public Cloud Neil MacDonald C1. Signature Series: The Cloud Security Scenario Jay Heiser C8. Secure Use of AWS and Azure: Comparison and Best Practices Neil MacDonald E1. Art of Cloud Security: AWS Edition Erik T. Heidt E2. Designing the Modern Application Security Perimeter With Mobile and Cloud in Mind Ramon Krikken E4. Assessing Cloud Service Providers: Getting Beyond the Checklists Erik T. Heidt E7. Securing Sensitive SaaS Using Cloud Access Security Brokers Ramon Krikken E12. Art of IaaS Cloud Encryption Erik T. Heidt J5. Security in the Cloud: Consider Different Risks and Opportunities Ruggero Contu 5 How do IT organizations adapt to the rapidly changing environment and implement new policies and new technologies to mitigate the risks of the mobile workplace? AURS21. Securing Mobile Payments and Mobile Wallets Dionisio Zumerle AURS25. Is Your EMM/MDM Meeting Your Requirements? Rob Smith AURS29. Mobile Security and BYOD in the Enterprise Dionisio Zumerle B9. Signature Series: Mobile Security Threats and Trends in 2015 John Girard, Dionisio Zumerle B12. Lessons Learned on Advanced Threat Defense Strategies and Tools Lawrence Orans B13. Mobile Application Security Testing Joseph Feiman C3. Network Security Guide to BYOD 2015 Update Lawrence Orans D15. How to Build a Globally Legal and Successful BYOD Program John Girard E9. Mobile Device Security: A Comparison of Platforms Patrick Hevesi J12. Enterprise Mobility Management Magic Quadrant and Critical Capabilities Review Rob Smith 6 are the current best practices, latest issues and trends for IAM? B11. Seven Supporting Services That Application Owners Will Demand From the IAM Team Neil Wynne D5. Titanic or Train Wreck? Ten Signs That Your IAM Program Is About to Go Off Track Brian Iverson D6. Your Cloud Service Adoption Strategy Must Include Data Protection Brian Lowans D8. Future-Proofing IAM Ant Allan D9. Grab the Low-Hanging Fruit to Simplify Your IAM Program Neil Wynne D10. Successfully Selecting an IAM Vendor Neil Wynne D16. Designing the Right Privileged Account Management Solution Anmol Singh E11. Crossfire: Debating Pervasive Data-at-Rest Encryption Great Security or Grand Illusion? Erik T. Heidt J3. User Authentication Vendors Are Not the Only User Authentication Vendors Ant Allan W2. Workshop: The Gartner ITScore Maturity Model for IAM Brian Iverson, Neil Wynne 7 How do you separate hype from reality on cybersecurity? are the best practices to protect your organization in a rapidly changing threat environment? A5. Top Trends and Take-Aways for Cybersecurity Earl Perkins AURS18. Cyberinsurance: Best Practices and Lessons Learned Juergen Weiss B1. How the Internet of Things Will Change Cybersecurity Forever Earl Perkins B6. The Cyber Kill Chain Craig Lawson C14. Cybersecurity, Critical Infrastructure and Risk Adam Hils; Samuel Sanders Visner, SVP and General Manager, F14. Cyberinsurance: To Buy or Not to Buy? Juergen Weiss 3

4 H1. Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari, Carnegie Mellon University; IND1. Healthcare Breakfast: Cybersecurity Incidents and Response Management for Healthcare Organizations Kimberly Elizabeth Pagani, Belinda Wilson, Mary E. Wujek K3. Keynote: Cybersecurity Scenario 2020 The Impact of Digital Business on Security F. Christian Byrnes K4. Keynote: U.S. Intelligence, Defense and Cybersecurity Strategies Leon Panetta, U.S. Secretary of Defense ( ), Director, Central Intelligence Agency ( ), Chief of Staff to President Bill Clinton ( ), and Co-founder, Panetta Institute for Public Policy K5. Guest Keynote: Inkjet Business Model Considered Harmful Cory Doctorow, Journalist, Science Fiction Author, Activist and Blogger WC15. Water Cooler Session: Q&A With Samuel Visner on Cybersecurity, Critical Infrastructure and Risk Adam Hils; Samuel Sanders Visner, SVP and General Manager, Cybersecurity, ICF International 8 skills and knowledge do I need to advance my capabilities as a security and risk manager? AURS2. Presenting to the Board and Executive Committees Perry Carpenter AURS24. The Expanding Role of the Security Professional in the Enterprise Earl Perkins CC1. The CISO Survey 2015 Executive Highlights F. Christian Byrnes (CISO Circle Only) CC3. Power Breakfast: Eccentric Leadership Tina Nunno (CISO Circle Only) CC4. CISO Circle Lunch: Strategic Thinking for CxOs F. Christian Byrnes, Tina Nunno CC5. Power Breakfast: A Staff Development Model for Security F. Christian Byrnes CC6. CISO Circle Lunch: People-Centric Intelligence Ash Ahuja; F. Christian Byrnes; Bob Jamieson, UL CC7. CISO Circle Breakfast: I Hacked Your Breakfast Ash Ahuja, Perry Carpenter D3. General Session: Overcoming Political Land Mines to Accelerate Change Tina Nunno E11. Crossfire: Debating Pervasive Data-at-Rest Encryption Great Security or Grand Illusion? Erik T. Heidt, Ramon Krikken F1./G1. General Session: Digital Business and Your New Relationship With Risk Paul E. Proctor F3. Changing Your Security Culture: Why Change Is Hard and to Do About It Debra Logan F4. Career Path: Digital Risk Officer Paul E. Proctor F5. Building Advanced KRIs: Risk Metrics That Influence Business Decisions Paul E. Proctor F11./G11. General Session: Trust in the New World PayPal s Approach to Risk and the Evolving Role of the CRO Tomer Barel, CRO, PayPal; Avivah Litan F12. One Simple Way to Get Your CEO to Embrace Risk Management John A. Wheeler G4. Women in Security and Risk Management Victoria Barber, Avivah Litan, Debra Logan, Tina Nunno,, K1. Opening Keynote: Manage Risk and Deliver Security in a Digital World Ant Allan, Peter Firstbrook, Avivah Litan K3. Keynote: Cybersecurity Scenario 2020 The Impact of Digital Business on Security F. Christian Byrnes K4. Keynote: U.S. Intelligence, Defense and Cybersecurity Strategies Leon Panetta, U.S. Secretary of Defense ( ), Director, Central Intelligence Agency ( ), Chief of Staff to President Bill Clinton ( ), and Co-founder, Panetta Institute for Public Policy K5. Guest Keynote: Inkjet Business Model Considered Harmful Cory Doctorow, Journalist, Science Fiction Author, Activist and Blogger K6. Closing Keynote: The Great Race to Digital Moments Chris Howard W3. Workshop: Make the Business Case and Obtain BCM Program Executive Sponsorship Belinda Wilson, 9 Why do organizations need to anticipate the unexpected, and work to enable a discipline of risk management and business disruption response and recovery in the corporate culture, toward the goal of business resilience? H1. Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari, Carnegie Mellon University; H2. The Availability Implications for Digital Business H3. The BIA is Complete Now? Yannick Bergeron, Belinda Wilson H4. Case Study: Best Practices for Globally Managing Business Continuity A Reed Elsevier Case Study Alice Kaltenmark, MBCP, MBCI, Director, Global IT Service Continuity Management, Reed Elsevier Technology Services; John P. Morency 4

5 H7. Supplier Contingency Planning Christopher Ambrose H8. Makes Organizations Resilient and Why You Should Care Lynnda Nelson, President, ICOR; H9. Qualcomm Case Study: Activations Have We Learned? Suzanna Hall, Senior Manager, Business Continuity, Qualcomm; Katie Wiest, Director Operations, Qualcomm; Belinda Wilson H10. Enhance Your Reputation Through Crisis Communications and Emergency Notifications Richard Bieber, Ultimate Software; John Trusty Hicks, Program Manager, Asset Protection Solutions, Walgreens; H11. Using the BCI s Good Practice Guidelines for Program Development and Maturation Belinda Wilson; Brian Zawada, FBCI, MBCP, President, The Business Continuity Institute H12. Why Crisis Management Is the Heart of BCM Software H16. Justifying and Implementing IT Service Continuity John P. Morency 10 are the top trends, market outlooks and emerging approaches that provide the greatest opportunity for vendors to expand their offerings or customer reach? J1. Top Market Trends in the Endpoint Detection and Response Market Lawrence Pingree J2. The Impact of Data Center Transformation on Security Eric Ahlm J3. User Authentication Vendors Are Not the Only User Authentication Vendors Ant Allan J4. Future of Endpoint Management Rob Smith J5. Security in the Cloud: Consider Different Risks and Opportunities Ruggero Contu J6. To the Point: Enterprise Network Firewalls Magic Quadrant Adam Hils J7. Security Incident Response in the Age of the APT Anton Chuvakin J8. The Three-Year Outlook for Advanced Threat Solutions Eric Ahlm J10. Are UTM and NGFW Firewalls Really Just the Same? Eric Ahlm, Sid Deshpande, Adam Hils J11. Crisis of Trust: The Supply Chain Is Doomed Jay Heiser, Neil MacDonald J12. Enterprise Mobility Management Magic Quadrant and Critical Capabilities Review Rob Smith J13. Discussion of Network Forensics Challenges and Provider Solutions Sid Deshpande, Lawrence Pingree J14. CASBs: The Fastest Maturing Emerging Market in Security Eric Ahlm, Sid Deshpande J15. Signature Series: Information Security Buying Behaviors and Budget Trends 2015 Lawrence Pingree 11 are the insights into the architecture and use of security technologies to manage risk appropriately? E1. Art of Cloud Security: AWS Edition Erik T. Heidt E2. Designing the Modern Application Security Perimeter With Mobile and Cloud in Mind Ramon Krikken E3. How to Collect, Refine and Use Threat Intelligence Anton Chuvakin E4. Assessing Cloud Service Providers: Getting Beyond the Checklists Erik T. Heidt E5. How to Use Attack Chain Model to Plan Security Monitoring Anton Chuvakin, Ramon Krikken E7. Securing Sensitive SaaS Using Cloud Access Security Brokers Ramon Krikken E8. How to Build a Hybrid DDoS Defense Architecture Patrick Hevesi E11. Crossfire: Debating Pervasive Data-at-Rest Encryption Great Security or Grand Illusion? Erik T. Heidt, Ramon Krikken E9. Mobile Device Security: A Comparison of Platforms Patrick Hevesi E12. Art of IaaS Cloud Encryption Erik T. Heidt E13. Insider Threat: NOT an IT Problem? Anton Chuvakin; Erik T. Heidt; Moderator: Patrick Hevesi E16. SIEM Architecture and Operational Processes Anton Chuvakin 5

6 12 are the security and risk management practices and solutions that fit with the drivers unique to SMB organizations? A2. Protecting Your House on the Prairie: Security Strategy for the Smaller Enterprise Rob McMillan, Tom Scholtz B4. Managed Services for the Five Styles of Advanced Threat Defense Kelly M. Kavanagh B8. Mind the SaaS Security Gaps Craig Lawson B9. Signature Series: Mobile Security Threats and Trends in 2015 John Girard, Dionisio Zumerle C3. Network Security Guide to BYOD 2015 Update Claudio Neiva, Lawrence Orans C6. DDoS Attacks Are Here to Stay: Now? Lawrence Orans C10. Defending Endpoints From the Persistent Attack Peter Firstbrook D1. Network Security: How Much Is Enough? Brian Lowans D6. Your Cloud Service Adoption Strategy Must Include Data Protection Brian Lowans D9. Grab the Low-Hanging Fruit to Simplify Your IAM Program Neil Wynne D10. Successfully Selecting an IAM Vendor Neil Wynne G5. Ten Critical Elements for Successful Risk Management Programs John A. Wheeler J5. Security in the Cloud: Consider Different Risks and Opportunities Ruggero Contu J15. Signature Series: Information Security Buying Behaviors and Budget Trends 2015 Lawrence Pingree WC7./WC9./WC14. Water Cooler Session: Insights and Advice for Midmarket Security Leaders James A. Browning, Mike Cisek, Adam Hils, Kelly M. Kavanagh 13 are some of the top security and risk management issues facing financial services? AURS18. Cyberinsurance: Best Practices and Lessons Learned Juergen Weiss AURS27. Digital Creepiness in Financial Services: Risk Professionals Should Prepare For Juergen Weiss B2. The Dark Side of Payment Card Security Avivah Litan B9. Signature Series: Mobile Security Threats and Trends in 2015 John Girard, Dionisio Zumerle C1. Signature Series: The Cloud Security Scenario Jay Heiser C8. Secure Use of AWS and Azure: Comparison and Best Practices Neil MacDonald C14. Case Study: Cybersecurity, Critical Infrastructure and Risk Adam Hils; Samuel Sanders Visner, SVP and General Manager, D5. Titanic or Train Wreck? Ten Signs That Your IAM Program Is About to Go Off Track Brian Iverson D6. Your Cloud Service Adoption Strategy Must Include Data Protection Brian Lowans D8. Future-Proofing IAM Ant Allan D9. Grab the Low-Hanging Fruit to Simplify Your IAM Program Neil Wynne D10. Successfully Selecting an IAM Vendor Neil Wynne D16. Designing the Right Privileged Account Management Solution Anmol Singh E1. Art of Cloud Security: AWS Edition Erik T. Heidt E2. Designing the Modern Application Security Perimeter With Mobile and Cloud in Mind Ramon Krikken E7. Securing Sensitive SaaS Using Cloud Access Security Brokers Ramon Krikken E9. Mobile Device Security: A Comparison of Platforms Patrick Hevesi F11./G11. Trust in the New World: PayPal s Approach to Risk and the Evolving Role of the CRO Tomer Barel, CRO, PayPal; Avivah Litan F14. Cyberinsurance: To Buy or Not to Buy Juergen Weiss G3. Digital Creepiness in Financial Services Risk Professionals Should Prepare For Juergen Weiss G12. How to Present Risk to Board-Level Management: Key Take-Aways From Visa Jeremiah Kung, Visa; 6

7 G14. Privacy and the Internet of Things: Risks, Benefits and How to Avoid Crossing the Creepy Line Carsten Casper IND2. Financial Services Breakfast: Why Defining Right Security Controls the Right Way Matters Homan Farahmand IND5. Financial Services Breakfast: Sharing Best Practices in Cyberinsurance Juergen Weiss J3. User Authentication Vendors Are Not the Only User Authentication Vendors Ant Allan W2. Workshop: The Gartner ITScore Maturity Model for IAM Brian Iverson, Neil Wynne 14 are some of the top security and risk management issues facing education institutions? A5. Top Trends and Take-Aways for Cybersecurity Earl Perkins AURS3. Handling Encrypted Traffic and Other Security Gaps Jeremy D Hoinne B1. How the Internet of Things Will Change Cybersecurity Forever Earl Perkins B9. Signature Series: Mobile Security Threats and Trends in 2015 Dionisio Zumerle C14. Case Study: Cybersecurity, Critical Infrastructure, and Risk Adam Hils; Samuel Sanders Visner, SVP and General Manager, D5. Titanic or Train Wreck? Ten Signs That Your IAM Program Is About to Go Off Track Brian Iverson D6. Your Cloud Service Adoption Strategy Must Include Data Protection Brian Lowans D8. Future-Proofing IAM Ant Allan D9. Grab the Low-Hanging Fruit to Simplify Your IAM Program Neil Wynne D10. Successfully Selecting an IAM Vendor Neil Wynne D16. Designing the Right Privileged Account Management Solution Anmol Singh E9. Mobile Device Security: A Comparison of Platforms Patrick Hevesi G14. Privacy and the Internet of Things: Risks, Benefits and How to Avoid Crossing the Creepy Line Carsten Casper IND6. Education Breakfast: Maintaining Privacy and Security as Education Technology Proliferates David Irwin, Steven L. Kaplan J3. User Authentication Vendors Are Not the Only User Authentication Vendors Ant Allan W2. Workshop: The Gartner ITScore Maturity Model for IAM Brian Iverson, Neil Wynne 15 are some of the top security and risk management issues facing healthcare organizations? A9. General Session: Pulling Back the Wizard s Curtain LabMD s CEO Michael J. Daugherty Reveals the FTC s Data Security Investigation Secrets, Tricks and Tactics Michael J. Daugherty B1. How the Internet of Things Will Change Cybersecurity Forever Earl Perkins B6. The Cyber Kill Chain Craig Lawson B9. Signature Series: Mobile Security Threats and Trends in 2015 John Girard, Dionisio Zumerle C2. Case Study: Top Threats, Vulnerabilities and Hiring Challenges Is a CISO to Do? Mark Eggleston, CISSP, GSEC, CHPS, Director, Security & Business Continuity, Health Partners Plans; Adam Hils C14. Case Study: Cybersecurity, Critical Infrastructure and Risk Adam Hils; Samuel Sanders Visner, SVP and General Manager, E6. Case Study: Mayo Clinic Eric Maiwald; Kevin McDonald, Director, Clinical Information Security, Mayo Clinic E9. Mobile Device Security: A Comparison of Platforms Patrick Hevesi F14. Cyberinsurance: To Buy or Not to Buy? Juergen Weiss G14. Privacy and the Internet of Things: Risks, Benefits and How to Avoid Crossing the Creepy Line Carsten Casper H1. Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari, Carnegie Mellon University; 7

8 IND1. Healthcare Breakfast: Cybersecurity Incidents and Response Management for Healthcare Organizations Kimberly Elizabeth Pagani, Belinda Wilson, Mary E. Wujek IND4. Healthcare Breakfast: Technical Gaps in Medical Device Security Kevin McDonald, Mayo Clinic; Earl Perkins IND7. Healthcare Breakfast: The Tug of War Between Protection and Transparency of Patient Data Mark E. Gilbert, Kevin K. Kampman IND8. Financial Services Breakfast: Risk Management Challenges in Financial Services Juergen Weiss IND10. Healthcare Breakfast: How Much Should Healthcare Organizations Be Investing in Information Security? Tom McClure, Steve Ying WC3. Water Cooler Session: Follow-Up to Mark Eggleston s Case Study (C2) 16 are some of the top security and risk management issues facing government agencies? F14. Cyberinsurance: To Buy or Not to Buy Juergen Weiss H1. Information Security Is a Business Continuity Issue: Are You Ready? Dr. Nader Mehravari, Carnegie Mellon University; IND3./IND9. Government Breakfast Katell Thielemann J5. Security in the Cloud: Consider Different Risks and Opportunities Ruggero Contu K3. Keynote: Cybersecurity Scenario 2020 The Impact of Digital Business on Security F. Christian Byrnes K4. Keynote: U.S. Intelligence, Defense and Cybersecurity Strategies Leon Panetta, U.S. Secretary of Defense ( ), Director, Central Intelligence Agency ( ), Chief of Staff to President Bill Clinton ( ), and Co-founder, Panetta Institute for Public Policy K6. Closing Keynote: The Great Race to Digital Moments Chris Howard A5. Top Trends and Take-Aways for Cybersecurity Earl Perkins B1. How the Internet of Things Will Change Cybersecurity Forever Earl Perkins B6. The Cyber Kill Chain Craig Lawson B7. Astounding Science Fiction and/or Internet of Things Security Scenarios John Girard, Greg Young C1. Signature Series: The Cloud Security Scenario Jay Heiser C6. DDoS Attacks Are Here to Stay Now? Lawrence Orans C8. Secure Use of AWS and Azure: Comparison and Best Practices Neil MacDonald C11. Network Segmentation Best Practices Greg Young C14. Case Study: Cybersecurity, Critical Infrastructure and Risk Adam Hils; Samuel Sanders Visner, SVP and General Manager, D2. Signature Series: The Next Three Years in Threats Greg Young E1. Art of Cloud Security: AWS Edition Erik T. Heidt E2. Designing the Modern Application Security Perimeter With Mobile and Cloud in Mind Ramon Krikken E7. Securing Sensitive SaaS Using Cloud Access Security Brokers Ramon Krikken 8