EVENT
CISO Indianapolis Summit | August 7, 2018 | The Westin Indianapolis - Indianapolis, IN, USA
agenda
Download Agenda (PDF)↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session 
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
Tuesday, August 7, 2018 - CISO Indianapolis Summit
8:00 am - 8:40 am
Registration and Networking Breakfast
8:45 am - 8:55 am
Welcome Address and Opening Remarks 
Moderated by:
Jeff Ton, Former Chief Information Officer of Goodwill Industries of Central Indiana, Writer & Speaker, Founder & Manager of Indy CIO Netw, Bluelock, LLC 
9:00 am - 9:35 am
Keynote Presentation
Chicken Little Has Left the Room: Security Beyond Fear
We've been managing risk in our business for hundreds of years, yet we continue to treat cyber threats as a special case. While it's true that we're in a time of escalating, industrialized threats, organizations still react and lurch from one crisis to another, cobbling together a security program based on yesterdays crisis. It's time we move from a reactive, fear and compliance based program, to a business focused, risk-based approach to cyber security.
Sponsored by:
IBM
Presented by:
Doug Lhotka, Executive Security Architect, IBM
9:40 am - 10:10 am
Executive Exchange
Thought Leadership
Knowing Is Half the Battle - Protecting Applications & Their Sensitive Data
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection RASP changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc.
Presented by:
Greg Wolford, Solutions Architect, Prevoty, Inc.
10:15 am - 10:45 am
Executive Exchange
Think Tank
People, Process & Technology
In an evolving world of technology, organizations will need to adapt to its fast pace or fall behind. This also translate with the individuals that you bring in your IT shop. With the IT innovations and emerging technologies on a rise, your organizations technology are only as good as the people that oversee them.
This session will discuss:
- Attracting the new prospective talent to work for you, other than the competition.
- Motivating your IT staff to grow organically in the organization.
- Harnessing the real strength of Culture in the work place.
- How to incentivize your team to stay, rather than going to the competition.
- How to breed the next class of CIOs, CISOs, CTOs
Presented by:
Carolyn Bogan, VP of IT Service Delivery Operations, KAR Auction Services
10:45 am - 11:00 am
Morning Networking Coffee Break
11:05 am - 11:35 am
Executive Exchange
Executive Boardroom 
Practical, Pragmatic and Secure Cloud Migration
Cloud Security Alliance's (CSA) "promote[s] best practices for security assurance within Cloud Computing". Recently the CSA released ?Security Guidance for Critical Areas of Focus in Cloud Computing v4.0?. This boardroom session presents specific cloud migration use cases and provides recommendations across security disciplines with specific attention on data protection.
Sponsored by:
Thales eSecurity, Inc.
Presented by:
Eric Wolff, Senior Product Marketing Manager, Thales eSecurity, Inc.
11:40 am - 12:10 pm
Executive Exchange
Think Tank
CIO's and CISO's Got Talent: Finding, Growing & Retaining the Best People
While new technology and solutions can help CIOs and CISOs make more, faster and better decisions for an organization, nothing will take the place of a highly talented workforce. CIOs and CISOs need to be great recruiters of talent but even more importantly growing the skills and capabilities of their team providing engaging and challenging opportunities for people. Competitive compensation is important for retaining great talent but so is a work environment where individual growth and development are front of mind and not an after thought.
Takeaways:
- Highly skilled employees want an environment where they can grow their skills and feel appropriately challenged
- Finding the best people, inside and outside of your company, and then providing a path to individual excellence is a key responsibility of CIOs and CISOs
Presented by:
Steve Schuster, Chief Technology Officer, Incenter
12:15 pm - 12:45 pm
Executive Exchange
Executive Boardroom
The Human Firewall Is on Fire - What Do You Do When the Smoke Clears?
Many enterprises are focused on prevention and are too busy with day-to-day firefights to look beyond the flames and think about how to recover. Beyond preventing attacks, organizations need to focus on detection and response. It is no longer a matter of if you are going to be attacked, but when. Join this session to:
- Learn the cutting edge tactics of these digital thieves
- Identify and combat these attacks
- Learn how to recover, should an attack break through your defenses
Sponsored by:
Mimecast
Presented by:
Brandon Reid, Sales Engineer, Mimecast
12:45 pm - 1:30 pm
Networking Luncheon
1:30 pm - 2:15 pm
Working Panel Session
CIOs/CISOs as the Consummate Communicator
It is also changing the role of the CIO and CISO to be a business leader and internal sales leader for transformation. CIOs are now responsible for communicating strategies and recommendations to CxOs, boards and key stakeholders within a company. Join us, during lunch, for a passionate panel discussion with your peers as they share how they are successfully communicating internally to accomplish the company's goals.
Takeaways:
- CIOs must be great communicators, not only with their teams, but the rest of the organization
- CIOs must learn the best ways to communicate clarity and urgency with Boards and CXOs
Moderated by:
Jeff Ton, Former Chief Information Officer of Goodwill Industries of Central Indiana, Writer & Speaker, Founder & Manager of Indy CIO Netw, Bluelock, LLC
Panelists:
Carl Ceresoli, CTO, Pacers Sports & Entertainment
Jeremy TerBush, SVP, Analytics, Wyndham Worldwide (RCI)
Samantha Lofton Moss, Chief Risk and Information Governance Officer, Ice Miller LLP
2:20 pm - 2:50 pm
Executive Exchange
Think Tank
Which
It is not a matter of if, but a matter of when. Organizations, more and more, and are outsourcing business activities to 3rd-parties because of cost-savings, revenue opportunities, expertise, etc. Thus collaborating with our business partners early to select the right 3rd-party vendor(s) with the appropriate security posture is essential, especially for vendors hosting, processing and/or transmitting sensitive/regulatory information, or having access to our IT assets.
Takeaways:
- Regardless of the reasons, outsourcing some business functions to a 3rd party seems inevitable in today's world
- It is critical to have a proper vetting procedure of 3rd parties before engaging them as business partners who have access to company systems and data
Presented by:
Stan Boultinghouse, Corporate Manager of Information Services (CIO), BMWC Constructors
2:55 pm - 3:25 pm
Executive Exchange
Think Tank
Charitable IT Programs and Community Outreach: How are you giving back to Indianapolis?
There are certainly no shortage of great causes to support in Indianapolis. When it comes to IT or STEM-based nonprofits in Indy, what are our options and how are you getting involved? From straight-up monetary contributions, to scholarships, and/or community service - let's compare notes on who we support, how, and why.
Presented by:
Scot Montgomery, Executive Director of IT, Covance
3:25 pm - 3:35 pm
Afternoon Networking Coffee Break
3:40 pm - 4:10 pm
Executive Exchange
Think Tank
Moving Beyond Our Walls of Data Protection
For most of us, our data is either collected through logs, customers actions, or customer data entry. Our data is then consumed not just by our staff, but also by those outside of our organization. So, why do we focus our information/data protection efforts within the walls that we control? What types of data are we trying to protect? What risks do you face when data leaves our networks? Is it possible to protect our customer data past our walls and all the way to our customer? Is addressing data protection beyond what we can directly control an IT disruptor or the next logical step in data security? Does helping our customers introduce risk?
Takeaways:
- We should be looking for opportunities to move past our walls of direct control.
- We should be careful what we promise and how our efforts are interpreted.
Presented by:
Andrew Howard, Director of Cyber Security and IT Business Management, Pension Fund of the Christian Church
4:15 pm - 4:45 pm
Executive Exchange
Think Tank
Disrupt or Be Disrupted: The Digital Transformation Journey Has No Parking Lots
The seemingly ever expanding cadre of technological tools available to incumbent industry leaders are also available to myriad start-ups. Start-ups are using these new technologies to disrupt industries of all types, changing how customers think about tried and true industries. Disruption is found on every corner and it is critical for CIOs to lead their organizations in a way that make them as nimble as their competitors.
Takeaways:
- Technology enables companies, especially start-ups with no legacy infrastructure, to disrupt industries overnight
- CIOs need to lead their companies in ways that disrupt before they are disrupted by others
Presented by:
Jeff Ton, Former Chief Information Officer of Goodwill Industries of Central Indiana, Writer & Speaker, Founder & Manager of Indy CIO Netw, Bluelock, LLC
4:45 pm - 4:50 pm
Closing Remarks
What's the Next Stop On the Transformation Journey?
The Summit's MC and Panel Moderator will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs and CISOs where common issues can be addressed and success stories can be shared.
Takeaways:
- Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you.
- Sharing stories of success (and failures) is not reserved to a one-day CIO Summit, but should be shared on a regular basis with your peers.
4:50 pm - 6:00 pm