CIO Pittsburgh Summit | August 29, 2019 | The Westin Pittsburgh - Pittsburgh, PA, USA

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Thursday, August 29, 2019 - CIO Pittsburgh Summit

8:00 am - 8:45 am

Registration & Networking Breakfast

 

8:45 am - 8:55 am

Welcome Address & Opening Remarks

Presented by:

Joseph Wynn, Former CISO, Higher Education and Energy Sectors View details

 
 
 

8:55 am - 9:25 am

Share:

Keynote Presentation

Bringing Down the Barriers

With the role of the CIO/CISO expanding, CIO/CISOs are being pushed to increase digital business by using IT in ways that deliver cost saving methods and increased levels of productivity, as well as new opportunities. However, many believe that current methods for these opportunities have reached their end. As a result, it is time to reconfigure these methods in new, unique ways.

Takeaways: 

  1. Latest strategies or methods to increase digital business 
  2. How to confront resiliency or resistance to new digital initiatives 
  3. The different types of behavioral patterns or mindsets to confront

Presented by:

Gregory Ericson, CIO, Essilor View details

 
 
 

9:30 am - 10:00 am

Share:

Keynote Presentation

3 Best Practices for Application Security (and Bonus Tip)

Applications are the lifeblood of the enterprise, but as the threats multiply, as applications move to the cloud, as legacy applications need to be maintained, and as organizations seek competitive advantage with new technologies and faster release cycles, it's easy to see that application security can be a thankless, endless and challenging job. 

Imperva has distilled three best practices (and a bonus tip) that help enterprises of any size vastly improve and simplify application security, accelerate threat detection and operationalize application security in a dynamic world where change is the only constant.

Sponsored by:

Imperva View details

 
 

Presented by:

Paul Aiuto, Sales Engineering Manager, Imperva View details

 
 
 

10:05 am - 10:30 am

Executive Exchange

 

Share:

Think Tank

Closing the Gap of Grief: Business Driven Security

How bad is it? When a breach occurs, how confident are you that you can quantify the impact to the organization in language they understand? This session describes the requirements for closing the gap: Complete visibility, to paint an accurate picture of what's happening across the environment, faster insight through better analytics and detection capabilities and business context around incidents. And finally, more effective response where security teams are certain they are taking the right actions to reduce risk and are sure they are protecting what matters most. 

Takeaways: 

  1. Learn how to garner the right visibility, in the right context, to defend what matters most 
  2. Discover the 6 steps to take command of your evolving security posture in this uncertain, high risk world 
  3. Find out what it takes to link your security strategy with your business priorities

Presented by:

Robert Yarsky, Director, Risk Enterprise Insurance & Business Resiliency, Highmark Health View details

 
 
 

10:30 am - 10:40 am

Morning Networking Coffee Break

 

10:45 am - 11:10 am

Executive Exchange

 

Share:

Executive Boardroom

Protect Your Keys or Don't Waste Your Time Encrypting Your Data

For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don't understand how important it really is. 

Mr. Beutlich will explain in an entertaining (and sometimes graphic) fashion why protecting the encryption key is more important than the encryption itself.

Sponsored by:

nCipher View details

 
 

Presented by:

Brad Beutlich, Vice President of Sales Western Region and LATAM, nCipher View details

 
 
 

11:15 am - 11:40 am

Executive Exchange

 

Think Tank

The Solution for Your Legacy System's Security: The Cloud

Over the lifespan of an organization, CIOs/CISOs have developed and implemented technologies that have been key to the organization's success. However, CISOs and their security teams today find themselves stuck ensuring that legacy systems are secure. The solution is cloud-delivered security products that are more agile with the ability to implement new detection methods and services faster than on-site solutions. While cloud security is an ideal solution, it is important to know that using the cloud is more than moving legacy management servers to the cloud.

Takeaways:

  1. Review the status of legacy system security
  2. What cloud solutions are the best fit for their business
  3. What are the main needs in regards to system's scale, data telemetry, staff growth, machine learning, API-based access, and more

Presented by:

Thomas Dugas, Assistant Vice President and Chief Information Security Officer (CISO), Duquesne University View details

 
 
 

11:45 am - 12:10 pm

Executive Exchange

 

Share:

Executive Boardroom

BigFix sets the standard for endpoint management and security compliance.

IT security and operations teams struggle to keep Unix, Linux, Mac and Windows servers and enduser devices continuously patched and compliant with security and regulatory mandates.  They also strive for faster time-to-remediation during incidents.

Using HCL BigFix, IT operations and security teams can instantly report to executives, board members and high-value supply chain partners that all systems are continuously patched and compliant, resulting in increased productivity and cost savings. CyFIR Enterprise complements BigFix by concurrently analyzing running processes on every endpoint in near real-time, without impact to business or network operations.  The game changing combination of BigFix and CyFIR dramatically reduces the ?blast radius' of security incidents.

Sponsored by:

HCL BigFix View details

 
 

Presented by:

Mark Phinick, Vice President of BigFix Sales, HCL BigFix View details

 
 
 

12:15 pm - 12:40 pm

Executive Exchange

 

Share:

Executive Boardroom

What Is Your Security Partner Actually Doing For You? Behind the Scenes of MDR

The evolution of threats has forced cybersecurity protection to advance to meet the needs of organizations. Technology and managed SIEMs no longer solve the problem alone. Detected threats require real-time responses to contain incidents from escalating to business disrupting events. Managed Detection and Response (MDR) provides organizations the ability to proactively respond to security incidents while providing a positive return on investment. Not all security partners are equal, so what is your security partner actually doing for you and is it enough?

Sponsored by:

eSentire View details

 
 

Presented by:

Matt Smith, Senior Solutions Architect, eSentire View details

 
 
 

12:40 pm - 1:50 pm

Working Lunch & Panel

The Revitalizing Change in the Role of the CXO

A CXO's role, goals and objectives have drastically changed over the years as most CXOs supervise teams and units beyond their IT's security. Because of these changes in responsibilities, the role of a CXO has become both more attractive and more demanding.

Takeaways:

  1. What are the significant changes regarding the role of the CXO
  2. How to keep up with the changing requirements
  3. How to properly measure a CXO's success

Moderated by:

Jonathan Hale, CISO, Veolia North America View details

 
 

Panelists:

Derek Brown, Director of Cyber Security and Network Operations, EQT

 

Thomas Dugas, Assistant Vice President and Chief Information Security Officer (CISO), Duquesne University View details

 
 

Gregory Ericson, CIO, Essilor View details

 
 
 

1:55 pm - 2:20 pm

Executive Exchange

 

Share:

Executive Boardroom

Scaling Multicloud and Hybrid Cloud Usage without Sacrificing Data Security and Compliance

Analysts claim that 50% of today's public cloud data and workloads will migrate to private clouds in the next two years. But, don't worry about the public cloud behemoths because their average CAGR continues above 20%. However, the result is that cloud data is spreading across multiclouds and increasingly migrating to private clouds that offers the Enterprise more control. This acceleration in lift and shift of workloads creates data security and compliance risks as well as management complexities. In this discussion, we'll share trends and best practices for enabling data portability without compromising security, compliance, and operational efficiencies. 

Take Aways: 

  • Sharing trends seen by analysts and your peers on multicloud adoption and challenges 
  • Discussion of best practices for leveraging native cloud data security services effectively to maintain compliance and control 
  • Methodology for efficiently applying data and access security techniques that allow for secure lift and shift between public and private clouds

Sponsored by:

Thales eSecurity View details

 
 
 

2:25 pm - 2:50 pm

Executive Exchange

 

Share:

Think Tank

Navigating Security & Risk in a Changing IT Landscape

Agile, DevOps, containers, microservices and the cloud are all seeing increased adoption across the enterprise. But, while there are valid business reasons to embrace these new models, there is potential risk in implementation. Is this change necessary? If so, how can this change be accommodated effectively, safely? This session will cover some common elements of the risk of change - and of not changing - and suggest approaches to minimize risk as you adopt these new technologies. 

Takeaways: 

  1. The IT Landscape will continue to change leading to new processes, new technologies and new "standard" ways of doing IT business 
  2. This changing Landscape will present security challenges where you will need to balance the "pain of same" vs the "pain of change"

Presented by:

Jonathan Hale, CISO, Veolia North America View details

 
 
 

2:55 pm - 3:20 pm

Executive Exchange

 

Share:

Executive Boardroom

Fireside Chat: Gaining an Aerial View of all Interactions on your Network

Network security has seen a resurgence in activity attempting to solve challenges detecting and responding to threats in the network. Some are focused on security analytics as a core business while others are pivoting from the network performance monitoring space into network detection and response. 

Increased complexity and frequency of attacks along with overreliance on prevention controls means the need for detection and response has never been greater. Join us as we discuss how network detection and response deliver an aerial view in your infrastructure.

Sponsored by:

Vectra AI, Inc View details

 
 

Presented by:

Kevin Sheu, VP of Product Marketing, Vectra AI, Inc View details

 
 
 

3:20 pm - 3:30 pm

Afternoon Networking Coffee Break

 

3:35 pm - 4:00 pm

Executive Exchange

 

Share:

Think Tank

All Eyes on You

Security breaches are the most intimidating threats for CISOs and security executives. Because of that, upper level management, shareholders and even consumers are focusing now more than ever on the security department. With that, CISOs need to see this as an opportunity to work closely with business stakeholders to incorporate cybersecurity strategy with their organization's business initiatives. This is an ideal opportunity to address skill shortages and increase professional development of the internal security workforce.

Takeaways:

  1. How the CISO's role has changed
  2. The latest security threats and how they can positively impact your team
  3. How to measures your teams shortcomings and areas for improvement

Presented by:

Colleen McMahon, CISO, Mylan

 
 

4:05 pm - 4:30 pm

Executive Exchange

 

Share:

Think Tank

Cloud Applications: The Forecast is Partly Sunny

A high-level review of organizational preparedness when migrating to Cloud Applications for executives, senior managers and managers. The presentation will cover some of the advantages and disadvantages of cloud applications so that the audience can enter into an engagement with eyes wide open. Highlights of the presentation include "M.E.S.S."(Mentality, Expectations, Security and SLAs), which describes what is likely to and should change to be successful. The title "Partly Sunny" reflects the presenter's experiences and involvement with migrating several on premise application to vendor hosted Cloud applications.

Presented by:

Marcel Schachter, Director of Information Technology and VP, PNC View details

 
 
 

4:35 pm - 5:00 pm

What's the Next Stop On the Transformation Journey?

Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CISOs where common issues can be addressed and success stories can be shared.

Takeaways:

  1. Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you
  2. Sharing stories of success (and failures) is not reserved to a one-day CISO Summit, but should be shared on a regular basis with your peers

Presented by:

Jay Copenhaver, Former CTO/ Event Partner MC, McLanahan Corporation View details

 
 
 

5:00 pm - 6:30 pm

Summit Happy Hour