Advisory Board 2017


Keynote Speakers 2016

A global Cybersecurity Scenario 2020: The impact of Digital Business on Security

Larry Clinton is President and CEO of the Internet Security Alliance (ISA), a multi-sector trade association focused on cyber thought leadership, policy advocacy, and promoting sound security practices for corporations. In 2015, Mr. Clinton was honored as one of the “100 Most Influential Individuals in the Field of Corporate Governance” by the National Association of Corporate Directors (NACD) and in 2016 was awarded the SC Magazine Editor’s Choice Award. Widely published on cyber security, Mr. Clinton was the principle author of the 2014 NACD CyberRisk Handbook for Corporate Boards endorsed by the Department of Homeland Security in 2015. A cyber security source for the press, Clinton is featured in articles by the Wall Street Journal, USA Today, Fox News, NBC, CBS, New York Times, PBS Morning Edition, CNN, MTV, etc. He testifies often before Congress; He has briefed industry and governments worldwide including NATO and the OAS. Mr. Clinton was the principle author of the ISA Cyber Social Contract which outlined a market based, as opposed to government regulatory model, for improving cyber security. The document’s recommendations, adopted by the House GOPTask Force on Cyber Security in 2012, are the first and most often cited reference in President Obama's principal policy paper on cyber security. In 2013, the President’s Executive Order on cyber security adopted the ISA's market incentive “social contract” model to promote national cyber security.

Just a few days after the conference, a new President will be elected who will face the twin challenges of stimulating the growth, innovation and productivity enhancements generated by the IoT with an increasingly broadened and insecure digital landscape. This presentation will examine how the proliferation of digital devices is changing virtually every aspect of life and the implications this has for everyone. Based on a multi-year study ISA President Larry Clinton will lay out a framework for integrating advanced technology with economics, innovation and public policy leading to a sustainably secure cyber system. Specific attention is paid to how government’s corporate leadership and individuals will need to adapt the way they think and act in the age of the Internet of Things.

Healthcare IoT Security Challenges

Nick H. Yoo is Chief Security Architect at McKesson Corporation responsible for the global security architecture and key cybersecurity intiatives such as identity and access management, cloud security, and application security.  McKesson, based in San Francisco, is a Fortune Global 500 company and the 5th highest revenue generating company in the United States.  Prior to McKesson, Nick was VP of IT Engineering responsible for software engineering standards, methodology, and frameworks to enhance developers’ productivity and software security.  Nick also worked at global consulting companies such as Ernst & Young, CSC, and EDS, and has over 25 years of IT experience.  Nick is an active member of professional organizational groups such as Bay Area Cybersecurity Incident Response, ISSA, ISACA, and OWASP.  He holds numerous professional certifications including CISM, and CISSP, and has a Bachelor of Business Administration in Information Science, and Masters in Cyber Security.

During this keynote Nick touches the challenges wearable and connected healthcare devices are facing due to many common security controls such as identification, authentication and encryption, where standards do not exist in IoT. Yet, you see many wearable products are gaining traction with enterprise wellness program, insurance, and healthcare providers that make use of insight by individuals who share their data. The two most important questions are: What can we do to ensure data is really coming from users? And what can users to do ensure privacy of their data?

The Hacker will see you now: a skeptical look at connected medical devices

Jay Radcliffe has been working in the computer security field for over twenty years and is currently a Senior Security Consultant and researcher for Rapid7. Coming from the managed security services industry, Jay has used just about every security device made over the last decade. Recently, Jay has presented ground-breaking research on security vulnerabilities in medical devices at Black Hat, BSides and other technology conferences. Having held an amateur radio license since the age of 12, Jay is equally comfortable hacking hardware and working a soldering iron as he is in front of a keyboard performing a penetration test. Jay holds a Masters degree in Information Security Engineering from SANS Technology Institute as well as a Bachelor's degree in Criminal Justice/Pre-Law from Wayne State University. SC Magazine named him one of the Top Influential IT Security Thinkers in 2013.

Jay will cover for us the medical devices connectivity to the internet, which might not be the best idea, especially if done without a secure foundation. As a patient, he will look at the prospective from the person with the device attached to them and dependent on its functioning to stay alive. Additionally he will address what companies and innovators can do now to build that secure foundation for their latest connected product.

Changing the game Cyber-Security vs. Dynamic Cyber-Incident Response

Darek completed his Computer Engineering degree at the University of Alberta, Canada in the 1990s. From the start, he focused on the field of data communications. With ten years of software development experience at HP and GE, Darek took on more sales and marketing management centric roles at Matrikon.
Once Matrikon became part of Honeywell, Darek served as the Strategic Marketing Manager for a year before taking on responsibility for the complete line of Matrikon products as the Sr. Product Marketing manager. In this role he defines and oversees the long term strategy for OPC UA products.  Darek works actively with the OPC Foundation to help evangelize the benefits of adopting OPC UA for use throughout Industrie 4.0, Industrial Internet of Things (IIoT), and Internet Plus.

How to create value of Security of IoT

Chief Medical Information Officer and Assistant Medical Director for Kaiser Permanente, SCAL. John focuses on transforming care delivery with information technology, through exponential technologies and data liquidity.  He led the design and implementation of the largest integrated electronic health record in the US, and is the founder of the international XML standard for health record interoperability known as CDA, CCD and CCDA.  He has led various national innovation programs including virtual care, sponsored or led numerous digital health projects implemented at scale, is senior advisor to the Tricorder X-Prize, and mentors many digital health startups.  He chairs the eHealth Workgroup of the Global Alliance for Genomics and Health (GA4GH), and is a board member of Open mHealth and the NIH funded ‘Policy and Ethics in Precision Medicine’, teaches at multiple Universities including Exponential Medicine at Singularity University, and has published widely on IOT, global genomics, policy, privacy, security, international research collaboration models, interoperability, mobile health, Community Health, mindfulness and resilience, and healthcare transformation.  He has published in Nature, JAMIA, JAMA, has been quoted in WSJ, Forbes, Fast Company, Modern Healthcare, Modern Physician, Mobile Health News, Sloan Management Review, and has authored chapters for four books.  He keynotes and hosts many national and international conferences and consults globally.  He is an active participant on several global initiatives to bring internet services to underserved communities providing access to both jobs and healthcare.  His contributions to healthcare have been recognized by various national awards.  His current work focuses on leveraging a Motivational Formulary©™  across the Healthcare Plecosystem©™ to restore ancient wisdom, mindfulness and resilience while creating a “Behavioral Symphony of Wellness”©™.

Building Security into the Next Generation of Things

As the FBI’s Chief Information Security Officer, Arlette Hart focuses on securely enabling the FBI’s mission – to protect and defend the United States against terrorist and foreign intelligence threats, uphold and enforce the criminal laws of the United States, and provide leadership and criminal justice services to federal, state, municipal, and international agencies and partners.  She does this by walking the line between sharing and securing the FBI’s information technology assets and data.

Ms. Hart builds coalitions across the Bureau, with government partners, and with private industry to shape the direction of cyber security and drive innovation across government and industry.  Joining the bureau as an employee in 2010 after working with the FBI as a contractor for several years, Ms. Hart is the executive in charge of the Bureau’s operational cyber security program. She directs the information assurance capabilities, ensures baseline compliance and ongoing monitoring for external and internal threats.  Her scope includes insider threat, advanced persistent threats, intelligence, technical discovery, investigation, and assessment and mitigation of compromise. Ms. Hart brings technology management and deployment skills to drive effective security architecture from the perimeter to the host. Ms. Hart earned a Bachelors’ Degree Geneva College and a Master’s Degree from Georgetown University.

Combatting National Security Cyber Risks Posed by the Internet of Things

Christine Kringer is the Director of the National Security Division's Outreach Program for the Protection of National Assets at the Department of Justice.  In this role, Christine leads the Division's efforts to develop partnerships with the private sector to promote information sharing and cooperation and combat threats to our nation's security, including cyber-based national security threats. Christine joined the Division in 2008.  She previously served as a Deputy Unit Chief in the National Security Division’s Office of Intelligence where she worked on counterintelligence matters and oversaw cases before the Foreign Intelligence Surveillance Court. Prior to her government service, Christine practiced at a private law firm in Washington, D.C. Christine received her J.D. from the University of Virginia and her B.A. from Texas Tech University.

In this session, Christine will discuss the threats to U.S. national security posed by our increasing reliance on interconnected devices, including the potential exploitation of such devices to steal U.S. company trade secrets, obtain sensitive information, or otherwise cause physical damage or harm.  These risks include threats from nation states and terrorists, as well as from company insiders or 3rd party vendors and suppliers.  Learn how the National Security Division at the Department of Justice is employing a whole-of-government strategy using all available tools to confront malicious cyber actors who seek to exploit vulnerabilities and damage our nation’s physical and economic security.

Cyber Threats and the Internet of Things

Howard Shrobe is a Principal Research Scientist at MIT Computer Science and Artificial Intelligence Laboratory (CSAIL).  He is a former Associate Director of CSAIL and is the Director of CSAIL’s CyberSecurity@CSAIL initiative.  Dr. Shrobe has served twice as a program manager at DARPA: from 1994 - 1997 he served as Chief Scientist of the Information Technology Office and led the Information Security Initiative; from 2010 - 2013 he served as a program manager in TCTO and then I2O, leading the CRASH and MRC programs.  He received his MS (1975) and PhD (1978) from MIT’s Artificial Intelligence Laboratory.

Panel Discussion Keynotes

Day 1  |  Changing CISO perspective – executing security for a connected future

All panelists will share their view on the main challenges for CISOs within the operational and strategic work. Define together with our panelists effective techniques for providing a data and system protection. Afterwards discuss a foundation for seamlessly and securely connecting devices. Learn how to deliver trusted data to the cloud, and how to deliver value through analytics.

Emily is the Corporate VP and Global Chief Information Security Officer (CISO) for AECOM, a Fortune 500 Architecture, Engineering & Construction company with approximately 100,000 employees operating in 150 countries around the world. AECOM design, build, finance and operate much of the world’s critical infrastructure including sports stadiums, Olympic villages, bridges, dams, transportations networks and iconic buildings such as the new World Trade Center in New York City.
Prior to joining AECOM Emily has held various leadership positions in IT leading IT Program Management Offices (PMO), Business Analyst and Technical teams in Europe and the US with a focus on ERP, Operations and Supply Chain, Web Facing Development and IT Finance & Compliance teams in both B2B and B2C environments. Prior to her career in technology, Emily was a Police Detective in the UK Financial Crimes Unit where she led investigations into international investment fraud, large scale identity theft and money laundering cases, running joint investigations with London’s Serious Fraud Office (SFO), the FBI and the SEC.

As Christiana Care Health System's Chief Information Security Officer, provide strategic direction and oversight to a comprehensive program. Lead a high performing, highly visible and credible organization that serves as a consultant to Senior Leadership, all workforce members and Business Associates. Responsibilities are inclusive of policy development, standards and controls implementation, training and awareness, regular risk assessment and mitigation as well as partnerships with internal and external auditors. Collaborate regularly with state and federal regulatory bodies and actively contribute to proposed state and federal regulations that govern privacy and information security.

A member of several Information Security organizations and an active contributor in member areas including steering and advisory committees.
Passionate and well versed in areas of information security, privacy, strategic alignment, process development and overall governance.

David Pollino, SVP, Deputy Chief Security Officer for Bank of the West, is responsible for fraud prevention oversight and education at the bank. Pollino was recently named a top ten influencer by Bank Information Security.

Prior to joining Bank of the West, Pollino served in senior fraud prevention positions for Wells Fargo, Washington Mutual, and Charles Schwab. During his career, Pollino has also worked as an information security consultant at @stake and UUNET advising Fortune 100 companies on information security issues.

Pollino is the author of RSA Press: Wireless security, The Hacker‘s Challenge Books 1, 2 and 3, and Hacking Exposed: Wireless.

As Chief Information Security Officer (CISO) for the City of San Diego, Gary advises the City of San Diego’s executive leadership consisting of Mayoral, City Council, and 40+ city departments and agencies on protecting city government information resources.

Gary oversees citywide cyber security strategy and the enterprise cyber security program, cyber operations, compliance and risk assessment services. His mission includes creating a “risk aware” culture that places high value on securing city information resources and protecting personal information entrusted to the City of San Diego.

Gary is involved in the cybersecurity and technology start-up community in San Diego where he is the Co-Chairman for Cybertech, the parent organization that houses the Cyber incubator Cyberhive and the Internet of Things incubator iHive. He also serves on the board of Brier & Thorn International, a cloud based Managed Security Services Company and is Co-Chairman of Securing Our eCity’s Critical Infrastructure Work-group.

Gary is an active member of the professional organizations ISSA, ISACA, OWASP, and is on the Board of Directors for INFRAGARD. Gary holds numerous professional certifications including: CISSP, CISA, and CRISC, and holds a Bachelor of Science in Information Systems Management & Masters in Business Administration. Gary has over 28 years of experience in Information Security, Enterprise Risk Management, and Data Privacy.

Day 2  |  Identifying and resolving potential threats faster and more effectively across all systems and infrastructure

  • How do we establish and manage trusted relationships between devices
  • Do we really achieve greater control over data over the full lifecycle of these devices?
  • Using data effectively to anticipate, detect, respond and prevent security threats across IT, the businesses and in the cloud

Austin Scott is a SCADA Information Security Engineer at San Diego Gas and Electric. Austin Scott began his career as a software developer working on SCADA products for Schneider Electric and has been a Controls and Automation consultant for over 14 years. In 2006, Austin founded a boutique Automation consulting company in Calgary called Synergist SCADA Inc. Synergist SCADA was acquired by Cimation (now part of Accenture) in 2013 which served as the genesis for the Cimation Calgary. In 2015 Austin Scott won the SANS Difference Makers in Cyber Security for his work on Shell's global industrial cyber security program. Today, Austin is focused on Cyber Security solutions for Industrial Control Systems (ICS) and regularly speaks at events and publishes articles, blogs and books on the subject.

Elena Elkina is a Senior Privacy and Data Protection Management Executive who drives meaningful business progress. She’s started her career as a lawyer 20 years ago, and 10 years later she realized that her passion for law is outmatched by her desire to build and innovate. “Now it is the time to disrupt, innovate, and execute”, says Elena. This is why she is driving her career in privacy and data protection solving some of the most pressing technology issues and making meaningful business changes. Elena’s last 10 years have been focusing on creating enterprise-level global privacy and data protection programs, including developing and implementing data protection policies, maturity models, and long term roadmaps; designing and implementing de-identification and data handling strategies and processes; building privacy and security training and awareness programs. Also, she has been closely working with development and business teams to build cloud, web and mobile consumer and business products across the globe. For Elena, it is not enough to make a sale or get the product out of the door - she strives to help businesses and customers to get the most out of what a product can offer while managing risk and maintaining customer trust and confidence. Elena is known for her entrepreneurial approach to leverage privacy in order to drive business performance while protecting information and serving as a trusted adviser. She has worked with financial and healthcare institutions, software and internet companies, major law firms, and the government sector on both international and domestic levels. Elena’s next goal is to work on disruptive technologies that will design and shape the future. Elena’s dedication to people, passion for her profession, plus her easy going sense of humor has been her strategy to bring people together to orchestrate group dynamic, solve problems, and build trust. She is a co-founder of Women in Security and Privacy (WISP) non-profit organization that focuses on advancing women in security and privacy fields. Also, she is a board member for Leading Women in Technology, a non-profit organization dedicated to unlocking the potential of female professionals who advise technology businesses. She also loves spending time outdoors. It can be mushroom picking, dragon boat racing, or a good run or hike. Being close to nature helps Elena to recharge. But her favorite time is to stay at home with a great book or with her family and friends watching her favorite Star Trek Show “Voyager”.

Britt spent 21 years as a Naval Officer with extensive international leadership experience in the communications environment.  One of his last jobs in the Navy was leading and directing the largest communications exercise in Africa involving 35 nations and 5 regional organizations. He was personally responsible for the marketing strategy that resulted in a 36% increase in participating nations over 2 years. Most recently, Britt was a Senior Program Manager at General Motors where he led a manufacturing information security transformation effort aimed at validating manufacturing controls and technologies throughout General Motors' manufacturing plants.


Advisory Board 2016


Speakers & Moderators 2016


Please enable Javascript
DOWNLOAD AGENDA


Please enable Javascript
DOWNLOAD AGENDA


Please enable Javascript
DOWNLOAD AGENDA