• Overview
  • Program
  • Sponsors

The intersection of financial services and cybersecurity took on a new depth in 2020, with the rapid digitization of products and services and the wholesale shift to remote working caused by the pandemic. We now know many of these changes are here to stay, and cybersecurity is increasingly central to being competitive in a digital marketplace.  

New cyber challenges and risks call for increased sharing across borders and the only way to stay ahead of sophisticated threat actors is to collaborate. Join our three-day virtual summit to stay at the forefront of these new technology trends and emerging paradigms. A mix of live and on-demand sessions covering relevant topics around:

  • Technology, Cloud, Application, and Data Security
  • Governance, Risk Management, Compliance, and Resilience
  • Payments and Currency
  • Cross-Border Intelligence

View the full agenda

Program

Summit Chair

Kristin Royster, Bank of America

Senior Vice President, Information Security Executive, Global Information Security

Event Toggle Arrow

Kristin is an executive with Bank of America’s Global Information Security (GIS) team. She oversees and manages GIS’s external engagements with industry and government partners. In this role, her team leads GIS’s involvement in sector resilience efforts and works with internal partners and external stakeholders to identify external opportunities for driving security efforts that align with GIS’s overall goals. In her previous role, Kristin led GIS’s external cyber security public policy efforts. 

 summit-chair-headshotPrior to joining Bank of America in 2012, Kristin was the Director of External Affairs for the Office of Cybersecurity and Communications within the Department of Homeland Security. She also served as the Director of Cybersecurity Legislative Affairs for the National Security Staff at the White House and was responsible for developing the Obama Administration’s cyber security legislative proposal.

Kristin is a graduate of the University of Delaware where she received her B.A. in Political Science and received her master’s degree in Public Policy from George Mason University. She lives in northern Virginia with her husband and their two children.

Keynote

A Conversation with Chris Inglis, Interviewed by Ann Barron-DiCamillo

Event Toggle Arrow

headshot-johncMr. Inglis currently serves as the current U. S. Naval Academy Looker Distinguished Visiting Professor for Cyber Studies. He retired from the Department of Defense in January 2014 after 41 years of federal service, including 28 years at NSA and seven and a half years as its Deputy Director. He is a managing director at Paladin Capital, a member of the Department of Defense Science Board, a member of the Boards of FedEx and Huntington Bank, and a Commissioner on the US Cyberspace Solarium Commission.

Mr. Inglis holds advanced degrees in engineering and computer science from Columbia University, Johns Hopkins University, and the George Washington University. Mr. Inglis’ military career includes 30 years of service in the US Air Force and Air National Guard -- from which he retired as a Brigadier General. He holds the rating of Command Pilot.

Keynote

Covid-19 Immunity in the US. Data Driven Forecasts to Help Members Adjust 2021 Plans

Youyang Gu, Data Scientist | Paul Benda, ABA SVP | Max Morris, Ally Financial

Event Toggle Arrow

FS-ISAC members are continuing to adapt operations during the pandemic. Forecasts of infection rates and immunity will help managers anticipate changes in operations and public facing service delivery.

The number of infections and the rate of deaths from Covid-19 are declining, why? The answer could be that there is immunity in the population from large numbers of people who have had Covid-19 infections and recovered. There may be immunity in the growing population who are vaccinated. There may be a significant group who have immunity from recovered infections plus vaccination. What effect will these combinations of immunity have on the US population in the coming months? What will be the rate of infection going forward? How will virus variants change the forecast?

Bios:

Youyang Gu, a data scientist developed the most accurate 2020 forecast of Covid-19 fatality rates in the US. He has created a model using machine learning techniques that is forecasting significant changes in immunity and infection rates for 2021.

Paul Benda, ABA SVP has provided data driven briefings during the pandemic to the Financial Services Sector Coordinating Council and continues to monitor changes in reported Covid-19 numbers.

Max Morris,  Max M. Morris is the Senior Director of Cyber Defense and Response for Ally Bank. In his role, Max leads a group of cyber security professionals who run the company’s Security Operations Center, handle Cyber Security Incident Response, provide Threat Intelligence and Data Loss Prevention services. His Teams also have responsibility for Cyber Crimes, Fusion Center integration, Insider Threat, Phishing Response, Cyber Tabletops and Exercises, Threat Hunting, Compromise Assessment and Penetration Testing.

Max has been heavily involved for over fifteen years with the Financial Services Information Sharing and Analysis Center (FS-ISAC), the only industry forum for collaboration on critical information and physical security threats facing the financial sector. He served two terms on the Board of Directors, co-Chairs the Threat Intelligence Committee (TIC), sits on the TIC’s Executive Governance Committee and Chairs the sector’s Media Response Team. He also represented the sector in the DHS sponsored Cyber Storm National Exercises, has participated in the Hamilton, CAPS and other industry cyber simulations, was elected to the FS-ISAC Crisis Management Leadership Team, chaired the Annual Member’s Conference for two years and developed and led a recurring Regional Outreach Program.

Tempt the Titans

2021 Will be the Most Profound Year in Cybersecurity in our Global History – A Conversation for the C-Suite

Robert Herjavec, Founder & CEO, Herjavec Group

Event Toggle Arrow

Tempt the Titans Event Description:

FS-ISAC is hosting a “Shark Tank” style event called Tempt the Titans. This event offers an opportunity for innovative cyber startups to pitch to a panel of financial sector Titans. We’ll have three judges (prominent Cybersecurity Executives) along with Robert Herjavec from Shark Tank who provide feedback on the solution. If the Titans are tempted, start-ups will be offered a formal evaluation by the member firm.

logo-HG_HD (002)

Session Description:

This is going to be the year we look back to in terms of heightened impacts of nation-state attacks and emerging malware threats. Targeted attacks like those against the SolarWinds supply chain, and the total system disruption of UVM Health Network, are only the beginning of what we can expect to see. The challenges we will face as a cybersecurity community will be varied, continuous, and demanding. With the COVID-19 vaccine being rolled out, enterprises will start heading back into the physical workspace, embracing a flexible, hybrid work model. We will reconnect the devices we sent home a year ago and be in for a world of hurt if the right processes, programs and support services are not in place. As cybersecurity professionals, the pandemic drastically affected the way we detect, manage, respond, protect, and secure. Join Herjavec Group Founder & CEO, Robert Herjavec, as he explores the emerging  threats targeting the Financial Services industry and our global economy. He will discuss key cybersecurity conversations that should be had across your executive teams in order to confront the paradigm shift resulting from the pandemic head on.

Bio:

roberthA dynamic entrepreneur, Robert Herjavec has built and sold several IT companies. In 2003 Robert founded Herjavec Group, and it quickly became one of North America’s fastest growing technology companies. Today, Herjavec Group is a global leader in information security, operating across the United States, United Kingdom and Canada; specializing in managed security services, advisory services, identity and incident response for enterprise level organizations. Robert’s ability to interpret industry trends and understand enterprise business security demands has helped him achieve the profile of a global cybersecurity expert. He has served as a Cybersecurity Advisor for the Government of Canada, participated in the White House Summit on Cybersecurity and is a member of the US Chamber of Commerce Task Force for Cybersecurity. His views on the threat landscape, on emerging technologies and on the need for a proactive security framework are regularly profiled across print, digital and television mediums. He shares his expertise with other entrepreneurs each week as a leading Shark on ABC’s Emmy Award-winning hit show Shark Tank.

Tempt the Titans Start-Up Firms:

21VS_3T_Cymulate

21VS_3T_FiVerity

21VS_3T_HelmCyber

21VS_3T_Orca-Security

21VS_3T_Silverfort

 

Sessions

Building an Enterprise Data Protection Program

Jim Routh | Former CISO | BigID

Event Toggle Arrow

The purpose of this session is to understand the most effective ways of gaining business stakeholder alignment to build and implement an effective data protection program using a contemporary tech stack addressing the significant challenges for consumer and business data resilience given cyber security and privacy requirements.

Breaking Quarantine: Enabling Effective Cross-Border Intelligence Exchange

CIBC, CME Group, and TD Bank

Event Toggle Arrow

Being able to share intelligence across your company's footprint is extremely important. However, no two countries or regions are alike and each poses their own unique blend of challenges and opportunities. In this presentation, we will discuss our own experiences and lessons learned in developing successful cross-border intelligence exchange.

How do you solve a problem like passwords?

Liberty Mutual

Event Toggle Arrow

When faced with the stark reality that 8-character passwords represented a significant security risk, we went big: changing the rules, embracing digital, and launching globally. In this session you'll learn about Liberty Mutual’s approach to global adoption of passphrases.

The Use of Synthetics to Commit Pandemic Related Frauds

ADP

Event Toggle Arrow

In this presentation, we will review how synthetics are being utilized to perpetrate pandemic related frauds in the Payroll Protection Program and Unemployment Insurance. An overview of the government programs will take place with the controls that were in place, how they were compromised, by who and what you can do to remediate risk.

Spotting the Face: Enhancing Synthetic Identity Fraud Detection

Federal Reserve Bank of Boston, LexisNexis, and Sentilink

Event Toggle Arrow

The industry has struggled to combat synthetic identity fraud due to lack of awareness, differing definitions and inconsistent reporting. A Fed-led focus group developed an industry-recommended definition to foster improved measurement, detection and mitigation. Hear experts discuss the definition and how it plays into fighting this fraud.

Data Protection: Why We Care and Built a Data Inventory

MassMutual

Event Toggle Arrow

Brand data protection as an enterprise-wide initiative and change attitudes about protecting the most critical data. A data inventory is key to success in quantifying and qualifying data in order to protect it. Protecting data is everyone's business - do your users know that? 

Security’s Role for Trustworthy AI (and other) Models

FS-ISAC

Event Toggle Arrow

Recent advances have seen a tremendous growth in the use of black box models (such as AI) for business decision making. Deploying trustworthy and secure models requires new approaches from traditional app development. This presentation reviews what security's role should be in this new paradigm.

Wait aren’t they our vendor? Using Threat Intelligence to Minimize Supplier Risk

CIBC

Event Toggle Arrow

Supply chain threats are increasing, with SolarWinds not being the first or last of its kind. How organizations can mitigate the impact of vendor breaches is front and centre in 2021. This session will discuss the role that cyber threat intelligence can play in minimalizing supply chain risk and how to grow a vendor intelligence program.

PowerShell for Security Nerds

Soros

Event Toggle Arrow

PowerShell attacks are becoming more and more prevalent throughout all stages of the attack lifecycle. This talk will aim to cover why attackers are using PowerShell, how malicious PowerShell activities look and behave, and then what defensive measures can be taken to detect and prevent these attacks.

Using Model Driven Security to Apply Risk-based Controls and Unify Security Data

MassMutual

Event Toggle Arrow

MassMutual transitioned from rule-based security to model driven security using data science and analytics. Instead of looking at 7 different tools and trying to correlate user’s behavior, we now have a single product which delivers a unified, risk-prioritized view of threats across all our teams: data science, identity, security & architecture.