• Overview
  • Program
  • Sponsors

View Full Agenda

Registration open! 

Please register via Intelligence Exchange or on the Member Services Portal.
** If you are a member but don't have an Intelligence Exchange account please reach out to your POC or email memberquestions@fsisac.com.

Please note: As of 22 February, this event will be held in person. We are monitoring the progress of the variant closely and will keep the community informed of any changes. See our FAQs for additional information pertaining to pandemic-related precautions.

SPONSORS: View sponsorship opportunities here.


The New Cyber Era: Hyper Connected & Unbound 

As financial services rapidly digitize around the world, cybersecurity is now a business priority. The high-profile supply chain attacks and explosion of ransomware over the last year are not happening in a vacuum.

Several fast-moving trends are transforming financial services: a widespread move to the cloud, new fintech players gaining ground on traditional financial institutions, and growing use of cryptocurrencies by institutional and retail investors.

This convergence of trends and threats means we are more interconnected and interdependent, necessitating a reimagining of cybersecurity for an era of constant change and ever-more complex cyber risks that know no borders.

Join our summit to stay at the forefront of these new technology trends and emerging paradigms. A mix of sessions covering relevant topics and more around:

  • Technology, Cloud, Application, and Data Security
  • Governance, Risk Management, Compliance, and Resilience
  • Payments and Currency
  • Cross-Border Intelligence

Program

Keynotes

Opening Keynote: Re-Imagining Resilience in the New Cyber Era

Theresa Payton, Former CIO | White House

Event Toggle Arrow

Payton_Theresa_PromopicBio: As the star of the former CBS TV series Hunted, Payton identifies emerging trends and techniques to help combat cyber threats, from the impact of the Internet of Things to securing Big Data.

Payton is the cybersecurity expert that organizations turn to for discreet help during data breaches and to improve IT systems and strategies. She made history as the first female to serve as White House Chief Information Officer and currently helps organizations in both the public and private sectors protect their most valuable resources.

Managing cybersecurity risk is what Payton knows and does best. Before overseeing IT operations as CIO for President George W. Bush and his administration, she held executive roles in banking technology for two of the country’s top financial institutions. After serving in the White House, she went on to co-found Dark3, a cybersecurity product company, and Fortalice Solutions, a world-class cybersecurity consulting firm ranked a Top 5 Most Innovative Cybersecurity Company in Northern Virginia, Maryland and Washington, D.C.

Named one of the Top 25 Most Influential People in Security by Security Magazine, Payton was also featured in the book 100 Fascinating Women Fighting Cybercrime and honored as the 2019 Woman Cybersecurity Leader of the Year. Business Insider named her one of the top 50 Cybersecurity Leaders of 2020, CISO Magazine named her Cybersecurity Crusader of the Year in 2020, and Awards Magazine named her one of the Top 50 Women in Tech in 2021. She is the author of several publications on IT strategy and cybersecurity, including Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth, released in 2020. Cyber Security Experts named her one of the 100 Most Influential People in Cyber Security in 2021.

Payton is sought out by media news outlets to explain complex security issues and help viewers understand how to protect their privacy. She has been a frequent guest on The Today Show, Good Morning America, Fox Business, and Fox News and has been featured on CBS News, CNN, NBC News, and MSNBC, as well as Canadian and Irish news outlets. She is the host of Cybercrime magazine’s weekly one-minute podcast, The CISO Minute.

Closing Keynote: Risks, Benefits, and the Future of Money in the New Cyber Era

Neha Narula, Director of the Digital Currency Initiative | MIT Media Lab

Event Toggle Arrow

Neha NarulaBio: Neha Narula, Director of the Digital Currency Initiative at MIT, believes digital currencies and blockchains – public ledgers in which transactions between users in a network are stored in a secure, verifiable and permanent way – offer a positive path forward in an era of shifting trust by maintaining the integrity of online transactions, records and other underpinnings of commerce.

Summit Chair

Shaun Khalfan

SVP, Chief Information Security Officer | Discover Financial Services

Event Toggle Arrow

Khalfan Bio Pic-cropped2Shaun currently serves as the SVP, Chief Information Security Officer for Discover Financial Services. In this role, he leads the Information Security organization with overall responsibility for implementing the information security strategy and objectives, including strategies to manage cybersecurity risk and building a strong cyber engineering function to enable digital transformation.

Shaun has over 20 years of IT experience with specialization in information security and risk management. Shaun has held roles in increasing responsibility at the Department of Defense, culminating in the role of Chief Information Security Officer for the Department of Homeland Security, U.S. Customs and Border Protection. He was Vice President, Chief Information Security Officer at Freddie Mac where he was responsible for company-wide cybersecurity risk reduction efforts, security architecture, securing cloud transition, modern software delivery transformation, and end-user experience enhancement initiatives.

Most recently, he served as Managing Director, Chief Information Security Officer at Barclays International, leading a team focused on enabling business partners and managing cyber risk across a diverse and complex global banking environment.

Shaun is a graduate of the University of Maryland and has an MBA from the George Washington University School of Business. He serves on the board of the National Cyber Security Alliance, is a fellow with the American Council for Technology, and an adjunct professor at Carnegie Mellon University. Shaun is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a graduate of the Department of Defense Executive Leadership Development Program.

27 March

1:00 p.m. - 4:00 p.m. ET

Exercise Planner Training for the Financial Services Sector

Event Toggle Arrow

Is your organization looking to conduct internal tabletop exercises or participate in the planning of sector-wide exercises but are currently lacking personnel with the skills to plan them? This training can help.

We’ll walk through the overall exercise planning methodology used by the financial services sector, including goal and objectives development, scenario crafting, documentation requirements, presentation and facilitation, and after-action report development.

Exercises are a key component of organizational resilience and preparedness and help ensure that your firm is up to the task of dealing with the latest risks and threats.

This session will be located at the hotel for the summit. The cost is $249.

Register Now

 

28 March

Post-Quantum Cryptography (PQC) Risk Modeling for Resilience

Dale Miller and Richard Toohey | Wells Fargo

Event Toggle Arrow

Quantum computers provide a path to rapid advancements, and with this potential comes tremendous risk. The work needed to transition to Post-Quantum Cryptography (PQC) will dwarf that of Y2K. But unlike Y2K, the unknown is whether a cryptographically relevant quantum computer will come to market in 3 or 30 years. Risk modeling is the first step toward resilience.

Dale's Bio

Dale is a security, innovation, and technology business leader for Wells Fargo with over 25 years of experience in IT. He is a problem-solver with a reputation for formulating strategies and developing solutions to large, complex technology issues. Dale leads innovation efforts in cybersecurity to build an accelerator hub to rapidly prototype and build out innovative ideas, and he is responsible for developing and building security engineering and services teams that support the selection evaluation and deployment of strategic security products. His most recent areas of focus include Data Visualization using AI and ML models; Third-party risk models; IP capture and management; Evaluation of new cyber security companies for portfolio integration.

Richard Toohey's Bio:

Richard Toohey is a Program Analyst for Wells Fargo working in information security and advanced technology, where his work focuses on post-quantum cryptography, digital identity, and quantum technology. Richard graduated from the University of Wisconsin-Madison with a Bachelor’s in astrophysics and a Master’s in physics and quantum computing. Richard is currently working on his PhD in Earth and Atmospheric Science at Cornell University.

 

29 March

Master Class: Roger Grimes Teaches You Phishing Mitigation

Roger Grimes, Data-Driven Defense Evangelist | KnowBe4

Event Toggle Arrow

Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to Business Email Compromise, session hijacking, ransomware and more.

Bio:

Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 13 books and over 1,000 magazine articles on computer security. He now serves as the Data-Driven Defense Evangelist for KnowBe4. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He was the weekly security columnist for InfoWorld and CSO magazines from 2005-2019.

 

Can you C2 me? Hunting, Collecting and Sharing C2 IoCs

Matthew Kelly and Riley Zink | Bank of America

Event Toggle Arrow

Command and Control (C2) is a essential threat actor technique and often Internet accessible. The ubiquity of open source C2 frameworks has made 'custom C2' a relatively rare phenomenon. This talk will demonstrate methodologies for collecting and scanning the Internet to identify C2 servers.

Matt's Bio:

Matt leads the Emerging Threat team at Bank of America, including the Red Team, Hunt Team, and Purple Team. Matt specializes in simulating and hunting threat actors, and has signficant experience in red teaming, threat hunting, and incident response.

Riley's Bio:

Riley Zink is a Purple Team specialist at Bank of America who focuses on threat research, threat simulation, threat hunting and detection creation. Prior to the bank, Riley founded the red team at CME Group and has also held various information security consulting roles.

 

Houston, We Have a Problem: Entitlements and Sensitive Data

Mike Kiser, Director of Strategy and Standards | SailPoint Technologies

Event Toggle Arrow

Similar to space debris, sensitive data and entitlements are increasing at an alarming rate. Much of this access is abandoned, forgotten, and dangerous, which elevates business risk. Taking cues from the cleanup of space junk, this talk will explore how to govern this often unseen threat.

Bio:

Mike Kiser has held a panoply of industry positions over the past 20 years—from the Office of the CTO to Security Architect. He has designed, directed, and advised on large-scale security deployments for a global clientele. He speaks regularly at events such as the European Identity Conference and the RSA Conference, is a member of several standards groups, and has presented identity-related research at Black Hat and Def Con. He is currently the Director of Strategy and Standards at SailPoint Technologies.