SIM's Cybersecurity Special Interest Group (SIG) is hosting its debut Virtual Conference on Thursday, September 28, 2017 from 11:00 am ET - 5:00 pm ET.  This exclusive, high-level event will offer attendees the opportunity to engage with the sharpest minds on topics such as emerging cyber threats and what it takes to ensure your organization's security.

 The virtual conference will offer two concurrent tracks:

 UNDERSTANDING YOUR RISK & BUILDING RESILIENCE
•      Ransomware & Other Cyber Threats, Why Are We Losing?
•      Legacy Systems to the Internet of Things… Defending it All?
•      Your Critical Assets – Cost Effective Risk Identification
•      What Does the Dark Web Mean to You?

 COMMUNICATING & MITIGATING ENTERPRISE SECURITY RISK
•      Top 5 Things to Tell Your Board About Cybersecurity Risk
•      Managing Your Risk Profile Through Your Attackers’ Eyes
•      Cyber Innovation as a Competitive Advantage
•      Cybersecurity Information Sharing – How Organizations are Doing it

Formed in June 2016, the Cybersecurity SIG's mission is to prepare members and their organizations to meet the challenges and mitigate the risks of tomorrow's ever changing cyber threat landscape.

The practitioner-led Cybersecurity SIG is the premier venue for executive leaders to address timely cybersecurity issues from a strategic perspective. Members gain access to educational forums, peer-to-peer exchange of best practices, and a resource library of actionable intellectual assets.

Register for the Cybersecurity Virtual Conference today!


The cost of registration is only $49 for SIM Members and $199 for non-members.

SESSIONS


All times are Eastern Time Printable Schedule || Times, presenters and sessions are subject to change.

11:00 AM
-to-
11:16 AM


Track:
Risk
add_alert
Add to Calendar

Welcome

 

 


11:16 AM
-to-
11:56 AM


Track:
Risk
add_alert
Add to Calendar

Opening Keynote - The Future of Risk and Cybersecurity, 2018 & Beyond

 

Cyber security risk management is more than a technology solution. Organizations are adopting new safeguards for digital business models as they begin to secure for the potential of the Internet of Things. Many are taking a proactive approach to managing geopolitical threats as they begin to implement business-critical threat intelligence and information-sharing platforms. Join us as Nicole Eagan shares their insights into the future of cyber security and how organizations are managing the challenges as part of an integrated risk management program.


11:56 AM
-to-
12:00 PM


Track:
Risk
add_alert
Add to Calendar

Spotlight on APC

 

 


12:00 PM
-to-
12:17 PM


Track:
Risk
add_alert
Add to Calendar

Cyber News of the Day

 

 


12:17 PM
-to-
12:49 PM


Track:
Risk
add_alert
Add to Calendar

Equifax Breach: What Does this Really Mean?

 

 


12:49 PM
-to-
12:55 PM


Track:
Risk
add_alert
Add to Calendar

Spotlight on SIM Chapters

 

 


12:55 PM
-to-
1:11 PM


Track:
Risk
add_alert
Add to Calendar

Segregation of Duties: A Cybersecurity Safeguard

 

Established risk management practices in banking should be extended to IT operations. For example, Segregation of Duties is a solid foundation for sustainable risk management. Your chief lending officer would not approve loans, nor would one person handle outgoing wires; yet IT sets up and monitors email, keeps the network running, arranges penetration testing, reports to the board, and works directly with auditors. In this session, we will discuss Segregation of Duties in IT governance.

Sponsored by:


1:11 PM
-to-
1:37 PM


Track:
Risk
add_alert
Add to Calendar

Legacy Systems to Internet of Things, Defending It All?

 

The pace of technology continues to rapidly advance and cyber threats along with it. As our organizations are implementing mobile applications and cloud solutions along side our legacy systems, we’ve become more vulnerable than ever. Add to that the oncoming “Internet of Things”. How is a CIO to protect the organization? Listen to James Rouh as he explores an approach to defend it all.


1:11 PM
-to-
1:37 PM


Track:
Strategy
add_alert
Add to Calendar

Your Sector Profile Doesn't Matter, Managing Your Risk Profile Through Your Attackers' Eyes

 

 


1:37 PM
-to-
2:25 PM


Track:
Risk
add_alert
Add to Calendar

Vendor & Networking Lounge

 

 


2:25 PM
-to-
2:55 PM


Track:
Risk
add_alert
Add to Calendar

Your Critical Assets - Cost Effective Risk Identification

 

Curious about the risk posture of your fellow SIM members? Attend this session and see how easy it is to gather accurate vulnerability data without any privileged network access. Join Mohamoud Jibrell of NormShield as he presents a meta-analysis of the biggest threats facing conference attendees generated with nothing more than a company URL. Using actual data from conference attendees, you'll learn how to approach your networks--or the networks of the 3rd party vendors you work with--from the outside in, gaining a hacker's perspective of what to prioritize. Session attendees will receive their personalized risk scorecard so they can compare their own grades to the average SIM organization!

Sponsored by:


2:25 PM
-to-
2:55 PM


Track:
Strategy
add_alert
Add to Calendar

CyberSecurity Innovation as a Competitive Advantage

 

Enterprises and consumers usually say that security and privacy of their data is of high importance, but priorities often shift when it comes down to paying more for these features. And providers and sellers that invest in stronger security may find themselves at a disadvantage - a higher price point than their competitors. What’s causing this cognitive dissonance? Why do we say we value and want better cybersecurity yet in practice resist paying extra for it? In this talk we’ll discuss the very emotional reasons that shift our perceptions when purchasing technology solutions and explain how vendors and provides can shift the narrative to transform investment in CyberSecurity innovation from a potential cost barrier into a competitive advantage.


2:55 PM
-to-
3:02 PM


Track:
Risk
add_alert
Add to Calendar

Spotlight on RLF

 

 


3:02 PM
-to-
3:19 PM


Track:
Risk
add_alert
Add to Calendar

How to Bounce Back from Cyber Fatigue

 

There’s a rising chorus of “cyber fatigue” permeating boardrooms today. This phenomenon arises at a time when avoiding negative PR is paramount for success. Executives concede that a breach is no longer a matter of “if” but “when”,” it’s a given that some decision makers are exhausted as they revisit the same discussion every year, every quarter and every month. Tony Buffomante, Principal, KPMG Cyber Security Services – US Lead will lead a discussion that will address many of the cyber challenges facing financial executives today including:
  • Identifying the symptoms of cyber fatigue
  • The high costs of data breaches
  • Aligning cyber security solutions to business priorities
  • 5 ways to combat cyber fatigue


3:19 PM
-to-
3:46 PM


Track:
Risk
add_alert
Add to Calendar

What is the Dark Web?

 

You’ve heard about it but do you really know what it is? Just beneath the surface of the internet lies the Dark Web. Also known as the deep web, navigating this Internet space can be confusing and potentially dangerous. It’s the hub of illegal activity and also the best place to remain 100% anonymous. Join Michael Echols to learn how to best utilize the dark web and when to stay away.


3:19 PM
-to-
3:46 PM


Track:
Strategy
add_alert
Add to Calendar

Cybersecurity Information Sharing - How Organizations Are Doing It

 

 


3:46 PM
-to-
3:52 PM


Track:
Risk
add_alert
Add to Calendar

Spotlight on SIM Programs / STEM

 

 


3:52 PM
-to-
4:07 PM


Track:
Risk
add_alert
Add to Calendar

Alphabet Soup: How to Make Sense of all of the Cybersecurity Credentials

 

Cybersecurity is today's hot profession. As a result, there are any number of organizations offering different types of credentials. Some cybersecurity certifications are far greater than others. And there are real problems with people gaming the system to become certified “on paper,” but still lack any true knowledge or skill. As a hiring leader, you might ask how important are certifications anyway? Do they still matter for senior level positions, or are they only important for people looking to progress in their careers?


4:07 PM
-to-
4:46 PM


Track:
Risk
add_alert
Add to Calendar

Closing Keynote

 

 


4:46 PM
-to-
5:00 PM


Track:
Risk
add_alert
Add to Calendar

Wrap-Up

 

 


Sponsors





Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.




Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure. The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

Women in Security
Creating Leaders Together. ISSA WIS IG embraces a spirit of collaboraton within its organization and throughout the industry. We collaborate with organizations to provide leadership programs and services, and challenge these ompanies to create ybersecurity-oriented professional advancement opportunities for women.




Automatically see, prioritize and act on cyber threats with NormShield. NormShield Cloud integrates robust cyber security tools into one cloud platform: unified vulnerability management, cyber threat intelligence, security operations 360o, and a risk scorecard for security executives. Data is automatically orchestrated in real-time to identify the highest risks for rapid remediation.




SIM is the only national professional network that connects senior-level IT leaders with peers in their communities — providing valuable opportunities for knowledge sharing, professional development, collaboration, and career advancement. The strength of the SIM Organization is built around its Local Chapters to create a rewarding membership experience for all members. With 40 Chapters, members can participate in these local communities for knowledge sharing and networking.




ForeScout Technologies is transforming security through visibility, providing agentless visibility and control of traditional and IoT devices the instant they connect to the network. Our technology works with disparate security tools to help accelerate incident response, break down silos, automate workflows and optimize existing investments. See devices. Control them. Orchestrate multivendor response. Learn how at www.forescout.com.




Founded 1991, onShore Security provides security-as-a-service real-time monitoring, correlation and analysis of organization-wide network data, from packet captures to logs, to achieve an end-to-end security view we call Panoptic Cyberdefense. Specializing in banking, onShore acts as a Security Operations Center and plays a critical role with our Cybersecurity Leadership consulting.