Organizations Will Invest in Meta-Data Management

Metadata can be a great source of information that explains the what, where, and who, questions of data sorting. This piece of information can also answer the questions – how, when and why, when that piece of information is accessed by anybody in the organization. When metadata is managed and actively used, it can help provide great insights, and solution providers that simplify metadata management will be able to provide value to organizations.

• Moderator: Troy Wilson-Ripsom, Data Governance Manager at Allstate Identity Protection
• Panelist: David Plotkin, Manager of Metadata Services at MUFG Union Bank
• Panelist: Shubha Dorai, Director at Serta Simmons Bedding
• Panelist: Ryan M. Zilm, Founder and CEO at Z’s Information Lifecycle Management, LLC
• Panelist: Richard Rodney, President at iFi, LLC

Escalating Cyber Risk From the IT Department to the Boardroom

Despite today’s frequent headlines regarding companies falling victim to cyberattacks or suffering data breaches, cyber risk is still a relatively new threat – is it? While companies may have an idea about the potential effects on reputation and impact on the overall business, many are yet to experience one first-hand, or at least not on a high-profile scale. That means there’s still unfamiliarity around how exactly to manage the risk. Many companies are changing their approach, in some cases; cybersecurity is still departmentalized and seen as the remit of the IT team. How do you incorporate a cybersecurity strategy into the company’s overall governance, risk, and compliance structure? What’s the best approach?

• Moderator: Ajay Mishra, VP, Strategic Initiatives at Identity Science
• Panelist: Sanket Naik, Founder and CEO at Palosade
• Panelist: Julie Tsai, Board Member, Member at Bay Area CSO Council
• Panelist: Sachin Vaidya, EVP Chief Information Officer at Heritage Bank of Commerce

Privacy Isn’t About Compliance – It’s About the Economy Stupid

Data is an asset, which depreciates very quickly. The need for businesses to protect their ability to collect data, and use data, is really what should drive privacy compliance.

While the law does generate risks around data use, the real risk is the simple fact that if you don’t respect the privacy rights of individuals, you will dilute, or even destroy, ongoing access to high-quality, relevant, and monetizable data.

Fundamentally, privacy programs are about how to effectively monetize data over a strategic time period without adding unnecessary “taxes” onto the data ecosystem (either for the business OR for the data subject).

• Moderator: Michael Avdeev, Co-Founder at Inspect-Data
• Panelist: Timothy Toohey, Partner at Greenberg Glusker LLP
• Panelist: Michelle Dennedy, CEO at PrivacyCode, Inc
• Panelist: Jeff Dobin, Vice President, Americas at Anonos
• Panelist: Craig Payne, Managing Partner at Payne and Associates

Technology Solution Update from Corporate, Law Firm and Service Provider Perspective

eDiscovery and information governance is directly impacted by the technologies available to teams that need them. Technology has come a long way, but it still poses challenges. This panel will talk about current challenges (e.g. mobile devices and BYOD) and technologies like Office 365 are both solving problems and creating new ones.

• Sponsor: Complete Discovery Source
• Moderator: William Wallace Belt Jr., Managing Director at Complete Discovery Source
• Panelist: Kathleen McConnell, Partner at Seyfarth Shaw LLP
• Panelist: Jim Barrick, eDiscovery and Investigations Consultant at Cohesity
• Panelist: David Plotkin, Manager of Metadata Services at MUFG Union Bank
• Panelist: Karen L. Wagshul, eDiscovery Attorney at Winston & Strawn LLP
• Panelist: Robin Perkins, Partner at Kutak Rock

Next Generation Wearable Biometric Authentication… No Password Required

Losses to data breaches and ransomware attacks are at all time highs and growing, doubling the last 2 years in a row. 83% of organizations were victims of 2 or more data breaches last year and the overwhelming majority of these were caused by failed legacy MFA.

Token will review how their next generation MFA wearable, biometric, passwordless authentication FIDO2 certified solution solves the inherit problems with legacy MFA.

• Sponsor: Token
• Moderator: Tim Leow, Vice President of Sales at Token

Building a Security-Aware Culture in 2023 and Beyond

Perhaps the most important step that can be taken at any organization is to ensure that it is working towards initiating and fostering a culture of awareness around cybersecurity issues. Today, it’s no longer good enough for employers or employees to simply think of cybersecurity as an issue for the IT department to take care of. In fact, developing an awareness of the threats and taking basic precautions to ensure safety should be a fundamental part of everyone’s job description in 2023!

Phishing attacks rely on “social engineering” methods to trick users into divulging valuable information or installing malware on their devices. No one needs technical skills to learn to become aware of these types of attacks and to take basic precautions to avoid falling victim. Likewise, basic security skills like the safe use of passwords and developing an understanding of two-factor authentication (2FA) should be taught across the board and continually updated. Taking basic precautions like this to foster a culture of cybersecurity-awareness should be a core element of business strategy at organizations that want to ensure they build resilience and preparedness over the coming 12 months.

• Moderator: Randy Muyargas, Director, Information Security, Systems and Technology | Information Security Officer at Cordoba Corporation
• Panelist: Bryan Galloway, Cyber Executive at Booz Allen Hamilton
• Panelist: Bob Fabien Zinga, CO at USNR
• Panelist: Arthur Yang, Senior Cybersecurity Researcher at Cyber Research Labs

Leveraging AI for Discovery

How is AI currently being used in discovery and where it may go in the future? What are the potential benefits and risks to be considered? We’ll also discuss the differences between analytics, machine learning and AI.

• Sponsor: TackleAI
• Moderator: Tom Spaulding, Vice President of Tech Sales at TackleAI
• Panelist: Sergio Suarez Jr., Founder and CEO at TackleAI
• Panelist: Lisa Kehe
  
• Panelist: Jim Barrick, eDiscovery and Investigations Consultant at Cohesity
• Panelist: Kathleen McConnell, Partner at Seyfarth Shaw LLP
• Panelist: Jonathan Marshall, North America Forensic Technology Services Practice Leader and Managing Director at Alvarez & Marsal

Data Visibility, Compliance and Information Governance

In 2023, CISOs will prioritize adopting solutions that provide visibility into the data their organization holds, where it lives, and the risks imposed by that data. This visibility is critical for security leaders as they build programs to meet compliance requirements in a highly regulated world, and secure data in an increasingly challenging threat landscape. One of the first laws in cybersecurity is that you need to know your assets. Simply put, you can’t protect what you don’t know. Join us, as we discuss the value of data classification and information governance.

• Moderator: Chris Nichols, Principal at Found Leadership
• Panelist: Cristina Nitescu, Principal at Found Leadership
• Panelist: Robert Kirtley, Director of Cyber Security at iDiscovery Solutions
• Panelist: Paul Starrett, Founder at PrivacyLabs

Cyber Risk Management Will be a Top Priority for Business Leaders in 2023

When it comes to the governance and oversight of cyber risk, our system is broken. It’s no longer what it used to be fifteen years ago – we are dealing with higher stakes and fragile enterprise reputations. As a result of this, in 2023, we will see companies double down on cyber risk management. Boards will need to have a much clearer role and responsibility when it comes to the process of ensuring adequate controls and reporting cyberattacks. Cyber risk governance is not just the domain of the CISO it is now clearly a Director and Officer level concern. When it comes to cyber, plausible deniability is dead. Join us, as we discuss best practices for cyber risk.

• Moderator: Peter McLaughlin, Partner at Armstrong Teasdale LLP
• Panelist: Donald Codling, Owner at Codling Group International
• Panelist: Daniel O’Neil, Chief Executive Officer at PrivacyLabs
  
• Panelist: Steve Kruse, Consultant
• Panelist: Dušan Vuksanovic, VP Cyber Security & Innovation, CISO at Swisscom Outpost

Zero Trust – Another Security Buzzword or a Real Paradigm Shift?

Zero trust is gaining momentum as organizations increasingly reject outdated perimeter-based strategies. As organizations have begun to adopt a zero trust strategy, many best practices and lessons learned have emerged. At the same time, there are numerous misperceptions surrounding zero trust, especially with regard to legacy systems. This panel will provide concrete tips and different approaches to zero trust, while also addressing any perceived challenges that may be preventing organizations from pursuing a zero trust strategy.

• Moderator: Mukul Kumar
• Panelist: Tas Jalali, Head of Cyber Security at AC Transit
• Panelist: John Donovan, CISO and Cofounder at InstaSecure, Inc
  
• Panelist: John Armstrong, Product Marketing Strategy & GTM – Cybersecurity at Aventi Group
• Panelist: Roman Tatarnikov, Founder & CEO at IntLös
• Panelist: Ryan Gregg, President at Gregg Global Group

Phishing Continues to Be a Problem

Phishing is one of the most common types of cyberattacks, mainly because it is often an effective technique for gaining access to an organization’s network and systems. It’s usually easier to trick an employee into handing over sensitive data (like login credentials) or running a piece of malware on a company computer than it is to accomplish these goals through other means.

As a result, phishing will continue to be a problem in 2023 and into the future as long as it remains effective. However, the changing nature of work in the wake of the COVID-19 pandemic has its impacts on phishing as well.

For example, the surge in remote work caused by the COVID-19 pandemic drove many organizations to adopt online collaboration such as Zoom, Slack, etc. The focus on email in phishing awareness training means that employees often do not consider it a threat on these platforms, and workers often believe that only legitimate users can access these platforms, which is not always true.

As a result, phishing attacks on these platforms are more likely to be effective than via email, where employees are more likely to be on their guard and companies may have anti-phishing solutions in place. Cybercriminals have noticed this, and the use of non-email collaboration platforms for phishing has become more common and is likely to continue to do so into 2023.

Join us as we discuss best practices to identify and mitigate phishing attacks

• Moderator: Harry Belt, Director – Information Security & Risk Management at Germantown Technologies
• Panelist: Mark Willis, CISO at Bluescape Software
• Panelist: Sammuel Washington, CISO Team SSDLC Advisor at HP
  
• Panelist: Gerald Beuchelt, Chief Information Security Officer / Senior Vice President at Sprinklr
• Panelist: Rick Orloff, VP, Chief Information Security Officer at 8×8

Insider Threats

Human error and intentional subversion are still primary reasons for cyber incidents. A bad day or intentional act can bring down an enterprise and cost millions of dollars. The Verizon data breach report says that 34 percent of attacks were directly or indirectly made by employees. This panel will be about understanding and dealing with insider threats, who they are, what they do, and what to do about them.

• Moderator: Fred Cohen, CEO at Management Analytics
• Panelist: Jesse Lesperance, Principal Security Architect at SentiLink
• Panelist: Vishal Oza, Senior Director, Forensic Technology | Global Cyber Risk Services at Alvarez & Marsal
  
• Panelist: Michael Disabato, CEO at Trusted Architecture
• Panelist: Doug Simmons, CEO at Cognitive Defense

Does Compliance Stifle or Spark Innovation?

Please join us for a lively discussion about the role compliance plays in innovation. Does the need to comply with new regulations like GDPR and other data privacy laws cause businesses to choose between technological innovation and customer experience like personalization, or to find even better ways, more innovative ways to achieve business goals while protecting customers’ privacy?

• Moderator: Julian Weinberger, Field CTO at ShardSecure
• Panelist: Paul Lanois, Director at Fieldfisher
• Panelist: Kaushal Saxena, Manager, Security at Pinterest
• Panelist: Bryan Lee, Principal Consultant at Privatus Consulting

How to Address the Weakest Link in Cybersecurity – People

Cyber crime statistics estimated the global cost of $6 trillion in 2023. Cyber criminals continue to evolve their attacks faster than security professionals can adapt. But is the weakness with the technology in place to combat malicious actors or is it the people in the organization who continue to fall prey to the common tactics such as phishing? Every business owner, executive, and board member is now hypersensitive to the impact from cyber crime but continue to focus on tools and technology.

Many organizations invest in cyber awareness programs to educate their employees and contractors and now are mandatory in many industries today but the number of breaches continues to increase. Therefore, the approach to improving the cybersecurity defenses must elevate to re-engineering the “DNA” of all resources – inside and out – to think cyber smart.

This panel will discuss ideas to help materially change the conversation about cyber awareness so anyone in contact with a business is cyber vigilant.

• Moderator: Anmol Misra, Senior Director – Infrastructure Security at Autodesk
• Panelist: Nabil Zaki, Sr. Technical Computing Manager at STCM
• Panelist: Chris A. Quintanilla, Managing Director at Saperde
• Panelist: Fidel Hernandez, IT Security Governance Risk and
  Compliance at Hyundai AutoEver America
• Panelist: Sammuel Washington, CISO Team SSDLC Advisor at HP