The Security Standard Executive Track 2014

9:00am - 11:00am
HP Protect Opening General Session
(The Security Standard Registrants are invited to attend):

The HP Protect general session features 2 hours of expert-led content to give you insight into security trends and the technologies and strategies that address them. Featuring HP and industry speakers, the session kicks off HP Protect with an in-depth look at the new reality of today’s threats and proven ways to protect your organization.  We’ll focus on real-world bad guys and the strategies, tactics, and technologies used to capture them. Delve into the mind of a world-class hacker, followed by a panel of security experts who will discuss why and how he was caught, the evolving threat landscape, and what organizations can do to protect themselves from such attacks. Get expert insight into the current state of the criminal underground. And then hear about new products—being introduced at HP Protect—that can help you stay ahead of new threats.

11:00am - 11:30am

The Security Standard Executive Track Check-in and Networking

11:30am - 11:45am
Welcome and Opening Remarks
Bob Bragdon, Publisher, CSO
Art Gilliland, SVP, HP Software Enterprise Security Products, HP

11:45am - 12:30pm
Maximizing your situational awareness:  building the right relationships and synapses to prepare for incidents big and small
Jeff Berkin, CSO, CACI
Jack O' Meara, Vice President, Chief Information Security Officer, Leidos
Derek Vadala, CISO, Moody’s Corporation 

Far beyond financial risk and liability, data breaches threaten your organization’s hard-earned reputation and can impede future customer engagement.  The sudden appearance of bugs like Heartbleed, along with vulnerabilities in widely used point-of-sale systems, continue to make headlines.  Yet every incident offers valuable lessons.  “If I had only known that colleague before, I could have either prevented this problem or saved precious response time.”  Do you know and have you established personal contact with the critical players you’d need in case of emergency?  How prepared are you to engage critical vendor contacts, legal counsel and government agencies -- including the FBI, Secret Service, and Homeland Security – when an incident happens?  Are you accurately assessing your information-sharing opportunities with trusted entities that have common interests?  Learn how to develop and carry out preparation strategies.

12:30pm -1:30pm
Networking Lunch

1:30pm - 2:15pm
A view from inside the cyber-underground
Ted Ross, Director, Field Intelligence, HP Security Research

Today’s cyber-criminals continue to expand their sophistication, collaboration and ability to operate undetected.  Despite key wins in thwarting the effects of malicious bots perpetuated by organized crime, key actors remain at large, continuing to wreak havoc.  What does today’s attacker landscape look like?  What do we know about their significant evolution in tactics and methodologies?  And what’s the next big thing we should all anticipate?  Join us for an up-to-the minute glimpse inside the cyber-underground.

2:15pm - 2:45pm
Modernizing your security gap analysis:  key areas to monitor in today’s risk environment
Bob Bragdon, Publisher, CSO
Jamil Farshchi, CISO,
Time Warner

With the heightened role cyber-risk plays in executives’ minds, planning and business operations, a security gap analysis is a critical tool for consistently assessing and addressing risks across the organization’s security portfolio.  Yet today’s enterprise is far more dynamic than ever with new and often disruptive technologies emerging at a moment’s notice – along with unforeseen security holes they can create.  What are the best strategic methodologies you can use to continuously manage and improve your security gap analysis?  With the pervasiveness of software and mobility, how should your analysis adapt?  And what roles do compliance and legal have in identifying gaps?  Get answers to these questions and more.

2:45pm - 3:15pm
Networking Break

3:15pm - 4:00pm
Security, privacy and caution in a big data world: best legal practices
Joseph V. DeMarco, Partner, DeVore & DeMarco LLP
Deen Kaplan, Partner,
Hogan & Lovells
Al Raymond, Head of U.S. Privacy & Social Media Compliance, TD Bank
Mark Rasch, Rasch Technology and Cyberlaw

Widespread adoption of social, mobile and cloud technologies -- combined with rabid corporate hunger for collecting and analyzing customer behavior -- is putting chief security officers and chief privacy officers in the hot-seat.  How can you best advise business units to be careful?  What data security and privacy policies are “no brainers” to implement tomorrow?  What legal tips, tools and advice can prevent your organization from a severe financial headache, potential PR disaster, or massive attack?  Gather insights from legal and privacy experts alike.

4:00pm - 4:45pm
The changing face of software risk:  adapting security to today’s digital business
Stan Black, CSO, Citrix
Brian Hanson, Sr. Dir. Product Security, Global Cyber Security, HP
Jason Taule, Chief Security Officer / Chief Privacy Officer, FEi Systems

Software is ubiquitous – and every enterprise now deals with growing numbers of APIs, a widening software layer across multiplying mobile devices, and expanding connectivity to the Internet of Things.  All of which is turning every business into a software business.  At the same time, large pieces of the enterprise are becoming software-defined with applications, infrastructure and dev ops deployed more dynamically.  While all of this raises the security stakes, it’s also an opportunity for improved monitoring and security – and to catch threats sooner and while they are small.  How are enterprises adapting to the pervasiveness of software across business operations?  What are the best approaches to securing an increasingly digitized business? And what does the future hold?  Explore the issues in-depth.

4:45pm - 5:30pm
The threat under your nose – and stopping it before it strikes
Douglas Thomas, Director, Counterintelligence Operations and Investigations, Lockheed Martin Corporation

Trade secret and customer data theft are often tied to an insider connection, whether innocent or complicit.  Increasingly, today’s organizations realize they must proactively and comprehensively look for indicators that identify employees and contractors at a higher risk of being targeted by not just cyber-criminals, but also by foreign intelligence services.  Join us to understand some of the most contemporary strategies in stopping insider threats before they do irreparable damage.

5:30pm - 5:45pm
Recap, take-aways and closing remarks
Bob Bragdon, Publisher, CSO
Art Gilliland, SVP, HP Software Enterprise Security Products, HP

6:00pm - 7:00pm
Networking reception