Cybersecurity Rapid Reaction: Taking Action Against Threats Before You’re Hit Seminar
April 4, 2017
Wall St. firms are no strangers to cyberattacks. Virtually every major firm has experienced its share of attacks, and these days most firms are among the most sophisticated organizations on the planet when it comes to defense. That said, a solid defense is no longer enough. Effective cybersecurity initiatives select from a solid portfolio of cybersecurity response solutions, including advanced analytics, automation, and next-generation threat intelligence. Share ideas with your peers, and pick up best practices from thought leaders among the vendor, analyst, and financial community to ensure your cybersecurity response is at the pinnacle of timeliness and effectiveness.
Join the conversation! Tweet us @WSTAORG and use #WSTAcybersecurity
8:00-8:30AM Registration and Breakfast (Breakfast sponsored by Verizon)
8:30-8:35AM WSTA Introductions
8:35-9:20AM Keynote Presentation: “Next-Generation Cybersecurity for Next-Generation Threats”
Bio | Abstract
Johna Till Johnson, CEO & Founder, Nemertes Research
Johna Till Johnson is CEO and Founder of Nemertes Research, where she sets research direction and works with strategic clients. She has decades of experience in technology design, deployment, and operations. Under her leadership, Nemertes has emerged as a leading trusted advisor to Fortune-50 and other world-class organizations.
Ms. Johnson specializes in emerging technology, innovation, operational transformation, and security and risk management. She has worked with many Wall St and other financial organizations to craft technology and business strategies that balance the risks and benefits of emerging technology. Her experience with information security begins back in the 1980s, where she was an early adopter of the Internet (then Arpanet) as a graduate student in particle physics. Since then, she has worked with major organizations–including Fortune-50 enterprises and carriers–to craft and implement security strategies, protect strategic assets, manage risk, and enable business success.
Ms. Johnson draws upon diverse experience prior to founding Nemertes in 2002. She served as chief technology officer (CTO) at Greenwich Technology Partners, an infrastructure consulting and engineering firm; headed the Global Networking Strategies Service business unit of META Group; and oversaw the lab-testing program at Data Communications magazine. She also has designed and developed security, speech-synthesis, and free-space laser products at companies including Mosler Security Systems and Digitus Corp.
Ms. Johnson holds a bachelor of science degree in electrical engineering/computer science (BSEE/CS) from The Johns Hopkins University, has conducted graduate work in nuclear and particle physics at the University of Rochester, speaks three languages, and has published a science fiction novel. In her spare time, Ms. Johnson is an avid urban kayaker.
New threats—and new types of threats–are emerging at an accelerating rate. Yesterday’s best practices are today’s obsolete technologies and processes. To keep pace with the changes in the threat environment, infosec professionals at financial services firms need to revisit security from the ground up. This keynote address presents Nemertes’ key findings on what leading-edge firms are doing with:
• Bellwether cybersecurity technologies, including analytics, machine learning, and endpoint security
• Architectures, strategies, roadmaps and frameworks
• Operational practices, including incident response
• Security procurement
• User awareness and professional training
• Skills and staffing
Attendees will walk away with a blueprint for positioning their cybersecurity initiatives to address the rapidly-expanding universe of threats.
9:20-9:45AM Premier Sponsor Presentation by Shape Security
Shuman Ghosemajumder, Chief Technology Officer, Shape Security
Shuman Ghosemajumder is Chief Technology Officer at Shape Security, which has created a new class of technology to defend web and mobile applications against sophisticated cybercriminal attacks. Shuman previously led product management for click fraud at Google, protecting their $23 billion annual revenue pay-per-click AdWords business. Prior to that, he helped launch Gmail and received two Google Founders’ Awards for significant entrepreneurial accomplishments. He is the co-author of “CGI Programming Unleashed” as well as co-founder of TeachAIDS.
9:45-10:10AM Luncheon Sponsor Presentation: “Simplify the Monitoring and Ensure Security of Data Across the Enterprise”
Bio | Abstract
Michele Krom, Customer Solution Director, Capital Markets, SAP
Michele Krom is a Customer Solution Director in Capital Markets at SAP after spending 4 years as a Principal Solution Engineer evangelizing HANA as an innovative platform for the next generation of business applications and intelligence. She has been in the technology field for over 20 years with over 15 years focused on Data Warehousing and Business Intelligence. Before joining SAP, she managed the Data Warehousing Team for a large Insurance Company consisting of Logical modelers, Physical designers and DBA’s. She joined SAP in 2011 because of the simplification and innovation capabilities of SAP HANA. She is focused on leveraging expert teams within and outside of SAP to assist Financial Services firms in understanding the benefits of how they can gain competitive advantage leveraging SAP solutions. Michele is a thought leader and evangelist by day and a mother to 6 children by night. She and her husband live in CT and are very involved in their community. Her hobbies include investing, running and cooking.
Cybersecurity is a top concern for companies across the financial services industry, particularly in the capital markets space. With internal and external threats increasing, ranging from trade fraud to external data breaches banks must have the ability to not only protect their data but be able to understand in real-time what happened should an incident occur, and to provide this real-time insight in a scalable elastic fashion. Attend this session and learn how you can leverage the power of an elastic data management framework without disruption to gain instant visibility and insight into potential threats or protect against fraudulent behavior before it occurs.
10:10-10:35AM Break and Demo Area Visit (Break sponsored by Vera)
10:35-11:00AM Breakfast Sponsor Presentation: “Data Breach Investigations Report”
Bio | Abstract
David Ostertag, Global Investigations Manager, Investigative Response, Verizon
Dave Ostertag is the global investigation manager for the investigative response unit at Verizon and has more than 40 years of investigative experience in the government and security arenas. Dave coordinates the forensic investigations conducted by the investigative response unit worldwide. Dave has taken the lead on many of the highly publicized large data compromise investigations over the past few years. In addition, Mr. Ostertag is considered a leader in criminal and civil investigative techniques, is a certified expert witness and is a frequent instructor and speaker on the topics of data compromise investigation and international criminal organizations.
Mr. Ostertag worked as a retail regional investigator prior to going into police work. Mr. Ostertag spent 14 years as a police detective sergeant and four years as a State’s Attorney investigator. Ostertag was the global manager of field investigations for Discover Financial for over ten years prior to joining Verizon. He serves on the board of advisors for the International Association of Financial Crimes Investigators.
Mr. Ostertag has worked extensively with law enforcement in the investigation, identification, arrest and prosecution of individuals and groups involved in international organized criminal data compromise and fraud.
When a breach happens, the difference between disaster and survival is preparation. Prepare your organization by attending this session on the latest Verizon Data Breach Investigation Report (DBIR) presented by a Verizon Forensic Investigator. The DBIR covers information collected by over 70 participating organizations around the world including thousands of security incidents and data breaches. The information covers threat actors, motivation, vulnerabilities and methodologies used to attack the financial services industry. This year’s report contains 16 new cybercrime case studies. Session attendees will receive an electronic copy of the report for use when they return to the office.
11:00-11:25AM Presentation by Cylance
11:25-11:50AM “Network Threat and Visibility Platform”
Bio | Abstract
Jason Harris, Managing Principal Consultant – Security, Dimension Data
Jason Harris leads Dimension Data’s Cybersecurity consulting business in the Americas. He has over 15 years Cybersecurity experience in the UK, Australia and North America across all industry verticals and has been instrumental in developing several of Dimension Data’s global Cybersecurity consulting services.
Two of the key services that Jason has been instrumental in developing are the Incident Response Service and the Network Threat and Visibility Assessment. The latter gives organizations a holistic view of the level of risk across all aspects of their environment in real time for clients without a comprehensive security architecture.
Jason is recognized as a trusted advisor by some of the largest North American based multinational and global organizations.
Due to the increasing size and complexity of enterprise IT environments, it is increasingly difficult to implement and maintain a security architecture that has full visibility of Next-Generation Threats across an entire environment and provide actionable intelligence.
Being able to rapidly deploy a comprehensive Network Threats and Visibility platform is critical in rapidly reacting to Next-Generation Threats and acting before you are hit.
During this session, we will discuss the methodology and tool set that we believe is most effective to use for M&A’s and Incident Response activities.
11:50-12:30PM Luncheon and Demo Area Visit (Luncheon sponsored by SAP)
12:30-12:55PM “Secure Delivery – Ensuring Compliance and Control for Application Pipelines”
Bio | Abstract
Brian Downey, Senior Director, Product Management, BMC Software, Inc.
Brian Downey has over fifteen years of experience in Data Center software and hardware solutions. Brian’s experience has spanned engineering, operations, strategy, and sales in the IT field. Over the past six years as the head of product management group for BMC’s Data Center Automation Portfolio Brian’s responsibilities are focused on the strategy and direction of the BladeLogic suite of products as well as Atrium Orchestrator.
Prior to his role at BMC, Brian worked at EMC corporation in multiple senior management and individual contributor roles, working on projects including launching EMC’s mid-range hardware business, establishing key alliances to support EMC software products, and driving the operations for an incubated new business.
Brian holds a Bachelor’s Degree in Computer Science from the University of Massachusetts, and an MBA from Babson College and is in the process of completing his Doctorate in Business from Temple University.
As development models and practices evolve, integrating security and compliance into the application pipeline process becomes even more challenging. Learn how to embed policy checks into your CI/CD process and discover, log, and remediate violations before they creep into your production environment where they can significantly increase your risk of a security or compliance incident. In this session, we will walk through a real-life example of integrating BMC’s new policy service into a modern software delivery process using Rest APIs, and synchronous policy evaluation to drive automated release gateways.
12:55-1:20PM Presentation by Nexum
George is a Principal Engineer at Nexum with over a decade’s experience with core network security-related systems including Application Delivery Controllers (ADCs); content caching and proxy; DNS, DHCP & IPAM (DDI); next generation firewalls; and time services. With a background in global financial institutions, George has been awarded two CIO Awards and invited twice to write manufacturer professional examinations as a subject matter expert. He has beta-tested new features and products valuable to enterprise clients. Fluent in a myriad of programming languages, George also possesses the ability to script middleware for integration of various manufacturer technologies via open APIs. In addition to working with clients, he is a manufacturer-certified instructor, bridging course materials and field experience for solutions for real-world enterprise concerns.
1:20-1:45PM “Move to the New World of Digitally Driven Financial Services — with Confidence”
Bio | Abstract
Anthony Golia, Chief Solutions Architect, Financial Services, Red Hat
Anthony is a 17-year technology veteran and serves as Red Hat’s Chief Solutions Architect within the Financial Services Industry. He is passionate about partnering with clients to ensure open source and emerging technologies bring them value and competitive advantage in today’s fast-changing industry landscape.
Prior to coming to Red Hat, Anthony served as a Managing Director at a Fortune 500 bank. In that role he led the development of innovative infrastructure platforms supporting enterprise software development and deployment. This included hybrid cloud architecture, recommendation engines, and a low latency market data plant. Anthony is credited with inventing a fault tolerant network architecture that ensures uninterrupted connectivity, across multiple locations.
“My goal is to be a strategic partner and trusted adviser to my clients, which means investing a lot of time listening to their needs and specific concerns. I act as their champion in the open source community and ensure Red Hat’s product roadmaps reflect their interests.”
No one can solve IT security issues alone. Connecting with a community and solving problems together is the future of security in the financial services industry. Hear how open source technology can enable the security posture financial institutions trust, including topics like:
• How to securely build and deploy applications using containers
• How to manage security at each stage of the development lifecycle
1:45PM Seminar Concludes
Agenda, Speakers and Times Subject to Change
WSTA Corporate and Individual members receive complimentary admission to WSTA Seminars. To see if your financial firm is currently a WSTA member, click here. For information about joining the WSTA as a Corporate or Individual Member, please visit our membership page.
To Cancel your Registration, click here.
Not quite ready to commit to membership but would like to attend this event?
We invite you learn about our organization, its educational programs, and networking opportunities by registering as a community member. You will receive discounted admission to this event plus receive WSTA Digital News monthly newsletter and notifications of upcoming educational seminars/panel discussions. This is only open to technology professionals employed at financial firms (banks, brokerages, hedge funds, insurance companies, credit unions).
The Yale Club of New York City
50 Vanderbilt Avenue
New York, NY