2019 Chicago
CISO Roundtable

#IANSChicago #IANSEvents

Monday, September 16, 2019
Chicago Marriott Downtown Magnificent Mile, 540 N Michigan Ave, Chicago, IL

This 1-day roundtable at the Chicago Information Security Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting. Join us for these high-level leadership sessions:

Speaking Your Board’s Language: The CISO’s Perspective – Hear from Paige Adams and Adam Fletcher, CISOs for Zurich Insurance Group and Blackstone Group, on how they interact with their Boards – what works and what falls flat.

Using the MITRE ATT&CK Framework to Move from Compliance to Resilience: A Zurich Case Study – Learn how Zurich Insurance Group used the MITRE ATT&CK framework to create a more resilient security program for the Schaumburg-based insurer.

IAM Strategies that Work – IANS Faculty member Aaron Turner will offer immediately useful, vendor-agnostic guidance on legacy systems versus Cloud, next-gen MFA innovations, and privilege management problems.

Leading in a Chaotic, Complex Environment: Lessons from a U.S. Special-Ops Officer – Retired Navy SEAL Commander Brendan Leary will introduce techniques for becoming a better leader and more decisive decision maker in chaotic, complex situations. 

Managing the Media During an Incident: A Brunswick Group Workshop – Prepare for the publicly facing role as a CISO and learn recommendations on putting your best foot forward when communicating with the media.

Trends in Hiring and Compensation: A Panel Discussion of CISO Executive Recruiters – Two of the market’s leading CISO executive recruiters will discuss career development, hiring and compensation trends, and negotiation best practices.

Let your colleagues know you're coming!

Register Now

* Required Fields

CISO Roundtable Agenda

9:50 AM - 10:20 AM

IANS Overview & CISO Attendee Introductions

Paige Adams

Paige Adams

Zurich, Group Chief Information Security Officer

Paige Adams has been a member of the Zurich executive team since 2014 and served as the Global Head of Cyber Response, Chief Information Security Officer for Zurich North America, and VP for Cyber Security before assuming his current role as Group Chief Information Security Officer in February 2018. Prior to joining Zurich, Paige spent a 26-year career in the United States Navy serving in a variety of intelligence and cyber roles. Paige has a Bachelor of Science in Business Administration (Computer Information Systems) from Hawaii Pacific University and a Masters in Computer Science from the US Naval Postgraduate School.

Adam Fletcher

Adam Fletcher

Blackstone, Chief Information Security Officer

Adam Fletcher, CISM, is the Chief Information Security Officer for Blackstone. As a security professional with over 17 years of experience, Adam has worked with global security organizations large and small including McAfee, Nokia, VeriSign, ISS and Accuvant. Adam has a strong technical foundation, developed from roles in security architecture design and implementation, that is complemented by management experience gained from roles leading consulting engagements and global teams of information security professionals. Prior to joining Blackstone, Adam led the International Security team for Equifax, coordinating a global security program across 14 countries, each with different business, regulatory, and privacy requirements.

Phil Gardner

Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

10:20 AM - 11:00 AM

Speaking Your Board’s Language: The CISO’s Perspective

with Paige Adams, Adam Fletcher, and Phil Gardner

Board Members privately remark that they too often leave a CISO’s board presentation more confused than when they started. CISOs often refer to their Board meetings as ‘hostile territory’. Clearly, we need to get better at communicating.

Paige Adams and Adam Fletcher, CISOs for Zurich Insurance Group and Blackstone Group, respectively, will share how they interact with their Boards – what works and what falls flat. The discussion will be specific and address:

  • How do you prepare for a Board session? Who do you pre-brief?
  • How long should your Board presentation be?
  • Should your Board presentation use a risk framework and, if so, which one?
  • When should you use benchmarking data with the Board? When is it a bad idea?
11:00 AM - 11:15 AM

Morning Networking Break

Paige Adams

Paige Adams

Zurich, Group Chief Information Security Officer

Paige Adams has been a member of the Zurich executive team since 2014 and served as the Global Head of Cyber Response, Chief Information Security Officer for Zurich North America, and VP for Cyber Security before assuming his current role as Group Chief Information Security Officer in February 2018. Prior to joining Zurich, Paige spent a 26-year career in the United States Navy serving in a variety of intelligence and cyber roles. Paige has a Bachelor of Science in Business Administration (Computer Information Systems) from Hawaii Pacific University and a Masters in Computer Science from the US Naval Postgraduate School.

Giancarlo Profenna

Giancarlo Profenna

Zurich Insurance, Executive and VP

Giancarlo Profenna is an Executive and VP at Zurich Insurance overseeing Global Information Security Governance. Giancarlo has spent over 18 years in the development and implementation of security, performance improvement and strategy. Early in his career, he worked for a small entrepreneurial company, developing products and services and managing the infrastructure. As a consultant with PwC, he focused on the healthcare and financial sectors. He served as the national lead for security strategy while leading security and performance improvement engagements. At Zurich, Giancarlo leads a team focused on analytics, assessment, governance and strategy.  He has led multiple transformative global programs, including implementing the company’s first baseline controls assessment, building out a security inventory, and creating a KRI based approach to measure risk reduction. Giancarlo is currently involved in initiatives in Cyber Insurance, Cyber Policy development and Cyber and Information Security Strategy. Giancarlo has lived and worked abroad in Switzerland, has earned both Master’s and Bachelor’s degrees from Loyola University Chicago and holds certificates of CISSP, CISA and CISM.

11:15 AM - 11:55 AM

Using the MITRE ATT&CK Framework to Move from Compliance to Resilience: A Zurich Case Study

with Paige Adams and Giancarlo Profenna

Zurich’s Paige Adams (Group Chief Information Security Officer) and Giancarlo Profenna (Cyber & IS Strategy, Analytics, Industry Compliance) will present a case-study on how Zurich Insurance used the MITRE ATT&CK framework to create a more resilient security program for the Schaumburg-based insurer. The briefing will start with an introduction of the ATT&CK framework and a discussion of why a threat-based approach is so powerful.

After describing Zurich’s actions in detail, Paige and Giancarlo will then outline how using the ATT&CK framework allowed Zurich to do the following:

  • Improve strategy
  • Justify budget requests
  • Distribute accountability
  • Align security program with IT mission
  • Highlight opportunities for specific Red/Blue (Purple Team) activities

Aaron Turner

IANS Faculty

Aaron Turner is a multi-decade veteran of the InfoSec community with significant experience in the fields of identity and access management, mobile device security, embedded system vulnerabilities, IoT security and international cybersecurity risk management. Starting as an independent penetration tester in the early 1990's, he went on to work at Microsoft in the days before the company had formal security teams. During the massive worm attacks of the early 2000's, Aaron helped found many of the Microsoft Security teams, start security programs and eventually was responsible for all interactions between Microsoft and its customers' CISOs. In 2006, he was invited to participate in a new research project at the Idaho National Lab, funded by DHS, DOE and DOD, to investigate how the system vulnerabilities in commodity software and hardware impact critical infrastructure such as the national power grid, cellular communications networks and other utilities. While at INL, Aaron co-invented a contactless payment technology which he later spun-out of the INL in 2008 as a venture-backed company called RFinity, with that technology eventually licensed on to others. In 2010, Aaron founded IntegriCell to focus on cellular network vulnerability research and established a management consulting practice that delivered unique vulnerability intelligence to customers. Aaron founded Terreo in 2014 as an Internet of Things security product development company, and patented a series of inventions which captured radio frequency transmissions from IoT devices. In 2015, Verifone acquired Terreo and made Aaron the VP of Security Products R&D with a focus of applying the Terreo technologies to helping manage the risks posed by credit card skimmers. In 2017, he left Verifone and refocused his efforts on his IntegriCell research, specifically around applying Machine Learning to the massive data sets created by mobile and IoT devices. Aaron has testified before congress to help set policy for US critical infrastructure protection.

11:55 PM - 1:00 PM

Lunch & IANS Faculty Briefing: IAM Strategies That Work

with Aaron Turner

Facing the cloud and its mobile constituency, investments in end-point protection and next generation firewalls are powerless. In these environments, it is identity that stands between information assets and a world of possible threats. Yet few organizations have prioritized the development of a practical strategy for the planning, execution, operation, and governance of Identity and Access Management (IAM). This under-investment creates an identity debt that will increasingly be paid with inefficiencies and incidents.

In this session, IANS Faculty Member Aaron Turner will offer immediately useful, vendor-agnostic guidance on such items as:
  • Identity as the last perimeter security has
  • Legacy systems versus Cloud – stretching identity resources to their limits
  • Next-gen MFA innovations
  • Privilege management problems – challenges we’re seeing among IANS customers and what to do about it
1:00 PM - 2:00 PM

Solution Provider Power Hour

Executives from Aqua Security, SentinelOne, and Zerofox will deliver 15-minute technical presentation to the assembled CISOs.

Following the briefing, IANS will facilitate a closed door, CISO-only discussion of the value and drawbacks of the vendor offered solutions.

zerofox
Brendan Leary

Brendan Leary

McChrystal Group, Senior Principal

Brendan Leary is a Senior Principal at McChrystal Group, where he works as part of our Advisory Services team. Brendan has supported companies in several industries and is currently advising an international wealth management company.

Brendan has deep experience in leadership, team building, planning, crisis and deliberate decision-making, and operational execution. He has driven organizational transformation and achieved results at the executive-level in every organization in which he has served. Recently transitioned from the Naval Special Warfare community, Brendan has 21 years of experience leading SEALs and other special operations units. His diverse military career has included counterterrorism, undersea operations, contingency operations in Liberia, combat operations in Afghanistan and Iraq, and counter-insurgency and stability operations in Africa.

Prior to joining McChrystal Group, Brendan was the Deputy Commander of an 1,800-member special operations organization with nine subsidiaries and regional responsibilities on three continents. He has led, mentored and improved high-performing teams to execute sensitive missions, build strategic relationships, and develop effective technical solutions in complex, dynamic, and high-risk environments.

Brendan earned a Bachelor of Science degree from Springfield College and a Master of Science degree in Military Strategic Studies from the Marine Corps University.

2:00 PM - 3:10 PM

Leading in a Chaotic, Complex Environment: Lessons from a U.S. Special-Ops Officer

with Brendan Leary

Retired Navy SEAL Commander Brendan Leary will introduce techniques that help you become a better leader and more decisive decision maker when managing chaotic, complex situations.

Brendan will start the session with a case study from ‘down range’ – how he and a number of Special Operations officers turned the tide on the Iraqi insurgency in 2009-2011. Drawing from their lessons, this session will offer a blueprint for how to lead in a muddled, fast-changing environment with incomplete, often contradictory, data.

3:10 PM - 3:20 PM

Afternoon Networking Break

3:20 PM - 4:20 PM

Managing the Media During an Incident: A Brunswick Group Workshop

CISOs are increasingly public-facing executives – often in post-breach media briefings or other high-stakes situations. This Brunswick Group's workshop starts with an analysis of post-breach video clips and then pivots to recommendations on putting your best foot forward in working with the media. Topics include:

  • The CISO’s new dual external and internal role
  • Telling your story and honing your message
  • Dealing with traps and left-field questions
  • How to stay on message and avoid being sidetracked
Steven Martano

Steven Martano

The Caldwell Partners, Consultant, Cyber Security Practice

Steven Martano is a consultant in Caldwell Partners’ Cyber Security Practice. He recruits across the information security function, including CISOs, CSOs, cyber advisory board members, and cyber leaders in professional services.

Steven spent seven years at Russell Reynolds Associates, where he helped build the Cyber Security and Supply Chain functional practices, serving as a member of the global Corporate Officers practice.

Earlier in his career, Steven worked at Sikorsky Aircraft (then part of United Technologies Corporation), where he led operations and financial planning for multi-billion contracts for the U.S military and key international customers in the Middle East, Asia and South America.

In addition to his professional career, Steven serves as an editor and featured writer at Beyond the Box Score, SB Nation’s baseball analytics platform, and is a contributing columnist to FanGraphs’ The Hardball Times. He holds a BA from The Catholic University of America and a master’s degree in economics & finance from Trinity College.

Michael Piacente

Michael Piacente

Co-Founder & Managing Partner, Hitch Partners

Michael is the co-founder and Managing Partner for Hitch Partners. Michael brings over 23 years of combined Cloud and IT practitioner and executive search experience. Michael leads a focused portfolio of search projects focused in the CISO space with a particular emphasis on Engineering and Product oriented Security leaders (Security Engineering and DevSecOps). Prior to starting Hitch Partners, Michael was the Founder and Managing Technology Partner for CVPartners which focused on CIO and Head of IT search projects.. Prior to his executive search life, Michael was a leader in the managed cloud operations space; first as an early member of the SiteSmith (now AboveNet) and then as a co-founder of OpSource (now Dimension Data). Michael began his career with MTI, one of the pioneers in the managed storage space. He is a native of Maryland, he lives in San Francisco and holds a B.S. Degree from the University of Delaware.

Phil Gardner

Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

4:20 PM - 5:00 PM

Trends in Hiring and Compensation: A Panel Discussion of CISO Executive Recruiters

with Steven Martano, Michael Piacente, and Phil Gardner

In our final session, IANS CEO Phil Gardner will moderate a discussion with two of the security industry's leading CISO executive recruiters. The session will focus first on career development and then move toward hiring, compensation trends and negotiation best practices. We'll discuss:

  • What traits do recruiters look for in high performing CISOs?
  • What does it take to advance to the Fortune 500 ranks?
  • Has my compensation kept up with the market?
  • What three negotiation tips should I use for my next position?
5:00 PM - 6:00 PM

Networking Reception

After spending a day learning and sharing ideas with your peers, join us for a networking reception to unwind and share insights from the day.

General Forum Opening

7:30 AM - 8:30 AM

Registration & Breakfast

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
8:30 AM - 8:45 AM

IANS Welcome & State of the Industry

Come join us as we welcome you to the Forum.
Adam Fletcher

Adam Fletcher

Blackstone, Chief Information Security Officer

Adam Fletcher, CISM, is the Chief Information Security Officer for Blackstone. As a security professional with over 17 years of experience, Adam has worked with global security organizations large and small including McAfee, Nokia, VeriSign, ISS and Accuvant. Adam has a strong technical foundation, developed from roles in security architecture design and implementation, that is complemented by management experience gained from roles leading consulting engagements and global teams of information security professionals. Prior to joining Blackstone, Adam led the International Security team for Equifax, coordinating a global security program across 14 countries, each with different business, regulatory, and privacy requirements.

Phil Gardner

Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

8:45 AM - 9:30 AM

Charting Your Course: A Keynote Discussion with Blackstone's CISO Adam Fletcher

with Adam Fletcher and Phil Gardner

With $472B under management, Blackstone is one of the world’s largest and most successful alternative asset managers. Adam Fletcher is their CISO.

Join a discussion where IANS CEO Phil Gardner asks Adam about himself and his career – what makes him good, how he’s progressed, and why he was selected as Blackstone’s CISO – and what he’s learned (to date) in the journey.

9:30 AM - 9:50 AM

Networking Break

Join your peers and transition to the CISO Roundtable for a day of closed-door, high-level sessions.

2019 Chicago Facilitators

Phil Gardner

IANS Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

Chicago Marriott Downtown Magnificent Mile

540 N Michigan Ave, Chicago, IL 60611

Room Rate:

$299

per night plus tax

Attendee Contact

ians@iansresearch.com

Check out IANS other upcoming events