2019 Charlotte
CISO Roundtable

#IANSCharlotte #IANSEvents

Wednesday, September 25, 2019
Charlotte Convention Center, 501 South College Street, Charlotte, NC

This 1-day roundtable at the Charlotte Information Security Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting. Join us for these high-level leadership sessions:

Speaking Your Board’s Language: A CISO’s Perspective – Hear from your CISO peers on how they’ve learned to learned to address their Boards and improve their effectiveness.

Leveraging MITRE ATT&CK for Coverage Mapping and Controls Effectiveness – IANS and TrustedSec's Rockie Brockway will set a baseline understanding of ATT&CK and provide insights for leveraging the framework.

Cloud Migration Strategies: Lift and Shift, Don’t Lift and Pray – IANS Faculty member Mike Rothman will discuss some best practices for migrating even the most staid organizations to the cloud without compromising security.

Winning in a Chaotic, Complex Environment: Lessons from a U.S. Special-Ops Officer – Retired Navy SEAL Jeff Bull will introduce techniques for becoming a better leader and more decisive decision maker in chaotic, complex situations. 

Managing the Media During an Incident: A Brunswick Group Workshop – Prepare for the publicly facing role as a CISO and learn recommendations on putting your best foot forward when communicating with the media.

Trends in Hiring and Compensation: A Panel Discussion of CISO Executive Recruiters – Two of the market’s leading CISO executive recruiters will discuss career development, hiring and compensation trends, and negotiation best practices.

Let your colleagues know you're coming!

Register Now

* Required Fields

CISO Roundtable Agenda

9:50 AM - 10:20 AM

CISO Roundtable Opening Remarks and Introductions

Phil Gardner

Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

10:20 AM - 11:00 AM

Speaking Your Board’s Language: The CISO’s Perspective

with Phil Gardner

Board Members privately remark that they too often leave a CISO’s Board presentation more confused than when they started. CISOs often refer to their Board meetings as ‘hostile territory’. Clearly, we need to get better at communicating.

IANS’ CEO Phil Gardner will interview two CISOs on how they have learned to address their Boards and improve their effectiveness. The discussion will be specific and address:

  • How do you prepare for a Board session? Who do you pre-brief?
  • How long should your Board presentation be?
  • Should your Board presentation use a risk framework and, if so, which one?
  • When should you use benchmarking data with the Board? When is it a bad idea?
11:00 AM - 11:15 AM

Morning Networking Break

Rockie Brockway

Rockie Brockway

Practice Lead, Office of the CSO, TrustedSec

Rockie is an experienced 25-year veteran of IT/IS and highly technical Information Security Analyst, Design Architect/Assessor specializing in Business Systems/Impact Analysis. Through an understanding of business needs in relation to protecting business critical data (Brand Protection), he assists organizations in achieving their desired business outcomes. He has consulted in nearly every vertical and marries a strong technical background with outstanding creativity, communication skills, leadership, team building/teamwork skills and business acumen.

colin-snow

Collin Snow

Area Vice President, IANS

Collin is an Area Vice President at IANS and currently responsible for overseeing, managing and growing IANS End User Business Practice in the Mid-west, Mid-Atlanta and Southern portions of the U.S. Collin obtained his Bachelor of Science from James Cook University in Australia and holds graduate certificates in Applied Project Management and Business Analysis from Boston University.

11:15 AM - 12:00 AM

Leveraging MITRE ATT&CK for Coverage Mapping and Controls Effectiveness

with Rockie Brockway and Collin Snow

MITRE’s ATT&CK™ is a framework that supports information security teams as they seek to improve their posture. However, many security leaders do not understand how to use the ATT&CK framework to its fullest.

IANS Area Vice President Collin Snow and Rockie Brockway, Practice Leader at TrustedSec, will co-lead a session to set a baseline understanding of ATT&CK, and provide insights for leveraging the framework to improve:

  • Threat Modeling
  • Threat Hunting
  • Purple Teaming
  • Product Evaluations

Using a client example, Rockie will also discuss leveraging ATT&CK to assess coverage mapping, controls effectiveness, and testing & validation.

You will walk away from the session with detailed examples and practical applications.

mike-rothman

Mike Rothman

IANS Faculty

Mike has been in the information security industry for over 10 years. He is currently President and Analyst at Securosis, a firm exclusively focused on information security and research analysis. He started Security Incite in 2006 to provide the "voice of reason" in what was considered an overhyped, yet underwhelming security industry. After a brief detour as SVP, Strategy and Chief Marketing Officer at eIQNetworks, Mike joined Securosis at the start of 2010 with a "rejuvenated cynicism" about security. In 2007, Mike published "The Pragmatic CSO" to introduce technically oriented security professionals to the nuances of what is required to become a senior security professional.

12:00 PM - 1:00 PM

Lunch & IANS Faculty Briefing: Cloud Migration Strategies: Lift and Shift, Don’t Lift and Pray

with Mike Rothman

As wonderful as cloud-native deployments are, migrating existing resources to the cloud is an often-painful reality and creates serious security challenges. IANS Faculty member Mike Rothman will discuss some best practices for migrating even the most staid organizations to the cloud without compromising security. Mike’s briefing will address:

  • Understanding the big sticking points that inhibit successful migrations
  • Learning how to prioritize security in your cloud migration
  • Evaluating the most successful (and least successful) lift-and-shift patterns
1:00 PM - 2:00 PM

Solution Provider Power Hour

Executives from HackerOne, SentinelOne and Cortex by Palo Alto Networks will deliver 15-minute technical presentation to the assembled CISOs.

Following the briefing, IANS will facilitate a closed door, CISO-only discussion of the value and drawbacks of the vendor offered solutions.

Jeff Bull

Jeff Bull

McChrystal Group, Principal

Jeff Bull is a Principal at McChrystal Group, currently supporting an engagement with an American multinational oil and gas corporation.

Prior to joining McChrystal Group, Jeff retired from the Navy after 20 years of service. While in the Navy, Jeff was the Officer in Charge of Naval Special Warfare Basic Training Command Detachment Kodiak, AK. He was also a Cross-Functional Team Officer in Charge of sensitive special activities operations and special reconnaissance missions in support of OEF. Jeff has served on two SEAL teams and been deployed a dozen times.

Jeff earned his Bachelor of Arts degree in Strategic Studies and Defense Analysis from Norwich University. He has also obtained a Master of Science degree in Information and Knowledge Strategy from Columbia University and Master Certificate in International Business Management from Georgetown University.

2:00 PM - 3:10 PM

Winning in a Chaotic, Complex Environment: Lessons from a U.S. Special-Ops Officer

with Jeff Bull

Retired Navy SEAL Jeff Bull will introduce insights that help you and your organization adapt quicker and make faster, better decisions when managing complex, chaotic situations.

Jeff will start the session with some organizational and leadership lessons from ‘down range’ – how he and a handful of Special Operations officers turn the tide on the Iraqi insurgency in 2009-2011. Drawing from their lessons, this session will offer a blueprint for how to restructure an organization and lead in a fast-changing environment with incomplete, often contradictory, data.

3:10 PM - 3:20 PM

Afternoon Networking Break

Stewart Jones

Stewart Jones

Brunswick Group, Account Director

Stewart Jones is an Account Director in Brunswick Group’s Washington, D.C. office. She advises clients on a broad range of matters including cybersecurity and data privacy, reputation and profile-raising, and crisis.

Stewart has experience working with clients on a variety of public affairs matters. Her Brunswick roster includes Waymo, Target, and Afiniti. Previously, Stewart was a manager on Chemonics International’s growth and diversification team where she focused on new client acquisition and market entry strategy for companies interested in emerging markets. Prior to this, she was a Fulbright Scholar in Malaysia. Stewart has a B.A. from DePauw University and an M.Ed. from Harvard University.

Mark Seifert

Mark Seifert

Brunswick Group, Partner, Washington

Mark co-chairs the global Cybersecurity and Privacy practice, helping clients prepare for and respond to cybersecurity incidents. A certified privacy professional and a former regulatory attorney, Mark offers insights and practical advice to clients addressing complex privacy issues. In addition to his work in cybersecurity and privacy, he also advises clients on a variety of matters including corporate communications, media relationships, thought leadership, and government affairs.

Mark has extensive experience within the US government, including 16 years with the Federal Communications Commission as well as service in all three branches of government. At the Department of Commerce, he oversaw a $5bn broadband infrastructure program. Mark also served as counsel to the House Committee on Energy and Commerce on telecommunications and technology matters.

Mark has led retained accounts, projects, and transactions with both public and privately-owned clients including AT&T, Facebook, GE, Abbott, and Southwest. He also serves as a board member for the Center for Democracy and Technology.

3:20 PM - 4:20 PM

Managing the Media During an Incident: A Brunswick Group Workshop

with Stewart Jones and Mark Seifert

CISOs are increasingly public-facing executives – often in post-breach media briefings or other high-stakes situations. This Brunswick Group's workshop starts with an analysis of post-breach video clips and then pivots to recommendations on putting your best foot forward in working with the media. Topics include:

  • The CISO’s new dual external and internal role
  • Telling your story and honing your message
  • Dealing with traps and left-field questions
  • How to stay on message and avoid being sidetracked
Matt Comyns

Matt Comyns

Managing Partner, Caldwell Partners

Matt Comyns is managing partner of Caldwell Partners' Cyber Security Practice and a member of the Stamford office. His focus is on recruiting chief information security officers and next-level-down top lieutenants in information security for large global corporations and fast-growing private companies, as well as cyber security consultants for leading professional services firms and top executives for cyber security technology companies.

Matt previously co-led Russell Reynolds Associates’ Global Cyber Security Practice, within the firm’s Technology Sector. Prior to joining the executive search industry, he served as CEO of Pacific Epoch, a consulting firm that specializes in market intelligence and research for U.S.-based companies seeking to invest in and expand into China—until the completion of the firm’s sale. Prior to that, he was a founding partner of BlackInc Ventures, a strategic advisory firm providing clients in the digital media sector with leading outsourced solutions for business, sales, and corporate development.

Before launching BlackInc Ventures in 2004, Matt worked with CNET Networks Inc. for nearly seven years, holding various positions including senior vice president/publisher of News.com, vice president of business development, and director of business development at Snap.com. He has also served as a sales manager for Dow Jones Interactive in Asia and as a founding board member of The Online Publishers’ Association.

Matt holds a BA in political science from Bucknell University and is conversational in Mandarin. He previously served as a member of the Board of Directors for Music National Service, a national nonprofit organization and movement that supports music as a strategy for public good.

colin-snow

Collin Snow

Area Vice President, IANS

Collin is an Area Vice President at IANS and currently responsible for overseeing, managing and growing IANS End User Business Practice in the Mid-west, Mid-Atlanta and Southern portions of the U.S. Collin obtained his Bachelor of Science from James Cook University in Australia and holds graduate certificates in Applied Project Management and Business Analysis from Boston University.

4:20 PM - 5:00 PM

Trends in Hiring and Compensation: A Panel Discussion of CISO Executive Recruiters

with Matt Comyns and Collin Snow

In our final session, IANS Area Vice President Collin Snow will moderate a discussion with two of the security industry's leading CISO executive recruiters. The session will focus first on career development and then move toward hiring, compensation trends and negotiation best practices. We'll discuss:

  • What traits do recruiters look for in high performing CISOs?
  • What does it take to advance to the Fortune 500 ranks?
  • Has my compensation kept up with the market?
  • What three negotiation tips should I use for my next position?
5:00 PM - 6:00 PM

Networking Reception

After spending a day sharing ideas with your peers, join us for a networking reception to unwind and share insights from the day.

General Forum Opening

7:30 AM - 8:30 AM

Registration & Breakfast

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.
8:30 AM - 8:45 AM

IANS Welcome and Perspective

Come join us as we welcome you to the Forum.
Kecia Heidebrecht

Kecia Heidebrecht

Bank of America, Global Information Security (GIS) Cyber Security Technology (CST) Chief Operating Officer (COO)

Ms Heidebrecht joined Bank of America in 2006 (part of LaSalle Bank / ABN AMRO). She worked on the LaSalle Bank transition, Prime Brokerage divestiture, and the Merrill Lynch transition, as an information security project manager. Ms Heidebrecht moved into Global Business Continuity and Recovery (GBCR) in 2009 where she managed business continuity risk and controls, working to establish critical governance oversight and risk routines. In 2012, she joined the newly created Business Controls Monitoring and Readiness (BCMR) organization as the Executive overseeing business continuity, vendor management, change process, data management, and records retention functions. In 2015, Ms Heidebrecht joined Global Compliance as the Horizontal Technology Compliance Executive responsible for technology regulations oversight. She joined GIS in 2018 as COO for the Business Information Security Officer (BISO) organization and as the Chicago Site Executive responsible for the development and growth of the Chicago workforce. In April 2019, she assumed COO responsibility for the Cyber Security Technology (CST) organization and is responsible for running CST operations.

Ms Heidebrecht received her Bachelors of Administration from University of Illinois at Chicago with a degree in Communication and graduated with honors.

Ms Heidebrecht resides in Charlotte, NC.

Phil Gardner

Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

8:45 AM - 9:30 AM

Scaling a World-Class, Diverse InfoSec Team: A Keynote Conversation with BofA’s Kecia Heidebrecht

with Kecia Heidebrecht and Phil Gardner Bank of America’s Global Information Security (GIS) program is world-class and diverse with over 2,500 professionals working to protect the bank and its clients. Join Kecia Heidebrecht, BofA’s Cyber Security Technology COO, and IANS' Founder and CEO Phil Gardner for a keynote conversation where Kecia will detail how the bank sources, assesses and hires extraordinary InfoSec talent at scale. Kecia and Phil will also discuss how the bank achieves its diversity and inclusion targets within its aggressive hiring goals.
9:30 AM - 9:50 AM

Networking Break

Join your peers and transition to the CISO Roundtable for a day of closed-door, high-level sessions.

2019 Charlotte Facilitators

Phil Gardner

IANS Founder & Chief Executive Officer

Having built IANS’ end-user research offering, Phil now oversees all strategic and operational decisions at IANS. Phil began his career in security with seven years with the U.S. Navy as a Strike Fighter Pilot & Ordnance Requirements Officer. After receiving a Masters in Business Administration from Harvard Business School, he joined Goldman, Sachs & Co. in Mergers & Acquisitions and later became an associate with McKinsey & Company in Boston, MA. In 1996, Phil became one of the founders of Provant, Inc., a publicly traded training company serving the Fortune 1000 and Federal Government. He left Provant in 2000 to launch IANS. He graduated at the top of his class in US Navy Flight School.

Event: Charlotte Convention Center

501 South College Street, Charlotte, NC 28202

Hotel: The Westin Charlotte

601 S College St, Charlotte, NC 28202

Room Rate:

$289

per night plus tax

Attendee Contact

ians@iansresearch.com

Check out IANS other upcoming events