2019 Texas CyberSecurity Collaboration Forum

May 16, 2019 – Four Seasons Hotel, Houston

Leadership Board Co-Chairs

Renu Khator, PhD Renu Khator, PhD
President
University of Houston
Al Lindseth Al Lindseth
Senior Vice President, Risk Management and IT
Plains All American
William F. McKeon William F. McKeon
President and Chief Executive Officer
Texas Medical Center
Nancy Rainosek Nancy Rainosek
Chief Information Security Officer
State of Texas
Donna Sollenberger Donna Sollenberger
Executive Vice President and Chief Executive Officer
University of Texas Medical Branch (UTMB) Health System
Less Stoltenberg Less Stoltenberg
Associate Vice President and Chief Information Security Officer
University of Texas MD Anderson Cancer Center

Leadership Board Members

  • •  Ernesto Ballesteros, State CyberSecurity Coordinator, Texas Department of Information Resources
  • •  Delaney Bellinger, Director, Helmerich and Payne; Former Chief Information Officer, Huntsman Corporation
  • •  Jason Black, Chief Information Security Officer, Tailored Brands, Inc.
  • •  Victoriano Casas III, Information Security Officer, Texas Department of Licensing and Regulation, State of Texas
  • •  Yanni Charalambous, Vice President and Chief Information Officer, Occidental Petroleum Corporation
  • •  Twila Day, Vice President, Chief Information Officer, Huntsman Corporation
  • •  Mary Dickerson, Chief Information Security Officer, University of Houston System
  • •  Stephen Elkins, Chief Information Officer, City of Austin
  • •  Chris Enslin, Senior Vice President and Chief Information Officer, Visionworks of America
  • •  Dennis Fouty, Associate Vice Chancellor, Vice President and Chief Information Officer, University of Houston System
  • •  Ana Girdner, CISA, CISM, Business Venture Champion, ExxonMobil Corp.
  • •  Amanda Hammel, Chief Information Officer, Memorial Hermann Health System
  • •  Bernard A. Harris, Jr., MD, MBA, FACP, NASA Space Shuttle Astronaut; Board Member, Texas Medical Center
  • •  Klara Jelinkova, Vice President for International Operations and IT and Chief Information Officer, Rice University
  • •  Christopher Joe, Chief Compliance Officer, AIG
  • •  Lisa Kent, Chief Information Officer, City of Houston
  • •  Axel Kirchgessner, Chief Information Officer, Americas and Vice President, Information Technology, Agility Logistics
  • •  Randy Langenderfer, Vice President, Chief Compliance and Audit Officer, Baylor College of Medicine
  • •  Todd Leach, Vice President, Chief Information Officer, University of Texas Medical Branch at Galveston
  • •  Karl Lehenbauer, Chief Technology Officer, FlightAware
  • •  Nataly Marks, Managing Director, Region Manager, JPMorgan Chase & Co.
  • •  Abel Martinez, Group Vice President of Partner Relations, Risk Solutions, and Gov’t Affairs, H-E-B, LP.
  • •  Joe Masters, Chief Security Officer, ConocoPhillips
  • •  Wyman Miles, Information Security Officer, Houston Airport System
  • •  Danny Miller, C | CISO, CISA, ITIL, CRISC CGEIT, QSA, QAR, System Chief Information Security Officer, Texas A&M University System
  • •  Christopher Mitchell, Chief Information Security Officer, City of Houston
  • •  Helen Mohrmann, Chief Information Security Officer, University of Texas System
  • •  Raghu Nambiar, Corporate Vice President and Chief Technology Officer, AMD
  • •  C. Todd Piczak, Vice President, Chief Compliance Officer, Kinder Morgan, Inc.
  • •  Rene Smeraglia, CISSP, CRISC, Chief Information Security Officer, NASA Johnson Space Center
  • •  Maurice Tayeh, Global Chief Information Officer, Hatch Digital
  • •  Judy Titera, Chief Privacy Officer, USAA
  • •  Marc Varner, Corporate Vice President, Global Chief Information Security Officer, Yum Brands
  • •  Jeffrey M. Vinson Sr., Vice President and Chief Information Security Officer, Harris Health System
  • •  Genady Vishnevetsky, CISSP, CISM, CRISC, Chief Information Security Officer, Stewart Title
  • •  Derek Vorpahl, Vice President, Chief Information Security Officer, Versant Health
  • •  Erica Williams, Chief Information Officer, Texas Market, Community Health System
  • •  Kevin Williams, Chief Information Security Officer, City of Austin
  • •  James Williamson, Chief Information Security Officer (Americas), Intertek
  • •  Allen Wuescher, Vice President and Chief Information Officer, Toshiba International Corporation
  • •  Randy Yates, Vice President, Chief Information Security Officer, Memorial Hermann
  • •  Benito Ybarra, Chief Audit and Compliance Officer, Texas Department of Transportation


Agenda

Thank you to the Leadership Board who developed the agenda based on their insights and direction.

View Final Agenda


Security of the Future: What’s Next?
— Hosted by SentinelOne —

Speaker:

Allen Wuescher

Allen Wuescher
Vice President and Chief Information Officer, Toshiba International Corporation
View Bio

 

Understanding Vulnerabilities Within your Organization
— Hosted by RSA —

Speaker:

Geoffrey F. Jenista, CISSP, MBA, MA

Geoffrey F. Jenista, CISSP, MBA, MA
Cyber Security Advisor, Region VII, Cybersecurity and Infrastructure Security Agency, Cybersecurity Division, Department of Homeland Security
View Bio

 

Security the Supply Chain

Speaker:

Rene E. Smeraglia, CISSP, CRISC

René E. Smeraglia, CISSP, CRISC
Chief Information Security Officer – JSC, NASA Johnson Space Center
View Bio

Maurice Tayeh

Maurice Tayeh
Global Chief Information Officer, Hatch Digital
View Bio

 

Cyber Leadership: Lessons in Leading Through a Breach
Target, Marriott, Equifax, Facebook – if you were responsible for information security for one of these organizations, what would you have done differently, knowing what you know today? What does it mean to be a security “leader”? What do Boards, customers, employees, and the public expect from cyber leaders?

Professor Steve Black shares case studies and lessons that illuminate what it means to be an effective cyber leader, and what value such leadership can add to an organization in terms of trust, culture and true security. — Hosted by Duo Security —

Speaker:

Stephen Black

Stephen Black
Professor, Texas Tech School of Law

 

Improving Awareness: Overhauling Internal Training Programs

Speakers:

Klara Jelinkova

Klara Jelinkova
Vice President, International Operations and IT and Chief Information Officer, Rice University
View Bio

Todd Piczak

C. Todd Piczak
Chief Compliance Officer, Kinder Morgan

 

Sorting Priorities: Developing a Risk-Based Security Prioritization Strategy

Speakers:

Robert Shaffer

Robert Shaffer
Associate Vice President Information Security and Chief Information Security Officer, University of Texas Medical Branch

Emma Ramos

Emma Ramos
Associate Vice President, Information Services Operations, University of Texas Medical Branch

 

Developing Your Own Insider Threat Program
— Sponsored by Pamir Consulting LLC —

Speakers:

Michael Morgan

Michael Morgan
Special Agent, Federal Bureau of Investigation
View Bio

Less Stoltenberg

Less Stoltenberg
Associate Vice President and Chief Information Security Officer, University of Texas M.D, Anderson Cancer Center

 

The Role of Machine Learning in Cyber Defense
Machine learning in the cyber defense area, while not new, is emerging as an impactful platform to help organizations gain insight into their environment and affect cybersecurity. This session explains cyber defense using tools and methods from machine learning and how it works. Also within the discussion is the difference in this context between machine learning and artificial intelligence and what the impact of the current level of automation brings. — Hosted by RedSeal —

Speaker:

Danny Miller

Danny Miller, C | CISO, CISA, ITIL, CRISC CGEIT, QSA, QAR
System Chief Information Security Officer, Texas A&M University System

 

Communication Tactics: What Your Board Needs to Know to Buy-In

Speakers:

Al Lindseth

Al Lindseth
SVP, Risk Management and IT, Plains All American

Jeffrey Vinson

Jeffrey Vinson, Sr.
Vice President and Chief Information Security Officer, Harris Health System
View Bio

 

Creating an Information Sharing Ecosystem
— Hosted by Netskope —

Speakers:

Ernesto Ballesteros, JD, MS, CISSP, CISA

Ernesto Ballesteros, JD, MS, CISSP, CISA - Moderator
State Cybersecurity Coordinator, Texas Department of Information Resources
View Bio

Mary E. Dickerson, MBA, CISSP, CISM, PMP

Mary E. Dickerson, MBA, CISSP, CISM, PMP
Chief Information Security Officer, University of Houston System
View Bio

Genady Vishnevetsky, CISSP, CISM, CRISC

Genady Vishnevetsky, CISSP, CISM, CRISC
Chief Information Security Officer, Stewart Title

Gregory B. White, PhD

Gregory B. White, PhD
Director, Center for Infrastructure Assurance and Security; Professor of Computer Science, University of Texas at San Antonio; Executive Director, Information Sharing and Analysis Organization Standards Organization; Chairman, National Cybersecurity Preparedness Consortium
View Bio

 

Herding Cats, Not Driving Cattle: Developing a Common Risk Reporting Framework Across Large Enterprises
This presentation will discuss process used to develop a common report format for information security programs and risks across eight academic and six academic healthcare institutions. — Hosted by Baker Tilly —

Speaker:

Helen Mohrmann

Helen Mohrmann
Chief Information Security Officer, University of Texas System
View Bio

 

Slow Your Roll: Outlining Key Roles and Responsibilities Before a Breach
— Sponsored by Awake Security —

Speaker:

Marc Varner

Marc Varner
Corporate Vice President and Global Chief Information Security Officer, Yum! Brands

Rahul Kashyap

Rahul Kashyap
Chief Executive Officer, Awake Security
View Bio

 

Emerging Trends in the Cybersecurity Space
— Hosted by enSilo —

Speaker:

Lisa M. Angelo

Lisa M. Angelo
Attorney, Angelo Law

 

Daring Greatly and Innovating in an Evolving Cyber World
As dynamic as the cyber landscape is, and as quickly as it changes, cyber is binary—there are attackers, and there are defenders. Understanding the threat is imperative in order to ensure that finite resources are allocated appropriately. If we are not aligned to—or at least considering—the threat, we have missed the mark. JPMorgan is no exception. But what else can we do to be dynamic and agile as we defend ourselves? In his keynote presentation, Nick Adam outlines guidelines and best practices that govern how organizations can approach structuring teams and posturing against today’s threats. Come away with an understanding of tactics to be more dynamic when planning controls in your environment, strategies to effectively adopt cloud and leverage SaaS, and ways technology can help reduce overwhelming noise problems.
— Hosted by Mimecast —

Speaker:

Nick Adam

Nick Adam
Executive Director, Cybersecurity and Technology Controls, JPMorgan Chase
View Bio

 

Extending Endpoint Detection Capabilities
— Sponsored by CrowdStrike —

Speaker:

Josh Behnke

Josh Behnke
Senior Sales Engineer, CrowdStrike

Wyman Miles

Wyman Miles
Information Security Officer, Houston Airport System

 

Speakers

Nick Adam Nick Adam
Executive Director, Cybersecurity and Technology Controls
JPMorgan Chase
View Bio
Lisa M. Angelo Lisa M. Angelo
Attorney
Angelo Law
Ernesto Ballesteros, JD, MS, CISSP, CISA Ernesto Ballesteros, JD, MS, CISSP, CISA
State Cybersecurity Coordinator
Texas Department of Information Resources
View Bio
Josh Behnke Josh Behnke
Senior Sales Engineer
CrowdStrike
Stephen Black Stephen T. Black, JD, LL.M
Professor
Texas Tech School of Law
View Bio
Mary E. Dickerson, MBA, CISSP, CISM, PMP Mary E. Dickerson, MBA, CISSP, CISM, PMP
Chief Information Security Officer
University of Houston System
View Bio
Angela Haun Angela Haun
Executive Director
Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC)
View Bio
Klara Jelinkova Klara Jelinkova
Vice President for International Operations and IT and Chief Information Officer
Rice University
View Bio
Geoffrey F. Jenista, CISSP, MBA, MA Geoffrey F. Jenista, CISSP, MBA, MA
Cyber Security Advisor, Region VII (MO, KS, IA, NE)
Cybersecurity and Infrastructure Security Agency, Cybersecurity Division Stakeholder Engagement and Cyber Infrastructure Resilience

US Department of Homeland Security
View Bio
Rahul Kashyap Rahul Kashyap
Chief Executive Officer
Awake Security
View Bio
Renu Khator, PhD Renu Khator, PhD
President
University of Houston
Randy Langenderfer Randy Langenderfer
Vice President, Chief Compliance and Audit Officer
Baylor College of Medicine
Al Lindseth Al Lindseth
Senior Vice President, Risk Management and IT
Plains All American
Wyman Miles Wyman Miles
Information Security Officer
Houston Airport System
Danny Miller Danny Miller, C | CISO, CISA, ITIL, CRISC CGEIT, QSA, QAR
System Chief Information Security Officer
Texas A&M University System
View Bio
Michael Morgan Michael S. Morgan
Special Agent
FBI Houston Division, Private Sector Coordinator
View Bio
Helen Mohrmann Helen Mohrmann
Chief Information Security Officer
University of Texas System
View Bio
Matthew O’Connor Matthew O’Connor
Technical Director, Cloud Office of the Chief Technology Officer
Google
View Bio
C. Todd Piczak C. Todd Piczak
Chief Compliance Officer
Kinder Morgan
Emma Ramos Emma Ramos
Associate Vice President, Information Security Operations
University of Texas Medical Branch
Robert Shaffer Robert Shaffer
Associate Vice President, Information Security and Chief Information Security Officer
University of Texas Medical Branch
Rene Smeraglia, CISSP, CRISC Rene Smeraglia, CISSP, CRISC
Chief Information Security Officer
NASA Johnson Space Center
View Bio
Less Stoltenberg Less Stoltenberg
Associate Vice President and Chief Information Security Officer
University of Texas MD Anderson Cancer Center
Maurice Tayeh Maurice Tayeh
Global Chief Information Officer
Hatch Digital
View Bio
Marc Varner Marc Varner
Corporate Vice President and Global Chief Information Security Officer
Yum Brands
Jeffrey Vinson, Sr. Jeffrey Vinson, Sr.
Vice President and Chief Information Security Officer
Harris Health System
View Bio
Genady Vishnevetsky, CISSP, CISM, CRISC Genady Vishnevetsky, CISSP, CISM, CRISC
Chief Information Security Officer
Stewart Title
View Bio
Gregory B. White, PhD Gregory B. White, PhD
Director, Center for Infrastructure Assurance and Security
Professor of Computer Science, University of Texas at San Antonio
Executive Director, Information Sharing and Analysis Organization Standards Organization
Chairman, National Cybersecurity Preparedness Consortium
View Bio
Allen Wuescher Allen Wuescher
Vice President, Chief Information Officer
Toshiba International Corporation
View Bio
   

Sponsors

The Leadership Board is reviewing nominated sponsors and selecting the industry-leading partners that they will be inviting to participate. For sponsorship inquiries, please email paml@cxocollaboration.com.

Executive Boardroom

Awake Security
White Paper

Awake Security is the only advanced network traffic analysis company that delivers a privacy-aware solution capable of detecting and visualizing behavioral, mal-intent and compliance incidents with full forensics context. Powered by Ava, Awake’s security expert system, the Awake Security Platform combines federated machine learning, threat intelligence and human expertise. The platform analyzes billions of communications to autonomously discover, profile and classify every device, user and application on any network. Through automated hunting and investigation, Awake uncovers malicious intent from insiders and external attackers alike. The company is ranked #1 for time to value because of its frictionless approach that delivers answers rather than alerts. awakesecurity.com

Pamir Consulting, LLC
White Paper

Pamir Consulting LLC, and its subsidiary Trust Farm LLC, is a business advisory firm based in Virginia and Texas specializing in Insider Threat Management-as-a-Services, compliance behavioral intelligence & investigations, and Intellectual Property and brand protection. Our staff is comprised of former executive-level U.S. government officials from federal law enforcement and the Intelligence Community that have experience building compliance-focused Insider Threat Risk Management Programs. We discretely assist companies, universities, research institutions, and government agencies in the design, implementation, and management of risk management solutions to reduce the likelihood and impact of research data and other trade secret loss, theft and misappropriation. www.pamirllc.com

Best Practice

CrowdStrike
White Paper

CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus, endpoint detection and response (EDR), and a 24/7 managed hunting service — all delivered via a single lightweight agent.

The CrowdStrike Falcon™ platform, certified to replace legacy antivirus, has reinvented how endpoint security is delivered with its industry-leading, cloud native architecture. CrowdStrike Falcon protects customers against advanced cyber attacks, using sophisticated signatureless artificial intelligence/machine learning and Indicator of Attack (IOA) based threat prevention to stop known and unknown threats in real-time. www.crowdstrike.com

Session Host - Keynote

Duo Security
White Paper

Duo Security helps defend organizations against data breaches by making security easy and effective. Duo Beyond, the company's category defining zero-trust security platform, enables organizations to provide trusted access to all of their critical applications, for any user, from anywhere, and with any device. The company is a trusted partner to more than 10,000 customers globally, including Dresser-Rand, Etsy, Facebook, K-Swiss, Random House, Yelp, Zillow, Paramount Pictures, and more. Founded in Michigan, Duo has offices in Ann Arbor and Detroit, as well as growing hubs in Austin, Texas; San Mateo, California; and London, UK. Visit: duo.com

Mimecast
White Paper

Mimecast is a cybersecurity provider that helps thousands of organizations worldwide make email safer, restore trust and bolster cyber resilience. Known for safeguarding customers against dangerous email, Mimecast’s expanded cloud suite enables organizations to implement a comprehensive cyber resilience strategy. From email and web security, archive and data protection, to awareness training, uptime assurance and more, Mimecast helps organizations stand strong in the face of cyberattacks, human error and technical failure. www.mimecast.com

Session Host

Baker Tilly
White Paper

Baker Tilly is a nationally recognized accounting and advisory firm. Our clients trust our proactive and experienced advice to manage risk, governance, compliance, cybersecurity and information technology (IT), fraud, and other strategic and operational issues. With a collaborative approach to developing strategic solutions, Baker Tilly’s cybersecurity and IT risk practice helps organizations maximize the security, integrity and availability of IT investments by assessing risk, designing controls and implementing effective IT governance processes. Understand the five core elements to safeguard your organization’s information in our e-book, Roadmap to Building a Sustainable Cybersecurity Management Program. bakertilly.com

enSilo
White Paper

enSilo protects businesses around the world from data breaches and disruption caused by cyber attacks. The enSilo Endpoint Security Platform comprehensively secures endpoints in real-time pre- and post-infection without alert fatigue, excessive dwell time or breach anxiety while also containing incident response costs by orchestrating automated detection, prevention and incident response actions against advanced malware. enSilo’s patented approach stops advanced malware with a high degree of precision, provides full system visibility and an intuitive user interface and combines next-generation antivirus (NGAV), application communication control, automated endpoint detection and response (EDR) with real-time blocking, threat hunting, incident response, and virtual patching capabilities in a single agent. The platform can be deployed either in the cloud or on-premises and supports multi-tenancy. www.ensilo.com

Netskope
White Paper

Netskope is the leader in cloud security. We help the world’s largest organizations take full advantage of the cloud and web without sacrificing security. Our patented Cloud XD technology eliminates blind spots by going deeper than any other security provider to quickly target and control activities across thousands of cloud services and millions of websites. With full control through one cloud-native interface, our customers benefit from 360-degree data protection that guards data everywhere and advanced threat protection that stops elusive attacks. Netskope — smart cloud security. www.netskope.com

RedSeal

www.redseal.net

RSA
White Paper

RSA, a Dell Technologies business, offers business-driven security solutions that uniquely link business context with security incidents to help organizations manage digital risk and protect what matters most. RSA's award winning cybersecurity solutions are designed to effectively detect and respond to advanced attacks; manage user identities and access; and, reduce business risk, fraud, and cybercrime. RSA protects millions of users around the world and helps more than 90% of the Fortune 500 companies thrive in an uncertain, high-risk world. For more information, go to rsa.com

SentinelOne

SentinelOne, headquartered in Mountain View, California, is a provider of next-generation endpoint security, serving more than 2000 customers globally, including 3 of the Fortune 10. Leveraging a single autonomous agent architecture and cloud analytics platform – the SentinelOne solution enables customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise or as a multi-tenant managed service, customers use SentinelOne to protect their servers, VDI, cloud and endpoint systems (including cross platform coverage for Windows, Windows legacy, macOS, and Linux), hunt threats, and replace legacy antivirus. www.sentinelone.com

Hospitality

Darktrace
White Paper

Darktrace is the world’s leading AI company for cyber defense. With thousands of customers worldwide, the AI-powered Enterprise Immune System is trusted to detect and fight back against cyber-attacks in real time. The self-learning AI protects the cloud, SaaS, corporate networks, IoT and industrial systems against cyber-threats and vulnerabilities, from insider threats and ransomware, to stealthy and silent attacks. Darktrace has over 800 employees and 40 offices worldwide. It is headquartered in San Francisco, and Cambridge, UK. Visit: darktrace.com

Contributing

Weaver and Tidwell, LLP
White Paper

Weaver and Tidwell, L.L.P., is a national full-service accounting firm with offices coast to coast. Weaver serves clients from Fortune 500 multinational companies to start-ups, local and state government, and nonprofit organizations. The firm is particularly well known in the financial services, energy, manufacturing, construction, real estate, health care and government sectors. Weaver’s services go beyond traditional assurance and tax services to include risk advisory, IT advisory, cybersecurity, due diligence, valuation, energy compliance, forensics and litigation services, as well as specialty tax services such as international tax, state and local tax and private client services. Learn more at weaver.com

Zix
White Paper

Zix is a leader in email security and compliance, addressing inbound and outbound risks. Trusted by the nation’s most influential institutions in healthcare, finance and government, Zix delivers a superior experience and easy-to-use solutions for email encryption and data loss prevention, advanced threat protection, unified archiving, and bring your own device (BYOD) security. Focusing on the protection of business communication, Zix enables its customers to better secure data and meet compliance needs. For more information, visit zixcorp.com

Emerging Game Changers

Armis
White Paper

Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems. armis.com

Ordr

Ordr is delivering the first actionable artificial intelligence (AI)-based systems control engine for the hyper-connected enterprise, providing complete visibility and exhaustive control over every class of connected device and system. The Ordr Systems Control Engine is purpose-built to fully map the device flow genome at massive scale, to continuously inspect, classify and baseline the behavior of every device. Ordr’s architecture is unique in its ability to process enormous quantities of data in real-time, using sophisticated AI to deliver closed-loop security, automatically generating and implementing policies directly through existing multi-vendor network and security infrastructure. For more information visit: www.ordr.net

Location and Venue Four Seasons Hotel Houston

Four Seasons Hotel Houston

Four Seasons Hotel Houston
1300 Lamar St
Houston, TX 77010

Main Phone: 1.713.650.1300 | Website

Room Reservations:
Reserve by Phone: 1.800.734.4114 or by Website: Click here
Use this code: CI0519HE, and let them know you are part of the Texas CyberSecurity Collaboration Forum

Contact Us

Please contact Pam about any of your Forum or sponsorship needs.

Pamela Leone
Senior Vice President
CyberSecurity Collaboration Forum
D: 503.303.8156 | M: 503.577.8341
E: paml@cxocollaboration.com