top of page

DAY 1
MONDAY, JUNE 27, 2022

11:00AM - 11:45AM EASTERN

 

[INTERACTIVE SESSION] 

The Evolution of the CISO Role: Transcending New Frontiers

CISOs are constantly challenged by disruptive changes across the dynamic enterprise ecosystem. A new era has dawned for CISO’s and it is imperative they acquire and expand their skills to drive the change agenda successfully. The CISOs mission spans across multiple organizational tiers and technology and business tiers ranging from cloud, identity management, enterprise risks management and strategic planning aligned with business goals and objectives.

 

This thought provoking and seminal session will explore whether CISO’s are just technology leaders or has the era of the business focused, enabling CISO arrived – and what does it entails.

Arun_Desouza_Jacket.jpg

Arun DeSouza

CISO

Nexteer

Nexteer_automotive_logo.png

11:45AM - 12:00PM EASTERN

 

[INTERACTIVE NETWORKING BREAK] 

Hometown & First Job Skill That You Use Today

Participants will share where they are from, their first job, and a skill/takeaway that they still use today learned from that job.

12:00PM - 12:45PM EASTERN

 

[INTERACTIVE SESSION] 

Cyber Risk Intelligence and the Meaning of a True Risk Exchange

Cyber risk intelligence is critical for businesses that operate in the digital world. It is the collection, evaluation, and analysis of cyber threat information by those with access to all-source information.

Like other areas of important business intelligence, cyber threat intelligence is qualitative information put into action to help develop security strategies and aid in identifying threats and opportunities.

In this session, Gary Phipps at CyberGRX explores:
Third-party cyber risk management vs self-assessments
Cyber risk intelligence in the wake of huge, high-profile breaches
The meaning of a true risk exchange

image (3).png

Gary Phipps

VP of Solution Architecture

CyberGRX

cybergrx.png

12:45PM - 1:15PM EASTERN

 

[30 MINUTE BREAK] 

1:15PM - 2:00PM EASTERN

 

[INTERACTIVE SESSION] 

Security as a Shared Responsibility. 

Can a security practitioner or team ensure security of company assets alone? Who owns the systems and data? Let’s discuss!

Todd Friedman.jpeg

Todd Friedman

CISO

ResMed

resmed.jpeg

2:00PM - 2:15PM EASTERN

 

[INTERACTIVE NETWORKING BREAK] 

Favorite Vacation Spot

Participants will share their favorite vacation spot (and something they like about it), and place(s) they'd like to go next.

2:15PM - 3:00PM EASTERN

 

[INTERACTIVE SESSION] 

Cyber Insurance

TBD

matt.jpeg

Matt Connors

Chief Information Security Officer 

Southern New Hampshire University

snhu.jpeg

3:00PM - 3:15PM EASTERN

 

[INTERACTIVE NETWORKING BREAK] 

Two Truths and a Lie

Participants will share 2 truths and 1 lie about themselves. Other participants will try to guess the lie.

3:15PM - 4:00PM EASTERN

 

[INTERACTIVE SESSION] 

 

Ransomware - Defeating ransomware – What is the Best Defense?

  1. Ransomware has been a prevalent attack vector for a decade

  2. Why does this continue to plague us

  3. How do we defend against it

  4. What’s the best way to recover

  5. If payments are made illegal, would you still consider paying to recover

Benjamin Corll.jpeg

Benjamin Corll

CISO

Coats

Coats logo.png

DAY 2
TUESDAY, JUNE 28, 2022

11:00AM - 11:45AM EASTERN

 

[INTERACTIVE SESSION]

Top Concerns for CISO's & Security Leaders

What keeps you up at night? We all have concerns about threats, attack vectors, and new vulnerabilities hitting the street every day.  

How do we help keep each other informed about top issues when they are changing at record speeds? What is your biggest challenge and area of focus this year? 

Let's have an open discussion about how we can all remain informed at the right level.

kelly h.jpeg

Kelly Haydu

Vice President of Information Security and Technology

CarGurus

cargurus-logo-vector.png

11:45AM - 12:00PM EASTERN

 

[INTERACTIVE NETWORKING BREAK] 

Bucket List Item

Participants will share a bucket list item that they'd like to accomplish, and/or one that was recently accomplished.

12:00PM - 12:45PM EASTERN

 

[INTERACTIVE SESSION] 

Preventing a Wave of Destruction from Bots as a Service with Machine Learning

Bad bots continue to be big trouble. Not only do they account for a quarter of all Internet traffic, it’s now easier than ever for the average, non-technical person to launch malicious bot attacks, thanks to bots as a service (BaaS)*.* The wake of destruction wrought by these bots can seriously jeopardize businesses’ website performance, customer experience, data security and overall reputation. 

Once upon a time, you had to be a bot expert to figure out how to forge your browser fingerprint realistically, generate human-like behavior, and route your requests through residential proxies. But now, having money trumps technical knowledge when it comes to launching hard-hitting bot attacks. 

Indeed, people are increasingly monetizing bots, providing them in exchange for a subscription fee. Bot users can outsource the creation of sophisticated bots to bot expert companies, which handle everything, from crafting a realistic fingerprint, to routing requests through proxies and forging CAPTCHAs. Users can interact with a bot through a paid API, but only pay for successful requests, e.g. requests that are not blocked.

BaaS exist for different purposes ranging from scraping, to credential stuffing and scalping, putting every industry at risk. 

Since these bots are sophisticated — and can be launched by just about anyone, thanks to BaaS — they require strong mitigations, such as:

- ML-based behavioral detection engine;

- Residential proxy detection; and

- Anti-CAPTCHA farms features.

This talk will reveal the inner workings of a modern bot detection engine. We will see which signals are collected, and how they are enriched. We will discuss why it is mandatory to analyze both server-side and client-side signals to protect websites against the threats posed by bots as a service.

Antoine VASTEL - Photo.jpeg

Antoine Vastel

Head of Research

DataDome

logo-DataDome-noir (2).jpg

12:45PM - 1:15PM

 

[30 MINUTE BREAK] 

1:15PM - 2:00PM EASTERN

 

[INTERACTIVE SESSION] 

Building a Culture of Security

We all know the saying “culture eats strategy for lunch”, right?  Join us to share success stories on how you have embedded cybersecurity into the culture of your company so that it is top of mind for your entire organization.

Because let’s face it, if cybersecurity is not part of your company culture, it won’t matter what your cybersecurity strategy is. 

COVANTA with tagline-HiRes.jpg
TLK HeadShot.jpg

Tammy Klotz

CISO

Covanta

2:00PM - 2:15PM EASTERN

 

[INTERACTIVE NETWORKING BREAK] 

Share a Background Image

Participants will share a background image with the group, and talk briefly about it. This can be a pet, enjoyed activity, family member, hometown, vacation spot, etc. 

2:15PM - 3:00PM EASTERN

 

[INTERACTIVE SESSION] 

How to Reduce the Risk of Phishing to the Organization Through a No-cost Modification to your Existing Security Awareness Program.

In this session I will describe a no-cost approach that we have used and introduced to other organizations to reduce the risk of phishing. The approach allows organizations to reduce risk in a quantifiable way that can be used in leadership and board presentations.

Neller_Andy_354_BC.jpg

Andy Neller

Director Cyber Security Operations and Risk, HIPAA Security Official

Wellmark Blue Cross Blue Shield

wellmark.jpeg

3:00PM - 3:15PM EASTERN

 

[INTERACTIVE NETWORKING BREAK] 

Get to Know Your Peers: Share Things You Like to do for Fun Outside of Work

Participants will share things they like to do for fun outside of work (hobbies, outside activities, musical instruments, cooking, pets, kids, etc.).

3:15PM - 4:00PM EASTERN

[INTERACTIVE SESSION]

 

Zero Trust Networking

What is it really?? And why is this such a buzzword throughout the Industry? In this discussion, we will go over the background of ZTN, the benefits it brings to your Company, and also the pitfalls to avoid.

Gray Mitchell.jpeg

Gray Mitchell

VP of Information Security

Global Atlantic Financial Group

GAFG_Logo.jpeg

DAY 2 | ONCON ICON AWARDS
TUESDAY, JUNE 28, 2022 AT 8PM - 9PM EASTERN

AWARDS CEREMONY AGENDA:

7:30pm Eastern
Awards Ceremony Waiting Room Opens & 30 Minute Countdown Begins *Refer to the meeting link in the calendar invite.

 

7:55pm Eastern
Webcams Are Encouraged To Be Turned On At This Time

 

8:00pm Eastern
Awards Ceremony Start & Opening Remarks

 

Awards Presenters: 

  1. Sujeet Bambawale | Chief Information Security Officer | 7-Eleven

  2. Mark Alvarado | Director of Cyber Security & IT Compliance | Academy Sports + Outdoors

  3. Amit Basu | Vice President, CIO & CISO | International Seaways

  4. Patricia Collins Weedon | Group SVP and CISO | Discovery

  5. Shelbi Rombout | Deputy Chief Information Security Officer | U.S. Bank

  6. Michael Bray | Chief Information Security Officer | The Vancouver Clinic

  7. Mark Connelly | CISO | Boston Consulting Group

  8. Garrett Smiley | Chief Information Security Officer | Serco, Inc.

  9. Edmond Mack | VP Security Architecture | GSK

  10. Drew Perry | CISO | Valvoline

 

9:00pm Eastern
Awards Ceremony Conclusion. *We will try to conclude the awards ceremony as close to 9pm as possible, but it is possible that we conclude before or after 9pm Eastern. 

 

bottom of page