2015 FS-ISAC FALL Summit - Professional Development Group

www.fsisac-summit.com
www.fsisac.com
2015 FS-ISAC FALL Summit
Intelligence
into Action
San Diego, California
Hotel del Coronado
October 25-28
We live in unparalleled times in regards to technology innovation,
the rapid speed of information, and an unprecedented focus on
cyber security. As practitioners, you know the importance of
having the latest information on threats, the ability to quickly
identify the latest trends relevant to you, and to “be connected” to
keep pace with a chaotic world - having a “circle of trust” is now
more important than ever.
Since 1999, the FS-ISAC has been pushing the envelope on
information sharing and is considered by many to be the gold
standard on demonstrating public/private sector partnerships.
One way we create “circles of trust” is through the delivery of
premium content and access to trusted partners at our annual
conferences.
If you’ve joined us at previous events, you already know the FS-ISAC
conferences offer excellent content, marquee venues, prominent
industry leaders, and guest speakers just to name a few.
This year’s Fall Conference - to be held at the beautiful beach front
Victorian Hotel del Coronado - aims to surpass your expectations
with content in applicable topics such as cyber intelligence, threats
& attacks, and governance. The FS-ISAC is also elated to have as
keynote the Honorable Mike Rogers, the former U.S. House of
Representatives luminary on cybersecurity, counter-terrorism and
national security policy issues.
Whether you’re representing a global bank, community institution,
broker dealer, or any company in the financial sector, we all
represent the security leaders of our industry and are only as
strong as the weakest link. Come join us and be part of our “circle
of trust.”
On behalf of the Planning and Content Committee of the 2015 FSISAC Fall Conference, I look forward to personally welcoming you
in San Diego, California in October, 2015.
Greg Temm
Conference Chair, 2015 FS-ISAC Fall Conference
Vice President, Cyber Intelligence & Public Private Partnership
MasterCard
FS-ISAC Mission
Statement
The Financial Services
Information Sharing and
Analysis Center (FS-ISAC)
is a non-profit corporation
that was established in
1999 and is funded by
its member firms. The
FS-ISAC is a memberdriven organization
whose mission is to help
assure the resilience
and continuity of
the global financial
services infrastructure
and individual firms
against acts that could
significantly impact the
sector’s ability to provide
services critical to the
orderly function of the
global economy. The FSISAC shares threat and
vulnerability information,
conducts coordinated
contingency planning
exercises, manages rapid
response communications
for both cyber and
physical events, conducts
education and training
programs, and fosters
collaborations with and
among other key sectors
and government agencies.
Learn more at
www.fsisac.com
Who Should Attend?
Why Should You Attend?
• CISO, CSO, CIO, CTO, and CRO
• Presentations by over three dozen
Senior Executive FS-ISAC members
• Head of Threat Intelligence
• EVP, SVP, VP, and Director of these areas:
-
Security Operations
Fraud
Investigations
Physical Security
Business Continuity
Audit & Compliance
Payment Risk Management
Payment Operations
• Payment Line of Business Managers including:
- Online Banking
- Online Treasury Management
• Concrete take-aways including case
studies and best practices
• Interactive sessions that allow for
strategic and solution-oriented
discussion
• Actionable information & sharing
designed specifically for financial
services institutions
• Complimentary attendance for Premier
and above members
- All meals and events during the
conference are included
Mike Rogers
Former Member of US Congress, Member of the
US Army, and FBI Special Agent
As a former member of the U.S. Congress
representing Michigan’s Eighth Congressional
District, a member of the U.S. Army and FBI
special agent, Mike Rogers is in a unique position
to shape the national debate on a wide variety of
issues. Rogers uses his insider perspective gained
from traveling the globe—from the Middle East
to South America—to host “Something to Think
About,” with Mike Rogers on Westwood One.
From his time in the U.S. House of Representatives,
where he chaired the powerful House Intelligence
Committee and was a member of the Energy
and Commerce panel, Rogers built a legacy as
a tireless and effective leader on cybersecurity,
counter-terrorism and national security policy.
Washington Post columnist, David Ignatius,
remarked, Rogers was “a rare example of
bipartisanship.”
Rogers has worked with two presidents, Congressional leadership and countless foreign
leaders, diplomats and intelligence professionals to ensure the brave men and women who
fight for our nation are equipped with the resources necessary to get the job done.
Rogers is a CNN national security contributor and also appears in the major print outlets such
as The New York Times, The Washington Post, The Wall Street Journal and the Associated
Press. He is a staple on radio and had more Sunday show appearances than any other elected
official in 2013 and 2014.
Rogers graduated from Adrian College in 1985, was a commissioned officer in the U.S. Army
through the University of Michigan, and served as an FBI special agent. He is married with
two children—a daughter and a son.
Hotel del Coronado
1500 Orange Avenue; Coronado, CA 92118
Phone: (619) 435-6611
Reservations
Toll-Free: 1-800-468-3533
www.fsisac-summit.com/fall-hotel-travel
When making your reservation, be sure to mention that you are attending the FS-ISAC Fall
Summit so that you can receive FS-ISAC’s discounted group rate of $270 per night. This rate
is available until October 9 or once the block is full, so be sure to make your reservation early
to avoid disappointment.
Airport and Transportation
San Diego International Airport (SAN) - 9 mi from hotel - approx. $35 taxi one way
Attendance Restrictions
The FS-ISAC Fall Summit restricts attendance to regulated financial services firms, relevant
public sector entities, and country-level banking associations and payments associations.
Examiners and those responsible for informing public policy are not eligible to attend. If you
have questions regarding eligibility contact [email protected].
FS-ISAC Affiliation
Premier/Platinum/Gold Member
Early Bird (ends 9/25) Standard Registration (after 9/25)
COMPLIMENTARY
COMPLIMENTARY
Non-Member/CNOP Member
$895
$1,750
Basic/Core Member
$895
$1,500
Standard Member
$795
$1,250
Government
$895
$895
Guest*
$895
$895
*Guest registration may include spouse, family members, significant others, etc. but does not
apply to colleagues or other practitioners in the financial services community. Guests do not
attend sessions, but only meals and networking events.
Conference Registration Cancellation
Cancellations are subject to a $50 administrative fee. NO REFUNDS will be made for
cancellations received after September 7. Email [email protected] for more
information or to cancel.
Online Registration
www.fsisac-summit.com/Fall-Attendee-Reg
Agari
Akamai
Arxan Technologies
Bit 9 + Carbon Black
BrandProtect
BrightPoint Security
Checkmarx
CyberArk
Cyphort
DB Networks
Dell SecureWorks
Easy Solutions
Guardian Analytics
Invotas
Malwarebytes
Menlo Security
NetSPI
Prelert
Proofpoint
Rapid7
Security Compass
SecurityScorecard
Synack
Tripwire
Waratek
A Case Study in Building an AppSec Program: 0-60 in 12 Months
This case study will detail the implementation of an enterprise application security program at
a financial software provider. Day 1, the organization had no application security program. Day
365, they had a comprehensive program with controls throughout the SDLC, feedback loops
and effective metrics. This case will highlight the controls implemented, resistance encountered
and lessons learned.
Actionable Intelligence to Combat the Latest Malware Threats and Cybercrime Tactics
Impacting Financial Institutions
Financial services firms are highly targeted by cybercriminals, making it imperative to address
cyber security deficiencies. The presenter will share the latest malware evasion and defensein-depth strategies, along with new ways to deliver actionable intelligence to prevent attacks
within the enterprise and anonymously share information that benefits the entire industry.
Actor Profiling: Methods for Actor Attribution
There are several frameworks for making an actor attribution. Some of them begin with a
general idea of characteristics of people/organizations who might wish to target a given
institution and identify matching persons/organizations while others track suspicious persons/
groups and extrapolate characteristics of interest to determine who the adversaries are. The
session will draw on the experience and recommended best practices of experienced panelists
with expertise in actor attribution.
Analyzing Advanced Threat: A View from the Inside
Banks are under attack. What threats do the largest financial services firms in the world face
and how do they mitigate advanced cyber-attacks? One best practice is threat isolation, which
prevents breaches and enables complete analysis of the attack. Join the presenters for a
discussion of this best practice and analysis of some of the advanced threats facing financial
services firms.
Applied Security Analytics - Case Studies and Use Cases From the Battlefields
Join the speakers along with CSOs from companies like GE Capital, ITG, Rockwell Automation
and others as they share how applying advanced security analytics models can address
sophisticated use cases, and promote rapid detection of advanced attacks and threats in their
environments. Learn how the latest innovations in security analytics transformed the way
organizations approach security.
A Walk Through Your Corporate Airspace: Understanding the IoT
This interactive session will explore the known, unknown and ‘ghost’ devices found on a walk
through your corporate airspace from DC to 10Ghz. The convergence of the Internet of Things
devices, the absence of visibility in the network, and the future impact on the enterprise will
be presented comprehensively. Attendees will leave with an awareness of the infiltration of
devices in the network, as well as techniques for discovery and defense.
Behavior-based Cybersecurity Analytics
Technologies have evolved that enable us to create, store, and share digital information. As result
a new security landscape has emerged. Cybersecurity threats are increasingly sophisticated
and adversaries are finding ways to exploit an organization’s vulnerabilities. New developments
in big data technologies and behavioral analytics will support the transformation of the next
generation of cybersecurity capabilities. In this session, the presenters will outline technology
trends and innovations that will impact behavior modeling and improved cybersecurity.
Block Chain – The Next Big Disruption to Global Payments
Block chaining technology is the basis for crypto-based currency like Bitcoin. But did you
know that the same technology is being used by innovators to potentially disrupt the entire
payments ecosystem? In this panel, industry experts will talk about the implications of rapidly evolving
block chaining technologies.
Case Study: Security Insights
In conjunction with an FS-ISAC member, the speaker will present this intriguing case study. The case
study for a security data lake, delivering: - Security Insights - management decision support for the
CISO across Controls, Vulnerabilities. - Security Analytics - anomaly detection for Insider / APT. Operationalizing Threat Intelligence. Presentation will include the lessons learned in creating a multiuse case Security Insights facility. The talk covers 6 suggested presentation topics.
Change the Game - Fight Those Who Fight You
Over the years, attackers of all affiliations have broken into corporations and stolen documents, pilfered
bank accounts, or attempted to social engineer our employees. Many forget that the attackers are
human too, and are susceptible to the same techniques they are using. In this session, the presenter
will give several use cases and ideas that will make life more difficult for the attackers you are facing.
Cryptocurrency and the Dark Web: Exploring the New Criminal Underground
Two years after the invention and the release of the Bitcoin, the world’s most popular cryptocurrency,
cyber criminals managed to exploit the technology for a multitude of crimes. In this session, the
presenters will explore the creation of the Silk Road beginning in 2011 to its fall in 2013. They will
explore the criminal underground since the Silk Road’s demise and see how criminals buy and sell
illegal goods and trade stolen credentials, laundering millions of dollars.
Cyber Resiliency
The Executive Management team should recognize its leadership role in setting the proper tone and
structure for enabling cyber resiliency throughout the organization. They should also recognize the
importance of mitigating cyber risks as an essential task in maintaining the on-going success of their
institution. Cyber resilient organizations are better positioned to keep pace with evolving threats,
thereby helping them to avoid financial damage, negative publicity, and loss of customers’ trust.
Effective Exploitation of Shared Threat Data
Threat Intelligence sharing often emphasizes more and faster intelligence as the solution for
effective countermeasures despite lower value and less context. LM-CIRT has developed a system to
automatically assess shared threat data within the context of pre-evaluated intelligence to reliably and
rapidly apply the high-value intelligence to defenses with low false positive rates. The presenters will
share some of the tools and processes they’ve developed to manage this life-cycle and some threat
data sharing metrics.
ELK All the Things
This session will focus on how USAA is leveraging an open-source log management solution –
Elasticsearch, Logstash, Kibana (ELK) to improve analyst response time, provide dramatically
improved analytical and visualization capabilities and make data fun. The presenters will highlight
lessons learned as they built their ELK environment and a couple of key dashboards and visualizations
used by analysts in production today.
Enterprise Cyber Risk Management – Why It’s a Game-Changer for Your Company
Historically, there has been a dichotomy between business, technology, and risk at a global enterprise.
This results in a siloed view of risk and weakens risk management controls and governance. To address
these challenges, BNY Mellon implemented a Corporate Senior Information Risk Officer (CSIRO)
program. CSIROs are placed within individual businesses to provide targeted risk expertise. This
session provides an inside look at the CSIRO program at BNY Mellon and its structure and progress.
Evolving Your Threat Intelligence Capabilities: Strategic and Proactive Cyber Defense
This session will introduce a new way to approach the concept of “threat intelligence” The idea of
threat-driven intelligence operations is fairly new, and the presenters want to recommend a further
iteration that encompasses strategic and future-focused intelligence capabilities -- this holistic
approach, they believe, will prepare enterprises for the evolving threat landscape rather than
constrain us all into reaction-mode in perpetuity.
FFIEC Cybersecurity Assessment Tool
This summer, the FFIEC released a Cybersecurity Assessment Tool (Assessment). The
presenter will describe the features and benefits of the Assessment that was developed by the
regulators for banks and credit unions to identify their inherent risk profile and measure their
cybersecurity preparedness.
Financial Services for Technical Security Professionals
Several Financial institutions hire information security professionals from other sectors. In
order for information security professionals to properly prioritize threats, incidents, and the
implementation of security controls, it is imperative that they understand the business of
financial services and the environment in which that business operates. Each line of business in
financial services has a unique threat landscape distinct from the others. Business leaders can
offer their perspective on what is most important to them.
FS-ISAC 101
This session is an interactive workshop on FS-ISAC services. This will be offered as an early bird
on the first day and targets new members. It provides an overview of FS-ISAC, how to use the
portal, filter alerts, and participate in appropriate special interest groups.
Hot Off the Press: Cloud and Security Finally Become Friends
Financial services firms are embracing public cloud services and meeting their numerous
security and compliance requirements. Sound too good to be true? Come hear from two
industry luminaries as they share strategies to extend critical on-premise application security
capabilities to SaaS, PaaS and IaaS environments. The presenters will discuss common use
cases and architectures that go beyond conventional approaches to cloud application security.
Implementing an Action-Oriented Insider Risk Management Program
An increasing number of Global 1000 organizations are establishing insider risk management
programs, as security executives see the risks that malicious, compromised and negligent
insiders have on organizations. This session explores the following elements of an insider
risk management program: (1) stakeholder roles and responsibilities; (2) workflows among
stakeholder groups; and (3) technical enablers for improving a broad multi-stakeholder insider
risk management program. Additionally, the presenters will focus on real-world scenarios from
Blackstone’s insider risk management program.
Implementing .bank: Experiences and Opportunities
The .bank top level domain has been operational since May 2015, providing a more secure,
identifiable space for banks and bank customers to transact business online. This panel will
focus on the experience of bankers in implementing the domain to take advantage of this
opportunity.
Improving Financial Services Response in a National Cyber Crisis
The financial services sector must be prepared for involvement in a national-level cyber crisis.
This session describes how the industry conducts sector-level crisis response, coordinates with
the government, and conducts readiness activities to include drills and exercises. Discussion
focuses on areas for future improvement.
Inside Apple Pay: Authentication and Fraud Prevention in the Evolving Payments Landscape
Apple Pay represents the tip of the iceberg of the evolving payments landscape, and it is already
a hotbed for fraud. In this presentation, the presenters will lead a live demonstration of realworld hacks that criminals are using to manipulate Apple Pay to avoid complex authentication
paths. They will then evaluate the authentication and security measures used by several credit card
issuers to deter these attacks, comparing their effectiveness in preventing the use of stolen accounts.
Key Concerns for CEOs and Board of Directors
This is a CEO and Board of Director level session that will explore key concerns of CEOs and the Board
as it relates to cybersecurity and resiliency issues and effective strategies for communicating risks and
asking for appropriate resources to mitigate the risk.
Key Concerns for How Technology Firms are Enhancing Security Controls
A panel of technology firms will discuss their efforts in building security into the foundation of their
products.
Key Outcomes from the Public/Private Initiatives Government Efforts to Improve Cybersecurity
Before this session, review the key outcomes from the “Hamilton” exercises, including the Request for
Technical Assistance and Destructive Malware Task Force. A panel of public and private participants
will discuss the work they are doing to enhance cybersecurity.
Lessons Learned From A Cloud Data Breach
Several financial service organizations are reluctant to adopt cloud services due to fears related to
overstated risks on cloud application usage. To help facilitate informed decision-making, the speaker
will present the only documented demonstration of a cloud-based attack and explain how when using
advanced detection and heuristic capabilities, organizations adopting cloud technologies can protect
themselves from attacks while addressing financial services security compliance requirements.
Let the Mentoring Begin!!!!
FS-ISAC has just begun a Mentoring program which matches security practitioners in large FI’s with
security and IT professionals in smaller organizations. This panel will explore the current program,
what topics are being mentored, and discuss success stories while giving the attendee a chance to ask
questions and even possibly get matched up.
Leveraging Cyber Threat & Intelligence in Proactive Fraud Analytics and Investigations
Cyber security and fraud organizations have traditionally been distinct organizations within financial
institutions. The increasing sophistication of fraudsters and the focus on cyber-attack vectors to
facilitate fraudulent activity, demonstrates the need for cyber security and fraud organizations to work
together. This proposed session provides a framework and series of case studies for cyber threat &
intelligence support to proactive fraud monitoring and fraud investigations along with examples that
illustrate monetary impact of cooperation.
Leveraging the Threat Intelligence Maturity Model to Build an Intel-Driven Security Program
Implementing a comprehensive intelligence driven security program is a multi-faceted effort. In this
session, the presenters will present TIMM -- Threat Intelligence Maturity Model. This in depth model
will enable attendees to assess their cyber security program’s current state, measure gaps against a
desired future maturity level and understand the steps required to get there.
More than an ISO: Cyber Risk Management
The proliferation of cyber risks (attacks, SOC reports, client audits, regulatory exams, internal audits,
vendor reviews, incidents, resiliency events, etc.) are driving organizations to establish a technology
risk management program that goes beyond the role of the Information Security Officer (ISO). This
session will examine some of the emerging risks and requirements for technology risk management,
discuss how in practice it differs from information security, and share best practices for identifying and
controlling cyber risks.
Neighborhood Watch – Collaborate and Educate to Keep Cybercriminals Off of Our Networks
In this presentation, the speakers will detail the evolution of cybercriminal tactics within the financial
sector, focusing on how criminals are maintaining a footprint within our networks through sophisticated
evasion techniques. Understand how the Eastern European hacker community has been
especially effective at evading current controls and its effect on the industry. Finally, two
recent case studies will exemplify how you can decrease cybercriminal time on your network
and more accurately predict future attacks.
Offense, Defense and Special Teams – What are We Learning and Sharing Across Functions?
The presenters will look at current threats, financial malware trends, and real behind the scenes
use cases to derive meaningful security intelligence during such a rapid pace of change. While
working with leading financial institutions and exploring big data and analytics, they will review
key lessons learned from operationalizing such programs and see how firms can optimize
security information sharing and deliver the capabilities needed to proactively stop threats,
protect critical assets, and firm and client data.
Presenting Cyber Risk to your Board of Directors (BOD)
The Board of Directors are more engaged on Cyber Security issues than ever before. Attend
this session to learn about tools, techniques and languages that translate cyber security issues
into broader enterprise risk matters and get the attention of your organization’s executives
and board members. Attendees will take away three tools that they can apply in their next
board presentation.
Punching Miscreants with PCRE/ERE/BRE/RegEx
This is an audience-interactive and audience-inclusive workshop on patterning and string
matching using PCRE (Perl Compatible Regular Expressions) as a weapon for defeating exploit
kits, string tokenization, and moving beyond traditional wildcard string globbing approaches.
If you’ve ever wanted to learn or try Regular Expressions in an informal atmosphere, this is the
session for you.
Quality Over Quantity; Separating Quality Cyberthreat Data from the Rest
With the rise of cyberthreat intelligence, the term “quality data” is being used an awful lot. But
how do you identify quality data and separate it from “noise?” IID and the Ponemon Institute
will reveal for the first time results of a survey of hundreds of businesses and U.S. government
agencies around cyberthreat data. They’ll address what the key characteristics of quality data
are, how “bad” data has negatively impacted their organization and much more.
Quantifying Cloud Risk for Your Firms’ Leadership
Your firm is adopting the cloud in a big way. Beyond people using their favorite productivity
apps, your leaders are using the cloud for critical business processes across virtually every
function. Whether those cloud services are sanctioned or shadowed, your fellow executives are
asking questions like “Is our cloud usage safe and compliant?” and “Are there files containing
PCI or PII in the cloud?” Learn key trends and data about quantifying enterprise cloud risks
through this presentation.
Real-Time Community Intelligence Collaboration with STIX
The next step for machine-to-machine collaboration with STIX goes further than just sharing
indicators of compromise. Sightings can provide industry context around a specific IOC,
which can be leveraged for better decision-making. Join this session to see how Soltra Edge
helps communities communicate Sightings that can help turn intelligence data into mitigating
actions.
Report from the Trenches: How are Cybercriminals Bypassing our Controls?
The security industry produces a wide range of products to protect networks, yet cybercriminals
are constantly innovating and identifying new methods to bypass these controls. This session
will show some of these innovative attacks used by cybercriminals in the wild and analyze how
they bypass security solutions. As defenders, we need to understand the limitations of the
tools we use and innovate as our enemy does to protect from the new attacks.
Risk Driven from the Front Line: Using Incident Responders and Threat Assessments to Inform Risk
Decisions
This presentation will review State Farm’s adoption of the FAIR (Factor Analysis of Information Risk)
methodology, and how that adoption allowed for the creation of a tactical Threat Assessment process.
The presentation will review the assessment deliverable, the aspects of FAIR used to derive the
threat values used to calculate risk, and the role the Incident Responders play in completing a threat
assessment with a focus on the operational (quick use) tools in use today.
Securing Security: Architecture Considerations for Financial Services Security Systems
Distinguishing an ambitious employee from a malicious impostor in time to prevent damage and loss
requires scalable data, compute, and connectivity resources. This presentation presents an architecture
that provides this scalability, and addresses the security considerations necessary for implementation
and portability across multiple cloud deployment options. The session’s presenter will discuss how
organizations can maintain data security by anonymizing customer identifiers, protecting data at rest
through encryption, controlling data retention and destruction, and quickly recovering infrastructure
during compromise.
Security Awareness: How I Learned I am Terrible at It and Stopped Worrying
Security Awareness is failing and always has. It’s considered largely ineffective by management,
useless to employees, and laughable to attackers. Security pros know security but not human behavior.
Despite all the best-practices and, even with a budget, most awareness programs are basically a
“security theatre.” Instead of taking pages out of the security handbook, this session will focus on
other disciplines such as behavioral science, risk communication, even gamification principles. It will
also highlight on the Awareness as a Layer 8 problem.
State of the Cyber Security Workforce and What To Do About It
The information and cyber security workforce shortfall is growing year after year, and the primary
reason is less about money and more about the insufficient pool of suitable candidates. However, this
projected workforce shortfall does not mean hiring will stop. In this panel, the presenters will discuss
the results of the 2015 (ISC)2 Global Information Security Workforce study and what approaches
companies can take to face rising security workforce shortages.
STIX for Beginners
If you’ve recently heard of STIX and are new to machine-to-machine intelligence communication, this
session is for you. Topics will include: the basics of the cyber intelligence standards STIX & TAXII, and
a brief introduction on the current state and use of the standards in the industry today.
The Future of Cyber Crime: More Targeted and Elusive Attacks, Less Collateral Damage
Attacks against individuals have proven to be effective for stealing personal and financial information.
With that being said, no method is more dangerous than malicious digital advertising (malvertising).
Using the ad ecosystem, a threat actor can infect millions with a single ad on any device, from any
website, with little collateral damage. This presentation will look into the malvertising ecosystem and
offer best practices that financial services firms can use to lower the risks these attacks pose to their
customers.
Third-Party Governance Done Right
This session will feature a mature 3rd party security governance process implemented for Aetna that
adds risk-based security controls to a robust compliance program that address the risks of third parties
hosting member health information and providing web portal access or mobile access. The Global
Information Security Director for the 3rd Party Security Governance program has implemented five
security specific controls across hundreds of third parties that address things like software security
maturity and risks, authentication of users, encryption of data in transit and at rest, using frameworks
from the financial services industry. They lead a vendor ISAC community to share cyber security
intelligence and best practices with the vendors to improve their cyber resiliency.
Threat Intelligence Comes of Age: Market Dynamics, Use Cases and New Technologies for
Financial Services
Threat intelligence helps Financial CISOs use their security, spend more efficiently, and combat
adversaries more effectively. However, the market remains nascent and fragmented and most
of the integration burden still rests with the SOC. With that being said, TI services from different
vendors are not easily compared. In this session, the presenters will map out the TI marketplace,
including all the top vendors and major classes of offerings, to help CISOs understand the
ecosystem and determine which providers fit their needs.
Understanding the Eurasian Cyber Threat
A panel of experts from the government and the industry with experience in combating
cybercrime and the nation state threats emanating from Eurasia, will discuss their view of the
threat from each of their distinct perspectives.
User Behavior Analytics - Fraud, Insider Threat & Access Misuse
PayPal leverages User Behavior Analytics (UBA) to address cases of fraud, access misuse,
and insider threats. This is geared specifically towards fraud. Behavior analytics are a key
component for account security and detecting customer account takeover. Predictive analysis
based on identity enhances PayPal defense to proactively protect customers. Identity and
access intelligence is also leveraged to detect misuse for identity’s and their access. From
an internal perspective, the third use case looks for insider threats and employee account
takeovers.
Using Classified Information to Secure Your Company’s Systems
Who in your company needs a clearance? How will they get classified information? How will
they use it without going to jail? We’ve been working with the government to identify ways to
improve how we receive classified information and how we use it within our organizations. This
panel will discuss lessons learned, products and coming deliverables from the working group.
Vendor Risk Assurance, Data Breach and Business Impact
The vendor community is critical to business operations and success. Organizations issue
vendor user accounts and access to key organizational resources. However, recent data
breaches can be attributed to their untethered access. Comcast Cable, a global leader in
media/technology, manages thousands of vendor accounts with internal access to a broad
range of critical information. Learn how Comcast tackles this challenge with an innovative
vendor risk assurance program that combats data breaches and effectively manages business/
security risks.
Venezuela and Cuba Latin America’s Security Challenges
Venezuela has made several efforts to increase its cyber capabilities. These efforts include a
proactive effort for cyber network exploitation and attack capabilities. This session explores
resources, frameworks and contemporary cyber risks in response to this trend as well as the
cyber relationships being built in Latin America. What impact will this have on the financial
services community for Latin America? What cyber risks are implied and can be tracked?
What CISOs Need to Know about Cyber Insurance
CISOs are told to expect that their company will be attacked and compromised. Cyber insurance
is poised to help financially bail them out if an attacker is successful. In this session, a former
financial CISO, now Global Operations Leader over Incident Response services, will share what
he has learned in the trenches that could make your policy better and your premium lower.
What do you really need to focus on to get great Cyber Insurance?
* We apologize to all Affiliate Members, Affiliate Board Advisors, and Sponsors who are not permitted to
attend members only and technical forum sessions, which will be announced at a future date.
Join us for complimentary snacks and refreshments, and a technology showcase where the
latest technical innovations in cyber-awareness, proactive security and defense will be on
display. In this relaxed setting, attendees get to select up to three solutions they’d like to
see. These information-packed 15 minute sessions will be presented by technology experts
from our vendor sponsors, will be use-case driven and will be tailored to the unique needs of
FS-ISAC members.
Advanced Malware Remediation and Protection Strategies
Malwarebytes
Akamai Security Solutions: Protecting Banks Worldwide
Akamai
Checkmarx PCI-DSS Compliance Without the Hassle
Checkmarx
Combine SAST+RASP to Find and Fix Application Flaws Automatically
Waratek
Learn How Multi-Vector Detection and Asset Context Provide Insight to Threat Defense and
Remediation
Cyphort
Does Your CISO Know Where the SSH Keys are Hidden?
CyberArk
Eliminating Malware from Web and Email via Isolation
Menlo Security
Hiding in Plain Site: Protect Against Bad Hashes
Tripwire
How to Automatically Incorporate Application Security Requirements to Reduce Risk and
Scale Your Security Team
Security Compass
How to Hack a Mobile Banking App
Arxan Technologies
Improve Situational Awareness to Counter the Risk Posed by Advanced and Evasive Threats
Dell SecureWorks
Insights into the Database Infrastructure
DB Networks
New Integrated View of Cross-Channel Client Activity to Intelligently Assess Fraud Risk
Guardian Analytics
New Outside Cyber Threats Expand Your Attack Surface – What You Need To Know
BrandProtect
Orchestration Changes Everything
Invotas
Proactive Security: The Optimal Pairing of Man & Machine
Synack
Security’s Biggest Blind Spot: Third Party Risk
SecurityScorecard
Speedy Detection of DNS-based Data Exfiltration
Prelert
Strong Security for Your Weak Link: Implementing People-Centric Security in FSIs
Proofpoint
Techniques for Mitigating Security Risks
Rapid7
The Need for Speed: Sharing Threat Intel in Real Time Helps Prevent Breaches
BrightPoint Security
Understand Your Fraud Landscape
Easy Solutions
Vulnerability Triage at Broadridge Financial with NetSPI’s CorrelatedVM
NetSPI
Why 6 of the Top Global Banks Use Agari to Secure their Email
Agari
Why Application Whitelisting Makes Sense in Financial Services
Bit 9 + Carbon Black
Agenda is subject to change. For an up-to-date agenda, visit www.fsisac-summit.com/fall-agenda
Sunday, October 25
All Day
4:00 - 6:00 pm
6:00 - 7:00 pm
7:00 - 9:00 pm
Monday, October 26
8:00 am - 9:00 pm
8:00 - 9:00 am
8:30 - 10:00 am
9:00 am - 12:00 pm
12:00 - 1:00 pm
1:00 - 4:30 pm
3:00 - 6:00 pm
5:00 - 6:00 pm
6:00 - 7:00 pm
7:00 - 11:00 pm
Tuesday, October 27
7:00 am - 7:00 pm
7:00 - 8:00 am
8:00 - 8:15 am
8:15 - 9:00 am
9:00 - 9:30 am
9:30 - 10:15 am
10:15 - 11:15 am
11:30 am - 12:30 pm
12:30 - 1:45 pm
1:45 - 2:45 pm
3:00 - 4:00 pm
4:15 - 5:15 pm
5:15 - 6:15 pm
6:15 - 9:00 pm
9:00 - 11:00 pm
Wednesday, October 28
7:00 am - 6:00 pm
7:00 - 8:00 am
8:00 - 8:15 am
8:15 - 8:45 am
8:45 - 9:15 am
9:30 - 10:30 am
10:30 - 11:00 am
11:00 am - 12:00 pm
12:00 - 1:00 pm
1:00 - 2:00 pm
2:15 - 3:15 pm
3:30 - 4:30 pm
4:30 - 6:30 pm
1:00 - 7:00 pm
7:00 - 9:00 pm
Sponsored Excursions* (Pool Cabanas, Wave Runners, or Sailing)
Early Registration
Opening Welcome Reception
Sponsored Member Dinners*
Registration
Board and Member Breakfast*
Board Meeting*
Members Only Technical Forum*
Members Only Lunch*
Members Only Meeting*
Sponsor Registration and Sponsor Hall Set-up
Solutions Showcase General Session*
Networking Reception in Sponsor Hall
Midway Dinner Event
Registration
Breakfast
Opening Remarks
Keynote Session
General Session
Networking Break
Concurrent Breakouts
Concurrent Breakouts
Birds of a Feather Lunch
Concurrent Breakouts
Concurrent Breakouts
Solutions Showcase General Session*
Networking Reception in Sponsor Hall
Sponsor Dine Around
Sponsored Beach After Hours Hospitality Suite
Registration
Breakfast
Opening Remarks
General Session
General Session
Concurrent Breakouts
Networking Break
Concurrent Breakouts
Luncheon in Sponsor Hall
Solutions Showcase General Session*
Concurrent Breakouts
Concurrent Breakouts
Conference Close ‘Jeoparty’ Reception
Sponsor Hall Teardown
Sponsored Member Dinners (closed to all non platinum sponsors)
*closed to Sponsor Attendees with the exception of companies approved for sponsoring the event
GOLD SPONSORS
www.fsisac.com | www.fsisac-summit.com
Follow us on twitter! @FSISACUS
San Diego, California
Hotel del Coronado
October 25-28
into Action
Intelligence
2015 FS-ISAC Fall Summit
12020 Sunrise Valley Dr
Suite 230
Reston, VA 20191
RETURN SERVICE REQUESTED
PRSRT STD
U.S. POSTAGE
PAID
BLOOMINGTON, IN
PERMIT NO. 3