NORTHEAST REGIONAL CISO POLICY ROUNDTABLE

May 18, 2022

The National Technology Security Coalition is delighted to host the Northeast Regional in New York, NY on May 18th at Jay Suites 5th Avenue. CISO Policy Roundtable brings together senior technology security executives in an exclusive setting to talk about trends in national cybersecurity policy.

CSC 2.0

Senior Director of CCTI and Senior Fellow at Foundation for Defense of Democracies (FDD) and Executive Director, CyberSolarium.org

The past two years have seen major advances in cyber legislation, and the Cyberspace Solarium Commission (CSC) was a driving force. The commission, which launched in 2019 and was formally dissolved at the end of 2021, produced roughly 100 recommendations from its 2020 report, and more than three dozen of Solarium’s recommendations have been turned into law, including creating a new cyber czar in the White House and surging funding and authorities to the Cybersecurity and Infrastructure Security Agency (CISA).

Please join us as the Admiral reflects on his two years leading the Solarium Commission and describes the goals of the CSC 2.0 Project (www.cybersolarium.org), which was created to support continued efforts to implement outstanding CSC recommendations, provide annual assessments of the implementation of CSC recommendation, and conduct research and analysis on several outstanding cybersecurity issues identified by the CSC during its tenure.

Looking Ahead

Kelly Bissell, Corporate Vice President of Security Service, Microsoft Corporation

Kelly Bissell leads the Security Service Line business for Microsoft and describes the mission as “transforming cyber security by providing a Microsoft platform that will help clients be secure so they can protect their IP and customers, all while reducing cost.” But what motivated Kelly to join Microsoft after a stellar stint at Accenture, where he led Accenture’s Global Security Practice, and how does he see the public/private partnership evolving as new legislation emerges mandating cyber incident reporting, which many feel is the tip of the iceberg from a legislative perspective. Kelly has more than 25 years of security industry experience specializing in breach incident response, identity management, privacy and data protection, secure software development, and cyber risk management. He has presented to more than 40 client boards and has presented to NACD & other director sessions, written articles for numerous publications such as WSJ, USA Today, CFO Magazine, CIO Magazine, and others. Kelly is also a Member of the Aspen Institute's Cybersecurity Forum and World Economic Forum’s Centre for Cybersecurity board. Please join us as Kelly shares his thoughts on the future of cybersecurity and what we need to do to ensure “collective defense” becomes a reality.

Systemic Risk - What is it and How do we prepare for it?

Emilian Papadopoulos, President, Good Harbor Security Risk Management

Over the past decade, various cyber experts have suggested that the nation could face a Cyber 911, i.e., the possibility that a cyber event could trigger severe instability or collapse of an entire industry or the economy. It is a frightening prospect and recent cyber events including Solar Winds and Log4J reinforce the concern, but what is systemic cyber risk? How should it be defined, and more importantly, how can we prepare for it?

The Carnegie Endowment for International Peace and the Aspen Institute recently published a paper entitled “Systemic Cyber Risk: A Primer”, and as the paper points out, “Many sectors of the global economy now rely on the same set of critical technology products and services, concentrating risk into an unknown number of possible failure points.” But for many, systemic cyber risk is a vague concept, and it is difficult to find a definition that everyone agrees with, plus our ability to find and measure sources of systemic cyber risk is extremely limited. We invite you to join us as our expert panel dissects the term and examines current perspectives on the threat of a systemic cyber event.

Agenda

1:20 p.m. - Welcome & Introductions

1:30 p.m. - CSC 2.0 - Rear Admiral (Ret.) Mark Montgomery, Executive Director, Cyber Solarium.org

2:15 p.m. - Looking Ahead - Kelly Bissell, Corporate Vice President, Microsoft Corporation

3:00 p.m. - Intermission

3:30 p.m. - Panel Discussion: "Systematic Cyber Risk - What is it and how do we prepare for it"

4:55 p.m. - Closing Remarks - Patrick Gaul, Executive Director, NTSC

5:15p.m. - Reception and VIP Dinner

Interested in attending?

An invitation-only event for CISOs and senior cybersecurity policy stakeholders, the NTSC Southeast Regional CISO Policy Roundtable serves as part of our mission to provide a platform for CISOs to discuss and advocate for beneficial legislative and regulatory cybersecurity policies.

If you are a CISO or senior technology security executive interested in attending, please do not hesitate to reach out to Patrick Gaul (patrick@ntsc.org) for more details.

There is no cost to attend.