6th Annual National CISO Policy Conference
Washington D.C.
July 20, 2023
July 20, 2023
The National Technology Security Coalition is proud to announce our 6th Annual National CISO Policy Conference will be held in Washington D.C. on July 20, 2023. The NTSC has one mission, and that is to serve as the National Voice of the CISO in Washington D.C. Our national conference is designed to address issues and concerns that resonate with the CISO community, and we invite you to join us and add your voice to the conversation.
Jen Easterly, Director, CISA & Kelly Bissell, Corporate Vice President, Security Services Line, Microsoft Corporation
The NTSC is delighted to announce that CISA Director Jen Easterly will be joining us at our 6th Annual National Conference in Washington, D.C. on July 20, 2023. The Director will be sitting down with Microsoft Corporate Vice President Kelly Bissell to discuss cyber and how it impacts so many of the challenges facing the United States today, from geopolitical to technological as well as the business problems created by the increased activity of cyber criminals and adversarial nation states.
Kelly Bissell is the Global Lead for Security Services at Microsoft and is a trusted advisor to CISA and the Director. We look forward to a fascinating conversation and gaining more insight into CISA’s priorities as so many global events continue to unfold.
Lucia Milică Stacy, Vice President & Global Resident Chief Information Security Officer, Proofpoint, Inc., Ben Aung, Executive Vice President, Chief Risk Officer, & Global Chief Information Security Officer, The Sage Group, and Shawn Harris, Senior Director of Information Security, Chipotle Mexican Grill
To gain insights into the minds of CISOs during these turbulent times, Proofpoint, Inc. surveyed 1,600 CISOs from around the world, examining the threats and risks they face daily and the defenses they are building and produced a report “The Voice of the CISO”, which Lucia Milica, SVP & Global Resident CISO will examine during our second session at the NTSC National Conference.
The report focuses on the challenges that CISOs face day in and day out, with the hope that their shared experiences can help policymakers and other national leaders gain a better view of cybersecurity realities. Lucia will explore how CISOs feel about their preparedness against cyber-attacks and how their relationships with the board impact their ability to advance cybersecurity priorities. We will examine CISOs’ sentiments about current trends such as financial reporting requirements and concerns about personal liability.
We will learn how the economy is impacting cybersecurity budgets and how all these issues are affecting CISOs personally.
Katherine Kuehn, Chief Trust Officer, Aon - Panel Moderator, Beth-Anne Bygum, Senior Vice President & Chief Security and Compliance Officer, Acxiom, Jamil Farshchi, Chief Information Security Officer, Equifax
There are multiple opinions with respect to how
organizations should foster and promote diversity within their ranks. Some
agreed that hiring managers should be aware of biases when evaluating
candidates and actively seek out diverse applicants for vacancies. Others
emphasized the need for training and mentorship programs to help minority
candidates gain the technical skills and knowledge necessary to succeed in the
field.
During this panel discussion four senior technology security executives will discuss the importance of diversity in the cyber workforce. The panelists will explore how diverse work environments
can help organizations develop better solutions to cyber threats and discuss the
need for an inclusive workplace culture that provides equal opportunities for
all individuals regardless of their ethnicity, gender, or other
characteristics.
The panelists will provide personal insights into how they
have taken steps to actively seek out diverse applicants for roles and in doing
so have created a workplace culture that embraces and celebrates diversity.
Mario Balakgie, Global Business Chief Information Security Officer, World Wide Technology - Panel Moderator, Darren Highfill, Chief Information Security Officer, Norfolk Southern Corporation, Marene Allison, Special Advisor for NTSC Board of Directors and Former VP & CISO for Johnson & Johnson
Security organizations face incredible demands to ensure that their business environment is protected in the best and most efficient way possible. To achieve this, the use of security tools is critical and the market offers an overwhelming number of solutions. Solution types and capabilities are never ending in terms of capabilities and continue to evolve at an increasing pace.
Tools, be it leading vendor products or ones new to the market, are being purchased at an unprecedented level. While many of the security solutions are essential, and in some cases critical, organizations are finding themselves with a sprawl of tools raising important questions on the right needs and right fit. Equally, the total investments being made on security tools is significant and organizations must ensure efficiency while still lowering risks to the business.
At the outset of any tool's rationalization process, organizations need to first highlight the evaluation criteria for existing toolsets. To do so, discern which tools are necessary to fulfill the appropriate security outcomes while also streamlining costs. This results in a decision-making process and analysis addressing important considerations for all security tool investments.
This includes the following:
Organizations will continue to make tools investments, and it is expected more products will be placed in front of decision-makers. Conducting a rationalization process is key to ensure and support a holistic security posture to ultimately manage risks
Elias (Lou) Mansousos, Corporate Vice President, Microsoft Corporation
Cybersecurity is at an inflection point. Threat actors are quickly outpacing defenders with unprecedented scale, speed, and capabilities. Security teams must meet these modern threats with new force-multiplying tools and technologies.
In this session, Microsoft
Corporate Vice President Elias Manousos will discuss how investments and
innovations his team is making in threat intelligence and artificial
intelligence will supercharge defenders to exceed their adversaries and
gain the upper hand in today's ongoing game of cyber cat-and-mouse.
Cory Simpson, CEO & Founder, Gray Space Strategies, Rear Admiral (Ret.) Mark Montgomery, Senior Director of CCTI, Senior Fellow at Foundation for Defense of Democracies (FDD), and Executive Director of Cyber Solarium.org, and Vice Admiral (Ret.) T.J. White, Nonresident Senior Fellow, Forward Defense Practice of the Atlantic Council's Scowcroft Center for Strategy & Security
It
isn’t often that two former Naval Officers like T.J. White, whose last
role with the Navy was Vice Admiral & Commander US Fleet Cyber
Command, US Tenth Fleet & Navy Space Command and Retired Rear
Admiral Mark Montgomery, who served as the Commander of Carrier
Strike Group 5 with the U.S. Pacific Fleet, and later as the Executive
Director of the U.S. Cyberspace Solarium Commission, come together for a
fireside chat. They served together at US IndoPacific Command – Mark as
J3 and TJ as J2.
We invite you to join us as Admirals White and Montgomery discuss their views on a range of issues, from the impact cyber has had on the geopolitical stage to the potential influence that GenAI will have on the cyber workforce challenge, to the need to revise the Public/Private Collaboration to Protect U.S. Critical Infrastructure. Guiding the conversation with be Gray Space Strategies Founder & CEO Cory Simpson, a former Senior Director with the U.S. Cyberspace Solarium Commission, National Security Law Advisor with U.S. Cyber Command and Adjunct Senior Fellow, Technology and National Security Program at the Center for a New American Security (CNAS).
An invitation-only event for CISOs and senior cybersecurity policy stakeholders, the NTSC National CISO Policy Conference serves as part of our mission to provide a platform for CISOs to discuss and advocate for beneficial legislative and regulatory cybersecurity policies.