Main Conference Program 2017

DOWNLOAD YOUR COPY OF THE AGENDA

June 20th, 2017

08:00

Registration and refreshments

08:50

CHAIR'S WELCOME REMARKS

Jack Freund, ‎Senior Manager, Cyber Risk, TIAA

*Interactive Audience Poll via Sli.do
Vote live to generate real-time content #CYBERRISKNSA

8:55

KEYNOTE ADDRESS: Cyber risk - a clear and present danger

James Brenneman, Assistant to the Special Agent in Charge, US SECRET SERVICE

9:25

REGULATORY KEYNOTE ADDRESS: Regulations, compliance and cyber risk management

Don Anderson Jr., Senior Vice President & CIO, FEDERAL RESERVE BANK OF BOSTON

9:55

KEYNOTE ADDRESS:The buy-side perspective: Cyber security risk identification and management

  • Cyber security response protocols
  • Emerging cyber threats: evaluating their magnitude and complexity
  • How to reverse stress test for cyber security

Robert Rupp, Executive Vice President and Chief Risk Officer, THE HARTFORD

10:25

CISO PANEL: Preventing another Swift attack

  • How can banks avoid phishing and malware?
  • Which payments systems are likely to be targeted next and how to prepare for it
  • Regulatory probe into vulnerabilities, processes, encryption and technological controls
  • Evaluating remediation plans?
  • What metrics and data should be presented to the board/senior management?

Michael Leking, Business Information Security Officer, U.S. BANK
Peter Keenan,
Chief Information Security Officer (CISO), LAZARD
Howard Whyte,
Chief Information Security Officer (CISO), FEDERAL DEPOSIT INSURANCE CORPORATION (FDIC)
Richard Smith,
Cyber Risk Advisor, DEPARTMENT OF HOMELAND SECURITY (DHS)

11:10

Morning coffee and networking break

11:40

PANEL DISCUSSION: Quantifying cyber risk exposure

  • Using factor analysis of information risk (Fair) VAR model for quantification and analysis
  • Putting a price tag on enterprise-wide loss exposure
  • Justifying the value of cybersecurity to management and the board

Jack Freund,Senior Manager, Cyber Risk, TIAA-CREF
Jack Jones,
EVP Research & Development, RISKLENS
Evan Wheeler,
Director, Information Risk Management, MUFG UNION BANK

12:20

PANEL DISCUSSION:Measuring the impact of cyber security breach and managing cyber risk

  • The cost of business interruption
  • Reputational damage and legal costs associate with theft of customer information
  • The growing trend of cyber liability insurance
  • Building robust business continuity and disaster recovery plans
  • What type of data is needed for managing this risk?

Moderator: Richard Van Horn, J.P MORGAN CHASE
Ryan E. Bateman, Director- Technology, SANDS CAPITAL MANAGEMENT
Thomas A. Fuhrman,
Managing Director, Cyber Security Consulting and Advisory Services, MARSH

1:00

Lunch and networking break

2:00

PRESENTATION: Changing threat landscapes and new technology outlook

  • Identify today's cyber attack vectors, from IoT devices and insider threat to third-party service providers and cloud platforms
  • Evaluate applications of machine learning and AI technologies to advanced cyber defense
  • Discuss prioritization and visualization of threats as a tool for better resource allocation and lower risk
  • Examine real-world examples of detected threats that routinely bypass traditional controls

Nicole Eagan, CEO, DARKTRACE

2:35

LIVE INTERVIEW: Cyber as a subset of operational risk

  • Can information security use the same op risk framework?
  • Will existing taxonomies and risk registers used to classify op risk losses suffice?
  • Moving away from unsupported legacy systems to established taxonomies that bridge the gap between technology specialists and risk professionals

Shelly Martin, Vice President Operational Risk, STATE STREET
Ivan Pooran,
Head of Operational Risk, GUARDIAN LIFE
Mandar Rege,
Senior Vice President, Global Head Enterprise Technology Risk Management, TD BANK

3:05

Afternoon coffee and networking break

3:35

ALL-STAR PANEL: The "new normal": Convergence of operational and cyber security risk

  • Expanding operational risk to include cyber security risks
  • Revamping the ERM strategy: How can aligning fraud, IT, cyber security and operational risk management help join the dots?
  • Updating the three lines of defence to align board-level risk appetite
  • Crossing silos to foster knowledge sharing and cooperation

Moderator: Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS
John J. Doherty, Partner, Information Technology Advisory Services, EY
Beth Rudofker, Global Head of Operational Risk Management, CITI
Linda Vanderburgt,
Head of Operational Risk, Advisory and Oversight, Personal and Commercial Banking and RBC Insurance, Group Risk Management, RBC

*Audience Q&A
Submit your questions via sli.do

4:45

CHAMPAGNE ROUNDTABLES: Bring your questions, leave with your answers!

From session to roundtable- Take the day's most contentious issues and fully engage with your peers in small interactive roundtable discussions to drill down, best practice share and take away diverse approaches to the same challenge from your fellow industry peers.

• Roundtable 1: Regulation
Host: Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA
• Roundtable 2: AML
Host: TBC
• Roundtable 3: Cyber risk and data security
Host: TBC
• Roundtable 4: Geopolitical risks
Host: TBC
• Roundtable 5: Outsourcing
Host: Deborah Hrvatin, ‎Managing Director, Head of Operational Risk Management Americas, DEUTSCHE BANK
• Roundtable 6: Conduct risk
Host: TBC
• Roundtable 7: Organisational change
Host: Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments, AIG
• Roundtable 8: IT failure
Host: TBC
• Roundtable 9: Fraud
Host: TBC
• Roundtable 10: ORM to ERM: OpRisk management concepts portable to Enterprise Risk Management
Host: Prasad Kodali, Head of Operational Risk, CIT GROUP
• Roundtable 11: Convergence of operational and cyber risk
Host: Shelly Martin, Vice President Operational Risk, STATE STREET
• Roundtable 12: The impact of fintech and innovation on operational risk
Host: TBC
• Roundtable 13: 3LODs
Host: Mike Dempsey, Director, Financial Services Advisory, KPMG

5:30

CHAIR'S CLOSING REMARKS

5:35

Networking drinks reception- Hosted by EY

7:00

Private dinner- Invite only

June 21st, 2017

08:30

Registration and breakfast

09:05

CHAIR'S OPENING REMARKS

09:15

KEYNOTE ADDRESS: Cyber security challenges- a new era for regulation

Robert Phelps, OFFICE OF THE COMPTROLLER OF THE CURRENCY (OCC)

*Audience Q&A
Submit your questions via sli.do

09:50

PRESENTATION: Topic TBC

L3 TECHNOLOGIES

10:35

Lunch and networking break

11:05

PRESENTATION:The impact of cyber security breaches on business continuity

Janet Lerch, Chief Continuity and Technology Risk Officer, U.S. BANK

12:20

PANEL DISCUSSION: Cloud security

  • Evaluating cloud security threats: Loss or theft of intellectual property, Loss of control over end user actions
  • Investigating the risk of cloud services
  • The insider threat of Bring Your Own Cloud (BYOC)

Peter Keenan,Chief Information Security Officer (CISO), LAZARD
John Polis,
Chief Operating & Technology Officer, STAR MOUNTAIN CAPITAL

12:30:

Lunch and networking break

1:30

WAR GAMES: Responding to a cyber security breach

Simulation of 3 cyber breaches: phishing, malware and insider threat

  • Hierarchy of response- who are the 1st and 2nd responders?
  • How will C-level executives report back to the board?
  • The role of cyber risk practitioners to patch up the breach
  • Op risk managers and getting systems and servers back up
  • Evaluating reputational damage
  • Handling PR communications

2:10

SPOTLIGHT ON: Emerging cyber regulation- A second and third line of defense perspective

  • More prescriptive guidance
  • New paradigm for risk management and audit
  • Enhanced board and executive management expectations

Hugh Kominars, Vice President- IT Audit Director, STATE STREET
Sandip Biswas, STATE STREET


2:40

Afternoon coffee and networking break

3:00

CHAMPAGNE KEYNOTE ADDRESS: The role of AI, machine learning and big data in detecting risks: What the SEC is doing

Scott Bauguess, Acting Director and Acting Chief Economist, Office of the Director, U.S. SECURITIES AND EXCHANGE COMMISSION


3:30

ALL STAR PANEL: Redefining the 3 LODs across op risk and cyber risk

  • If 2LOD is supposed to be the police within the organization, is the 3LOD the judge?
  • How best should the 1LOD demonstrate their value to the businesses they support?
  • Ensuring the 1LOD and 2LOD safeguard information security
  • How to address the potential redundancy of testing across the 3LOD?
  • How much controls testing does the 2LOD execute? Does it vary for IT vs other control types?
  • How to enhance the communication between the 1st and the 2LOD for more effective op risk and cyber risk management?
  • Is it common to have a "1.5" LOD that links the risk management activities in the 1LOD with the 2LOD?
  • Do we need a 4LOD?

Moderator: Tom Osborn, Editor, Risk Management, RISK.NET
Carrie M. Barranca,
Head of Audit, Operational Risk, STANDARD CHARTERED
Glenn H. Hursh, Managing Director, KPMG
Don Anderson Jr.,
Senior Vice President & CIO, FEDERAL RESERVE BANK OF BOSTON

*Audience Q&A
Submit your questions via sli.do

4:15

GUEST ADDRESS: The FBI on Wall Street - The 1LOD perspective for compliance and operational risk

The inside story of "Tipper X" - how a former hedge fund analyst became one of the most prolific FBI informants in securities fraud history

Tom Hardin (Tipper X), The FBI's most productive cooperating witness in Operation Perfect Hedge

*Audience Q&A
Submit your questions via sli.do

4:45

CHAIR'S CLOSING REMARKS

4:50

End of Cyber Risk North America

 

>> Follow this link to view our speaker profiles

Follow program updates on Twitter #CyberRiskNA

For updates or to discuss speaking opportunities please contact Genevieve Furtado:

 

DOWNLOAD THE AGENDA