Main Conference Program 2017

June 20th, 2017

08:00

Registration and refreshments

08:50

CHAIR'S WELCOME REMARKS

Jack Freund, ‎Senior Manager, Cyber Risk, TIAA

*Interactive Audience Poll via Sli.do
Vote live to generate real-time content #CYBERRISKNSA

8:55

KEYNOTE ADDRESS: Cyber risk - a clear and present danger

James Brenneman, Assistant to the Special Agent in Charge, US SECRET SERVICE

9:25

REGULATORY KEYNOTE ADDRESS: Regulations, compliance and cyber risk management

Don Anderson Jr., Senior Vice President & CIO, FEDERAL RESERVE BANK OF BOSTON

9:55

KEYNOTE ADDRESS:The buy-side perspective: Cyber security risk identification and management

  • Cyber security response protocols
  • Emerging cyber threats: evaluating their magnitude and complexity
  • How to reverse stress test for cyber security

Robert Rupp, Executive Vice President and Chief Risk Officer, THE HARTFORD

10:25

CISO PANEL: Preventing another banking network attack

  • How can banks avoid phishing and malware?
  • Which payments systems are likely to be targeted next and how to prepare for it
  • Regulatory probe into vulnerabilities, processes, encryption and technological controls
  • Evaluating remediation plans?
  • What metrics and data should be presented to the board/senior management?

Moderator: Jack Freund, ‎Senior Manager, Cyber Risk, TIAA
Michael Leking,
Business Information Security Officer, U.S. BANK
Peter Keenan,
Chief Information Security Officer (CISO), LAZARD
Howard Whyte,
Chief Information Security Officer (CISO), FEDERAL DEPOSIT INSURANCE CORPORATION (FDIC)
Rich Richard,
Cyber Security Advisor, DEPARTMENT OF HOMELAND SECURITY (DHS)

11:10

Morning coffee and networking break

11:40

PANEL DISCUSSION: Quantifying cyber risk exposure

  • Using factor analysis of information risk (Fair) VAR model for quantification and analysis
  • Putting a price tag on enterprise-wide loss exposure
  • Justifying the value of cybersecurity to management and the board

Moderator: Robert Paolino, Former Chief Risk Officer, FORMERLY BANK OF TOKYO-MITSUBISHI UFJ
Nick Sanna,
CEO, TIAA
Jack Jones,
EVP Research & Development, RISKLENS
Evan Wheeler,
Director, Information Risk Management, MUFG UNION BANK

12:20

PANEL DISCUSSION:Measuring the impact of cyber security breach and managing cyber risk

  • The cost of business interruption
  • Reputational damage and legal costs associate with theft of customer information
  • The growing trend of cyber liability insurance
  • Building robust business continuity and disaster recovery plans
  • What type of data is needed for managing this risk?

Moderator: Robert Paolino, Former Chief Risk Officer, FORMERLY BANK OF TOKYO-MITSUBISHI UFJ
Ryan E. Bateman,
Director- Technology, SANDS CAPITAL MANAGEMENT
Thomas A. Fuhrman,
Managing Director, Cyber Security Consulting and Advisory Services, MARSH
Viktor Grinberg,
Head of Compliance and Regulatory Technology, US, DEUTSCHE BANK

1:00

Lunch and networking break

2:00

PRESENTATION: Changing threat landscapes and new technology outlook

  • Identify today's cyber attack vectors, from IoT devices and insider threat to third-party service providers and cloud platforms
  • Evaluate applications of machine learning and AI technologies to advanced cyber defense
  • Discuss prioritization and visualization of threats as a tool for better resource allocation and lower risk
  • Examine real-world examples of detected threats that routinely bypass traditional controls

Nicole Eagan, CEO, DARKTRACE

2:35

LIVE INTERVIEW: Cyber as a subset of operational risk

  • Can information security use the same op risk framework?
  • Will existing taxonomies and risk registers used to classify op risk losses suffice?
  • Moving away from unsupported legacy systems to established taxonomies that bridge the gap between technology specialists and risk professionals

Moderator: Shelly Martin, Vice President Operational Risk, STATE STREET
Ivan Pooran,
Head of Operational Risk, GUARDIAN LIFE
Mandar Rege,
Senior Vice President, Global Head Enterprise Technology Risk Management, TD BANK

3:05

Afternoon coffee and networking break

3:35

ALL-STAR PANEL: The "new normal": Convergence of operational and cyber security risk

  • Expanding operational risk to include cyber security risks
  • Revamping the ERM strategy: How can aligning fraud, IT, cyber security and operational risk management help join the dots?
  • Updating the three lines of defence to align board-level risk appetite
  • Crossing silos to foster knowledge sharing and cooperation

Moderator: Joshua Kotok, CFE, CISA, Chief Risk and Compliance Officer, FIRST SAVINGS
John J. Doherty, Partner, Information Technology Advisory Services, EY
Beth Rudofker, Global Head of Operational Risk Management, CITI
Brian Tierney, Managing Director - US Head of Operational Risk, RBC
Deborah Hrvatin, ‎
Managing Director, Head of Operational Risk Management Americas, DEUTSCHE BANK

*Audience Q&A
Submit your questions via sli.do

4:45

CHAMPAGNE ROUNDTABLES: Bring your questions, leave with your answers!

From session to roundtable- Take the day's most contentious issues and fully engage with your peers in small interactive roundtable discussions to drill down, best practice share and take away diverse approaches to the same challenge from your fellow industry peers.

Roundtable 1: Regulation
Host: Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA
Roundtable 2: AML and fraud
Host: Lester Joseph, SVP, Manager Global Financial Crimes Intelligence Group, WELLS FARGO
Roundtable 3: Cyber risk and data security
Host: Ryan E. Bateman, Director- Technology, SANDS CAPITAL MANAGEMENT
• Roundtable 4: Geopolitical risks
Host: Ivan Pooran, Head of Operational Risk, GUARDIAN LIFE
Roundtable 5: Outsourcing
Host: Deborah Hrvatin, ‎Managing Director, Head of Operational Risk Management Americas, DEUTSCHE BANK
Roundtable 6: Conduct risk
Host: Jitendra Rathod, Senior Examiner, FEDERAL DEPOSIT INSURANCE CORPORATION (FDIC)
Roundtable 7: Organisational change
Host: Dolores (Lori) Miller, Managing Director, Head of Operational Risk, Investments, AIG
Roundtable 8: Measuring risk and security metrics
Host: Jack Jones, EVP Research & Development, RISKLENS
Roundtable 9: ORM to ERM: OpRisk management concepts portable to Enterprise Risk Management
Host: Prasad Kodali, Head of Operational Risk, CIT GROUP
Roundtable 10: Convergence of operational and cyber risk
Host: Shelly Martin, Vice President Operational Risk, STATE STREET
Roundtable 11: The impact of fintech and innovation on operational risk
Host: Jeffrey M. Bandman, Founding Director, LabCFTC; Special Counsel to the Chairman, FinTech Advisor, U.S. COMMODITY FUTURES TRADING COMMISSION
Roundtable 12: 3LODs
Host: Mike Dempsey, Director, Financial Services Advisory, KPMG

5:30

CHAIR'S CLOSING REMARKS

Alexander Campbell, Divisional Content Editor, RISK.NET

5:35

Networking drinks reception- Hosted by EY

7:00

Private dinner- Invite only

June 21st, 2017

08:30

Registration and breakfast

09:05

CHAIR'S OPENING REMARKS

Gideon Pell, Adjunct Faculty, UNIVERSITY OF CONNECTICUT SCHOOL OF BUSINESS

09:15

KEYNOTE ADDRESS: Cyber security challenges- a new era for regulation

Robert Phelps, Director Critical Infrastructure Policy, OFFICE OF THE COMPTROLLER OF THE CURRENCY (OCC)

*Audience Q&A
Submit your questions via sli.do

09:50

PRESENTATION: Beneath the surface

John Gelinne, Managing Director, Cyber Risk Services, DELOITTE

10:35

Morning networking break

11:05

PRESENTATION:Quantifying Cyber Security Risk - IT'S TIME!

Joe Portale, Solutions Architect - Cyber Security, L3 TECHNOLOGIES

11:45

PANEL DISCUSSION: Cloud security

  • Evaluating cloud security threats: Loss or theft of intellectual property, Loss of control over end user actions
  • Investigating the risk of cloud services
  • The insider threat of Bring Your Own Cloud (BYOC)

Moderator: Gideon Pell, Adjunct Faculty, UNIVERSITY OF CONNECTICUT SCHOOL OF BUSINESS
Peter Keenan,
Chief Information Security Officer (CISO), LAZARD
John Polis,
Chief Operating & Technology Officer, STAR MOUNTAIN CAPITAL
Sheldon Cuffie,
CISSP, VP & Chief Information Security Officer, NORTHWESTERN MUTUAL

12:30

Lunch and networking break

1:30

WAR GAMES: Responding to a cyber security breach

Simulation of 3 cyber breaches: phishing, malware and insider threat

  • Hierarchy of response- who are the 1st and 2nd responders?
  • How will C-level executives report back to the board?
  • The role of cyber risk practitioners to patch up the breach
  • Op risk managers and getting systems and servers back up
  • Evaluating reputational damage
  • Handling PR communications

2:10

SPOTLIGHT ON: Emerging cyber regulation- A second and third line of defense perspective

  • More prescriptive guidance
  • New paradigm for risk management and audit
  • Enhanced board and executive management expectations

Hugh Kominars, Vice President- IT Audit Director, STATE STREET
Sandip Biswas,
Vice President, Senior Business Technology Risk Officer, STATE STREET


2:40

Afternoon coffee and networking break

3:10

CHAMPAGNE KEYNOTE ADDRESS: The role of AI, machine learning and big data in detecting risks: What the SEC is doing

Scott Bauguess, Acting Director and Acting Chief Economist, Office of the Director, U.S. SECURITIES AND EXCHANGE COMMISSION


3:45

ALL STAR PANEL: Redefining the 3 LODs across op risk and cyber risk

  • If 2LOD is supposed to be the police within the organization, is the 3LOD the judge?
  • How best should the 1LOD demonstrate their value to the businesses they support?
  • Ensuring the 1LOD and 2LOD safeguard information security
  • How to address the potential redundancy of testing across the 3LOD?
  • How much controls testing does the 2LOD execute? Does it vary for IT vs other control types?
  • How to enhance the communication between the 1st and the 2LOD for more effective op risk and cyber risk management?
  • Is it common to have a "1.5" LOD that links the risk management activities in the 1LOD with the 2LOD?
  • Do we need a 4LOD?

Moderator: Craig Spielmann, Former Global Head of Enterprise Risk Management Strategy, FIRST DATA
Carrie M. Barranca,
Head of Audit, Operational Risk, STANDARD CHARTERED
Rock Rockefeller, Director, KPMG
Don Anderson Jr.,
Senior Vice President & CIO, FEDERAL RESERVE BANK OF BOSTON

*Audience Q&A
Submit your questions via sli.do

4:30

GUEST ADDRESS: The FBI on Wall Street - The 1LOD perspective for compliance and operational risk

The inside story of "Tipper X" - how a former hedge fund analyst became one of the most prolific FBI informants in securities fraud history

Tom Hardin (Tipper X), The FBI's most productive cooperating witness in Operation Perfect Hedge

*Audience Q&A
Submit your questions via sli.do

5:00

CHAIR'S CLOSING REMARKS

5:05

End of Cyber Risk North America

 

>> Follow this link to view our speaker profiles

Follow program updates on Twitter #CyberRiskNA

For updates or to discuss speaking opportunities please contact Genevieve Furtado: