EVENT
CIO Boston Summit | April 26, 2018 | Omni Parker House - Boston, MA, USA
agenda
Download Agenda (PDF)↓ Agenda Key
Keynote Presentation
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Executive Visions
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Thought Leadership
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
Think Tank
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Roundtable
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Case Study
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Focus Group
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session 
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Vendor Showcase
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Executive Exchange
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Networking Session
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
Thursday, April 26, 2018 - CIO Boston Summit
7:30 am - 8:10 am
Registration and Networking Breakfast
8:15 am - 8:25 am
Welcome Address and Opening Remarks 
Presented by:
Robert Knake, Senior Fellow for Cyber Policy, Council of Foreign Relations 
Madge Meyer, Former EVP, Chief Innovation Officer & Technology Fellow, State Street Corporation, Author, "The Innovator's Path"
8:25 am - 8:55 am
Keynote Presentation
Digital Transformation: A Journey Not a Destination
There are many forces that are driving companies to continue to transform how they do business. Technological advances such as IoT, AI, machine learning, virtual reality and augmented reality are creating demanding expectations from customers, employees and boards. Adding to the complexity of CIOs and CISOs is the increasing threats to the security of the data that is at the heart of digital transformation. This keynote presentation will focus on the realities that this transformation will never end and it is critical to implement both the mindset and processes to treat digital transformation as a journey...not a destination.
Takeaways:
- It is critical to realize that digital transformation will never end, but will always be unfolding.
- CIOs and CISOs must implement processes to ensure that not only their departments are forward thinking, but that their entire company is aware of what new technologies can bring to bear for customers and employees.
Presented by:
Matt Griffiths, Chief Information Officer, Stanley Black & Decker Industrial
9:00 am - 9:30 am
Keynote Presentation
Case Studies in Digital Transformation: Learnings Along the Journey
We will explore key learnings from various industries and verticals on the good, the bad and the ugly of digital transformation. We will have an opportunity to not only be exposed to successful use cases, but also ask the hard questions behind those successes.
Takeaways:
- One of the best ways to learn is to hear the stories of success (and failure) from companies similar to yours.
- Asking questions of HOW the journey unfolded are just as important as the end result.
Sponsored by:
IBM
Jason LaSacola, Senior Certified Architect, Member of IBM Academy of Technology, Innovation Leader, IBM
9:35 am - 10:00 am
Executive Exchange
Thought Leadership
Charting AI's Rise as Cybersecurity's Force Multiplier
It has never been easier for bad actors to build and deliver malicious software. Today's world of coders-for-hire and software-as-a-service has made malware an exponentially growing issue, and CISOs are racing to keep up. Against these challenges, Artificial Intelligence has emerged as a tool that could turn the tide for resource-constrained security programs. This session will trace the history of AI and machine learning, and explore how artificial neural networks can operate as part of security operations.
Sponsored by:
Fortinet
Keith Rayle, Senior Security Strategist, Fortinet
10:05 am - 10:30 am
Executive Exchange
Think Tank
Is Human Intervention Required?
The rage against machine intelligence (AI) has begun. It is fueled by significant changes in technology automation in an attempt to transform to a data-driven, digital business while data and analytics leaders presses ahead at full speed.
- What are the critical competencies, new roles and responsibilities emerging thanks to the rise of machine intelligence?
- What skills need to be developed?
- What functional areas must advance?
Presented by:
Jin Chun, Head of Cognitive Computing, IT Fellow, Fidelity Investments
Think Tank
Planning for a Multi-Cloud Future
The promise of the cloud is almost beyond compare รข?" infinite computing resources, unmatched reliability and uptime, instantaneous service availability, simplistic self-service and provisioning, and the low-low prices of a buy-by-the-drink model. These are the reasons behind the rush to the cloud that we are currently experiencing. However, the wholesale adoption does bring a downside as more and more capability is moved to the cloud. Also, more and more cloud providers are utilized since, and for the most part, each provider offers only a limited suite of services. The multi-cloud environment creates a new set of challenges that IT leaders need to overcome such as resiliency, interoperability/integration, and security and compliance through careful planning and the lessons learned from building complex on premise distributed systems.
Takeaways:
- As enterprises move to the cloud, multi-cloud environments will increasingly become the norm, not the exception.
- Consistent planning and thoughtful architecture will be essential to efficient and effective cloud deployments.
Presented by:
Gene Glekel, VP IT, Cresa
10:30 am - 10:40 am
Morning Networking Coffee Break
10:45 am - 11:10 am
Executive Exchange
Thought Leadership
Identity: The Good, The Bad and The Ugly (Boy Is It Ugly)
In a world where breaches are so common that we don't even talk about them, its time to change the way we think about identities and consider risk as part of the decision process. Come join the conversation around the concept of a new method of Authentication and Access based on risk.
Sponsored by:
RSA
James Mandelbaum, Identity Architect, RSA
11:15 am - 11:40 am
Executive Exchange
Executive Boardroom 
The Five Secrets to Security Awareness Success
So, you're ready to move beyond simple 'box checking' and to actually change hearts, minds, and behavior patterns. You know that it is the right thing to do for your organization and are looking forward to the positive results. The sticking point, however, is that - like most security leaders - you probably don't exactly know how you are going to make it happen. This session will help kick-start the process of creating a solid plan and foundation to achieve a game changing level of security awareness and behavior transformation.
Key takeaways include:
- How to achieve buy-in through relevant goal setting
- Working within the organizational culture
- Leveraging behavior management principles
Sponsored by:
KnowBe4, Inc
Perry Carpenter, Chief Evangelist and Strategy Officer, KnowBe4, Inc
Executive Boardroom
Year of the Defender - Cybersecurity Predictions for 2018
Cybersecurity dominated the news cycle in 2017. There were headlines about viral ransomware, global destructive wipers posing as ransomware, leaks of spy tools from U.S. intelligence agencies, and breaches at major companies.
What does 2018 hold in store for the defenders? Come discuss the largest security trends Cybereason researchers have identified for 2018.
Sponsored by:
Cybereason
Jessica Stanford, Director, Product Marketing, Cybereason, Cybereason
11:45 am - 12:10 pm
Executive Exchange
Executive Boardroom
There's an App for That. Unleashing The Possibilities of Mobile-Cloud World...Securely
There's an app for everything these days. And a cloud service behind the scenes. From approving expenses in the grocery store line to looking up key customer information in the field, employees are more productive than ever in today's mobile-cloud world. Yet it also means there's data everywhere - on devices, in transit and in the cloud. CISOs face the challenge of crafting a security strategy that protects this data no matter where the data is. This discussion will explore how organizations are using mobile-cloud apps throughout the business, risks created through mobile-cloud technologies and best practices for keeping related data secure.
Sponsored by:
MobileIron
Jeff Jones, VP Strategic Initiatives, MobileIron
12:15 pm - 1:25 pm
Working Lunch & Panel
CIOs/CISOs as the Consummate Communicator
Digital transformation is changing how you equip your employees and how your company interacts with customers. It is also changing the role of the CIO and CISO to be a business leader and internal sales leader for transformation. CIOs are now responsible for communicating strategies and recommendations to CxOs, boards and key stakeholders within a company. Join us, during lunch, for a passionate panel discussion with your peers as they share how they are successfully communicating internally to accomplish the company's goals.
Takeaways:
- CIOs must be great communicators, not only with their teams, but the rest of the organization.
- CIOs must learn the best ways to communicate clarity and urgency with boards and CXOs.
Moderated by:
Madge Meyer, Former EVP, Chief Innovation Officer & Technology Fellow, State Street Corporation, Author, "The Innovator's Path"
Panelists:
Jin Chun, Head of Cognitive Computing, IT Fellow, Fidelity Investments
John Campbell, CIO - Partners Continuing Care, Partners Healthcare System, Inc.
Wendy Cofran, Chief Information Officer, Natick Visiting Nurse Association
Matt Griffiths, Chief Information Officer, Stanley Black & Decker Industrial
1:30 pm - 1:55 pm
Solutions Spotlight
Deep dives into the latest and greatest technology solutions to today's business problems.
2:00 pm - 2:25 pm
Executive Exchange
Think Tank
Which Third Party Do You Trust?
It is not a matter of if, but a matter of when. Organizations, more and more, and are outsourcing business activities to 3rd-parties because of cost-savings, revenue opportunities, expertise, etc. Thus, collaborating with our business partners early to select the right third-party vendor(s) with the appropriate security posture is essential, especially for vendors hosting, processing and/or transmitting sensitive/regulatory information, or having access to our IT assets.
Takeaways:
- Regardless of the reasons, outsourcing some business functions to a 3rd party seems inevitable in today's world.
- It is critical to have a proper vetting procedure of third parties before engaging them as business partners who have access to company systems and data.
Presented by:
John Campbell, CIO - Partners Continuing Care, Partners Healthcare System, Inc.
Think Tank
The Importance of Engaging CISOs in Digital Transformation
Nowadays, global companies seek to drive responsible innovations and earn the trust of customers, partners, and employees. But in the interconnected digitized world, never has that challenge been more difficult. With 160,000 employees across 100+ countries, Schneider Electric, a leading energy management expert that takes ?digital? seriously, has created a solution that enables responsible and sustainable innovation practices and embeds privacy and security into hundreds of applications on a global scale. The talk aims to share how Schneider Electric transformed cybersecurity and compliance, which are usually perceived as a cost, into value for the business and its employees and customers alike. Beyond sharing how the company successfully delivered a global application security and compliance framework, the talk equips the audience with actionable strategies that empower them to create strong, responsible innovations in their own companies as well.
Presented by:
Ilya Kabanov, Global Director- Digital Architecture, Schneider Electric
2:30 pm - 2:55 pm
Executive Exchange
Thought Leadership
Knowing Is Half the Battle - Protecting Applications & Their Sensitive Data
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality - not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
A real-time, embedded solution like Prevoty's runtime application self-protection RASP changes the game completely. Prevoty places an automated security mechanism at the front of the line - directly in the application's operating environment - to immediately lower risk and act as a compensating control at runtime.
As such, Prevoty-enabled enterprises see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Prevoty RASP detects live production attacks and generates real-time security event longs and reports. Security teams can then correlate pre production vulnerability scan results with Prevoty's runtime attack logs to go back, remediate based on actual risk - not just hypothetical threats. The result? Improved forensics.
Sponsored by:
Prevoty, Inc.
Kunal Anand, CTO, Prevoty, Inc.
3:00 pm - 3:25 pm
Executive Exchange
Think Tank
CISO's Got Talent: Finding, Growing & Retaining the Best People
While new technology and solutions can help CISOs make more, faster and better decisions for an organization, nothing will take the place of a highly talented workforce. CISOs need to be great recruiters of talent, but even more importantly growing the skills and capabilities of their team providing engaging and challenging opportunities for people. Competitive compensation is important for retaining great talent but so is a work environment where individual growth and development are front of mind and not an after thought.
Takeaways:
- Highly skilled employees want an environment where they can grow their skills and feel appropriately challenged.
- Finding the best people, inside and outside of your company, and then providing a path to individual excellence is a key responsibility of CIOs.
Presented by:
Alex Cunningham, Chief Information Security Officer, Commonwealth Financial Network
Think Tank
The Wait Is Over: GDPR is Finally Here
In just a month, the new General Data Protection Regulation (GDPR) will take effect. It will have an impact on over twenty-eight million companies on how they store, process, and track personal data from customers and employees. This session will explore what you need to know about GDPR and data privacy.
- What are the consequences of GDPR on the processing and management of data?
- How it will impact businesses on a practical level?
Presented by:
Navid Atoofi, Global Director of Data Governance and GDPR Lead, Schneider Electric
3:25 pm - 3:35 pm
Afternoon Networking Coffee Break
3:40 pm - 4:05 pm
Executive Exchange
Think Tank
Disrupt or Be Disrupted: The Digital Transformation Journey Has No Parking Lots
The seemingly ever expanding cadre of technological tools available to incumbent industry leaders are also available to myriad start-ups. Start-ups are using these new technologies to disrupt industries of all types, changing how customers think about tried and true industries. Disruption is found on every corner and it is critical for CIOs to lead their organizations in a way that make them as nimble as their competitors.
Takeaways:
- Technology enables companies, especially start-ups with no legacy infrastructure, to disrupt industries overnight.
- CIOs need to lead their companies in ways that disrupt before they are disrupted by others.
Presented by:
Madge Meyer, Former EVP, Chief Innovation Officer & Technology Fellow, State Street Corporation, Author, "The Innovator's Path"
4:10 pm - 4:35 pm
Executive Exchange
Think Tank
Which
It is not a matter of if, but a matter of when. Organizations, more and more, and are outsourcing business activities to third parties because of cost-savings, revenue opportunities, expertise, etc. Thus, collaborating with our business partners early to select the right third-party vendor(s) with the appropriate security posture is essential, especially for vendors hosting, processing and/or transmitting sensitive/regulatory information, or having access to our IT assets.
Takeaways:
- Regardless of the reasons, outsourcing some business functions to a third party seems inevitable in today's world.
- It is critical to have a proper vetting procedure of third parties before engaging them as business partners who have access to company systems and data.
Presented by:
Flora Sah, Former SVP COO Enterprise Risk Management, State Street
4:40 pm - 5:00 pm
What's the Next Stop On the Transformation Journey?
Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CISOs where common issues can be addressed and success stories can be shared.
Takeaways:
- Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you.
- Sharing stories of success (and failures) is not reserved to a one-day CISO Summit, but should be shared on a regular basis with your peers.
Panelists:
Madge Meyer, Former EVP, Chief Innovation Officer & Technology Fellow, State Street Corporation, Author, "The Innovator's Path"
Robert Knake, Senior Fellow for Cyber Policy, Council of Foreign Relations
Jean Scire, Former SVP Head IT Business Groups, Philips
5:00 pm - 6:30 pm