↓ Agenda Key
Visionary speaker presents to entire audience on key issues, challenges and business opportunities
Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.
Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics
Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.
Solution provider-led session giving high-level overview of opportunities
Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.
End user-led session in boardroom style, focusing on best practices
Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.
Interactive session led by a moderator, focused on industry issue
Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.
Overview of recent project successes and failures
Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.
Discussion of business drivers within a particular industry area
Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.
Analyst Q&A Session
Moderator-led coverage of the latest industry research
Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.
Several brief, pointed overviews of the newest solutions and services
Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.
Pre-determined, one-on-one interaction revolving around solutions of interest
Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.
Open Forum Luncheon
Informal discussions on pre-determined topics
Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.
Unique activities at once relaxing, enjoyable and productive
Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.
3:00 pm - 4:30 pm
4:30 pm - 6:00 pm
6:00 pm - 7:00 pm
7:00 pm - 8:30 pm
8:30 pm - 10:00 pm
7:00 am - 7:55 am
8:00 am - 8:10 am
8:10 am - 8:40 am
As more businesses undergo a digital transformation, and as those digital transformations become more ingrained into organizational culture, Digital becomes not something unique and different from the business, but a core component of every aspect of the business. As this shift occurs, IT itself faces the very real possibility of no longer being something unique from the business, but instead a component of every aspect of the business. In this world, what role then exists for the CIO? Two clear paths are presenting themselves " one leads to a focus on infrastructure and integration, to keeping the lights on for the digital innovators, while the other leads to information and innovation itself. Knowing what path to choose, how to choose it, and how to see it through will be one of the greatest challenges CIOs of this era will face.
8:45 am - 9:15 am
While Information Security has existed for decades, Enterprise Risk Management (ERM), as a formal and holistic practice, is much newer yet already has taken pre-eminence over its forebear. What is the CISO, who in many ways has toiled in invisibility, infamy, or ignominy to do when faced with the issue of being supplanted by the Chief Risk Officer, just as enterprise demand for and focus on security has reached all-time heights? Savvy CISOs will recognize this new, broader need for holistic visibility into, and management of, overall enterprise risk and will position themselves for success by looking beyond traditional information security boundaries and engaging business partners around all enterprise risk.
9:20 am - 9:45 am
Cloud delivered computing services, whether Software, Platform, or Infrastructure as a Service offer the potential of significant business advantages such as reduced cost and increased flexibility. These advantages however come with very real risks, chief among them security concerns and the risk of data and compliance breaches " how do you secure what you can't see, touch, and control? Join the conversation as we explore both the security and compliance issues inherent in Cloud deployments, look at the hidden issues that first time Cloud adopters may simply not be aware of, and discuss through solutions that can be used to address these challenges and allow enterprises to fully and firmly embrace the Cloud.
9:50 am - 10:15 am
When it comes to implementing network security infrastructure there are two schools of thought: use best-of-breed point solutions, or go with all round consolidated platforms. Pros and cons abound for either approach revolving around varying levels of protection, integration, and administrative overhead but the increasing complexity of current security infrastructure is showing a winning approach. Even though consolidated solutions may offer greater benefits in the long run, no one exists in a green-field situation when it comes to network and infrastructure security so careful planning is required to ensure the necessary protection.
The European General Data Protection Regulation is a reality and effects any organization with an office in the EU or any organization processing personal data of data subjects residing in the EU. Potential penalties for not complying include fines of up to 4% global annual turnover. Many CIOs have yet to realize the restrictions there will be for using privacy data to big data analysis. CISOs around the globe are asking how will it affect my organisation's security requirements and what do I need to do to comply? In this session the main regulation's content and key challenges will be illustrated an then there will some practical tips on where to start this journey, from a control, organisational and process perspective.
10:20 am - 10:30 am
10:35 am - 11:00 am
There's no other way to say it than bluntly; Information Security is a white-hot field within Information Technology as a whole " over the last dozen years it has gone from after-thought, to scapegoat, to critical enterprise success factor. As a result, the need for capable and qualified Information Security specialists, whether front-line Analysts, mid-level Managers, or top level CISOs is at an all time high, but personnel and skills availability is sinking to an all-time (at least in terms of supply and demand ratio) low. There simply isn't enough expertise in existence to go around, or enough education occurring to create it. In this environment, senior Information Security leaders have to get creative in their pursuit of the people, performance, and passion necessary to address this capability shortfall.
Data volume, data variety, and data velocity have all grown exponentially over the last few years, the so-called Big Data explosion. And while this increased organizational focus on data, the information it contains, and the insights that can be gleaned from it promises tremendous opportunity, that opportunity isn't achieved without overcoming significant challenges. Whether it be the increased need for better data quality (an issue unresolved from the small data days), more efficient and effective data management, answering questions around data ownership vs. stewardship, or even increased regulatory pressure as a result of data security and data privacy, this increased focus on data has created an increased need for Data Governance. Join our panelists as we discuss the thorny issue of Data Governance: what it is, how it works, why you need it, and who should be responsible for it.
11:05 am - 11:30 am
Of the four disruptive technologies, Cloud and Big Data are the two most top of mind for CIOs, the former because it has the potential to enhance agility and productivity while enabling efficiencies and reducing costs and the latter because it derives insights that drive competitive advantage and increases revenues. As the two continue to grow in relevance and importance to enterprise IT, and indeed to the enterprise as whole, it is only natural that they begin to intersect with the cloud becoming the optimal platform for the delivery of Big Data capabilities, either in-house through the use of IaaS/PaaS or out-of-house through SaaS or Analytics as a Service. IT departments and the CIOs that lead them then need to look to their Big Data and Cloud strategies and determine how best to align them to leverage the advantages where the whole is greater than the sum of the parts.
11:35 am - 12:00 pm
From a technology standpoint, as a society the world of business has gone through two distinct stages in the evolution of its information security focus. The first addressed network based protection and preventative controls such as firewalls and anti-malware. The second looked at data-centric and detective controls such as encryption and intrusion/extrusion monitoring. Since breaches continue to occur at a record pace, what is need new is clearly a new evolution, one that pushes towards individual focused security through granular user monitoring and management as provided by solutions such as Identity and Access Management. While IAM isn't a new technology field, it is one whose time has come and CISO need to begin investing in modern-day, light-weight, easy to implement IAM solutions now to stay ahead of the curve, and reduce enterprise threats.
The breach onslaught demonstrates that existing security solutions are incapable of defending current threats
Enterprises need to begin looking at security from an activity perspective rather than an artifact perspective
IAM provides activity insight, and therefore threat awareness, no other platform can equal
The explosive growth of data volume and data variety that have characterized this new big data era are set to head in a steeper upward trajectory as IoT moves from being a fringe technology, to a mainstream capability. When a single Boeing 787 is able to capture 70Tb of data per flight from thousands of individual sensors throughout the vehicle, just imagine the data volume that can be captured when not just every plane, or even every vehicle, but every device and every individual is streaming a constant set of status information. Data growth by itself however is only a small portion of the story, as to have value this data must be analysed in essentially real-time in order to create actionable outcomes.
12:05 pm - 12:30 pm
Like death and taxes, IT outages are an inevitability whether as the result of power loss, telecommunications outage, or any one of a myriad other potential technical and non-technical issues. In this environment, the savvy CIO knows that what matters most is preparation " being ready for that next outage with an IT infrastructure that is both resilient and flexible and Disaster Recovery procedures that allow for efficient and effective recovery, balancing Recovery Time and Recovery Point objectives with appropriate cost. Disasters happen but with proper planning they don't have to be disastrous to your business.
Customer intimacy is an imperative for companies who are struggling with increasing commoditization of goods and services and an explosive growth in the channels of engagement. Digital organizations have a head start and have disrupted traditional customer interfaces to gain competitive advantage. As a result, organizations across industries are now exploring ways to energize the customer experience and fill the digital gap. This session will present practical ways in which leaders in digital customer experience are leveraging Big Data to harvest customer insights, create new business applications and enable digital transformation within sales and marketing.
12:35 pm - 1:20 pm
1:25 pm - 1:50 pm
In todays environment there can be no arguing that a comprehensive IT Security program is a de facto requirement for every organization. Such a program needs to address the full range of security threats that can be leveraged against an organization, needs to be integrated into whatever regulatory and governance requirements exist, but beyond that it needs to be accessible, consumable, and actionable by everyone that is influenced by it, or interacts with it. Building a program that is shared through social channels and relies on the collaborative input of employees and constituents for not only creation but enforcement will drive higher levels of adoption, responsiveness and, ultimately, protection.
Data quality is one of the most critical issues facing every enterprise and whether data be duplicate, stale, incomplete, invalid, conflicting or just plain incorrect the impact of enterprise decision making and ultimately enterprise success and be significant and severe. As the number of data sources grows, as the speed with which data is collected and utilized increases, and as the raw volume expands almost exponentially, the impacts of poor data quality becomes more significant than ever before. IT executives must build strong data governance capabilities to ensure that enterprise data is kept unique, timely, complete, valid, consistent, and accurate.
1:55 pm - 2:20 pm
Best practice in most enterprises, at least as far as the CIO and CISO goes, is to squash Shadow IT wherever it is encountered. Shadow IT, the argument goes, leads to a world of data and integration problems for the IT department, and significant amounts of unknown and unquantifiable risk for the information security group. A small but vocal minority however is beginning to advocate for Shadow IT as a catalyst of innovation, citing the increases in productivity and creativity by allowing enterprise staff to find their own out of the box solutions to organizational problems. CISOs can allow their organizations to have their cake (Shadow IT) and eat it too (still be secure) by following a few simple steps that allow them to build in security regardless of user activity.
2:25 pm - 2:50 pm
The breadth and depth of security threats that are targeting the modern enterprise are bordering on overwhelming, but they're not alone as the breadth and depth of security solutions are also bordering on overwhelming. When security managers have to respond to alerts and warnings from dozens of security systems, and CISOs have to make strategic decisions based on fragmented data, it's hard to argue that security is improving. Security Information and Event Management (SIEM) platforms that aggregate the vast quantities of data, correlate diverse events, and filter the signal from the noise are allowing enterprises to get back ahead of the curve and make appropriate tactical and strategic decisions.
It has been said that leveraging Big Data is like looking for a needle in a haystack; that the challenge is finding the one piece of insight in the sea of irrelevant data. The truth is there is no irrelevant data just data without initial context or meaning, suggesting the problem in actuality is one of looking for a needle in a needle stack. Compounding this problem is that, to offer maximum value, these insights need to found as quickly as possible lest someone else find the relevance first and exploits the opportunity that goes along with it. IT Leaders need to focus not just on building the toolset that allow the business to find insights, but on building an insight pipeline that finds the relevance and feeds it to business peers.
2:55 pm - 3:20 pm
For many years the CIO, has struggled with the concept of IT-Business alignment and finding ways to ensure that the IT department and the Lines of Business with which it integrates have a common understanding and ability to communicate. Now, as the CISO and the information security department grow out of the IT shadow, they increasingly find themselves in the same position. Their challenge however is greater in that the concepts of IT security are in many ways more abstract than those of generalist IT, and their activities often run counter to the goals of the rest of the organization. CISOs must learn for the trials and tribulations of the CIO and the IT department, and find common ground with the business, to ensure they can hear what their partners are saying, while communicating their own points in understandable terms.
3:25 pm - 3:35 pm
3:40 pm - 4:05 pm
4:10 pm - 4:35 pm
Android represents the most common and most popular mobile device operating system and any businesses developing for an external audience absolutely must ensure that Android is a supported platform in the capabilities it offers. However, Android is also the most unsecure platform with as much as 95% of all mobile malware inexistence targeting that platform and so businesses that allow mobility within their organization must very carefully consider that threat before they allow Android devices to connect. Rationalizing that dichotomy of a device that will be common and popular amongst the workforce yet at the same time represents a dire threat to enterprise security is an issue that every CIO and CISO must address.
The discussion around the convergence of physical security and information security dates back over a decade, but though much was made of the concept in the early 2000's little was actually done and the buzz faded. Flash-forward to today however and the buzz is back because of the increased focus on holistic risk management, the increased pressure of greater compliance requirements, and the increased demand for every aspect of the business to be a value generator. CISOs and CIROs need to evaluate the opportunities for both technology convergence (streamlining platforms) and organizational convergence (streamlining roles) to meet new threat protections mandates.
4:40 pm - 5:20 pm
The role of the modern IT Executive is more complex than it has ever been before, not just because the technology landscape has become more complex, but also because increasingly IT execs have had to become a business-focused executive, not just a technologist. Long have we talked about the CIO and CISO getting a seat at the table but modern businesses are now demanding that their technology impresario join them and leverage his deep and rich technical acumen to allow the organization as a whole to better position itself for market-place success. To be successful, CxOs need to invest in themselves, in their personnel, and in the right technologies to allow them to position the IT department to proactively address business needs as an innovator and driver, rather than order-taker and enabler.
5:20 pm - 6:30 pm
6:30 pm - 8:00 pm
8:00 pm - 10:00 pm
7:00 am - 8:00 am
8:10 am - 8:40 am
It's no secret - the integration of disparate systems, disparate applications, and disparate data stores has long been one of the biggest challenges faced by the IT department. Simply put, getting everything to talk to everything is no easy task. The rapid adoption of cloud delivered services has compounded this problem almost exponentially - if it was hard to integrate when you controlled the whole stack it has become nearly impossible when you control very little of it. To be efficient and effective IT departments need to adopt a new model of system, application, and data integration. Endless webs of one-off point-to-point integrations simply won't cut it anymore and a purposeful, structured approach is required.
8:45 am - 9:15 am
Of all the risk management issues that present themselves to the modern-day CISO, perhaps the most difficult to address is that of privacy. In and of itself, privacy is no different a challenge than protecting any other sensitive information, however the multi-jurisdictional impacts of the issue due to wildly differing laws between the US and European countries (as well as Canada, another country with strong privacy laws) make this an issue that is often times overwhelming to address. CISOs must work diligently to ensure that their privacy efforts conform with the standards of any jurisdiction with which they might work, where their data might be held and this is an almost overwhelming task.
9:20 am - 9:45 am
Volume, variety, velocity, veracity; all four of the hallmarks of Big Data have a clear fit in the world of security as the number of threats grows, their natures diverge, the speed with they are encountered (and subsequently have to be dealt with) accelerates, and the need to be ever more accurate enhances. As enterprises have made significant investments in Big Data programs and analytics platforms, they are beginning to reap real benefits in terms of business efficiency and innovation. The time then has come to begin applying those same principles and platforms to the security challenges facing enterprises to allow for faster, more effective overall security.
9:50 am - 10:15 am
Building security into your enterprise processes, and integrating it with your existing technology investments has never been more critical or complicated than it is in this era of decentralized computing, and ever-tightening compliance requirements. Furthering this complication is the impact that partnering deals can have since infrastructure, applications, and even data may now longer be under your direct control. To be able to ensure efficient and effective security capabilities you need to understand the nature of the threats that exist today, the impact a sourcing relationship can have on these threats, and the mitigation strategies and tools key industry leaders are using to address the challenge.
Data quality has long been one of the most challenging issues that IT organizations and the enterprises that are hoe to them have had to deal with. Everyone knows that these data quality issues exist, but the cost and complication of addressing them has pushed them to the back burner. We stand however at a precipice, one that has been brought on us by mobile computing " as more devices enter the hands of more users, more data is being created and consumed, making the data quality issue more pressing, more relevant, and more urgent to solve. IT leaders can no longer ignore data quality issues for the good of their companies and the good of their careers and need to bring this issue to the fore and get it resolved before the avalanche sweeps them under.
10:20 am - 10:30 am
10:35 am - 11:00 am
As with all things in life, the focus on how to conduct enterprise security ebbs and flows between varying degrees of reactivity and proactivity. In the old school Security 1.0 world, where the focus was almost completely on network security, efforts were in general proactive in nature with firewalls and anti-malware seeking to prevent threats before they even occurred. This didn't work so well and so Security 2.0 focused on reactivity, wrapping things like encryption around the data so that even if a breach occurred, the loss would be mitigated. Yet breaches, and losses, continue to occur. So if primarily proactive security doesn't work, and if primarily reactive security also doesn't work, how then do we find the right balance between the two to find a security posture that does work?
The explosive growth of data volume and data variety that have characterized this new Big Data era are set to head in a steeper upward trajectory as enterprises collectively begin to exploit the massive data flows that are coming out of mobile devices. As the volume of mobile devices eclipses that of human beings on the planet, just imagine the data volume that can be captured when every device and every individual is streaming a constant set of contextual status information. Data growth by itself however is only a small portion of the story, as to have value this data must be analysed in essentially real-time in order to create actionable outcomes.
11:05 am - 11:30 am
While the combination of Social, Mobile, Analytics, and Cloud have been present and disrupting IT departments and enterprises as a whole for over two years now, in many ways organizations have still not fully embraced them, have still not fully leveraged them. These new platforms allow organizations radically new ways to go to market, allowing for broad scale deployment of systems of engagement that create dynamic relationships with clients and prospects. Finding the resources, wherewithal, and ability to fully commit to these technologies and the capabilities they create has proven to be a struggle for many, but a struggle that can be overcome by leveraging the right partners that bring the right skills and experiences to bear.
Since regulatory (and industry) compliance became a notable thing in the early-mid 2000's it has been intimately linked with information security and often times has been the lever (or hammer) by which enterprises made necessary investments in security. But being compliant and being secure aren't the same thing, and in too many cases enterprises that were perfectly compliant have been perfectly breached. A new focus is needed; one that respects that while security and compliance are not the same thing, they are working towards the same goal (a reduction in overall enterprise risk exposure) and sees that compliance flows from security.
11:35 am - 12:15 pm
The importance technology plays within an enterprise will only continue to gain momentum as more developers, engineers, and programmers enter the workforce. As these segments continue to grow, so does the diversity of the workforce within the technology field. For a field that is severely constrained by a talent and skills gap, this influx of bodies can only be a good thing. Beyond the basic ability to deliver of identified capabilities a diverse workforce, whether cultural or gender influenced offers a whole that is more than the sum of the parts. Finding ways to drive and increase diversity in IT then should be a key focus for every IT executive.
12:15 pm - 12:25 pm
12:30 pm - 1:20 pm