GENERATION CYBER:
THRIVING IN THE ERA OF CYBERCRIME

Cybersecurity isn't what it used to be. No longer a secret art practiced by a few underground criminals, cybercrime has become standard vocabulary in our lives. It's everywhere - in our board rooms, our workplaces and our homes. It's ambient, like the air we breathe. Despite its global impact, it is largely invisible due to our continued misunderstandings of cybercriminals, their motivations, and their tactics. We've entered the next era - the "New Age of Cybercrime" - where only the fittest will survive.

Join GreyCastle Security, nationally-recognized cybersecurity experts, and a global village of industry colleagues in a conversation about survival tactics, industry-specific trends, and the vast opportunities that exist in cybersecurity. Attendees will be presented with fresh perspectives and new tools for their survival kits.






&
A FIRESIDE TALK WITH
BRUCE SCHNEIER
REG HARNISH

Globally renowned security technologist Bruce Schneier will take the stage with GreyCastle Security's CEO Reg Harnish to discuss today's cybersecurity challenges and the innovative solutions that organizations are implementing.

AGENDA
7:30 AM
Registration
8:00 AM
Breakfast

8:45 AM
Introductions

Marissa Salzone, Marketing Manager, GreyCastle Security
Kathleen M. Jimino, Rensselaer County Executive

9:00 AM
Panel Discussion

Will Pelgrin, Former President, Center for Internet Security
Kris Cottom, CIO, HANYS
Ellen Yu, CIO, Union College
Kurt Bratten, Compliance Attorney, O'Connell & Aronowitz
Special Agent, Federal Bureau of Investigation Cyber Investigation Unit

10:00 AM
Breakout Session One

BUSINESS TRACK
Jon Briccetti, President and CEO, Troy Web Consulting
"Software Modernization Projects and Cybersecurity Risk"
In this session, we will look at the many reasons why organizations struggle with modernizing their systems and the risks associated with delaying upgrades. We'll discuss the advantages to taking these projects head on and strategies for getting it done - including how to get buy-in (and funding) from your cybersecurity program.

RISK AND COMPLANCE TRACK
F. Paul Greene, Partner and Chair of Privacy and Data Security Practice, Harter Secrest & Emery LLP
"Top 10 Legal Pitfalls to Avoid in Relation to a Data Breach"
This session distills over a decade of breach coaching experience in order to highlight the most common, and potentially destructive, legal pitfalls to avoid in relation to breach response. With thoughtful planning, your breach response plan can be calibrated not only to respond to and recover from a breach, but also ensure proper breach notification and protection of your organization in relation to regulatory investigations, the court of public opinion, and potential breach-related claims, whether B2B, class action, or otherwise.

TECHNICAL TRACK
Daniel Domkowski, Director of Product Management, Apprenda
"DevOps and Application Platform Security in the Enterprise"
In this session, we plan to talk about how a mature DevOps culture (based on world-renowned DevOps author, Gene Kim) can enable organizations to combine speed, automation, and security when deploying their applications to the cloud.

11:00 AM
Fireside Talk
Bruce Schneier, Globally Recognized Cybersecurity Expert
Reg Harnish, CEO, GreyCastle Security
12:00 PM
Lunch or VIP Lunch With Bruce Schneier
Additional Fees Apply for VIP Lunch
1:10 PM
Breakout Session Two

BUSINESS TRACK
Dr. Bertine McKenna, Healthcare Advisor and Former COO, Bassett Healthcare Network
"Healthcare and the Cybersecurity Scare: Taking Advantage of a Challenging Moment to Become a Leader"
Healthcare breaches and incidents have reached epic proportions. The dramatic increase in cybersecurity threats have put patient data and healthcare provider systems at greater risk than ever before. Attendees will learn from real cybersecurity stories and incidents from the prospective of an executive from an integration healthcare delivery system in New York. Join us to receive tips on what it takes to thrive in this new era of cybercrime.

RISK AND COMPLANCE TRACK
Chelsea Belmonte, Internal Audit Manager, CommerceHub
"SOC Reports: Gaining Comfort Over Your Vendors
Understanding the different SOC reports that vendors can provide to their customers as well as how to perform an in-depth review of those SOC reports is one way to gain comfort over the controls the vendor has in place around financial processing, security, availability, confidentiality, integrity and/or privacy. Join this session to learn about SOC reports, what the difference is between various SOC reports and how to perform a detailed review.

TECHNICAL TRACK
Glen Roberts, Reverse Engineer/Cyber Vulnerability Analyst, Assured Information Security (AIS)
"DevOps and Application Platform Security in the Enterprise"
While the term “Internet of Things” is relatively new, the truth is we have been living in a rapidly expanding IoT world for a number of years and it’s evident in almost every aspect of our daily lives. With this increased connectivity, new security threats continue to emerge and if realized, can impact much more than just sensitive data…they can disrupt safe operations, threaten public safety and even impact national security.

Glen Roberts of AIS will further explore this issue, providing real examples of threats and breaches, while also providing applicable guidance to manufacturers of connected devices, their customers and users. Glen will also conduct a live hack of a drone in an effort to showcase not only the feasibility of such an attack but also the relative ease.

1:55 PM
Break
2:25 PM
Breakout Session Three

BUSINESS TRACK
Marlowe Greenberg, Founder and CEO, Founder and CEO of Foothold Technology
"HIPAA: Getting Under the Hood with Your HER Vendor"
In the behavioral health world, as information migrates from paper files into electronic systems, extra vigilance is required to maintain an infrastructure that keep Protected Health Information (PHI) safe. While the Health Insurance Portability and Accountability Act (HIPAA) has been around a long time and provides some guidance on keeping information confidential, life changed for Business Associates (BAs) in 2013 and 2014 with the implementation of HiTECH Act and the HHS’ Risk Assessment Tool.

In this session, CEO Marlowe Greenberg will outline steps his company took to help educate its customers about the responsibility of safeguarding client data and maintaining HIPAA compliance, as well as share tips for other BAs based on the ongoing efforts his company is taking to secure its own internal processes, ensure the safeguarding of customers’ data, and minimize risk.

RISK AND COMPLANCE TRACK
Bill Hallett, Partner Channel and Alliance Manager, Wombat Security Technologies
"Beyond the Phish - 70 Million Responses Can’t Be Wrong"
Join Wombat Security Technologies to gain key insights into end-user cybersecurity knowledge. We will share the results of our 2017 Beyond the Phish Report, which analyses the aggregate data of 70 million responses to security questions and training challenges across several different topics. Bill will also provide guidance about how to use this information to strengthen your carbon-based defences and reduce the risk of successful cyberattacks.

TECHNICAL TRACK
Philippe Langlois, Technical Product Manager, Center for Internet Security
"Leverage the Community: Defense Through the CIS Controls"
Participants will get an overview of the CIS Controls, which are a recommended set of actions for cyber defense that provide specific and actionable ways to thwart the most pervasive attacks. Formerly known as the SANS Top 20, the CIS Controls are a list of high-priority, effective defensive actions that provide a starting point for every enterprise seeking to improve its cyber defense. They are designed to help organizations direct their scarce resources on actions with immediate and high-value payoffs and are built through a dedicated community of cybersecurity experts. In addition, participations will get a chance to understand how the Controls can help organizations prioritize their implementation of the NIST Framework.

3:10 PM
Closing Address

Reg Harnish, CEO, GreyCastle Security

BRUCE SCHNEIER

Bruce Schneier is the author of 14 books — including the New York Times best-seller Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World — as well as hundreds of articles, essays, and academic papers. His influential newsletter “Crypto-Gram” and blog “Schneier on Security” are read by over 250,000 people. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard University, a fellow at the Belfer Center at Harvard’s Kennedy School of Government, and a board member of the Electronic Frontier Foundation. He is also a special advisor to IBM Security and the Chief Technology Officer of Resilient.

Reg Harnish

Reg Harnish is the CEO of GreyCastle Security. Reg is responsible for defining and executing GreyCastle Security's vision. Under his leadership, the company has experienced six consecutive years of triple-digit growth and countless industry accolades. Today, GreyCastle Security is working with organizations in nearly every state in the U.S.

Reg is a nationally-recognized speaker and has presented at countless industry events. He was recently recognized as the 2017 Cybersecurity Consultant of the Year by the Cybersecurity Excellence Awards and has been featured in Time, Forbes, CIO Magazine, Dark Reading and others.

Reg is a member of the Forbes Technology Council and a fellow of the National Cybersecurity Institute in Washington, DC.

SPEAKERS
  • Will Pelgrin

  • Kurt Bratten

  • Kris Cottom

  • Ellen Borkowski

  • Daniel Domkowski

  • Special Agent, FBI

  • Dr. Bertine McKenna

  • F. Paul Greene

  • Kathleen Jimino

  • Glen Roberts



SPONSORS

Location

Albany Marriott
189 Wolf Road
Albany, NY 12205