EXECUTIVE SUMMIT & ROUNDTABLE 2009 - MIS Training
EXECUTIVE SUMMIT & ROUNDTABLE 2009 - MIS Training
EXECUTIVE SUMMIT & ROUNDTABLE 2009 - MIS Training
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
CISO <strong>EXECUTIVE</strong> <strong>ROUNDTABLE</strong> <strong>2009</strong><br />
DELIVERING PRAGMATIC & VALUE-ADDING SECURITY: REALISTIC SECURITY FOR BUSINESS REALITIES<br />
“Definitely worth the money within the first half day" IT Security Officer, European Court of Auditors<br />
MARRIOTT HOTEL, LISBON<br />
10 – 12 JUNE <strong>2009</strong><br />
DAY THREE: FRIDAY 12TH JUNE <strong>2009</strong><br />
CISO <strong>ROUNDTABLE</strong>: APPLY YOUR SECURITY EXPERIENCE TO DELIVER BENEFICIAL RESULTS<br />
AGENDA TIMINGS:<br />
9:00 START<br />
10:30 COFFEE BREAK<br />
12:30 LUNCH<br />
15:00 TEA BREAK<br />
16:00 CLOSE<br />
ABOUT THE CISO <strong>ROUNDTABLE</strong>:<br />
The CISO Roundtable <strong>2009</strong> provides the ultimate forum for heads of information<br />
security to discuss key security challenges & benchmark strategy with peers to<br />
develop team expertise & professional skills, as well as to advance standards &<br />
approaches for the information security community at large. All participants will have<br />
the opportunity to input into the agenda beforehand. The focus is on roundtable<br />
discussions & group work, with sessions facilitated by established information security<br />
practitioners & industry experts. This is the ideal opportunity to meet global security<br />
industry leaders & network with professionals who face a similar set of challenges as<br />
you. At the end of the day, there will be an opportunity for those who have agreed to a<br />
confidentiality agreement in advance to attend a ‘closed door’ 30 minute session<br />
where participants can discuss real life information security incidents & discuss<br />
possible solutions.<br />
SESSIONS FOR DISCUSSION INCLUDE:<br />
1. THE 10 <strong>MIS</strong>TAKES CISOS MAKE WITH THEIR CAREERS: WHAT<br />
WOULD ESTABLISHED CISOS ADVISE YOU TO THINK ABOUT TO<br />
MAKE YOUR NEXT STEP?<br />
2. STEERING A TOP SECURITY TEAM THROUGH THE GLOBAL<br />
DOWNSIZING TREND & HOW TO RECRUIT & KEEP A TOP TEAM<br />
3. INCREASING SECURITY CREDIBILITY TO THE BOARD<br />
4. ESTABLISHING AN IMAGINATIVE SECURITY AWARENESS<br />
CAMPAIGN WITH A LIMITED BUDGET<br />
5. NEW INTERACTIVE SESSION - HOW CAN SENSITIVE<br />
INFORMATION STAY FAITHFUL TO ITS ORGANISATION?<br />
This will be an interactive session with the audience split into three groups: The<br />
disaffected employee 2. The exiting employee 3. The CISO. The challenge: We all<br />
have security policies & measures in place that aim to protect the business from<br />
data leakage from our systems & our people. Backing up data & holding<br />
documents in central repositories provide a sense of well-being & comfort. We have<br />
the technology - we can achieve. However, the fact remains that to protect<br />
corporate data & intellectual property is a real challenge when we consider the<br />
people aspect. Where are all your data stored? Do you know? Greed, Envy,<br />
ambition, desperation & poverty are key characters in this play that convert even the<br />
most corporately versioned employee. Add ignorance; lack of training, education &<br />
awareness; time pressure & general lack of ability into the pot & the mix becomes<br />
worse. This exercise is about protecting your most valuable corporate asset.<br />
CHAIRED BY:<br />
Charles V. Pask, Managing Director, ITSEC Associates Ltd<br />
Charles is responsible for delivering global IT security & IT audit services, including public training<br />
courses, in-house training courses, conferences & symposiums. Previously, he was a Director with <strong>MIS</strong><br />
<strong>Training</strong>,& Director of Information Security Institute (ISI) European & Middle East e-Security Services. Mr.<br />
Pask has over 20 years’ experience in IT, IT audit,& IT security, & was the Information Security Manager<br />
for Alliance & Leicester plc prior to joining <strong>MIS</strong>. More recently Charles was the Global Head of Strategy,<br />
Development & Globalisation for he BT Business Continuity, Security & Governance Practice.<br />
FACILITATORS:<br />
Floris Van Den Dool, Security EMEA Lead, Accenture<br />
Floris provides services to several of Accenture’s main clients across all industries. Floris has been active<br />
in IT consulting & security for 20 years & lectures at Erasmus University in Rotterdam on the topics like<br />
Computer Architectures, IT auditing & Security. Currently he is helping a number of organisations with<br />
the security aspects of outsourcing as well as outsourced security services.<br />
Marcus Alldrick, CISO, Lloyd's<br />
In his role at Lloyd’s Marcus is responsible for ensuring that risks to information are understood &<br />
adequately mitigated in a cost effective manner throughout the organisation, both in the UK and in its<br />
overseas locations, & that assurance to this effect is provided to Executive, Senior and Line<br />
Management. Marcus has worked in IT for over 30 years, specialising in information risk & security for<br />
the latter 17 years. Prior to joining Lloyd’s, Marcus was a Principal Advisor for KPMG, working in IT<br />
Advisory & specialising in information security strategy definition & implementation. Before that Marcus<br />
was Head of Information Security for Abbey National plc, a leading UK bank, a position he held for six<br />
years following seven years as Information Risk and Security Manager for Barclaycard, part of Barclays<br />
plc & Europe’s largest credit card issuer.<br />
information security. He has worked in diverse roles from consultancy to information security governance<br />
and strategy for blue-chip organisations. Prior to joining the ISF Mark was responsible for information<br />
security at a multinational FTSE 250 company. He believes in a risk-based, business-oriented approach<br />
to managing information risk, while complying with the requirements of internal standards, contracts,<br />
regulation and legislation. Mark runs global research projects for the ISF on all aspects of information<br />
security, including governance, standards, risk management and compliance. Mark is also responsible<br />
for the ISF’s Standard of Good Practice for Information Security.<br />
Michael Colao, Global CISO & Director Information Management,<br />
Dresdner Kleinwort<br />
Michael has been with Dresdner Kleinwort since 1999. He is the Director of Information Management. This role means<br />
that Michael is both the Global Head of Information Security for the Bank as well as the Global Head of Data Protection<br />
and Privacy. He has a strong side-interest in computer forensics & in the management of digital evidence. He<br />
graduated from the Massachusetts Institute of Technology in 1987 where he studied Mathematics & Computer<br />
Science. He has since lived in three continents & has lectured globally on security technology issues. Since 1996 has<br />
been working in Financial Technology in London.<br />
Paul Wood, Group Chief Security Officer, Aviva<br />
Paul has over 30 years experience in the security arena, dealing with crime, fraud, information security, counter-terrorist<br />
& executive protection. He worked in a number of security roles within government from 1974 until he retired in 1995<br />
from the Directorate of Security Policy, at the Ministry of Defence. He joined the Civil Aviation Authority / National Air<br />
Traffic Services as the Head of Corporate Security. From Jul 99 – Apr 06 he was the Chief Security Officer for UBS<br />
Investment Bank, with responsibilities for all aspects of physical & information security. In April 06 he assumed the<br />
appointment of Group Chief Security Officer for Aviva Group; he has responsibility for all aspects of security across the<br />
Group. Paul is a regular speaker on security matters. He is a member of the ISSA Advisory Board; a founder member<br />
& now Director on the Board of IISP & a member of many other professional security forums. He was awarded the<br />
MBE in the 1995 New Years’ Honours List.<br />
Dr. Cheryl Hennell, Head of IT Security and Information Assurance,<br />
Openreach<br />
Prior to her current position, Cheryl was a Senior Lecturer at the University of Portsmouth. Following 3 decades in the<br />
IT industry working for the Ministry of Defence, The Office of Population, Censuses & Surveys & as a European<br />
consultant for a blue chip organisation, she entered academia. Cheryl is an active CISSP & has recently been<br />
appointed as an ambassador for Childnet delivering training sessions in schools. Her academic interests lie in the<br />
analysis & design of information systems; developing secure information systems; business continuity & disaster<br />
recovery, & digital forensics. She designed, developed & led lectures on the BSc (Hons) Digital Forensics degree for<br />
the University of Portsmouth.<br />
EXPAND YOUR REACH (& BUDGET!) - MEET EUROPE’S FINEST<br />
INFORMATION SECURITY DIRECTORS ALL IN ONE PLACE!<br />
A learning & high level networking forum rather than a ‘trade show’, the CISO<br />
Summit is designed for people to share ideas & build trust based relationships – a<br />
unique event designed for the world’s elite information security directors & normally<br />
elusive & difficult to reach executives! Use this platform to influence clients & ensure<br />
your leading market position. CISO networking sponsorships have included<br />
receptions on a boat on the River Danube, a catamaran cruise in Barcelona, an<br />
exclusive beach front venue in Nice, through to dinner in the ancient wine cellars of<br />
Budapest & Grand Prix receptions. Other options range from exhibiting to<br />
participating on a panel discussion, presenting a keynote or sponsoring a facilitator<br />
for the ultimate benchmarking event - the interactive CISO Roundtable! Given that<br />
<strong>MIS</strong>’ background is in security & audit training, delegates typically comprise 95%<br />
‘practitioners’ (e.g. CISOs, Heads of IT Security rather than consultants or vendors).<br />
All sponsorship packages include a number of free client places, exhibition &<br />
speaking options. For more information, please contact Sara Hook, Conference<br />
Director on: +44 (0)20 7779 7200, or email shook@misteurope.com<br />
ABOUT THE VENUE<br />
Lisbon, the town of the seven hills & the Tagus river, capital of Portugal since 1147.<br />
With its gentle climate, abundant attractions & rich cultural diversity, it is a city with<br />
much to offer. One of the main saints' days will take place during your stay in Lisbon.<br />
There is a big parade on the night of the 12th June for St Antonio which makes its<br />
way along the Avenida da Liberdade. The old quarters of Alfama & Mouraria are<br />
particularly busy & celebrations continue until dawn. The Lisbon Marriott Hotel is<br />
only a 15 minute drive from Lisbon airport, & is situated in the business district.<br />
Mark Chaplin, Senior Research Consultant, Information Security Forum<br />
Mark is an information risk management professional with over 18 years of experience in IT and