CISO Washington DC Summit | May 4, 2023 | Washington, DC, USA
Melina Scotto
Vice President and Chief Information Security Officer
Hilton
In the early 2000s, Melina began securing global health systems providing life-saving anti-retroviral drugs to PEPFAR countries with John Snow Inc. where she worked primarily in network security administration. Melina moved from international HIV work to domestic healthcare at George Washington Medical Faculty Associates. The position as Network Security Engineer focused on maintaining technical requirements of HIPAA Security Rule and HITECH in a dynamic virtual server and mobile device environment and assessing OCR criteria for HIPAA/HITECH compliance and Meaningful Use eligibility. It was at GWU where Melina became an instructor for master classes in Health Informatics, HIPAA Security, Business Continuity Planning and Risk Assessment. In 2012, Melina moved to National Institutes of Health (NIH) where she held several engineering security and leadership posts. Former Federal Health CISO for GDIT, she led cybersecurity engineers and analysts across 140 Federal Health and State/Local Health contracts. Melina holds a number of credentials including CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), HISPP (Privacy and Health Data Security). Her concentration is in Federal, international and domestic data security and privacy regulations as well as general FISMA, PCI and ISO best practice. Currently, Melina reduces cyber-risk and strengthens security controls in Hiltons Global Information Security (GIS) where innovation for customer experience drives a fast pace and data must be secured to a variety of commercial and international controls across traditional data centers and cloud environments. Maryland resident and lifelong Orioles fan. When not securely linked into a server, Melina enjoys championing Women in Technology programs.
Artificial intelligence is changing the world, bringing more context to business and scientific data. It’s being used for everything from curing cancer to predicting your perfect travel destination. Our discussion focuses on securing enterprise artificial intelligence, machine learning and neural networks that are driving data innovation. Genuine cyber strategy for corporate AI will be contrasted with the deliciously perilous Open AI models that are all the rage in 2023.
Key Takeaways:
Melina Scotto
Vice President and Chief Information Security Officer
Hilton
Thi Nguyen-Huu
President and CEO
WinMagic
Thi Nguyen-Huu is President and CEO of WinMagic. He founded the company in 1997 with a vision to create an authentication and encryption suite that meets the most demanding requirements of governments and enterprises. Thi began his career as an applications engineer with Siemens AG. WinMagic is Thi’s third successful venture. Prior to forming the company, he founded two consulting firms that provided software solutions for industrial process automation. Under Thi’s direction, WinMagic has demonstrated consistent growth, leadership and innovation in the marketplace. The company is trusted by over 2,500 businesses and government agencies and has over 3 million active licenses globally.
Thi Nguyen-Huu
President and CEO
WinMagic
Ajay Amlani
SVP Americas
iProov
Ajay Amlani
SVP Americas
iProov
Igor Volovich
Vice President, Compliance Strategy
Qmulos
For a long time, cybersecurity compliance has been ineffective. Compliance management has become its own function, separate from managing risk. Enterprises now face increasingly complex compliance obligations, using significant resources to achieve, maintain, and demonstrate adherence to continuously emerging standards, frameworks, and mandates. Despite this effort, compliant organizations still suffer breaches, with cyber-attacks continuing to grow in impact despite increased spending on cybersecurity. The convergence of compliance, security, and risk management, powered by end-to-end automation, offers organizations the opportunity to extract additional ROI from existing investments while overcoming organizational barriers. In this session, we will discuss how leaders can implement this strategy in their organizations.
TAKEAWAYS:
Igor Volovich
Vice President, Compliance Strategy
Qmulos
Paul Williams
CIO
VirginiaABC
Paul Williams serves as Virginia ABC’s chief information officer. Prior to joining ABC in 2015, Williams was an interim CIO for Bowlmor AMF, the largest operator of bowling centers in the world. Before that, he served as CIO or vice president of information technology for several other companies including children’s clothing retailer, The Children’s Place, and Alvarez & Marsal Holdings Inc. Since joining Virginia ABC, Williams has restructured the information technology department into core functions for better efficiency, created a steering committee to manage the authority’s portfolio of projects and created a technology strategy and roadmap for Virginia ABC systems. Williams received a Bachelor of Science degree in business administration and computing from the University of Aston in Birmingham, United Kingdom.
Virginia Alcoholic Beverage Control Authority: Becoming Hybrid: Facing and resolving for technical debt and stagnation.
VirginiaABC's journey from ‘All on Premise’ to a fully hybrid enterprise. ABC runs some 130 systems, but this focuses on the 14 of those that are Enterprise class systems as the measure of our progression. This presentation covers moving IT Systems and the business from those obsolete and on premise solutions to a new paradigm.
Paul Williams
CIO
VirginiaABC
Nick Curcuru
Head of Solutions Marketing
Venafi
Nick is a dedicated, passionate executive on a mission to protect the organization’s revenue streams and brand reputation. He works with Venafi customers to prevent misuse and compromise and stop costly outages while modernizing their platforms, balancing fast development with high levels of security. He creates “fastsecure” cultures. He is known for breaking down complex ideas into simple terms. His unique data translator and storyteller skills enable him to bridge the gap between tactics and strategy. This made him recognized as one of the Top-three Data Futurists to Watch by Enterprise Management 360.
Simple and effective communication with other executives and the board is vital in communicating your story.
Attend this session to learn how to connect the dots between your metrics, industry standards, and dollars to tell your story in 15 minutes or less with value cards. Nick Curcuru will show real-world examples of how CISOs have connected the dots for their crypto and PKI teams using value cards. These cards told the story of the team's current efforts, laid out their future projects, built funding cases, and even minimized a reduction in force in their areas.
When you leave the session, you can return to your desk, shape your value card, and outline the story you must tell your fellow executives and the board.
Nick Curcuru
Head of Solutions Marketing
Venafi
Danil Fedick
Sr Solutions Engineer, DoD/ US Air Force
HashiCorp
Danil Fedick
Sr Solutions Engineer, DoD/ US Air Force
HashiCorp
Brian Mikkelsen
VP/GM Public Sector
Datadog
Join Datadog as they dive deeper into
Brian Mikkelsen
VP/GM Public Sector
Datadog
Andre Mendes
CIO
US Department of Commerce
André Mendes was appointed Chief Information Officer for the Department of Commerce in August of 2019. There, he has overall responsibility and oversight of all technology systems at the United States Department of Commerce (DOC) and its associated Bureaus. Before, Mr. Mendes was responsible for all global technology platforms and systems for the International. Trade Administration (ITA), the DOC bureau that manages global trade issues for the United States of America. There Mr. Mendes oversaw a rapid bureau-wide transformation effort making ITA the first Federal. Agency/Bureau to be 100% cloud based, radically changing several workflows, enabling a massive scale-up of service provisioning quality, an unprecedented rise in employee morale and job satisfaction while also lowering overall operating costs to less than 11% of ITA’s appropriation. Prior to ITA, Mr. Mendes spent eight years at the U.S. Agency for Global Media (USAGM) in various executive roles; including CEO, COO, CIO, CTO and CFO. During his time at USAGM, Mr. Mendes managed overall. Agency transformation generating over $360 million in savings from 2010 through 2018 through aggressive global technology and facilities optimization with projected 10-year savings in excess of half a billion dollars ($503M). In that timeframe, global weekly audiences grew 78% (165-278M), all while reducing technology and front office staff by over 22%. Mr. Mendes has also held CXO positions at Special Olympics International, PBS, Pluvita, MRL Pharmaceuticals, USAssist and General Health Inc. Mr. Mendes received his MBA and BS in Management of Information Systems from University of Maryland Global Campus and an Associate Degree in Biology from Montgomery College. Mr. Mendes also holds certificates in finance and international management from MIT and Antwerpen University. Mr. Mendes is a member of the CIO Hall of Fame (Class of 2021), a recipient of the 2011 Milton F. Clogg. Outstanding Alumni Achievement Award from Montgomery College, a Trustee with Capitol Technology University and has receive multiple industry awards including an MIT award for IT Innovation, a 2020 Top 150. Global Transformation Executives from Constellation Research, a 2020 FedScoop 50 Federal Leadership Award the 2005 Technology Leadership Award from Broadcasting and Cable Magazine and the Top 100. Hispanic Executives in IT Award every year between 2009 and 2019.
Andre Mendes
CIO
US Department of Commerce
Robert Wood
CISO
Centers for Medicare & Medicaid Services
Robert Wood is the Chief Information Security Officer (CISO) for the Centers for Medicare and Medicaid Services (CMS). He leads enterprise cyber security, compliance, privacy, and counter intelligence functions at CMS and ensures the Agency complies with secure IT requirements while encouraging innovation. Mr. Wood has over 10 years of experience in information technology, information security and management consulting.
Centers for Medicare & Medicaid Services' journey and best practise on building a human-centered cybersecurity culture.
Robert Wood
CISO
Centers for Medicare & Medicaid Services
Sanara Marsh
Security Evangelist
Randori
The Integration of Threat Intelligence, Attack Surface and Vulnerability Management into Threat Management Programs Threat management programs aiming to establish visibility, detection, investigation and response are becoming more complex as infrastructure and workforces expand and adapt. This not only makes threat management more challenging, but can also dramatically increase our exposure to attack. So how can we do a better job of proactively understanding and reducing the risks and exposures associated with this disparate environment, while simultaneously significantly reducing the stress on our threat management systems and teams? Join us to hear what we have learned from thousands of engagements in this developing field, which we are referring to as Exposure Management. This approach has the goal helping organizations reduce risk and inefficiencies and get the most out of the tools, processes and people that they have. All while enabling the business to evolve and thrive.
Sanara Marsh
Security Evangelist
Randori
Garrett Smiley
CISO & VP of Information Security
Serco
Dr. Garrett Smiley currently provides oversight and governance for all information and cyber related compliance, risk management, and security within Serco, Inc. The major areas of focus thus far include protecting unclassified federal government data on the technical estate (e.g., DoD CMMC/DFARS 252.204-7012/NIST SP 800-171/171A compliance), helping to maintain our Special Security Agreement (SSA) with the Defense Counterintelligence and Security Agency (DCSA), and increasing overall security for systems.
Garrett Smiley
CISO & VP of Information Security
Serco