Join us for an Introduction to FAIR session at 7:30 AM on Tuesday, October 16. This optional session will be led by FAIR author, Jack Jones, and will be a quick "get-up-to-speed" session for those in town for the conference.
08:00 - 09:30 AM Registration and Continental Breakfast
09:30 - 09:45 AM Welcome Remarks
Nick Sanna, President, FAIR Institute
Andy Wasser, Associate Dean of the Heinz College, Carnegie Mellon University
09:45 - 10:30 AM Conference Keynote: The Next Frontier in Risk Management
Jack Jones, Chairman, The FAIR Institute, EVP R&D, RiskLens
10:30 - 11:15 AM Panel: Shifting the Discussion to Cost-Effective Decision Making
Moderator: Jack Jones, Chairman, FAIR Institute
La'Treall Maddox, Senior Risk Manager, Cisco
Joel Baese, Director, Governance and Decision Science, Information Security, Walmart
Chris Correia, VP, Cyber Security & Risk Compliance at Ascena Retail Group, Inc.
11:15 - 11:45 AM Networking Break
11:45 - 12:30 PM Case Study: Reporting to the Board: What got you here, won't get you there
Omar Khawaja, CISO, Highmark Health
12:30 - 01:30 PM Networking Lunch
01:30 - 02:15 PM Panel: How to get the Buy-In for a quantitative risk management program from your IT Security/Risk Council
Moderator: Evan Wheeler, CISO, Financial Engines
Jack Freund, Director, Cyber Risk, TIAA
Tim Titcomb, Vice President of Technology Risk for Fidelity Brokerage and Operations Technology
Mandy Andress, CISO, Elastic, Fmr. EIRM, MassMutual
02:15 - 02:45 PM Networking Break
02:45 - 03:45 PM Panel: How to communicate the value of FAIR to internal and external stakeholders
Cyber Risk Management Workgroup Presenters
Moderator: Rachel Slabotsky, Risk Consultant, RiskLens, Fmr. Risk Assurance Manager, Ernst & Young
Greg Rothauser, Sr. Information Risk Manager, MassMutual
Allison Seidel, Information Risk Management, PNC
Steve Reznik, Director, Operational Risk Management, ADP
Brandon Young, Managing Director, Cybersecurity Framework & Risk Assessment, Charles Schwab
03:45 - 04:15 PM Networking Break
04:15 - 05:15 PM Breakout Learning Sessions
Session A - FAIR & TBM: Two Standards come together for Managing Technology and Risk from the Business Perspective
Jack Jones, Chairman, FAIR Institute
Todd Tucker, VP, Standards, Research, and Education, TBM Council
Paula Medders, Senior Program Manager - Cyber Security, HPE
Michel Brassart, Sr. Director, DXC Technology
Session B - Panel: Dealing with Ransomware: pay the ransom or pay more by dealing with the consequences?
Moderator: Kim L. Jones, Director, Cybersecurity Education Consortium, Arizona State University
Kristopher Rush, Technical Director, CERT Division, Carnegie Mellon University
Anand Shah, Cybersecurity Counsel, Drinker Biddle & Reath LLP
Alan Levine, Fmr. CISO, Arconic
05:15 - 06:30 PM Travel to Networking Reception
06:30 - 09:00 PM Networking Reception - The Andy Warhol Museum
07:30 - 08:30 AM Breakfast
08:30 - 09:30 AM Keynote Address: A Risk Committee Chair’s View of ERM and Cybersecurity Oversight
James Lam, Director, Chairman of the Risk Oversight Committee, E*TRADE Financial; Independent Director, RiskLens
09:30 - 10:00 AM Networking Break
10:00 - 10:45 AM Case Study: Extending FAIR to manage Operational Risk
Christina Nelson, Director, GISAT Risk and Strategy, Walmart
10:45 - 11:00 AM Networking Break
11:00 AM - 12:00 PM Presentation: Using FAIR to Optimize Your Cyber Insurance Coverage
1. Results of the Cyber Insurance Workgroup White Paper, "Improving the Cyber Insurance Underwriting and Buying Process"
Presenter: Chip Block, Vice President, Evolver Inc. with assistance and on behalf of the rest of the Workgroup Members:
Cody Whelan, Risk Consultant, RiskLens
Bob Parisi, Managing Director, Marsh
Arthur Hsu, Lead Product Manager, Marsh
Indrajit (Indy) Atluri, Information Security Manager, HIPAA Security Officer, ProPath Services LLC
Trish Carreiro, Associate, Axinn, Veltrop & Harkrider
Brooke Oppenheimer, Attorney, Axinn, Veltrop & Harkrider LLP
Samuel Tashima, Associate Director & Actuary, Aon
2. Catastrophic Risk Modeling using FAIR
Geoji Paul, Director of Information Security, Express Scripts
Ben Havelka, Quantitative Risk Analyst, Express Scripts
12:00 - 01:30 PM Awards Luncheon
FAIR Business Innovator
FAIR Champion
01:30 - 01:45 PM Networking Break
01:45 - 02:30 PM Panel/Discussion: Bridging the Gap Between the CISO & the CRO
Moderator: Amjed Saffarini, CEO, CyberVista
Omar Khawaja, CISO, Highmark Health
Dennis Cronin, CRO, Highmark Health
Mary Ann Blair, CISO, Carnegie Mellon University
02:30 - 03:00 PM Networking Break
03:00 - 03:45 PM Presentation: Key Risk Indicators: A Quantitative Approach
Marta Palanques, Security Lead Consultant, ADP
Steve Reznik, Director, Operational Risk Management, ADP
03:45 - 04:15 PM Closing Remarks
*Attendees are free to depart for dinner on their own, the airport and/or to explore Pittsburgh.
08:00 - 09:00 AM Continental Breakfast
09:00 - 10:00 AM Workshop-style FAIR Training
10:00 - 10:15 AM Morning Snack Break
10:15 - 12:00 PM Workshop-style FAIR Training
12:00 - 01:00 PM Hot Buffet Lunch
01:00 - 3:30 PM Workshop-style FAIR Training
03:30 - 04:00 PM Afternoon Snack & Networking Break
04:00 - 05:00 PM Workshop-style FAIR Training
08:00 - 09:00 AM Continental Breakfast
09:00 - 10:00 AM Workshop-style FAIR Training
10:00 - 10:15 AM Morning Snack Break
10:15 - 12:00 PM Workshop-style FAIR Training
12:00 - 01:00 PM Hot Buffet Lunch
01:00 - 3:30 PM Workshop-style FAIR Training
03:30 - 04:00 PM Afternoon Snack & Networking Break
04:00 -0 5:00 PM Workshop-style FAIR Training