View the FAIRCON2020 Event Program

Click here or the image below to download.

FAIRCON2020 Program


Day 1 - Tuesday, October 6

All Times in EDT

Session Information
11:00 - 11:45 AM

Welcome Remarks and Opening Keynote

Factoring Risk in Decision Making: How Better Risk Measurement Enables Better Decision-Making

Jack Jones, Chairman, FAIR Institute

Phil Venables, Member of the Board of Directors, Goldman Sachs Bank (USA)

11:45 AM - 12:00 PM 15-Minute Break
12:00 - 12:30 PM

C-Level Panel - Improving Decision Making through the Adoption of FAIR

Moderator: Frank Kim, Curriculum Director, SANS Institute

Pat McGuinness, CIRO, Manulife

Mary Elizabeth Faulkner, CISO, Thrivent Financial

Omar Khawaja, CISO, Highmark Health

Mike Green, CISO, Cigna Health Services

Panel - Clarifying SEC’s Expectations for Cyber Risk Disclosures: An Interview with Kristy Littman, Chief, Cyber Unit, Division of Enforcement, U.S. Securities and Exchange Commission (SEC)

Kristy Littman
, Chief, Cyber Unit, Division of Enforcement, U.S. Securities and Exchange Commission (SEC)

Randy Sabett, Special Counsel & Cyber Expert, Cooley LLP

12:30 - 1:00 PM

Roundtable - A Strategic Approach to Defending the U.S. in Cyberspace

Moderator: Nick Sanna, President, FAIR Institute

Congressman Mike Gallagher, U.S. Representative; Co-Chair, Cyberspace Solarium Commission

Chris Inglis, Cyberspace Solarium Commission Member, Fmr. Deputy Director, NSA

Use Case Panorama - How FAIR Analysis Improves Risk Communication and Decision Making

Moderator: Donna Gallaher, Board of Advisors, FAIR Institute 

Kurt Zanzi, Privacy and Information Security Risk Management Supervisor, Sutter Health

Hans Schwarz, Sr Manager Cyber Security Risk and Compliance, Ascena Retail

1:00 - 1:15 PM 15-Minute Break
-- Beginner Track Advanced Track General Track
1:15 - 1:45 PM

Presentation - How to Rapidly Triage Issues and Findings to Focus on What Matters Most

David Elfering, Senior Director of Information Security

Alyssa Hinz, Senior Information Security Specialist, Werner Enterprises

Roundtable - Helping the Board Exercise Proper Cyber Risk Oversight

Larry Clinton, President, ISA

Daniel Dobrygowski, Head of Governance & Policy, Cybersecurity Legal Counsel, World Economic Forum

Shelley Leibowitz, Board Member E*TRADE, MassMutual

Lou DeSorbo, Chief Security Risk Officer, Centene

*Special 45-minute session from 1:10 - 1:55 PM EST

Presentation - Managing Risk in Times of Crisis: Applying FAIR to Become More Business-Centric during COVID

Omar Khawaja, CISO, Highmark Health

1:45 - 2:00 PM 15-Minute Break
2:00 - 2:30 PM

Presentation - How Better Data Can Help Executives Make Better Decisions

Wade Baker, Partner & Co-Founder, Cyentia Institute & Member, Board of Advisors, FAIR Institute

Case Study - Reporting Cyber Risk to the Board: Real Life Examples

Matt Kruse, Senior Director - Risk, Information Security and Compliance (RISC), FIS Global

Vince Dasta, Director - Cyber Risk Quantification, Protiviti

Case Study - How FAIR Analyses Support Decision-Making at Netflix

Tony Martin-Vegue, Sr. Information Security, Risk Engineer, Netflix

2:30 - 3:00 PM

Presentation - Improving DevSecOps with FAIR at Doordash

Sarina Hothi, Security Project Manager, DoorDash

Moderator: Evan Wheeler, Board of Advisors Member, FAIR Institute

Presentation - Prioritizing NIST CSF Activities with FAIR

Richard Barretto, Security Operations Manager, Cimpress

Jack Freund, Fellow, FAIR Institute

Presentation - Updates to the Open FAIR Standards

John Linford, Forum Director, Security Forum & Open Trusted Technology Forum (OTTF), The Open Group



Day 2 - Wednesday, October 7

All Times in EDT (UTC−04:00) Session Information
11:00 - 11:45 AM

Keynote Conversation - How to Help the Business Make the Right Decisions on Risks They Struggle to See
Michele Wucker, Author, "The Gray Rhino: How to Recognize and Act on the Obvious Dangers We Ignore"
Jack Jones,
Chairman, FAIR Institute

11:45 AM - 12:00 PM 15-Minute Break
12:00 - 12:30 PM

Case Study - Decision Making with FAIR - Quantification and The Rise of Class Action Lawsuits

Chip Block, Vice President and Chief Solutions Architect at Evolver; Co-Chair, FAIR Institute DC Chapter

Denny Wan, Principal Consultant, Security Express; Chair, FAIR Institute Sydney Chapter

George Newhouse, Director, The National Justice Project; Adjunct Professor, Macquarie University

Trish Carreiro, Data Privacy and Cybersecurity Attorney at Carlton Fields, P.A.

Visesh Gosrani, Chair of Institute and Faculty of Actuaries Cyber Risk Working Party

Presentation - The Team as a Measurement Instrument

Douglas Hubbard, Author, "How to Measure Anything in Cybersecurity Risk"

12:30 - 1:00 PM

Panel - How FAIR Can Help Better Integrate Cyber Risk with ERM

James Lam, Independent Director, Chair of Risk Oversight Committees, E*TRADE, NACD 100 Honoree

Paul Sobel, Chairman, COSO

Greg Montana, Chief Risk Officer (CRO), FIS Global

Christopher Porter, CISO, Fannie Mae

Keith Weinbaum, Enterprise Risk Management Architect, Quicken Loans


1:00 - 1:15 PM 15-Minute Break
-- Healthcare Track Government Track Financial Services Track
1:15 - 1:45 PM

Case Study - Enhancing HIPAA Risk Assessment with FAIR

Reid Leake, Information Security and Compliance Analyst, Cambia Health Solutions

Reny Mathew, InfoSec Analyst, Cambia Health Solutions

Case Study - Building A Quantitative Risk Management Program in the Federal Government

Emery Csulak, Principal Deputy Chief Information Officer at U.S. Department of Energy (DOE)

Dan LaGraffe, Director of Cybersecurity Operations, Department of Energy

Natalie Priani, Contractor Support Lead, Department of Energy 

Cody Scott, Chief Cyber Risk Officer, Federal Agency & Government Chapter Co-Chair, FAIR Institute

Presentation - Support Your Company’s Digital Transformation during Times of Crisis 

Harold Marcenaro, Digital Risk Officer, BCP


1:45 - 2:00 PM 15-Minute Break
2:00 - 2:30 PM

Case Study - Building a Program with HITRUST & FAIR

Marshall Lambert, Team Lead, Cyber Risk Quantification, Highmark Health

Greg Rothauser, Sr. Risk Quantification Analyst, Highmark Health

Bryan Cline, Chief Research Officer, HITRUST

Tyler Britton, Cybersecurity Risk Consultant, RiskLens

Case Study - Protecting Government Information and Assessing Controls at Scale

Anthony Corso, Assistant Commission, Office of the Victorian Information Commissioner

Jason Ha, Director, PwC, FAIR Institute Chapter Chair Melbourne, Australia

Conversation - OCC Insights for Cyber Risk Assessments

Bill Barouski, Chief Information Risk Officer, Northern Trust Corporation

Kevin Greenfield, Director for Bank Information Technology, OCC


2:30 - 3:15 PM

Closing Keynote: Drivers for IRM, Digital Transformation & Cost Optimization

Khushbu Pratap, Research Director, Gartner

Awards Ceremony & Farewell Remarks