Day 1 - Tuesday, October 6

All Times in EDT

Session Information
11:00 - 11:45 AM

Welcome Remarks and Opening Keynote

Factoring Risk in Decision Making: How Better Risk Measurement Enables Better Decision-Making

Jack Jones, Chairman, FAIR Institute

Phil Venables, Member of the Board of Directors, Goldman Sachs Bank (USA)

11:45 AM - 12:00 PM 15-Minute Break
12:00 - 12:30 PM

C-Level Panel - Improving Decision Making through the Adoption of FAIR

Moderator: Frank Kim, Curriculum Director, SANS Institute

Pat McGuinness, CIRO, Manulife

Mary Faulkner, CISO, Thrivent Financial

Omar Khawaja, CISO, Highmark Health

Mike Green, CISO, Cigna Health Services

Panel - Clarifying SEC’s Expectations for Cyber Risk Disclosures: An Interview with Kristy Littman, Chief, Cyber Unit, Division of Enforcement, U.S. Securities and Exchange Commission (SEC)

Kristy Littman
, Chief, Cyber Unit, Division of Enforcement, U.S. Securities and Exchange Commission (SEC)

12:30 - 1:00 PM

Roundtable - A Strategic Approach to Defending the U.S. in Cyberspace

Moderator: Nick Sanna, President, FAIR Institute

Congressman Mike Gallagher, U.S. Representative; Co-Chair, Cyberspace Solarium Commission

Chris Inglis, Cyberspace Solarium Commission Member, Fmr. Deputy Director, NSA

Use Case Panorama - How FAIR Analysis Improves Risk Communication and Decision Making

Moderator: Donna Gallaher, Board of Advisors, FAIR Institute 

Kurt Zanzi, Privacy and Information Security Risk Management Supervisor, Sutter Health

India Sutton, Sr. Cybersecurity Analyst, Daimler

Hans Schwarz, Sr Manager Cyber Security Risk and Compliance, Ascena Retail

1:00 - 1:15 PM 15-Minute Break
-- Beginner Track Advanced Track General Track
1:15 - 1:45 PM

Presentation - How to Rapidly Triage Issues and Findings to Focus on What Matters Most

Alyssa Hinz, Senior Information Security Specialist, Werner Enterprises

Roundtable - Helping the Board Exercise Proper Cyber Risk Oversight

Larry Clinton, President, ISA

Daniel Dobrygowski, Head of Governance & Policy, Cybersecurity Legal Counsel, World Economic Forum

Shelley Leibowitz, Board Member E*TRADE, MassMutual

Lou DeSorbo, Chief Security Risk Officer, Centene

*Special 45-minute session from 1:10 - 1:55 PM EST

Presentation - Managing Risk in Times of Crisis: Applying FAIR to Become More Business-Centric during COVID

Omar Khawaja, CISO, Highmark Health

1:45 - 2:00 PM 15-Minute Break
2:00 - 2:30 PM

Presentation - How Better Data Can Help Executives Make Better Decisions

Wade Baker, Cyentia Institute & Member, Board of Advisors, FAIR Institute

Case Study - Reporting Cyber Risk to the Board: Real Life Examples

Matt Kruse, Senior Director - Risk, Information Security and Compliance (RISC), FIS Global

Vince Dasta, Director - Cyber Risk Quantification, Protiviti

Presentation - Support Your Company’s Digital Transformation during Times of Crisis 

Harold Marcenaro, Digital Risk Officer, BCP

2:30 - 3:00 PM

Presentation - How Do You Sell a FAIR Program Internally?

Dan Fryer, Global Head of Security Policy and Cyber Risk Management, SAP

Presentation - Prioritizing NIST CSF Activities with FAIR

Richard Barretto, Security Operations Manager, Cimpress

Presentation - Updates to the Open FAIR Standards

John Linford, Forum Director, Security Forum & Open Trusted Technology Forum (OTTF), The Open Group



Day 2 - Wednesday, October 7

All Times in EDT (UTC−04:00) Session Information
11:00 - 11:45 AM

Keynote Conversation - How to Help the Business Make the Right Decisions on Risks They Struggle to See
Michele Wucker, Author, "The Gray Rhino: How to Recognize and Act on the Obvious Dangers We Ignore"
Jack Jones,
Chairman, FAIR Institute

11:45 AM - 12:00 PM 15-Minute Break
12:00 - 12:30 PM

Case Study - FAIR Disclosure for Directors: “So What Do I Do With These Numbers”

Chip Block, Vice President and Chief Solutions Architect at Evolver; Co-Chair, FAIR Institute DC Chapter

Denny Wan, Principal Consultant, Security Express; Chair, FAIR Institute Sydney Chapter

George Newhouse, Director, The National Justice Project; Adjunct Professor, Macquarie University

Trish Carreiro, Data Privacy and Cybersecurity Attorney at Carlton Fields, P.A.

Visesh Gosrani, Chair of Institute and Faculty of Actuaries Cyber Risk Working Party

Presentation - The Team as a Measurement Instrument

Douglas Hubbard, Author, "How to Measure Anything in Cybersecurity Risk"

12:30 - 1:00 PM

Panel - How FAIR Can Help Better Integrate Cyber Risk with ERM

James Lam, Independent Director, Chair of Risk Oversight Committees, E*TRADE, NACD 100 Honoree

Paul Sobel, Chairman, COSO

Greg Montana, CISO, FIS Global

Christopher Porter, CISO, Fannie Mae

Keith Weinbaum, Enterprise Risk Management Architect, Quicken Loans

Presentation - Drivers for IRM, Digital Transformation & Cost Optimization

Khushbu Pratap, Research Director, Gartner

1:00 - 1:15 PM 15-Minute Break
-- Healthcare Track Government Track Financial Services Track Technology Track
1:15 - 1:45 PM

Case Study - Enhancing HIPAA Risk Assessment with FAIR

Reid Leake, Information Security and Compliance Analyst, Cambia Health Solutions

Reny Mathew, InfoSec Analyst, Cambia Health Solutions

Case Study - Building A Quantitative Risk Management Program in the Federal Government

Emery Csulak, Principal Deputy Chief Information Officer, Department of Energy

Cody Scott, Chief Cyber Risk Officer, Federal Agency

Case Study - How to Help the Business Make Risk Informed, Cost-Effective Decisions

Case Study - How FAIR Analyses Support Decision-Making at Netflix

Tony Martin-Vegue, Sr. Information Security, Risk Engineer, Netflix

1:45 - 2:00 PM 15-Minute Break
2:00 - 2:30 PM

Case Study - Building a Program with HITRUST & FAIR

Marshall Lambert, Team Lead, Cyber Risk Quantification, Highmark Health

Greg Rothauser, Sr. Risk Quantification Analyst, Highmark Health

Bryan Cline, Chief Research Officer, HITRUST

Case Study - Protecting Government Information and Assessing Controls at Scale

Anthony Corso, Assistant Commission, Office of the Victorian Information Commissioner

Jason Ha, Director, PwC, FAIR Institute Chapter Chair Melbourne, Australia

Conversation - OCC Insights for Cyber Risk Assessments

Bill Barouski, Chief Information Risk Officer, Northern Trust Corporation

Kevin Greenfield, Director for Bank Information Technology, OCC

Presentation - Improving DevSecOps with FAIR at Doordash

Sarina Hothi, Security Project Manager, DoorDash

2:30 - 3:15 PM

Awards Ceremony

Closing Keynote & Farewell Remarks