conference-hero

2023 FAIR Conference Agenda

Register Today
Training day 1

Sunday — Oct 15

08:00AM

Sunday — Oct 15
Training

Registration & Breakfast

08.00AM - 09.00AM EDT

09:00AM

Sunday — Oct 15
Training

FAIR Analysis Fundamentals - Day 1

  • Introductions with Course Overview
  • Intro to Risk Analysis and FAIR™
  • Basic Risk Concepts

09:00Am - 12:00pm EDT

12:00PM

Sunday — Oct 15
Training

Lunch

12:00pm - 01:00pm EDT

01:00PM

Sunday — Oct 15
Training

FAIR Analysis Fundamentals (cont.) - Day 1

  • Terminology
  • The FAIR™ Model
  • Measurements

01:00PM - 05:00PM EDT

Training day 2

Monday — Oct 16

08:00AM

Monday — Oct 16
Training

Registration & Breakfast

08:00am - 09:00AM EDT

Analyzing AI Risk with FAIR™FAIR Institute Lab Session

08:00am - 12:00PM EDT

09:00AM

Monday — Oct 16
Training

FAIR Analysis Fundamentals - Day 2

  • Analysis Process
  • Results Interpretation

09:00Am - 12:00pm EDT

Calibrated Probability Assessments for Cybersecurityby Hubbard Decision Research

  • Part 1 - Personal Calibration Exercises

09:00am - 12:00PM EDT

12:00PM

Monday — Oct 16
Training

Lunch

12:00pm - 01:00pm EDT

01:00PM

Monday — Oct 16
Training

FAIR Analysis Fundamentals (cont.) - Day 2

  • Case Study 1 - As a group
  • Case Study 2 - Small group breakout

01:00PM - 05:00PM EDT

Calibrated Probability Assessments for Cybersecurityby Hubbard Decision Research

  • Part 1 - Personal Calibration Exercises

01:00PM - 05:00PM EDT

Communicating FAIR™ Results to Non-technical Stakeholders

FAIR Institute Lab Session

01:00PM - 05:00PM EDT

Through the FAIR-CAM™ Looking Glassby Hubbard Decision Research

Jack Jones, Chairman, FAIR Institute

01:00PM - 05:00PM EDT

06:00pM

Monday — Oct 16
Training

Welcome Receptionby Hubbard Decision Research

06:00PM - 08:00PM EDT

CISO DinnerFour Seasons Hotelby invitation only

06:00PM - 08:00PM EDT

Conference Day 1

Tuesday — Oct 17

07:30AM

Tuesday — Oct 17
Conference

Registration & Breakfast

07.30AM - 09.00AM EDT

09:00AM

Tuesday — Oct 17
Conference
Opening

Welcome, Cyber Risk Report Insights, and Keynote

—Speakers
  • Nick Sanna, Founder, FAIR Institute
  • David Burg, Cybersecurity Leader, EY
  • Chris DeRusha, Federal CISO, OMB; Deputy National Cyber Director, Office of the National Cyber Director
  • Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA

09:00Am - 10:00am EDT

10:00AM

Tuesday — Oct 17
Conference
Panel

What Models Do We Need to Improve Risk Management in the 21st Century?

—Moderator
  • Robert Rodriquez, Chairman and Founder, SINET
—Speakers
  • Jennifer Buckner, SVP Technology Risk Management, Mastercard
  • Nathaniel Davis Jr, Vice President, Corporate & Defense Security, Rolls-Royce
  • Paul Selby, CISO, Department of Energy
  • Ian Rathie, CISO, The Fitch Group
  • Kurt John, CSO, Expedia Group

10:00Am - 10:45am EDT

10:45am

Tuesday — Oct 17
Conference

30—Minute Networking & Exhibitor Break

10:45Am - 11:15AM EDT

11:45PM

Tuesday — Oct 17
Conference
Track 1: Introductory

Connecting Cyber Risk Assessment to Integrated Decision Management

—Speakers
  • Douglas Hubbard, President, Hubbard Decision Research

11:15AM - 12:00PM EDT

Track 2: Advanced

Presentation: Improving Cyber Visibility and Decision-Making at Maersk

—Speakers
  • Neil Davis, Head of Cyber Risk Management, Maersk 

11:15AM - 12:00PM EDT

Track 3: CISC/C-Level Only

Roundtable: The Evolving Role of the CISO as a Business Leader

—Moderator
  • Christopher Porter, CISO, Fannie Mae
—Speakers
  • Mark Tomallo, CISO, Victoria's Secret
  • Mary Elizabeth Faulkner, CISO, Thrivent
  • Vikrant Arora, Fmr. CISO, HSS

11:15AM - 12:00PM EDT

12:00PM

Tuesday — Oct 17
Conference

Networking Lunch & Exhibitor Break

12:00PM - 01:00PM EDT

01:00pm

Tuesday — Oct 17
Conference
Track 1: Introductory

Winning Over The Doubters - Cutting Through Complexity to Exceed Stakeholder Expectations

—Speakers
  • Robert Moore, Vice President, Technology Risk, Mastercard
  • Tom Callaghan, Co-Founder, C-Risk

01:00pm - 01:45PM EDT

Track 2: Advanced

Is It Raining Risk? What Data Says About Cyber Risk in the Cloud

—Speakers
  • Wade Baker, Partner, Cyentia Institute

01:00pm - 01:45PM EDT

Track 3: CISC/C-Level Only

Managing Generative AI Risk—Workshop

—Facilitator
  • Omar Khawaja, Field CISO Databricks, Board Member, Faculty Carnegie Mellon University

01:00pm - 01:45PM EDT

01:45PM

Tuesday — Oct 17
Conference

30—Minute Networking & Exhibitor Break

01:45PM - 02:15PM

02:15pm

Tuesday — Oct 17
Conference
Track 1: Introductory

The Annual Cyber Risk Report

—Speakers
  • Carolyn Schreiber, Principal, Advisory, Risk, Cyber Security, EY
  • Benjamin Gowan, Sr. Data Scientist | AI, Safe Security

02:15PM - 03:00pm EDT

Track 2: Advanced

How to Re-think Third-Party Risk with FAIR-TAM™?—Panel

—Moderator
  • Pankaj Goyal, Director, Standards & Research, FAIR Institute
—Speakers
  • Sarah Sullivan, Director IS&T Security Performance, Thomas Jefferson University Hospitals
  • Adam Wells, Senior Manager, Cyber Risk Services, Yum! Brands

02:15PM - 03:00pm EDT

Track 3: CISC/C-Level Only

Managing Generative AI Risk—Workshop

—Facilitator
  • Omar Khawaja, Field CISO Databricks, Board Member, Faculty Carnegie Mellon University

02:15pm - 03:00PM EDT

03:00PM

Tuesday — Oct 17
Conference

30—Minute Networking & Exhibitor Break

03:00PM - 03:30PM

03:30PM

Tuesday — Oct 17
Conference
Track 1: Introductory

The CRQ Program Development Lifecycle

—Speakers
  • Zach Cossairt, Integrated Risk Program Senior Manager, Equinix
  • Jon Oppenhuis, Director, Risk Strategy and Success, Safe Security

03:30PM - 04:15PM EDT

Track 2: Advanced

Using Cyber Risk Intelligence to Scale FAIR Assessments

—Speakers
  • John Feezell, Director, Risk Advisory Services, Kyndryl
  • Bob Maley, Chief Security Officer, Black Kite

03:30PM - 04:15PM EDT

Track 3: CISC/C-Level Only

Managing Generative AI Risk (cont.)—Workshop

—Facilitator
  • Omar Khawaja, Field CISO Databricks, Board Member, Faculty Carnegie Mellon University

03:30PM - 04:15PM EDT

04:15PM

Tuesday — Oct 17
Conference
Track 1: Introductory

Case Study: Scenario Planning for Effect

—Speakers
  • Aaron McKay, Cybersecurity Engineer, SCRAM Systems
  • Jack Whitsitt, Director of CRQ, Ostrich Cyber-Risk

04:15PM - 05:00PM EDT

Track 2: Advanced

Case Study: Leveraging Risk Quantification to Build An Integrated Risk Management Program

—Speakers
  • Damian Apone, Global Director, Governance, Risk & Compliance, Genuine Parts Company
  • Chris Correia, Associate Partner, IBM

04:15PM - 05:00PM EDT

Fireside Chat: Incident Response and Materiality

—Speakers
  • Kevin Mandia, CEO, Mandiant
  • Saket Modi, CEO, Safe Security

04:15PM - 05:00PM EDT

06:00pm

Tuesday — Oct 17
Conference

Social Event - Awards Gala Reception

06:00PM - 09:00pm

Conference Day 2

Wednesday — Oct 18

07:30AM

Wednesday — Oct 18
Conference

Registration & Breakfast

07.30AM - 09.00AM EDT

09:00AM

Wednesday — Oct 18
Conference
KeyNote

The Future of Risk Analysis in an AI and Automation World

—Speakers
  • Jack Jones, Chairman, FAIR Institute

09:00Am - 09:45pm EDT

09:45AM

Wednesday — Oct 18
Conference
Roundtable

How to Get Ready for the New SEC Rule on Cybersecurity

—Moderator
  • Kim Nash, Deputy Bureau Chief, WSJ Pro Cybersecurity
—Speakers
  • David Hirsch, Chief of the Crypto Asset and Cyber Unit, Division of Enforcement, SEC
  • Brian Walker, CEO, The CAP Group
  • Kurt John, Chief Security Officer, Expedia Group
  • Richard Borden, Cybersecurity and Privacy Partner, Frankfurt, Kurnit, Klein, & Selz

09:45Am - 10:45AM EDT

10:45am

Wednesday — Oct 18
Conference

30—Minute Networking & Exhibitor Break

10:45Am - 11:15AM EDT

11:45PM

Wednesday — Oct 18
Conference
Track 1: AI

How is the Discussion About Cyber Risk Changing at the Board Level?

—Moderator
  • Larry Clinton, President, Internet Security Alliance (ISA)
—Speakers
  • Elias Oxendine IV, CISO, Yum! Brands
  • Kevin McCarty, CISO - US Healthcare, Cigna
  • Kris Lovejoy, Board Member, Dominion Energy; SVP, Global Practice Leader, Security & Resilience, Kyndryl
  • David Burg, Americas Cybersecurity Leader, EY

11:15AM - 12:00PM EDT

Track 2: FAIR Model Extensions

Connecting Threat Intel to risk with MITRE ATT&CK and FAIR™—Case Study

—Speakers
  • Jon Baker, Co-founder and Director, Center for Threat-Informed Defense
  • Vidit Baxi, CISO, Safe Security

11:15AM - 12:00PM EDT

 

12:00PM

Wednesday — Oct 18
Conference

Networking Lunch & Exhibitor Break

12:00PM - 01:00PM EDT

01:00PM

Wednesday — Oct 18
Conference
Track 1: Introductory

Quantifying Multi-Product Security and Privacy AI Risk with FAIR and NIST AI RMF

—Speakers
  • Tyler Britton, Security Engineer, Dropbox
  • Taylor Maze, Risk & Governance Manager, Dropbox

01:00 - 01:45pm EDT

Track 2: FAIR Model Extensions

Introducing FAIR-MAM™ - A Comprehensive Approach to Loss Modeling in FAIR™

—Moderator
  • Nick Sanna, Founder, FAIR Institute
—Speakers
  • Tom Macphee, Cyber Risk Senior Manager, Cigna
  • Filippo Curti, Financial Economist, Federal Reserve Board of Richmond
  • Erica Eager, Senior Director, Risk Quantification, Safe Security

01:00 - 01:45pm EDT

Track 3: C-Level

Challenges and Opportunities of Moving to Quantitative Risk Management in ERM—Panel

—Moderator
  • Evan Wheeler, Senior Director, Technology Risk Management, Capital One
—Speakers
  • Ted Webster, Chief Security and Privacy Officer, Centene
  • Ramesh Sepehrrad, Head of Cyber and Technology Risk, Navy Federal Credit Union
  • Evan Sekeris, Head of Non-Financial Risk - Americas, MUFG
  • Tanweer Surve, CTO, Cloud Control Management, Wells Fargo

01:00 - 01:45pm EDT

01:45PM

Wednesday — Oct 18
Conference
Track 1: Introductory

Quantifying Multi-Product Security and Privacy AI Risk with FAIR and NIST AI RMF

—Speakers
  • Brandon Sloane, AI Governance, Meta
  • Pankaj Goyal, Director, Standards & Research, FAIR Institute

01:45PM - 02:30PM EDT

Track 2: FAIR Model Extensions

Patch Prioritization with FAIR-CAM™—Case Study

—Speakers
  • Denny Wan, Chair, Sydney Chapter, FAIR-CAM Workgroup, FAIR Institute
  • John Linford, Forum Director, The Open Group
  • Sasha Romanosky, Senior Policy Researcher, RAND

01:45PM - 02:30PM EDT

Track 3: C-Level

To Cyber Insure or Self Insure? That is the Question—Panel

—Moderator
  • Arturo Perez-Reyes, Strategist, SVP, Cyber and Technology, Newfront
—Speakers
  • Tom Srail, EVP Cyber Risk, Willis Tower Watson
  • Brandon Pinzon, SVP, Chief Security Officer, Argo Group Insurance
  • Mayur Patel, VP, Senior Cyber Underwriter, Munich Re

01:45PM - 02:30PM EDT

02:30pm

Wednesday — Oct 18
Conference

30—Minute Networking & Exhibitor Break

02:30pm - 03:00pm EDT

03:00PM

Wednesday — Oct 18
Conference
Track 1: Introductory

Using the FAIR Model for AI Risk-Based Accountability

—Speakers
  • Luis Enriquez, Professor at Université de Lille—France, and Universidad Andina Simón Bolivar—Ecuador

03:00pm - 03:45pm EDT

Track 2: FAIR Model Extensions

Measuring Controls Effectiveness and Risk with FAIR-CAM™

—Speakers
  • Tyler Britton, Security Engineer, Dropbox
  • Bryan Smith, VP Product Management, Safe Security

03:00pm - 03:45pm EDT

Track 3: C-Level

The State of the CRQ Market Planning for Effect—Case Study

—Speakers
  • Cody Scott, Sr. Analyst, Security & Risk, Forrester Research

03:00pm - 03:45pm EDT

03:45PM

Wednesday — Oct 18
Conference
Track 1: Introductory

Deriving Probability Distributions with Pairwise Relative Comparisons—Case Study

—Speakers
  • Ernest Forman, Professor, George Washington University

03:45pm - 04:30PM EDT

Track 2: FAIR Model Extensions

Measuring Real Life Cyberattacks on Enterprise Networks—Case Study

—Speakers
  • Christian Ellerhold, Lead Principle Engineer, Cyber Risk Management, Infineon Technologies

03:45pm - 04:30PM EDT

Track 3: C-Level

The Rising Ambition of Cyber Risk Management Programs

—Moderator
  • Indraneel Shah, Managing Partner & Chief Strategy Officer, Intuitive.Cloud
—Speakers
  • Meena Martin, VP, Cyber Risk and Assurance, GSK
  • Daniel Phillips, Security Risk Management Lead, Meta
  • Robert Immella, Global Leader, CRQ, Caterpillar
  • Valmiki Mukherjee, Chairman, Cyber Future Foundation

03:45pm - 04:30PM EDT

04:30pm

Wednesday — Oct 18
Conference

Closing Remarks

04:30pm - 05:00pm EDT

Post-Event

Thursday — Oct 19

09:00AM

Thursday — Oct 19
Invitation Only
Invitation Only

Safe Security Customer DayBreakfast & Lunch Included

Please reach out to your Customer Success representative for more information and to secure a space at the event.Additional questions, please reach out to Luke Bader, lbader@fairinstitute.org.

08:00Am - 01:00pm EDT

00

Days

00

Hours

00

Minutes