The SINC Northeast IT & Security Leaders Forum brings together top leaders for three days of engagement geared specifically towards our IT executives.
Forum speakers and presentations will focus on topics most directly impacting attendee resource challenges, which will in turn drive regional industry growth. Executives and service providers alike will engage through one-on-one engagements and open-discussion group meetings, all while creating valuable networking and community-building opportunities to foster regional development.
The Mayflower Hotel, Autograph Collection
The Mayflower Hotel is a capital classic, a landmark hotel and Washington, D.C. original since 1925. Exactly like nothing else, the Mayflower Hotel brings timeless elegance, integrity and contemporary style to its role as the city’s past and present-day social hub – for business or for pleasure. As Harry S. Truman said – it is “Washington’s second-best address”.
Forum Agenda
Agenda may be subject to change. Check back regularly for Updates.
2:00 PM - 5:00 PM EST
FORUM REGISTRATION & APP DEMONSTRATION
Get familiar with SINC Staff and the event layout. Secure your complimentary Swag Bag and learn how to use the Onsite Application for Peer Engagement and win great prizes!
5:30 PM - 7:00 PM EST
SINC WELCOME NETWORKING RECEPTION
Engage your Peers over canapes and cocktails
7:00 PM - 9:00 PM EST
SINC NETWORKING & ENGAGEMENT DINNER
Open seating buffet meal serving 5-star food and great Peer engagement before Day 1 kick’s off
7:00 AM - 7:55 AM EST
SINC IT LEADERS NETWORKING BREAKFAST
Full breakfast and lots of coffee available!
8:00 AM - 8:05 AM EST
SINC OPENING REMARKS
A Thank You from SINC – setting the tone for a great day!
8:05 AM - 8:45 AM EST
MASTER OF CEREMONIES KEYNOTE PANEL - Preparing IT & Cybersecurity Strategies and Budgets for a Volatile 2023
With many economists anticipating a recession in 2023, the impact on IT departments is unclear. One would expect companies to pull back across the board and for those cuts to include IT. But the big surprise is that spending on IT is expected to increase.
Moderator: Info-Tech Research Group
8:55 AM - 9:35 AM EST
CISO PANEL - Reporting Cybersecurity Incidents Under the Proposed SEC Incident Disclosure Act
The SEC is proposing new rules to improve and standardize cybersecurity disclosures by public companies. The proposals include reporting on material cybersecurity incidents and periodic disclosures on policies and procedures for identifying and managing risks, management’s role in implementing cybersecurity, and board of director’s expertise and oversight.
In this session we will speak to a Panel of your Peers to better understand this new proposed policy change and how it affect you.
Moderator: Keith Donnelly, VP, Global Head of Risk Managment, Broadridge Financial
9:35 - 9:55 AM EST
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee and a snack
9:55 - 10:25 AM EST
WORKSHOP 1 - Continuous Security Validation and You: A Tale as Old as Epoch Time
With Incident Response as the new normal, ensuring that our systems and processes support that effort and threat hunting are working as expected. We will discuss why and how to establish a Continuous Security Validation (CSV) program within your organization. Specifically, how such a program evolves beyond Breach and Attack Simulation (BAS) and provides teams a continuous feedback loop to understand their posture and identify gaps as they arise.
Presented by: AttackIQ
9:55 - 10:25 AM EST
WORKSHOP 2 - Bridging the Gap Between Tech and Business Leadership to Enable Innovation and Transformation
How do you create alignment between Tech and Business Leaders in your organization to develop a digital transformation strategy that includes analytics modernization, cloud migration, or data democratization to enable innovation and transformation in your organization? In this session, Steve discusses why, despite the strategic and competitive advantages of a data-centric approach, it may take a lot of effort to get others to see that it is the right thing to do for the corporation.
- Understand the perceived gap between business, leadership, and IT.
- Discover methods to become business-centric in your approach to IT.
- Evaluate case studies where companies have benefited from taking a different approach to communicating value.
- Learn from others’ mistakes and successes in the best ways to work with business and IT
Speaker: Steve Sarsfield, Director of Product Marketing, Vertica
Presented by: Vertica
10:35 AM - 11:05 AM EST
WORKSHOP 1
10:35 AM - 11:05 AM EST
WORKSHOP 2 - Shift-Left, Done Right
The current “shift-left” mindset to assess, assert, and evidence compliance and to harden the software supply chain are a DevOps antipattern. The impact goes well beyond over-burdening developers with toil that distracts them from innovation, unplanned audits are highly disruptive, and management is left to make decisions without defensible data. We will discuss this impact as a tax and suggest attributes of solutions to do Shift-Left right.
Presented by: Cloudbees
11:10 - 12:10 PM EST
ROUNDTABLE & PANEL - Driving The Business Through Technology
It is no secret that technology is changing the fabric of business operations and outcomes, and collaboration between IT and the business is more important than ever before. The conversation is no longer about how to align IT with the business, however in many cases technology is still viewed as a commodity rather than an enabler. So what can we do to successfully change this mindset both within our own organizations and across the industry as a whole? During this session, we will discuss the various challenges IT and digital leaders face when undergoing this cultural shift.
Panelist: Gennaro Palumbo, Head of IT, Leonardo Helicopters
12:10 - 1:00 PM EST
SINC NETWORKING LUNCH
Open seating, Buffet-style lunch. Serving food for all tastes, pallets, and preferences. Vegan, vegetarian, and halal options available
1:10 - 1:40 PM EST
WORKSHOP 1
1:10 - 1:40 PM EST
WORKSHOP 2 - What, Where and How: Navigating Cloud Containerization and Storage
This session will explore the benefits and challenges of cloud computing, including the use of containers and the growing need for scalable and secure storage solutions. With a focus on practical applications and modern day use cases, this session will provide a comprehensive overview of the cloud landscape and equip you with the knowledge to navigate the ever-evolving cloud ecosystem.
1:50 – 2:20 PM EST
WORKSHOP 1 - Mitigating Risks in Software Supply Chain Security
By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, require organizations to take action to ensure the security and integrity of their software. But this is easier said than done.
In this session, we’ll explore the software supply chain as an attack vector – by identifying risks and mitigation strategies throughout the software development processes and environment. Join us to learn how you can meet new requirements and protect your software from these attacks.
Presented by: Snyk
1:50 - 2:20 PM EST
WORKSHOP 2
2:30 - 3:00 PM EST
WORKSHOP 1 - Low Hanging Fruit – Improving AD Security for the Easy Win
Threat actors, Red-Teams, and Ransomware have been abusing Active Directory for years. In fact, attackers have compromised or leveraged AD in 100% of the successful ransomware attacks over the last 3 years. This discussion will discuss new technologies to help you visualize the risk in your AD and add a layer of security around this very important part of enterprise infrastructure.
Presented by: SentinelOne
2:30 - 3:00 PM EST
WORKSHOP 2
3:00 - 3:15 PM EST
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee and a snack
3:15 - 3:55 PM EST
PRESENTATION - Learn Value Stream Management the Easy Way: 3 Steps to Get You There
Value Stream Management may be the next big thing but seems like a lot to swallow. Even organizations with mature Agile and DevOps processes are unsure how to capitalize on this proven method of process improvement. To front-load success and reduce risk, you’ll need to see value quickly and then build on that success. Properly implemented, VSM can boost time-to-market and a company’s ability to compete and win in the marketplace by maximizing ROI and unifying your organization’s business and technology objectives.
In this session, you’ll learn how OpenText simplifies Value Stream Management by helping organizations track, analyze, and predict resourcing, reduce risk, and identify waste to help you increase value as a product flows from “strategy to delivery” to achieve superior business outcomes:
- Maximize Business Value and Effectiveness: Discover, visualize and manage flow of value from “strategy to delivery” powered by AI and analytics that is easy to deploy
- Accelerate Delivery and Efficiency: Integrates with your existing toolchains to improve productivity and remove friction in the value stream with smart automation
- Gain Competitive Advantage: Differentiate customer experience with high quality value stream insights to manage risk and streamline delivery. Empower continuous feedback, learning and improvement.
Join OpenText for this discussion, including why the time for VSM is now and how to capitalize on it the easy way.
Presented by: Micro Focus
4:00 - 5:00 PM EST
ROUNDTABLE & PANEL - Diving into Talent Acquisition, Diversity and Retention
In most markets, there is an abundance of open IT jobs with fewer people able to fill them – and the positions are getting more expensive. Working remotely is the norm, but not optimal (usually). There is less off-shoring and more resources are focused locally or within the same hemisphere.
Additionally, we are still not recruiting enough women and minorities into the rank and file, especially senior IT roles, and we’re losing talent to major tech hubs.
Join us at the roundtable with your peers as we dive into solutions to tackle the following challenges:
- How do you scale staff/team without losing them to major tech hubs?
- How do you create more diversity – not only among race and gender – but diversity of thought Old vs New Thinking?
- How do we mentor universities to implement actionable steps for supplying more IT talent?
Panelist: Shayn Spingler, SVP Global Information Technology, Hill International
5:30 - 7:00 PM EST
SINC NETWORKING RECEPTION
Engage your Peers over canapés and cocktails
7:00 - 9:00 PM EST
SINC NETWORKING & ENGAGEMENT DINNER
Open seating buffet meal serving 5-star food and great Peer engagement before Day 1 kick’s off
8:00 AM - 8:55 AM EST
SINC IT LEADERS NETWORKING BREAKFAST
Full Breakfast and lots of coffee available!
9:00 AM - 9:40 AM EST
PRESENTATION - Systems of Experience: The CIO's Role in the Future of Work
The definition of work-life balance has changed, and the nature of work has changed. Life, family, and work are all integrated, we need software solutions that allow us the flexibility to live our lives and attract a diverse talent. Solutions that improve experience locally while allowing us to operate globally removing the friction, increasing productivity improving employee experience and in turn positively impacting the customer experience. Focused on retention and customer satisfaction.
Presented by: RingCentral
9:50 - 10:20 AM EST
WORKSHOP 1 - Deploying Cloud Security Controls
Topics addressed will include:
- Cloud Security Checklist
- 7 Critical Cloud Security Controls
- Common mistakes Open for discussion and sharing ideas
Speaker: Nish Majmudar, Director Of Information Security Engineering & Operations,
9:50 - 10:20 AM EST
WORKSHOP 2 - From On-Prem to the Cloud: Protect Your Apps and APIs
The result of digital transformation: It’s easier to do business with your customers and partners. But with new architectures, web apps and APIs now deployed from on-prem servers to the cloud, it is harder than ever to get a holistic view of all of these potentially vulnerable assets – never mind defend them.
What are your biggest challenges today in defending these diverse assets? What are the known gaps in your current defenses? What are you seeking in the future to defend your apps and APIs?
Topics covered will include:
- How are adversaries preying upon unprotected web apps and APIs?
- How are traditional web application firewalls deployed, and what are they missing?
- What does the future look like with unified web app and API security solutions?
10:20 - 10:35 AM EST
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee and a snack
10:40 - 11:10 EST
WORKSHOP - The Future of Networks is Now! Automate, Connect and Protect what Matters Most
Highly distributed increasingly complex IT environments are forcing a new wave of network evolution. Traditional network infrastructures were not designed for data growth, connected devices, and edge computing. The time has come for a new approach.
- Automate. Streamline the transition from operations to outcomes, so you can improve your network and the experience of the people it connects.
- Connect. Unify remote, branch, campus and data center connectivity by converging the management of wired, wireless, and WAN networking on a unified cloud-native platform.
- Protect. In a highly distributed environment, the network has become a valuable source of information to help identify and prevent or limit the impact of cyberattacks
11:15 - 12:00 PM EST
FIRESIDE CHAT - 90-DAY PLAN IN YOUR NEW ROLE
You’ve just stepped into your new IT leadership role. Your first 90 days in a new IT leadership role should be focused on learning. Investing this time will help you understand the current state, appreciate the culture and inform your strategy. Prioritize these steps to kickstart improvement:
- Understand your job. Learn the organization and industry you are in
- Define and revise measurements for success
- Articulate your vision and strategy
- Organize people for success
- Build culture
- Revise processes for success & delivery, and suitable for the environment and the times
- Upgrade technologies
12:00 - 1:00 PM EST
SINC NETWORKING LUNCH
Open seating, Buffet-style lunch. Serving food for all tastes, pallets, and preferences. Vegan, vegetarian, and halal options available. Serving to-go boxes for those in a hurry!
East Executive Advisory Council
Lorenzo Hines
Global SVP of Information Technology
Citi
Bradley Schaufenbuel
VP & CISO
Paychex, Inc
Stephen Demeritt
Global Head of IT Services & Delivery
Black & Veatch
Mitesh Patel
VP of IT
JP Morgan
John Whiting
Global Director Cyber Risk
Omnicon
Michael Onuoha
Head of Engineering & Architecture, Risk, Fraud & Collections
Citi
Nish Majmudar
Deputy CISO, Director of Information Security Engineering
FEPOC CareFirst BlueCross BlueShield
Robert Field
Vice President of Global Information Technology and Digital Solutions
Precipart
John Billington
CTO
TSD Global
Andy Flatt
SVP & CIO
National Healthcare
Deena Swatzie
SVP of Cyber Security Strategy & Digital Innovation
Truist
Karl Forsberg
Senior Director IT, Infrastructure and Operations
North America Partners in Anesthesia
Forum Speakers
Nish Majmudar
Director Of Information Security Engineering & Operations
CareFirst BlueCross BlueShield
Shayn Spingler
SVP Global Information Technology
Hill International
Gennaro Palumbo
Head of IT
Leonardo Helicopters
Keith Donnelly
VP, Global Head of Risk Managment
Broadridge Financial
Steve Sarsfield
Director of Product Marketing
Vertica
Interested in speaking? Please submit a request.
Submit RequestInterested in sponsoring? Please submit a request.
Submit RequestForum Sponsors
- platinum Sponsor
- gold Sponsor
- silver Sponsor
platinum
RingCentral
RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone (MVP ) global platform. More flexible and cost-effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.
RingCentral offers three key products in its portfolio including RingCentral MVP , a Unified Communications as a Service (UCaaS) platform including team messaging, video meetings, and cloud phone system; RingCentral Video , the company’s video meetings solution with team messaging that enables Smart Video Meetings; and RingCentral Cloud Contact Center solutions. RingCentral’s open platform integrates with leading third-party business applications and enables customers to easily customize business workflows. RingCentral is headquartered in Belmont, California, and has offices around the world.
platinum
gold
AttackIQ
AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free AttackIQ Academy, open Preactive Security Exchange, and partnership with the MITRE Engenuity.
Learn More
gold
Snyk
Snyk is the leader in developer security. They empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Their developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce.
Learn More
gold
SentinelOne
SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity. SentinelOne unifies prevention, detection, response, remediation, and forensics in a single platform powered by artificial intelligence. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated integrated response and to adapt their defenses against the most advanced cyberattacks.
Learn More
gold
Vertica by OpenText
Vertica by OpenText is the fastest, most advanced SQL analytics database, available on-premise, on Hadoop, and multiple clouds – all delivered via one unified platform. With tight integration with Hadoop, Kafka, and Spark, and built-in advanced analytics and Machine Learning, Vertica delivers the highest performance at extreme scale.
Vertica. Built for fast. Built for freedom.
Learn More
gold
Cymulate
Designed for companies that want to manage their security posture against the evolving threat landscape. Cymulate’s SaaS-based platform deploys within an hour, enabling security professionals to continuously challenge, validate and optimize their cybersecurity posture end-to-end across the MITRE ATT&CK® framework.
The platform provides threat intelligence-led risk assessments that are simple to deploy out-of-the-box, and for all maturity levels. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarios and advanced attack campaigns tailored to their unique environments and security policies.
Cymulate allows professionals to manage, know and control their dynamic environment.
Learn More
gold
Lacework
Lacework is the data-driven security platform for the cloud. The Lacework Polygraph Data Platform automates cloud security at scale so our customers can innovate with speed and safety. Only Lacework can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. Customers all over the globe depend on Lacework to drive revenue, bring products to market faster and safer and consolidate point security solutions into a single platform.
Learn More
gold
CloudBees
Every business is a software business, and is under pressure to innovate constantly. This increased velocity introduces new business risks. CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.
Learn More
gold
Darktrace
Darktrace, a global leader in cyber security AI, delivers world-class technology that protects over 6,500 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. The company’s fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it.
Learn More
gold
Binalyze
Binalyze is the world’s fastest and most comprehensive DFIR solution. Our software remotely, securely, and automatically collects more than 280 digital forensics artifacts in under 10 minutes.
With evidence collected, our Timeline, Triage and Drone features help you to collaborate and complete incident response investigations quickly and dramatically reduces dwell time.
Binalyze saves you time, reduces cybersecurity operational costs and helps you prevent the financial and reputational losses associated with cyber attacks.
Learn More
gold
Cyberhaven
Your important data is always in motion, spreading to new people, applications, and devices that are outside traditional security controls. Cyberhaven protects data anywhere it goes in the extended enterprise. You can’t protect what you can’t see. We classify data by analyzing billions of events, not just patterns in the content, assembling a data lineage to identify and protect what other tools can’t.
Learn More
silver
Okta
Okta is the leading independent identity provider. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With more than 7,000 pre-built integrations to applications and infrastructure providers, Okta provides simple and secure access to people and organizations everywhere, giving them the confidence to reach their full potential. More than 10,000 organizations, including JetBlue, Nordstrom, Siemens, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.
Learn More
