<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=6226337&amp;fmt=gif">
Join Us
    • Overview
    • Program
    • Sponsors
    • Chair

    Safeguarding Trust

    Overview 

    Join fellow FS-ISAC members from across the Americas for three full days of learning, collaboration, and networking. 

    Summits are our largest events of the year, packed with insightful presentations, workshops, and panels on topics relevant to the security of the global financial services industry. 

    Highlights 

    Relevance 

    The synthesis of cybersecurity and the financial sector distinguishes FS-ISAC Summits from other large industry events. The Americas Summit is specifically designed for cybersecurity professionals in financial institutions. 

    Content 

    Sessions are divided into three tracks – Intelligence, Security, and Resilience – so that you can focus on the most pressing issues in your organization today. 

    Connection 

    Collaborating with cybersecurity experts from across the Americas advances your skills and the sector’s security. And by learning from others, you can develop invaluable connections that outlast the Summit. 

    Event Sponsorship

    Email sales@fsisac.com to join sponsor waitlist.

     

    Exercise

    Participating in exercises increases resilience. Take part in our in-person tabletop exercise, "SAAS Third Party Outage", on 9 March. This exercise is hosted in conjunction with the 2025 Americas Spring Summit, but registration is separate. Find out more about the exercise here.

     

     

     

     

    Susan Koski

    CISO, PNC and FS-ISAC Board Member

    headshot-SusanKoskiSusan Koski is the Chief Information Security Officer (CISO) and Head ofCybersecurity & Fusion Operations for The PNC Financial Services Group.

    In this role, she is responsible for Information Security Strategy, Digital Identity for customers and the workforce; Data Protection; Fusion Center (cyber, insider, physical and fraud monitoring); Vulnerability Management; Threat Intelligence; Security Incident Management; Application Security; Security Metrics; Cloud Security; and Security Policy, Governance and Assessments.

    Susan has more than 25 years of experience in Information Technology (IT), cybersecurity, business continuity, third-party risk management and IT risk management. She has also served in executive leadership roles with BNY Mellon (Managing Director of Technology Risk Management), Synovus (Chief Information Security Officer - CISO) and Aetna (Chief Data Protection Officer).

    Susan has a record of rebuilding programs and developing highly functional teams. She re-engineers processes and technology for efficiency and innovation – or “Effovation” – creating opportunities for teams to achieve continuous learning and development using creativity to tackle complex issues.

    Susan holds a Bachelors of Science in Electrical Engineering (cum laude) from the University of Pittsburgh and a Masters in Business Administration (summa cum laude) from Duquesne University.

    She is a CISO Executive Network Advisory Council member, Governing Body Member for the Evanta Pittsburgh CISO program, Advisor for the Robert Morris University Information Systems & Communications PhD Advisory Board, member of the BITS Security Steering Committee and a board member of the Cyber Risk Institute and Financial Services Information Sharing and Analysis Center (FS-IAC).
    1. March 9 Sunday

    2. 11:30 - 3:30 PM

      Fraud Exercise (Additional Registration Required) Exercise

    3. 1:00 - 4:00 PM

      Resilience Exercise - SAAS Third Party Outage (Additional Registration Required) Exercise

      Event Toggle Arrow
      Join colleagues from across the Americas region on 9 March for an in-person, strategic tabletop exercise titled SAAS Third Party Disruption. Hosted in conjunction with the Americas Spring Summit in New Orleans, LA on 9 – 12 March, the exercise is open to member staff working in resilience and incident response. Please note that Summit registration is required to attend the exercise. Please reach out to exercises@fsisac.com with any questions.

    4. 3:00 - 6:30 PM

      Early Registration

    5. 4:00 - 5:00 PM

      Women's Reception (Additional Registration Required)

    6. 5:00 - 6:30 PM

      Welcome Reception

    7. March 10 Monday

    8. 7:30 - 6:30 PM

      Registration

    9. 7:30 - 8:15 AM

      Breakfast

    10. 8:15 - 8:45 AM

      Opening Remarks

    11. 8:45 - 9:30 AM

      Keynote

    12. 9:30 - 10:00 AM

      Safeguarding Trust through Cryptographic Agility
      Jordan Kenyon, Booz Allen; Taylor Brady, Booz Allen; Joseph Munoz, Booz Allen Platinum

      Event Toggle Arrow
      The transition to post-quantum cryptography (PQC) is poised to be one of the defining cybersecurity challenges of the next decade. Organizations are beginning the complex journey to post-quantum security with key investments in cryptographic discovery, PQC prototyping, and cryptographic agility.

    13. 10:00 - 10:30 AM

      AI Cyber Resilience: Transforming Security Operations in FSI
      Shira Sagiv, Radware Ltd. Platinum

      Event Toggle Arrow
      As attackers use AI maliciously, financial institutions must harness AI to stay ahead. Financial services must adopt automated, real-time management of the application lifecycle. This session discusses AI’s role in boosting SOC efficiency and incident response, reducing Mean Time to Repair (MTTR).

    14. 10:30 - 11:00 AM

      Morning Networking Break & Snacks

    15. 11:00 - 11:45 AM

      The Optimal Security and Legal Partnership Resilience - Incident/Exercise

      Event Toggle Arrow
      Presentation on the critical partnership between Security and Legal during incident management.

    16. 11:00 - 11:45 AM

      Ironclad Identity-Secure Hiring in Today's Virtual Workplace
      Ryan Nielsen, Bank of America; Shawn Gunsolley, Bank of America Intel - Fraud

      Event Toggle Arrow
      In this session, participants will understand how to evolve as cyber threats to financial institutions continue to grow in sophistication.

    17. 11:00 - 11:45 AM

      Decoding Global Cyber Policies: Pathways to Resilience
      Sarah Saenz, Citi; Deborah Eng, JPMorgan Chase; Todd Conklin, U.S. Department of the Treasury; Martin Boer, International Institute of Finance Resilience - GRC

      Event Toggle Arrow
      This panel highlights the work of the G-7 Cyber Experts Group. It brings together the co-chair of the G-7 CEG, and experts from global financial firms and a multinational organization to explore the challenges and strategies for navigating global cybersecurity policy.

    18. 11:00 - 11:45 AM

      Safeguarding Trust by Building Trust
      Jaclyn Spangler, Fifth Third Bancorp; Rachael Kramb, Fifth Third Bancorp; Richa Shah, Fifth Third Bancorp Security - People

      Event Toggle Arrow
      We will introduce “The Hive,” a community dedicated to empowering teams through collaboration and trust. We’ll explore how The Hive supports our core security pillars, share real-life success stories, and discuss future initiatives to continue fostering a culture of trust and collaboration.

    19. 11:00 - 11:45 AM

      Operationalizing Your CTI Team to Maximize Business Value
      Alex Achs, Early-Warning Services Intel - Operations

      Event Toggle Arrow
      Threat Intelligence teams are often reduced to parroting the most recent news articles or reporting on known bad IoCs—this conversation aims to super-charge threat intel into becoming an indispensable team leveraged by executives for business decisions and wielded by operational teams to prioritize.

    20. 11:00 - 11:45 AM

      Concentration Risks Considerations with GAI
      Lisa Matthews, Ally Financial Security - AI

      Event Toggle Arrow
      "I will start with architecture concentration, move to the concentration of LLMs ownership & dev, & expand to the global power and water concentration risks. 1. diminishing returns with LLM w/ similar vulnerabilities 2. dependency of FI's on handful of providers 3. power and water requirements"

    21. 12:00 - 12:45 PM

      "Left of Boom" - Beat Fraud with Early Signals & Team Fusion
      Ryan Woodley, Netcraft; Micah Semon, PNC Intel - Fraud

      Event Toggle Arrow
      Join PNC, [TBA], and Netcraft to see how innovative teams break down silos to drive results, innovation, and a “shift left.” Explore frameworks to align Fraud and Cyber functions while taking advantage of actionable early intelligence to stop scams, fight fraud, and disrupt cybercrime at any scale.

    22. 12:00 - 12:45 PM

      Effective Board and Executive Cyber Reporting Resilience - GRC

      Event Toggle Arrow
      Explore how CISOs and security leaders can enhance reporting to Boards and executives by leveraging business-oriented risk taxonomies and advanced reporting mechanisms. Delve into the new cyber data-driven approaches that provide an enhanced level of transparency and trust for cybersecurity.

    23. 12:00 - 12:45 PM

      Risk Ready: Building a Cyber Program for Market Uncertainty Intel - Operations

      Event Toggle Arrow
      InfoSec leaders are asked to create plans even though infrastructure, threats and business models will change over time. This necessitates designing agility into cybersecurity programs and shifting focus from cyber threats to complexity risks, vendor lock in and secure business acceleration.

    24. 12:00 - 12:45 PM

      Data-Centric AI Security: Best Practices and Strategies
      Ellen Wilson, Varonis; Tim Callahan, AFLAC Security - AI

      Event Toggle Arrow
      As gen AI transforms productivity, orgs face new challenges in risk management. This session explores data security for AI and practical governance strategies, including: •Establishing AI governance principles •Operationalizing AI policy for business •Best practices for proactive data security

    25. 12:00 - 12:45 PM

      Plot Twists: Unconventional Journeys to Cyber Success
      Alexandra Mace, TIH; Monica Maher, Goldman Sachs; Lauren Kohistani, American International Group (AIG); Amanda Misko, Citi Security - People

      Event Toggle Arrow
      A former writer, teacher, and college dropout share the secrets to their cybersecurity career success. Learn how unconventional backgrounds can be an asset, the surprising skills that can set you apart from other cyber pros, and why hiring managers should look beyond certifications and degrees.

    26. 12:00 - 12:45 PM

      Scenario Crafting 101: Designing Cybersecurity Tabletops
      Jean-Pascal Deillon, Sumitomo Mitsui Financial Group Resilience - Incident/Exercise

      Event Toggle Arrow
      Designing scenarios for cybersecurity tabletop exercises is a tricky process that requires balancing multiple elements to ensure realism and a cohesive narrative. This session will showcase a cyber scenario development process that attendees can apply to craft their next cybersecurity exercise.

    27. 12:45 - 1:45 PM

      Lunch

    28. 2:00 - 2:45 PM

      How AI Avatars Will Shape the Future of Cyber Operations Security - People

      Event Toggle Arrow
      Explore the future of cyberspace operations with AI avatars that transform how we engage with technology. In this session, dive into the ways AI-driven tools–like voice recognition, gen AI, and large language models–can revolutionize cyber operations, unlocking efficiency and tactical advantage.

    29. 2:00 - 2:45 PM

      Design Patterns to Unlock Your Security Data
      Tim Wainwright, Security Risk Advisors; Bashar Abouseido, Charles Schwab; Krissy McCooey, Edward Jones Resilience - GRC

      Event Toggle Arrow
      CISOs need data-centric architecture to quantify risk and strategic needs. Most closed systems fall short. Schwab, EDJ and SRA will discuss how “security data pipeline” and data lake design patterns can unlock event, incident and vulnerability data - enabling flexible, cost-effective solutions.

    30. 2:00 - 2:45 PM

      Malicious vs. Defensive: Winning the AI Arms Race
      Mick Leach, Abnormal Security; Chris Burrows, Rocket Central Security - AI

      Event Toggle Arrow
      Two CISOs will showcase how they’re using defensive AI to stop the onslaught of malicious AI for the financial services sector. It will include real-world examples of AI-generated attacks, predictions for what AI will change, and insight into the actual defensive AI-powered tools they're using.

    31. 2:00 - 2:45 PM

      Best Practices for an Effective Incident After-Action Review
      Scott Croskey, Synchrony Resilience - Incident/Exercise

      Event Toggle Arrow
      We will look to provide knowledge of a rigorous lessons learned (after action) process that identifies areas for improvement post-incident, assesses the relative risk, and then implements an effective monitoring, tracking, reporting & escalation process for prioritized areas for improvements.

    32. 2:00 - 2:45 PM

      Improving Signal Triage for Better Data Loss Prevention DLP
      Alex Foley, Truist Intel - Operations

      Event Toggle Arrow
      While it has promise, UEBA often brings overwhelming noise, limited integration, and inflexible rules. We should learn from this. Don’t believe you can’t run an effective DLP program because it’s too noisy. This session proposes a focused approach that prioritizes actionable DLP signals triage.

    33. 2:00 - 2:45 PM

      Account Takeover: A Customer Experience
      Joseph Griffin, PNC; Tracey Blake, PNC Intel - Fraud

      Event Toggle Arrow
      We are going to discuss the challenges a typical bank customer experiences when dealing with an account takeover (ATO) and how Fraud and Security can work together to mitigate risk and provide a better customer experience.

    34. 2:45 - 3:15 PM

      Afternoon Networking Break & Snacks

    35. 3:15 - 4:00 PM

      Effective Use of LLM: Incident Response & Intel Management
      Neal Dennis, Cyware Resilience - Incident/Exercise

      Event Toggle Arrow
      Explore how integrating third-party AI interactions with the right LLM can enhance the financial sector. This session will highlight effective strategies to improve engagement & elevate intelligence management practices across various security teams, empowering members to conduct in-depth research.

    36. 3:15 - 4:00 PM

      Harnessing Vulnerability Intelligence to Protect FinSvcs
      Will Kapcio, HackerOne Intel - Operations

      Event Toggle Arrow
      In this presentation, we will explore why financial services are particularly susceptible to certain vulnerabilities and share exclusive data on how financial services are spending their money on rewarding vulnerability reports to help you understand the market for different vulnerabilities.

    37. 3:15 - 4:00 PM

      Weaponizing Dark Web: Disrupting Fraud & Cyber Supply Chains
      David Mahdi, Transmit Security; Miguel Navarro, KeyCorp Intel - Fraud

      Event Toggle Arrow
      Tools like FraudGPT and the Dark Web make fraud easier than ever. Organizations need proactive solutions to disrupt the fraud supply chain and cut off resources before attacks. This session covers how machine learning and identity verification help detect and prevent fraud early.

    38. 3:15 - 4:00 PM

      The Future State of Generative AI: Charting Your Course
      Christopher Budd, Deutsche Bank; Pamela Simpson, TD Bank; Joseph Jorgensen, CME Group Security - AI

      Event Toggle Arrow
      Our presentation highlights foreseeable risks and opportunities for Gen-AI, so financial sector organizations can better navigate AI developments and make responsible decisions for their future. Especially with our guidance, organizations can begin doing this right now.

    39. 3:15 - 4:00 PM

      Next Level Second Line of Defense
      John Denning, FS-ISAC; Ankur Singhal, PayPal; Eduardo Delgado, TD Bank; Jonathan Ruf, Apple Bank Resilience - GRC

      Event Toggle Arrow
      Chief Technology Risk Officers must evolve with the changing landscape incorporating CISO, CTO and CIO equities into their coverage models. At the same time they must demonstrate credible coverage to regulators around the world. This panel will explore what the state of 2nd line coverage is today.

    40. 3:15 - 4:00 PM

      AREPA Leadership and Growth Framework
      Vicky Laurens, Scotiabank/The Bank of Nova Scotia Security - People

      Event Toggle Arrow
      Imagine a leadership style so robust,it turns every challenge into an opportunity.It's not just a recipe for success;it's a guide to living a value-driven life & career.Using a polarity mindset to balance core values with their counter values maximizing benefits and minimizing deficits of each pair.

    41. 4:15 - 5:15 PM

      Be the IT Changemaker who Locked Down Lateral Movement
      Nicholas DiCola, Zero Networks; John Raymond, Suncoast Credit Union Silver Solutions Showcase

      Event Toggle Arrow
      Case Study: How a Top 10 US Credit Union blocked ransomware and boosted audit scores with plug-and-play microsegmentation.​

    42. 4:15 - 5:15 PM

      Stopping Scattered Spider with an Identity-First IR Approach Silver Solutions Showcase

      Event Toggle Arrow
      Learn how to flip the script on traditional IR processes, and take an identity first approach to accelerate containment & remediation times. We’ll take you through a Scattered Spider use case, & how by focusing on identifying compromised accounts first, reduced dwell time & blast radius of an attack.

    43. 4:15 - 5:15 PM

      Automate Identity Governance to Improve Application Security Silver Solutions Showcase

      Event Toggle Arrow
      Financial institutions are required to perform user access reviews, a key component of safeguarding trust. Learn how Access Auditor automates access reviews while improving security with access intelligence to detect inappropriate access, terminated users, SOD conflicts, and AI-based anomalies.

    44. 4:15 - 5:15 PM

      ADR: An AppSec Revolution In Real Time
      Mic Mccully, Oligo Security Silver Solutions Showcase

      Event Toggle Arrow
      Application Detection & Response (ADR) detects exploitation of live applications and stops them before they can escalate. Learn how Oligo’s ADR technology detects attacks from both known and unknown vulnerabilities–-and see a real-time demo of a real-world attack scenario.

    45. 4:15 - 5:15 PM

      Qohash: Track and Secure High-Risk Unstructured Files
      Jean Le Bouthillier, Qohash Silver Solutions Showcase

      Event Toggle Arrow
      Qohash’s DSPM solution empowers security teams with real-time visibility and control over sensitive data. Discover how our unique tracking technology secures high-risk files, and enables governance, risk, and compliance, enhancing your data security posture and incident response readiness.

    46. 4:15 - 5:15 PM

      Ticking Timebomb: How Chainguard Reduces Reputational Risk Silver Solutions Showcase

      Event Toggle Arrow
      Your firm relies on software with known vulnerabilities. These vulnerabilities can be exploited, producing enormous reputational risk. Using Chainguard, your organization can build software from zero known vulnerabilities, reducing reputational risk and clearing compliance hurdles like FedRAMP.

    47. 4:15 - 5:15 PM

      Security: The Enabler of AI Trust Across Your Organization
      Matan Getz, Aim Security; Drew Robertson, Finance of America Companies Silver Solutions Showcase

      Event Toggle Arrow
      Get practical tips for security to effectively position itself as the organizational facilitator of AI, rather than a hindrance to the business. Turning data - such as audit logs and compliance data - into actionable insight that drives cross-functional business decisions that are security approved.

    48. 5:15 - 6:30 PM

      Booth Crawl Reception

    49. March 11 Tuesday

    50. 7:15 - 6:00 PM

      Registration

    51. 7:15 - 8:00 AM

      Breakfast

    52. 8:00 - 8:15 AM

      Opening Remarks

    53. 8:15 - 8:30 AM

      Critical Provider Panel

    54. 8:30 - 9:00 AM

      Identity Security for Third Party Risk Management
      Jim Routh, Saviynt; Ann Barron-DiCamillo, Citi; Laura Deaner, Northwestern Mutual; Ariel Weintraub, Aon PLC Platinum

      Event Toggle Arrow
      This session is focused on the evolution of third-party risk management specific to identity security to address the significant increase in security breaches of the software supply chain through compromised credentials.

    55. 9:00 - 9:30 AM

      Guardians of Trust Platinum

      Event Toggle Arrow
      Based on results of expansive global research on how customers view their financial institutions’ ability to protect their information, we discuss how customer trust drives business value, how leaders engender trust, & how security teams can partner within their institution to be a Guardian of Trust.

    56. 9:30 - 10:00 AM

      Morning Networking Break & Snacks

    57. 10:00 - 10:45 AM

      Evolutions in CRI Profile Implementation: Use Cases
      Emily Beam, Cyber Risk Institute; Kate Wistner, M&T Bank; Julie Rohlena, US Bank Resilience - GRC

      Event Toggle Arrow
      This session will highlight the evolving and innovative approaches to using the Cyber Risk Institute Profile at financial institutions to move beyond checking the box to comprehensive compliance. Featuring M&T Bank, US Bank, and CRI, this will provide practice tips and lessons learned.

    58. 10:00 - 10:45 AM

      Complex Operating Geographies: Mitigating Geographic Risk
      James Katavolos, Citi; Ann Barron-DiCamillo, Citi Intel - CTI

      Event Toggle Arrow
      How FIs can develop a methodology for measuring cyber risk across different operating geographies, using political, economic, military, and social risk inputs, and combining that with the firm's unique logistical footprint, business functions, and technology, to inform mitigating actions.

    59. 10:00 - 10:45 AM

      Insider Threat Programs - How Does Yours Compare?
      Geoff Lind, Wellington Management Co; Mark Handy, Morgan Stanley Resilience - Insider Threat

      Event Toggle Arrow
      The FSISAC Insider Threat Working Group recently conducted its first Peer Benchmarking Survey - come along to hear key findings and practical insights about how programs are structured, along with their scope and practices.

    60. 10:00 - 10:45 AM

      New Research and Actions to Protect Older Adults From Fraud
      Merit Trueman, TIAA; Rashmi Singh, TIAA; Dale Jones, TIAA Intel - Fraud

      Event Toggle Arrow
      Fraudsters target older adults for fraud scams because they’re especially vulnerable. TIAA will be releasing new research and insights into this problem. We’ll share what techniques have worked well, major difficulties we’ve encountered, real stories both inspiring and sad, and 10 actionable steps.

    61. 10:00 - 10:45 AM

      Safeguarding AI Through Lessons in the Field
      Kris Kimmerle, Aon PLC Security - AI

      Event Toggle Arrow
      Drawing from real-world experience, Kris shares insights on aligning AI security with organizational goals, managing unique risks, and fostering resilience. Attendees will gain actionable takeaways to build a robust AI security program that meets the evolving challenges of AI.

    62. 10:00 - 10:45 AM

      Shielding the Vault: Cloud Resilience for Financial Firms
      David Stone, Google; Jonathan Meadows, Citi; Sean Leighton, Google Security - Emerging Tech

      Event Toggle Arrow
      Cyber resilience is the ability of a system to maintain essential functions even under persistent cyberattacks. It going beyond traditional cybersecurity's focus on prevention by prioritizing adaptability and recovery to ensure continued operation despite compromise.

    63. 11:00 - 11:45 AM

      Make INT Make Sense: Deriving Better Intel From Open Source Intel - CTI

      Event Toggle Arrow
      The open source ecosystem of 2025 poses information overload and other collection challenges. This talk will provide a unified OSINT framework to identify and operationalize high fidelity collection across cyber, fraud, physical, insider, TPRM, counterintelligence, and other security operations.

    64. 11:00 - 11:45 AM

      Modernizing and Expanding Risk Reduction Programs Resilience - GRC

      Event Toggle Arrow
      Vulnerability management has its place but it’s time to take on a more modern approach. Join us as we talk through the process of evolving from an on-prem, vulnerability focus to a hybrid view into exposures including legacy systems that power back end processes in your financial service institution.

    65. 11:00 - 11:45 AM

      Voice Security: Tackling Fraud & Authentication in an AI Era
      Vijay Balasubramaniyan, Pindrop Security - AI

      Event Toggle Arrow
      AI-powered voice fraud is a major cybersecurity threat. Vijay Balasubramaniyan, CEO of Pindrop, will show how criminals use synthetic voices to bypass authentication, demonstrate real attacks, and present solutions to detect and combat this threat. It's time to rethink voice security in the AI era.

    66. 11:00 - 11:45 AM

      Partnering for Cyber Fraud Prevention & Disruption
      Karen Helmberger, FS-ISAC; Dave Pilot, US Bank; Samuel Strohm, PNC Intel - Fraud

      Event Toggle Arrow
      A bad day at one member is a bad day for the sector. This is no different in the fraud space. When fraud happens, when actionable intelligence is shared, it becomes preventative for the sector. We'll discuss our path to prevention and detection in partnership with members and NCFTA.

    67. 11:00 - 11:45 AM

      Redefining Cloud Security and Compliance
      Gabriele Columbro, FINOS; Eddie Knight, FINOS Security - Emerging Tech

      Event Toggle Arrow
      Come how FS-ISAC’s cloud working group is collaborating with the Linux Foundation and FSSCC to develop of a comprehensive and portable cloud controls ecosystem to guide compliance and enable one-click secure by design deployment of everything from web applications to complex RAG LLM systems.

    68. 11:00 - 11:45 AM

      Insider Threat Maturity Model
      Mark Handy, Morgan Stanley Resilience - Insider Threat

      Event Toggle Arrow
      A methodology for the design and implementation of an Insider Threat Maturity Model

    69. 11:45 - 12:45 PM

      Lunch

    70. 1:00 - 1:20 PM

      Proactive PII/CHD Leak Detection Starts in the Code
      Amjad Afanah, HoundDog.ai Tempt the Titans

      Event Toggle Arrow
      As development velocity outpaces compliance monitoring, organizations risk PII/CHD exposure and PCI violations. By embedding leak detection in the development cycle through static code scanning, teams can automatically track sensitive data flows and catch compliance issues before deployment.

    71. 1:20 - 1:40 PM

      Legion: SOC Superpowers
      Ely Abramovtich, Legion; Eyal Fisher, Legion Tempt the Titans

      Event Toggle Arrow
      Legion is the world's first AI security analyst designed to see, think and act like an expert security analyst. Using a browser extension and vision models, Legion can learn, optimize and automate the investigation processes of your SOC analysts seamlessly, and at any scale.

    72. 1:40 - 2:00 PM

      Federated Search for Security: Faster SOC, Decoupled SIEM Tempt the Titans

      Event Toggle Arrow
      Security teams need access to data but it’s distributed everywhere. They’ve been trying to solve the problem by centralizing data but that is slow and expensive. Query federated search is a search and analytics solution that delivers immediate answers from distributed data wherever it is stored.

    73. 2:00 - 2:20 PM

      The New Compliance Frontier Under PCI DSS 4.0
      Vini Mostovoy, OASIS Security Tempt the Titans

      Event Toggle Arrow
      With the release of PCI DSS 4.0, the focus on non-human identities has intensified, emphasizing visibility, security, and governance. Join us to learn actionable strategies for automating NHI security, staying compliant, and protecting your organization from costly breaches.

    74. 2:45 - 3:30 PM

      Preparing for the Benefits & Risks Introduced by Quantum Security - Emerging Tech

      Event Toggle Arrow
      A post-quantum cryptographic migration can be simplified by modernizing and centralizing your enterprise crypto systems. In this session, we will highlight TIAAs journey to transform their cryptography solutions to enterprise-wide, centralized services using cloud hosted solutions.

    75. 2:45 - 3:30 PM

      Fortifying Financial Institutions: A Dual Threat Approach to
      Ensar Seker, SOCRadar Intel - Attacks

      Event Toggle Arrow
      Ransomware attacks are rising, targeting critical systems and demanding hefty ransoms. This session unveils the power of supply chain and dark web intelligence in detection, prevention, and response. Learn how proactive threat hunting and leveraging intelligence to safeguard financial institutions.

    76. 2:45 - 3:30 PM

      The Dark Web Edge: Proactive Fraud Prevention Strategies Intel - Fraud

      Event Toggle Arrow
      Payment card fraud is growing rapidly. This session explores how dark web intelligence and unique data collection techniques help identify and mitigate fraud risks. Attendees will learn to uncover threats, track illicit activities, and gain a competitive edge in fraud prevention strategies.

    77. 2:45 - 3:30 PM

      Vendor Management Essentials: Protecting the Kingdom Assets
      Yahir Ramos, Citi; Marc Lieberman, Citi Resilience - GRC

      Event Toggle Arrow
      What do we do when the Kingdom’s assets are threatened, and we don’t know who our greatest allies are?! Join us as we explore themes related to vendor management for cyber intel, including performance measures, moving beyond metrics, continuous improvement, partnership, budget planning, and more.

    78. 2:45 - 3:30 PM

      Leading Across the Generations
      Randy Raw, Veterans United Home Loans Security - People

      Event Toggle Arrow
      Leadership in Cybersecurity is hard. We have 4 generations of workers in the Tech industry right now. Randy helps leaders understand how to effectively lead all 4 generations in a way that gets the best from each employee, helping retain top talent and recruit amazing teammates.

    79. 2:45 - 3:30 PM

      The Threat is Coming from Inside the House!
      Lauren Hearn, Bank of America; Libby Kral, Bank of America Resilience - Insider Threat

      Event Toggle Arrow
      Join us for this discussion of the power of combining data and people in the battle against insider threats. We will give background on insider threats - how to detect them, combat them, and prevent them.

    80. 3:30 - 4:00 PM

      Afternoon Networking Break & Snacks

    81. 4:00 - 4:45 PM

      Cyber Risk Management Innovation: Responding to SEC & DORA Resilience - GRC

      Event Toggle Arrow
      CISOs face mounting regulatory pressure from SEC and DORA. To comply, they must provide continuous views of cyber risk, despite myriad internal and external challenges. The panel will discuss how CISOs can address these challenges by establishing a 1.5 line of defense within their organization.

    82. 4:00 - 4:45 PM

      What's the Big Deal About Digital Assets?
      Karen Helmberger, FS-ISAC Security - Emerging Tech

      Event Toggle Arrow
      Cryptocurrency, blockchain, and smart contracts are here to stay and impact every financial institution in some form, even if it’s just by money flowing through and out. Following the money is easier than you think. Expert panelists will provide insights on the process and threat mitigation.

    83. 4:00 - 4:45 PM

      Cooking up Effective Risk Based Alerting Rules
      Joseph Weber, Regions Financial; Chase Helms, Regions Financial Resilience - Insider Threat

      Event Toggle Arrow
      Preparing in-house risk-based alerting (RBA) rules requires measuring key ingredients until you perfect your recipe for catching intentional and unintentional insider policy violations. Regions Bank’s presentation dishes out helpful tips on how to render their own successful investigation outcomes.

    84. 4:00 - 4:45 PM

      Multi-generations Fraud Prevention: The Power of Community
      Peter Falco, FS-ISAC; Benjamin Chance, Early-Warning Services; Dennis Lamm, Fidelity Investments Intel - Fraud

      Event Toggle Arrow
      America is facing potentially the largest generational wealth transfer in US history. That also means the financial community must focus on preventing multi-generational fraud, from vulnerable elder Americans through to vulnerable Gen Z, and the interactions across the spectrum.

    85. 4:00 - 4:45 PM

      Finding Qualified Personnel in a Staffing Drought
      Jeff Korte, FS-ISAC; Dana Turner, Union Bank & Trust Company (Nebraska) Security - People

      Event Toggle Arrow
      As more community institutions move from hybrid work environments to mandatory return-to-the-office models, IS and IT staff face a growing resource drought. This roundtable discussion will seek solutions for obtaining qualified staff to keep their institutions functioning.

    86. 4:00 - 4:45 PM

      Streamlining AppSec for a Better Developer Experience
      Joe Harrington, Principal Financial; Chris Colahan, Principal Financial Security - Technology

      Event Toggle Arrow
      MEMBERS ONLY SESSION: We share lessons learned that have put Principal on a better AppSec path. By focusing on three key areas -- automation, simplification, and communication -- we have found success and discovered that developers and security engineers share a common goal: delivering good software quickly and safely.

    87. 5:00 - 6:00 PM

      Understanding and Reducing the Impact of Account Takeovers
      Rajan Kapoor, Material Security; Max Pollard, Material Security Silver Solutions Showcase

      Event Toggle Arrow
      Account takeovers pose a significant threat and often lead to unauthorized access to sensitive data in emails at financial organizations. The demo will explore proactive measures and tools to minimize the impact, and cost, of account takeovers.

    88. 5:00 - 6:00 PM

      How GenAI Tools Can Improve Response Time & Mitigate Risks
      Aaron Momin, Synechron; Sandeep Kumar, Synechron; Chris Zanelli, Synechron Silver Solutions Showcase

      Event Toggle Arrow
      As attackers begin to use AI to enhance cyber-attacks, organizations are deploying AI for improved threat & vulnerability detection or automated incident analysis to provide responses and remediation to mitigate against disruptions. Learn how our GenAI-tools can help firms address these challenges.

    89. 5:00 - 6:00 PM

      Identity Centric Data Security for Zero Trust
      Priyadarshi Prasad, LightBeam Silver Solutions Showcase

      Event Toggle Arrow
      With the proliferation of sensitive data, you must be cognizant of their type, classification and exposure and remediate risks in near-real time. We will discuss identity centric data security through discovery, access control, and lifecycle mgmt, covering information security, and governance.

    90. 5:00 - 6:00 PM

      Implementing an Effective Cloud-Based Data Security Program
      Pritam Mungse, Social Finance (SoFi); Aviv Zisso, Sentra Silver Solutions Showcase

      Event Toggle Arrow
      The Director, Product Security at a leading US-based FinTech organization will discuss how to mitigate the risks in hypergrowth multi-cloud environments and the challenges and outcomes one can expect from the evolution of legacy architecture to cloud-native from one who has been through it.

    91. 5:00 - 6:00 PM

      The Future of Code Resilience for FinServ is ASPM
      Jimmy Xu, Cycode; Dinesh Mistry, Cycode Silver Solutions Showcase

      Event Toggle Arrow
      93 billion lines of code were created last year. With AI and an ever growing threat landscape, FinServ orgs need to be code resilient to maintain customer trust. This session will walk you through the 3 Waves of ASPM and how FinServ orgs should adopt it into their programs for code resilience.

    92. 5:00 - 6:00 PM

      IAM your Admin: Defending Cloud Identities
      Suril Desai, Acalvio Silver Solutions Showcase

      Event Toggle Arrow
      Adversaries are targeting cloud IAM stores to elevate privileges and gain trusted access to sensitive data. Multiple pathways to gain admin privileges make detection challenging. This session discusses the identity attack surface in the cloud and strategies to defend against the evolving threats.

    93. 5:00 - 6:00 PM

      Revolutionizing Toolstack Validation and Optimization
      Jason Rivera, SimSpace Silver Solutions Showcase

      Event Toggle Arrow
      SimSpace is proud to unveil a self-service app StackOp, designed to help organizations evaluate, validate, and optimize their toolsets in a realistic, high-fidelity environment. Key features include: Stack Optimization, POC & Bake-Off Testing, and Detection Optimization enhancing overall resilience.

    94. 6:30 - 10:00 PM

      Signature Dinner Event

    95. March 12 Wednesday

    96. 8:15 - 4:00 PM

      Registration

    97. 8:15 - 9:00 AM

      Breakfast

    98. 9:00 - 9:15 AM

      Opening Remarks

    99. 9:15 - 9:45 AM

      Business Logic Attacks: Take Control of an Emerging Threat Platinum

      Event Toggle Arrow
      Emerging business logic attacks exploit gaps in technology and processes, challenging DevOps and security teams. This session reviews real-world cases of business logic abuse and offers novel countermeasures to strengthen API security, helping organizations restore control and maintain user trust.

    100. 9:45 - 10:15 AM

      The Art & Science of Using AI to Make Data Security Easy Platinum

      Event Toggle Arrow
      Data security is historically the least mature domain for organizations. In this session, learn how forward-thinking CISOs are leveraging AI to transform their data security strategy so that it evolves into the most mature security program and the driving force for innovation and business growth.

    101. 10:15 - 10:45 AM

      Morning Networking Break & Snacks

    102. 10:45 - 11:30 AM

      How Non-Human Identities Are Used to Orchestrate Attacks
      Ian Ahl, Permiso Resilience - Identity & Auth

      Event Toggle Arrow
      Advanced threat actors are compromising the identity infrastructure of some of the largest organizations in the world with ease. Upon gaining access to the identity provider, they are able to move laterally into Iaas, PaaS, and SaaS environments and steal data - all in the course of 2-3 days. Cont.

    103. 10:45 - 11:30 AM

      Encrypted Client Hello: Profound Impact on Network Security Security - Technology

      Event Toggle Arrow
      ECH, an extension to TLS 1.3 currently under development at the IETF, is designed to significantly enhance security and privacy by protecting sensitive fields within the TLS handshake. As a cutting-edge technology, ECH is still relatively new and its implications for network security are profound.

    104. 10:45 - 11:30 AM

      Checks & Balances: Join the Fight Against Check Fraud
      Beth Reynolds, Federal Reserve Bank of Richmond; Michael Timoney, Federal Reserve Bank of Richmond; Scott Anchin, Independent Community Bankers of America Intel - Fraud

      Event Toggle Arrow
      Although check volumes continue to decline in the US, check fraud continues to grow, posing significant challenges for those on the front lines of the fight against fraud. Join a panel of industry experts as they discuss their commitment to combatting check fraud and how you can join in the fight.

    105. 10:45 - 11:30 AM

      Real Solutions to Defend Against Third-Party Cyberattacks
      Olaniyi Akinsanya, Regions Financial; Arun Warikoo, BNP Paribas; Heather Hendershott, Ally Financial; Pat McMahon, TIAA Intel - Attacks

      Event Toggle Arrow
      In today’s hyper-connected world, 3rd party Cyber risk is rapidly growing as there has been a 49% increase in breaches in the past year. Join us as we discuss why, share challenges in managing risk, highlight AI impacts in the marketplace, and provide concrete actions to help minimize this risk.

    106. 10:45 - 11:30 AM

      Creating and Automating Threat Intelligence Requirements
      Erin Donovan, Edward Jones; Darren Graham, Edward Jones Intel - CTI

      Event Toggle Arrow
      The goal of this presentation is to explain what an Intelligence Requirements (IR) program consists of, what it does for an organization, show how to develop an IR program, and deliver threat intelligence in an automated fashion. This helps stakeholders with prioritization and decision making.

    107. 10:45 - 11:30 AM

      Member Innovations in Supply Chain Risk Management
      Linda Betz, FS-ISAC; Nathan Rodgers, JPMorgan Chase Resilience - GRC

      Event Toggle Arrow
      Nathan Rodgers (JPMC) has been a key leader of the FS-ISAC Supply Chain Working Group. JPMC is innovating on how to make Supplier Management more effective and have higher and more real time information, at the same time incorporating increased threats from AI usage.

    108. 11:45 - 12:30 PM

      Lessons from the Real World in Consolidating Authentication
      Bojan Simic, HYPR Resilience - Identity & Auth

      Event Toggle Arrow
      Is it possible to streamline authentication across your organization without compromising security? JoinNavy Federal and Bojan Simic, CEO at HYPR, for an inside look at the benefits, challenges and key touchpoints when consolidating authentication solutions and deploying passkey-based MFA.

    109. 11:45 - 12:30 PM

      External Exposure Trends Affecting Financial Services Intel - Attacks

      Event Toggle Arrow
      In this session, we will present new findings from a recent study of financial institutions, uncovering common patterns in exposed ports, services, and misconfigurations. This data-driven approach provides a comprehensive roadmap for prioritizing risks and fortifying defenses.

    110. 11:45 - 12:30 PM

      Emerging Malware Threats in FinSvcs
      Beenu Arora, Cyble; Steve Ingram, Cyble Intel - CTI

      Event Toggle Arrow
      The presentation outlines growing cyber threats in BFSI, with a focus on TTPs, mobile banking Trojans, advanced phishing, security bypasses, and AI-driven attacks. Along with mitigations and more.

    111. 11:45 - 12:30 PM

      Reducing Application Delivery Tech Debt at Scale
      Bradon Rogers, Island Security - Technology

      Event Toggle Arrow
      Discover how to modernize enterprise operations that depend on legacy systems, traditional application delivery methods, and outdated security controls. New survey data will reveal how a familiar yet new approach offers a cost-effective path to a more modern, secure, and end-user friendly IT stack.

    112. 11:45 - 12:30 PM

      Cyber Fraud Prevention Framework - Expanding the Impact
      Allison Glenn, Bank of America; Chris Rodon, Fidelity Investments; Ryan Praskovich, Nationwide Mutual Insurance Company; Adam Perino, Regions Financial Intel - Fraud

      Event Toggle Arrow
      Fraud is the monetization of cyber threats. The doors to prevention are opened when we map the lifecycle of fraud from cyber entry points to monetization, engage all the accountable teams, pinpoint and fill gaps, then share insights with the sector. We'll review use cases and success stories.

    113. 11:45 - 12:30 PM

      Are You Ready for Rule 1033?
      Jeff Korte, FS-ISAC; Jeff Jackson, NASB Resilience - GRC

      Event Toggle Arrow
      The Consumer Financial Protection Bureau Rule 1033 on personal financial data rights, aims to give consumers greater control over their financial data. The security risks and implications for smaller institutions are huge – are you ready for it?

    114. 12:45 - 1:30 PM

      Rewriting the Financial Services Regulatory Exam Playbook
      Eric Erston, RegScale; Anne Higgins, Bank of New York Mellon; Josh Magri, Cyber Risk Institute Resilience - GRC

      Event Toggle Arrow
      This panel will discuss how financial institutions can use intelligent automation, AI, and a common controls framework to transform regulatory exam management by streamlining manual processes, freeing up resources for innovation, and maintaining regulatory confidence.

    115. 12:45 - 1:30 PM

      Risky or Right? Open Source in Finance Security - Technology

      Event Toggle Arrow
      Open source adoption has skyrocketed with more than 6.6T downloads in the past year, ushering in both unprecedented innovation and complex challenges. This talk will explore the state of open source in finance — both the rising security implications and the unexpected benefits of OSS contribution.

    116. 12:45 - 1:30 PM

      Offense on Defense: Secure Hybrid Identity with Attack Paths
      Justin Kohler, SpecterOps; Eric McGuffin, State Street Resilience - Identity & Auth

      Event Toggle Arrow
      Hear how State Street Bank tackled regulatory compliance in identity security by using the adversary’s view of attack paths to inform defenses. We'll cover how we aligned leadership, established scope, and the tools we used to partner with IAM and IT to secure AD and Azure environments.

    117. 12:45 - 1:30 PM

      Brand Protection Abuse Reporting | Meta
      Karen Helmberger, FS-ISAC; Deborah Atta-Fynn, JPMorgan Chase; Teresa Walsh, FS-ISAC; Kristin Connors, Meta Financial Technologies; Guy Pearson, Bank of America Intel - Fraud

      Event Toggle Arrow
      Brand protection in social media is paramount to reduce cyber and fraud threats. Having an efficient path for reporting and investigations when threats arise is critical. Learn how FS-ISAC has partnered with Meta to fight fire with FIRE, the Fraud Intelligence Reciprocal Exchange.

    118. 12:45 - 1:30 PM

      Building a High Performing Red Team
      Jordan Fuhr, Wells Fargo; Ryan Linn, Wells Fargo; Todd Foulks, Wells Fargo Intel - Attacks

      Event Toggle Arrow
      A Red Team can be a force multiplier to a security program with the right resources and when built correctly. This presentation will walk through the lessons learned and highlights from creating and maintaining a successful red team.

    119. 12:45 - 1:30 PM

      Value and Methodologies of Internal Threat Intel Collection
      Sherman Chu, BlackRock Intel - CTI

      Event Toggle Arrow
      This presentation examines the critical role of internal data collection in empowering CTI and its decision-makers. We will explore why internal collection is essential, the types of internal sources, and methods for collecting and processing internal sources.

    120. 1:30 - 2:45 PM

      Lunch

    121. 3:00 - 3:45 PM

      Revolutionizing Your Customer Identity with Microservices
      Jocelyn Whitfield, Fifth Third Bancorp; Tim Lewis, Fifth Third Bancorp Resilience - Identity & Auth

      Event Toggle Arrow
      MEMBERS ONLY SESSION: Customer Identity is a unique IAM concept that requires agility, customizability and enhanced security controls. Join us as we walk through our successes, challenges & experiences of Revolutionizing Customer Identity using a Modern Microservices Architecture.

    122. 3:00 - 3:45 PM

      Safeguarding Trust @ the Edge - API Security
      Rachael Kramb, Fifth Third Bancorp; Kristen Machen, Fifth Third Bancorp; Brice Landry, Fifth Third Bancorp Security - Technology

      Event Toggle Arrow
      MEMBERS ONLY SESSION: In an era where digital interactions are increasingly reliant on APIs, ensuring their security is paramount. This panel, “Safeguarding Trust @ the Edge,” brings together Fifth Third Bancorp to discuss the latest strategies and technologies for protecting APIs.

    123. 3:00 - 3:45 PM

      Play Jenga with the Adversary with Chokepoint Mapping
      Matthew Winters, T. Rowe Price Intel - CTI

      Event Toggle Arrow
      MEMBERS ONLY SESSION: Threat Hunters constantly wrestle with the problem of too much work and few tools to narrow our focus. With chokepoint-based behavioral hunting (and party games!) we can prioritize our efforts and allow SOC teams to finally speak the same language.

    124. 3:00 - 3:45 PM

      Tao of Threat Hunting - A 7-year journey
      Eric Schwarz, State Farm; Ryan Trupin, BNP Paribas; Arun Warikoo, BNP Paribas Intel - Operations

      Event Toggle Arrow
      MEMBERS ONLY SESSION: Developing the Threat & Fraud Hunt team in a Fortune 50 company has been an amazing experience. You might be surprised at our origins and interested in the path we have taken to where we are. In this presentation I will cover our non-traditional start and key aspects of our never-ending journey.

    125. 3:00 - 3:45 PM

      How to Manage a Successful Pentest Group
      Peter Falco, FS-ISAC; Sean O'Coiligh, DTCC Intel - Attacks

      Event Toggle Arrow
      MEMBERS ONLY SESSION: This panel led by industry experts will provide guidance and expertise on how to successfully establish, run and maintain a Pentest group. Topics will include *Managing Staff *Showing Value and Impact * Reporting on success

    126. 4:00 - 4:45 PM

      Journeys in Detection Engineering
      Chris Merkel, Northwestern Mutual Intel - Operations

      Event Toggle Arrow
      MEMBERS ONLY SESSION: In this presentation, we will be providing basic benchmarks to get a back of the napkin understanding of your organization’s detection engineering maturity. From there, we will tell the story of three organizations, highlighting key moments over the lifetime of their detection and response program.

    127. 4:00 - 4:45 PM

      Cyber Resilience - Balancing Leadership Styles for Success
      Justin Rager, State Farm; Bridget Bradley, State Farm Intel - Attacks

    128. 4:00 - 4:45 PM

      DIVA: When Digital Identity Verification Steals the Show
      Melanie Bergen, Principal Financial; Ami Lyman, Principal Financial Resilience - Identity & Auth

      Event Toggle Arrow
      MEMBERS ONLY SESSION: 2024 LIMRA study shows account takeovers and identity theft as top fraud risks. Principal found KBA quizzes vulnerable to fraudsters while frustrating legitimate customers. Solution: Replacing KBA with DIVA (Digital Identity Verification Authentication), combining document verification and selfie.

    129. 4:00 - 4:45 PM

      Advanced Detection Engineering: Science Works!
      Stephen Salerno, Fifth Third Bancorp; John Davison, Fifth Third Bancorp Intel - CTI

      Event Toggle Arrow
      MEMBERS ONLY SESSION: Detailing an advanced detection engineering system developed by Fifth Third's Cyber Threat Interdiction group. We will discuss the driving forces behind the system, the statistical model that underpins it, as well as the organizational implementation and positive results.

    130. 4:00 - 4:45 PM

      BitLocker Key Extraction from Hardware
      Dan Dumitrescu, Northern Trust Intel - Attacks

      Event Toggle Arrow
      MEMBERS ONLY SESSION: BitLocker encryption is considered the gold standard for drive encryption on Windows systems. Companies are confident that data stored on lost laptop assets cannot be recovered. However, we can demonstrate that Volume Master Keys can be retrieved directly from TPM's hardware bus.

    131. 4:00 - 4:45 PM

      Stopping Viral: Disrupting Emerging Tactics on Social Media
      Jacqueline Hicks, Navy Federal Credit Union; Brian Carmack, Navy Federal Credit Union Intel - Fraud

      Event Toggle Arrow
      MEMBERS ONLY SESSION: There is a growing trend of threat actor activity occurring "in plain sight" that enables them to conduct malicious behavior. Collaborative processes, streamlined techniques, and case studies will display how tracking threat actor networks and emerging trends enables threat disruption.

    132. 4:45 - 5:30 PM

      Closing Reception

    fs-isac-greyscale

    © Copyright 1999 - FS-ISAC, Inc. All Rights Reserved.

    Terms and Policies