by Judy Hatchett + Jeffrey Norem, Summit Co-Chairs

Whether you are able to join us in person or virtually this year, we invite you to take a moment behind the scenes with us and share our journey of collaboratively building this year’s Summit with our colleagues. 

What does it take to produce an international Cyber Security Summit?  

First, it’s determining a theme which this year is, Eyes Wide Open, sounds like an action-packed movie starring Tom Cruise.  With all the events of the last year, maybe it will be one day!

What an exciting time to be a cyber security professional. Another year with more big breaches, more vulnerabilities (Log4J or Hafnium anyone!) and an international war where cyber security was front and center.  Each year during planning time we go through several rounds of “what would be a good theme for the Summit?”

This year, we loved the theme of “Eyes Wide Open” because it relates to not only security professionals but also the general population.  Critical cyber news is more prevalent in the mainstream media and business news sources now than it ever has been. Organizations of all sizes and all industries are being targeted. Organizations are looking at ways to become more resilient and not have to pay ransoms. Boards and Executives are starting to become “cyber aware” and the larger companies are starting to create “risk statements” in their annual 10K reporting. Many more organizations are stating that cyber risk is their #1 enterprise risk to their organization.  Hmm… maybe it is a business (and not a technical) issue after all.  Many of us in the Summit planning process discussed our family and friends asking more cyber specific questions because they are seeing it on the news or maybe their elderly parents have had their identity stolen or fallen victim to a social engineering campaign. It is hitting closer and closer to our home and our families as the age of people living with “smart” technology is starting to span all age groups.

If you haven’t heard, the SEC is proposing that all public (and maybe private too) will have to start reporting on cybersecurity risk management, strategy, governance, and incident reporting.  One way to make sure that organizations  reduce the systemic risk of not paying attention to cyber matters, starts at the top with proper board education and oversight.

How could we not mention the Russia – Ukraine war and the impacts on our industries?  It almost seems like we are watching the testing of a playbook for coordinated physical and cyber-attacks.  Who didn’t open their eyes when they heard of the “IT Army”, a volunteer group where professionals and threat actors alike could come help resist cyber attacks at the request of a government leader.  This alone could make for a very interesting debate.

The US government continues to pay more attention with multiple White House statements and Executive Orders on cyber security.  CISA continues to focus on bringing together the public and private sectors.  Don’t miss one of our CISA sessions like the Fireside chat with the CISA Deputy Director, Nitin Natarajan or CISA & DHS Resources for Small Businesses.

Minnesota is home to some of the largest medical device manufacturers in the world. Our Healthcare and Medical Device program has some amazing speakers to talk about the importance of asset management, segmentation, ransomware readiness, resiliency in a world full of medical devices and be sure to check out the talk on FDA Premarket cybersecurity guidance for medical device manufacturers.

Our Women in Cyber Day has been a growing program and for the last two years becoming  a day long program. Be sure to check out the keynote by Gretchen Block from UHG on Walking in Fire, or author Tissa Richards on how to accelerate your career by showing how you are adding value. Don’t forget to check out the wonderful panels represented by a plethora of local Information Security talent here in the Twin Cities.

We are so excited to co-chair the event, but we cannot forget to give credit where credit is due. So many amazing people that work so hard behind the scenes to make this a huge success. There is a large team of industry-known information security professionals that make up the Think Tank many more that chair and make up several of the industry specific committees.  They truly outdid themselves again this year with the broad and relevant content for the summit.  Special thanks to Tina Meeker, Sr. Director of Information Security at Sleep Number who crushed the coordination of our program and of course to Eileen Manning, the mastermind behind it all for twelve years now! 

We look forward to seeing you at the Summit

Judy Hatchett is the VP Chief Information Security Officer at Surescripts. She sets the vision, develops plans and oversees the execution of Surescripts’ Enterprise Information and Physical Security, Business Continuity and Risk Management Programs to ensure comprehensive, high-quality and effective risk and information security management in support of business goals. With 15 years in cybersecurity, she has held leadership roles overseeing global teams for governance, cybersecurity and HIPAA compliance and identity management in both the manufacturing and retail industries.

Jeff Norem is a data protection and privacy leader, CISO, board member and cyber product adviser with 20+ years of experience in security, privacy, fraud and risk management across multiple industries. He is a frequent speaker at global security and risk conferences, author and active member in the community.

Jeff holds an MBA from the University of St. Thomas with a focus in the risk leadership, is a founding member of the UST Risk Leadership Advisory Board. Certs include: CISSP, CISA, OpenFAIR.

His focus is building security programs that allow organizations to meet their objectives through effective decision making and prioritized security investments by truly understanding their risk in terms of probability of financial loss.