DECEMBER 5, 2017

The Next-Generation CISO: Strategy, Technology, and Business Insight

Black Hat is pleased to announce the new Executive Summit at Black Hat Europe in London. As 2017 begins to wind down, businesses are facing a promising – but uncharted – future in how they protect their valuable data. Cybersecurity executives are entering a new era of business influence that requires a next-generation approach to how they plan, purchase, implement, and manage data-protection technology. And they are facing some important introspection of their own value to the organization.

At the Black Hat Executive Summit, CISOs and other cybersecurity executives will gather to hear from a variety of industry experts who are helping to shape this next generation of information security strategy. We'll be dissecting the latest technologies designed to keep ahead of sophisticated adversaries and provide a peek into future platforms; we'll outline the next-level skills and strategies CISOs need to bolster their relevance and wow the board; and, of course, we'll discuss the latest techniques for maintaining a proactive approach to data protection.

For CISOs and executives looking to transform from a mere manager of information into a corporate champion of business growth, it's imperative to stay on top of the latest insight. That journey begins at the Black Hat Executive Summit.

*Please note: In order to create an open and candid environment that promotes the sharing of ideas, thoughts, and discussion, the Executive Summit will follow Chatham House Rule; neither media nor event coverage is permitted. This program was designed for executive security practitioners; solution providers and vendor attendees are limited to event sponsors.


Daniel Barriuso
Banco Santander
Daniel Cuthbert
Global Head of Cyber Security Research
Banco Santander
Brian Gillooly
Contributing Editor
Black Hat
Phil Huggins
Group Head of Information Risk & Security
Prudential plc
Darrin Johansen
Haumaru, LTD
Quentyn Taylor
Director of Information Security
Canon Europe


09:00-09:15 Opening Remarks
  • Jeff Moss, Founder, Black Hat, DEF CON
  • Brian Gillooly, Co-Chair, Black Hat
09:15-10:00 Keynote - Thinking and Acting Outside the Box on Cyber Security – Both Internationally and Nationally
  • Marina Kaljurand, Chair of the Global Commission on the Stability of Cyberspace
The ever-expanding use of ICT is leading to an increase in incidents involving malicious attacks by States and non-State actors alike. These negative trends present significant risks to all States, and carry serious implications for international peace and security. International cooperation is the only way forward for providing an open, free, safe, secure, stable, accessible, and available Internet, and for promoting the continued growth and development of the use of ICT. Yet, such cooperation is made more difficult by deep ideological divisions. Since deterrence in cyberspace differs from traditional deterrence—the type we saw during the Cold War era—it requires new international approaches to cyber security. In this keynote, Marina Kaljurand will present the main challenges to international cooperation and suggest ways of tackling them—with special emphasis on the multi-stakeholder approach, the role of industry/private sector, and the need for clear laws and rules that minimize "grey zones" of what is allowed and what is not allowed in cyber space. Kaljurand will outline one of those key initiatives, the Global Commission on Stability of Cyberspace. She will also discuss the concept of data embassies, the domestic legal status of AI, its nationwide approach to cyber security, and the theoretical vulnerabilities to its online services caused by flaws in commercial products.
10:00-10:30 Addressing the Board – What They Really Want to Know
  • Daniel Barriuso, CISO, Banco Santander
Today´s reality and media coverage of wide-scale cyber incidents mean that increasingly CISOs are asked to present at board-level. This session will explore the key role CISOs have in influencing the right decision makers on cybersecurity outcomes. The speakers will share insights in presenting to the board and share how they fundamentally approach laying the groundwork for organisations to rethink cybersecurity to elicit positive security investments and results. Traditional organizations used to view no news as good news. Now, no news is unsettling. The modern CISO, knows that encouraging vulnerability detection, reframing failures as importance successes and feeding this back into key decision makers is key to be able to meet the external threats. The speakers will also speak about effective methods to reframe cybersecurity management to the board in business terms.
10:30-10:50 Networking Break
10:50-11:20 Are Criminals Really Profiting From Your Stolen Data?
  • Darrin Johansen, Haumaru, LTD
  • Andrew Barratt, Managing Principal for Financial Services and Payment Solution Assessment, Coalfire
  • Laurance Dine, Managing Principal, VTRAC - Investigative Response
  • Sanjiv Gohil, Cyber Senior Investigator - Detective Inspector, Metropolitan Police
Is there an oversupply of insufficiently secured data and a shortage of criminals that can sufficiently profit from it? It seems almost weekly that a major breach is announced, often with a lot of press coverage. Then the story becomes old news, and usually little follow up of its effects are reported. What actually happens to the data and the owners of the data as a result of these breaches?

This session examines both the victim's and criminal's point of view. From the victim's perspective, an expert will analyze how many breaches are performed by criminals for profit, how much data is actually abused, as well as how the breach affects those individuals. From the attacker's side, we'll look at how the downloaded database converts into profit, how these criminals are evolving, and the emerging challenges they are facing.
11:20-12:20 The Security Breach Fallout: How Will the Next-Generation CISO Respond
  • Quentyn Taylor, Director of Information Security, Canon Europe
  • Paul B. Scott, Global Chief Information Security Officer, Omnicom Group
  • Thom Langford, Chief Information Security Officer, Publicis Groupe
When high-profile security breaches happen, how do companies respond? In a best-case scenario, the organization has a pre-arranged plan for dealing with the fallout, including customer communications, PR, and a streamlined technical response. And in these cases, what happens to the CISO, and how should he or she respond? This session will examine some real-world examples like Maersk, Equifax, and Deloitte and not only what they did right and wrong, but the conversation will also prime the pump for a post-session discussion among attendees: How much blame do CISOs deserve in these cases? Are they being treated fairly? What level of competence should be expected? And is the heat on CISOs rising or falling? In the end, we'll map out a plan for the ideal response by the next-generation CISO to very public hacks.
12:20-13:40 Networking Lunch
13:40-14:10 The Cyber Landscape: A Security Pro's Point of View
  • Timothy Wilson, Co-Founder & Editor-in-Chief, Dark Reading
Today's security professionals are not only wrestling with external threats – they're faced with internal challenges that range from compliance to risk management to uneducated upper management. In this session, we offer an analysis of several recent surveys conducted by Black Hat and Dark Reading that offer some insight on the attitudes and concerns of today's IT security managers, and how those concerns influence their decisions about enterprise defense.
14:10-15:10 Cutting Through the GDPR Confusion: A Reality Check at T-Minus Six Months
  • Stewart Room, Data Protection & Cyber Security Professional - Lawyer, Management Consultant, Author
Are you tired of hearing about the General Data Protection Regulation (GDPR)? You better not be, because enforced compliance begins in May of 2018, and according to some reports, more than 60% of companies haven't begun their implementations. While GDPR was created to protect EU citizens data and to reshape how organizations approach data privacy, the process has been less than palatable for many companies. Bogus claims from suspect companies offering GDPR assistance are inundating CISOs. Some aspects of GDPR are being overhyped by the media. And many companies are treating the initiative as an annoying burden. But the reality of GDPR hits in just six short months. In this session, our expert cuts through the fluff to help you understand what to really care about, what you can safely ignore, and how to get stuff done.
15:10-15:30 Networking Break
15:30-16:00 The Role of AI in Cybersecurity: What's Real, What's Hype?
  • David Moloney, Director, Innovation and Transformation, PwC
Artificial intelligence and machine learning offer great potential in the field of IT security by helping systems -- and people -- discover threats before they even happen. They can interpret structured and unstructured information to identify and prioritize threats, and create a profile for spotting future intrusions. But there's a lot of hype among the helpful information, making it difficult for CISOs to sort through the rhetoric to find viable solutions. Can AI and machine learning really help companies to detect, resolve, and prevent security threats before they impact the business? Some leading-edge businesses are already deploying such technologies to achieve better predictive control over their enterprises. This session will sift through the hype to uncover real possibilities and real solutions in AI-based security technologies and concepts.
16:00-16:30 Greatest Technology Hits of 2017 and What to Expect in 2018
  • Daniel Cuthbert, Global Head of Cyber Security Research, Grupo Banco Santander; Black Hat Review Board
  • Phil Huggins, Group Head of Information Risk & Security, Prudential plc
  • Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies, Positive Technologies
  • Michael Crabb, Deputy Attaché, HSI London
It can be difficult for CISOs to find the time to stay up to date with reliable information on the latest confirmed techniques and tools that break InfoSec controls and challenge risk-based decisions. There is a lot of snake oil and hype to wade through, including both internal and external feedback. This session will offer a quick-fire roundup of developments and techniques that worked in the last year. Attendees can also expect a look forward into 2018, including techniques and tools under active development with a supportive community, as well as some worrisome developments and bleeding-edge hacking. An expert will provide actionable information to take back to the office as 2017 comes to a close.
16:30-16:50 Black Hat Briefings Preview
  • Daniel Cuthbert, Global Head of Cyber Security Research, Grupo Banco Santander; Black Hat Review Board
16:50-17:00 Closing Remarks
17:00-18:30 Networking Reception, The Bridge at The ExCeL

Premium Sponsor

Qualys, is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries.  Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. 

Darron Gibbard CISM, CISSP, Managing Director, Northern Europe

Before joining Qualys as CTSO, I have spent the last 25+ years working for a variety of payment services, media and telco organisations providing Cyber, IT and Information security thought leadership and subject matter expertise. My early career was spent working in the vendor marketplace for startups and major security vendors in both a pre and post sales capacity.

Kevin Ware-Lane, Director of Technical Account Management

Kevin has for the last 20+ years been engaged across networking, security and cloud arenas, helping organisations to gain IT and security visibility, plan for and deploy key infrastructure solutions, and to implement effective security capabilities and programmes, all with a keen eye on ensuring agility for evolving customer needs.

Foundation Sponsor

Cybercriminals are growing in number and sophistication, rendering traditional solutions powerless against today’s advanced threats. IBM Security, with 7,500 security professionals worldwide, helps more than 12,000 clients address their most critical needs: transforming their security programs; optimizing security operations and response systems; and protecting critical information.

Over the past decade, IBM has invested more than $2 billion in security research and development, resulting in 3,700+ security-related patents, and acquired 19 security companies to grow its portfolio. Today, IBM Security delivers next-generation security technology and services, including cognitive and Watson analytics, automated incident response, cloud-based solutions and state-of-the-art security operations centers.

Foundation Sponsor

SecurityScorecard provides the most accurate rating of security risk for any organization worldwide. The proprietary SaaS platform helps enterprises gain operational command of the security posture for themselves and across all of their partners and vendors. It provides continuous, non-intrusive monitoring for any organization including third and fourth parties.

Sam Kassoumeh, COO and Co–founder

Sam Kassoumeh is cofounder and chief operating officer and is responsible for driving the company's product portfolio. With extensive experience as both a cybersecurity practitioner and leader, Kassoumeh's experience has been pivotal in the growth and development of the company as well as establishing the ecosystem risk management space. Kassoumeh's passion for internet security started in his teens and propelled him into key cybersecuity roles including as head of security and compliance at Gilt Groupe and worldwide InfoSec lead at Federal-Mogul. Sam holds a BBA in Management Information Systems from the University of Michigan-Dearborn.

Tom Wells, Vice President, Global Sales

Tom Wells joined SecurityScorecard in February 2016 and leads the company's global sales organization driving sales development efforts with commercial and public sector accounts across the Americas, EMEA, and APAC. With over 20 years of experience, Wells has built an agile and consultative sales culture that has helped some of the best known brands in the world improve their ability to manage risk against their business. Wells has a strong track record of success having held leadership positions at Agari, Symantec, Clearwell, Mimosa Systems, FileX, ION Networks, StorageNetworks, Interliant, and Lucent Technologies. He hold a BA in international affairs from the University of Colorado - Boulder and an MBA from New York University.

Networking Reception Sponsor

Your enterprise needs to move faster, but lack of process and legacy tools hold you back. The ServiceNow System of ActionTM replaces unstructured work patterns of the past with intelligent workflows of the future. ServiceNow's Security solutions are part of the System of Action. ServiceNow Security Operations bring incident data from security tools into a structured enterprise security response engine. Workflows, automation, and a deep connection with IT help prioritize and resolve real threats fast. ServiceNow Governance, Risk, and Compliance (GRC) drives unified GRC programs. It transforms processes by continuously monitoring, prioritizing, and automatically responding to real risks in real-time. Learn more:

Event Sponsor

Cyxtera Technologies combines a worldwide footprint of best-in-class data centers with a portfolio of modern, cloud- and hybrid-ready security and analytics offerings - providing more than 3,500 enterprises, government agencies and service providers an integrated, secure and resilient infrastructure platform for critical applications and systems. For more info, visit:

Cybrary is an open-source cyber security and IT learning and certification preparation platform. Its ecosystem of people, companies, content, and technologies converge to create an ever-growing catalog of online courses and experiential tools that provide cyber security and IT learning opportunities to anyone, anywhere, anytime. Cybrary levels the playing field for those who want to advance in or start a cyber security or IT career by providing anyone with access to the tools they need to be competent and confident. Through its open-source model, Cybrary is actively working to fill the gap between open cyber security and IT positions and experienced practitioners. Cybrary has thousands of hours of free content for beginners, all the way through advanced and leadership-level courses, that is developed and delivered by industry subject matter experts. The platform offers skill assessments, learning, and certification preparation on popular topics such as Ethical Hacking, CompTIA A+, Security+, and CISSP, Web Application Penetration Testing, Secure Coding, NIST 800, Metasploit, while staying current with changes in the industry. Visit to learn more.

Please direct inquiries to