Registration and complimentary continental breakfast.
The term "cyber risk quantification" is trending higher these days, but there is still a big gap when it comes to finding practical insight about how an organization can actually make better decisions or achieve a better understanding of its cyber risk. Providing just such practical insight is the goal of the 3rd Annual 4A Data Security & Privacy Symposium, Cyber Risk Quantification Workshop at Drexel LeBow in Philadelphia on March 22, 2018.
This year, we have assembled a group of specialists from multiple disciplines including risk management, cyber security, economics, law, insurance, compliance, healthcare and technology. We have given them access to the current data set from a large, U.S. healthcare system and asked these experts to share their insights, analyses, methods and results with attendees of this one-of-a-kind event. Attendees will hear from some of the world's leading cyber risk experts on various aspects of objective cyber risk analysis, with an emphasis on practical applications.
Cyber risk is constantly changing, so it is even more crucial for organizations to develop and refine the tools and expertise required to identify and quantify their cyber risk on an ongoing basis. Developing such an objective cyber risk quantification function spans multiple disciplines, including information security, privacy, legal liability, regulatory compliance, insurance pricing, underwriting, enterprise risk management, corporate governance, and several others.
Join us for a full day of fascinating conversation at the 3rd Annual 4A Data Security & Privacy Symposium, Cyber Risk Quantification Workshop. This event will be hosted by Drexel University, LeBow College of Business, Corporate and Executive Education and the Drexel University Cybersecurity Institute. All sessions and networking events will be held at the Grand Meeting Room and Terrace, Gerri C. LeBow Hall, 3220 Market St, Philadelphia, PA 19104.
Registration and complimentary continental breakfast.
Introductory remarks from Steven Weber, Director of the Drexel University Cybersecurity Institute and Interim Head of the Department of Electrical and Computer Engineering.
The risk of cyber attacks for many individuals is largely seen as an abstract privacy concern. This is a view that ignores the potential health and safety impacts of cyber risk. Dr. Choi will present pioneering research he conducted with Dr. M. Eric Johnson, Dean of the Owen Graduate School of Management, exploring the relationship between breaches of healthcare data and healthcare outcomes. Their research analyzed the question of whether hospital data breaches may adversely impact hospital mortality rates due to disruptions to provider care-practices. This study reviewed 30-day mortality rate for acute myocardial infarction using a difference-in-differences model from a national panel of hospitals from 2011 to 2015. Dr. Choi will take questions regarding their study and findings that a data breach was associated with a 0.338 to 0.446 percentage point increase in the 30-day AMI mortality rate in years after a breach.
Most cyber security purchasing decisions are based on following "best practices" and compliance requirements. Patrick Florer and Mark Eggleston will review the current data from a real healthcare system that has been provided for this workshop and discuss a decision-making process which involves actual cyber risk quantification. They will examine questions such as:
* How can I assign reasonably accurate dollar losses to my biggest risks?
* Which risks are really the ones with the highest likelihood of occuring at my organization?
* How much risk reduction (in dollars) can I achieve with a specific security control implementation?
* How can I use cyber risk quantification as a regular part of my security program?
Dr. Maarten van Wieren, Managing Director of Aon Risk Services Cyber Solutions Group in the Netherlands joins us to discuss how to apply the Cyber Value at Risk (CyberVaR) model to the data set provided in order to quantify the specific economic consequences of cyber risk to the organization. This approach provides information to organizations of all sizes that can help them make better decisions.
This is a short break to refresh, mingle or grab some more nourishment. Coffee and light snacks will be served on the Terrace. It's also another chance to see what our carefully selected exhibitors have to show.
Analyzing the data set, Greg Fliszar will lead this discussion about how to quantify the legal and compliance aspects of cyber risk. With HIPAA as a guide and GDPR on our doorstep, this panel brings the perspective of both inside and outside counsel, as well as a company dedicated to helping organizations become compliant.
Risk transfer is a critical component of any cyber risk management strategy. But few organizations have the ability to quantify their cyber risk with enough confidence to answer this fundamental question. It is even more challenging, given the rapid changes and complexity of today's cyber insurance market. This session will begin with an analysis of the common data set provided, and then Josh Ladeau will lead this discussion, expanding toward a decision-making process that can be applied to a broad range organizational types and sizes.
Six discussion topics will be hosted by a speaker from the morning sessions during lunch on Wednesday. The topics are: The Impact of Data Breaches on Healthcare Outcomes; Cyber Value at Risk ; Quantifying Legal/Regulatory/Compliance Cyber Risk; Using Cyber Risk Quanitification for Planning and Budgeting; Cyber Insurance & Cyber Risk Quanitification. Please select your first and second preference for topics on your registration form and we will do our best to accomodate everyone. Topics will be assigned to attendees on a first come, first served basis and attendees will be given table assignments at on-site registration. Each lunch table will display a table topic sign and attendees will proceed to their corresponding lunch table.
FICO is probably best known for its FICO Credit Score, but after acquiring QuadMetrics last year, FICO has launched a cybersecurity score as well. Dr. Liu's research in cybersecurity and insurance markets provided the foundation for QuadMetrics and now FICO's offerings. Dr. Liu will review the FICO Score generated by its analysis of the organization, explain how they got it, what it means and how the information can be used.
Despite the proliferation of cloud security products, cloud risk remains a nebulous area (sorry, pun intended). In this session, Ben will work with the data set to review the organization's cloud risk, how to quantify it, and what that analysis reveals about its cyber risk.
This is a short break to refresh, mingle or grab some more nourishment. Coffee and deserts will be served on the Terrace. It's also another chance to see what innovations our carefully selected exhibitors are showing.
This final interactive workshop discussion serves as a follow-up to all the analyses presented during the day. It will involve many of the previous speakers, along with audience participation in an attempt to "put all the pieces back together again" and create a single, coherent picture of what all these cyber risk quantification efforts mean in practical terms for the organization.
Dr. Weber will share observations on the future of cyber risk quantification as he delivers closing remarks for the Symposium
Meet with the Symposium Faculty and other attendees while enjoying complimentary wine and cheese on The Terrace, directly outside.
"The conference was motivational and enlightening with lots of good information about these issues!"
"Great networking! Excellent location. Not a trade show atmosphere - very conducive to conversation."
"It was interesting to get security and privacy perspectives from both a HIT start-up and from a HIT VC. Then to hear from the FDA on the same panel was awesome!"
"The Tabletop Exercise was fascinating. Great to hear how the insurance carrier and outside counsel work through the issues vs. the CISO and their Business Associate. Very well put together!"
This 3rd Annual 4A Data Security & Privacy Symposium is produced in conjunction with Drexel LeBow School of Business, Corporate and Executive Education as well as the Drexel Cybersecurity Institute. Attendees who wish to receive CLE's or CPE's must select that option on their Registration Form in advance, and sign in and out of the conference sessions. Instructions will also be provided at the Symposium.
Drexel LeBow is conveniently located in the University City district of Philadelphia. There are several easy ways to get to Philadelphia, Drexel LeBow, and to the many historic sites nearby.
Drexel's Gerri C. LeBow Hall is just 2 blocks from the 30th Street Amtrak Station which is a hub for travel between major cities across the U.S.
Greyhound (1001 Filbert Street) Economical travel from Philadelphia to all over the country.
For directions, click here
There are several hotels in the area to choose from. For a special Drexel Symposium Discount, please reserve your room through the following links:
Complementary meals and snacks are provided for registered attendees. A Cocktail Reception will also be held directly after the main conference at The Terrace, just outside the conference hall. Food will be served as follows:
7:30 am – 8:30 am Breakfast/Registration
11:00 am – 11:15 am Vendor Expo/Coffee
12:00 pm - 1:00 pm Luncheon and Round Table Discussions
2:45 pm – 3:10 pm Vendor Expo/Coffee
5:00 pm – 6:30 pm Cocktail Party and Prizes
We request presentation slides from speakers and we upload them to the conference website. We do not receive slides from every speaker, and some speakers to not allow distribution of their slides. This is at the discretion of the individual speaker.
Yes! The 4A Data Security and Privacy Symposium is approved to earn CLE and CPE credit through Drexel University, Corporate and Executive Education.
Information Security Professionals
Big Data Scientists
The 4A Security & Privacy Symposium does not offer refunds. If you cannot attend, you may request a credit for a future event or you may transfer your registration to another person.
SEPTA is Philadelphia's public transportation system that utilizes subways, trains, buses, and trolleys to take you wherever you want to go in the city and surrounding suburbs. The fare is $2.25 in cash around the city, or you can purchase tokens ahead of time from the vending machine at the Creese Information Desk, at some SEPTA stops, and at some stores. Fares to the suburbs are higher and vary by zone.
Market-Frankford Line – Partially following Market Street east-west, it goes from Frankford Transportation Center (east) to 69th Street (west) with stops near campus (34th and Market Streets and 30th Street Station). The El signs are blue.
Broad Street Line – Following Broad Street north-south, it goes from Fern Rock Station (north) to AT&T Station (south). The Subway signs are orange.
Trolleys – There are five numbered trolley routes that begin and end at 13th and Market Streets and that pass Drexel (33rd and Market Streets and 30th Street Station). Signs are green.
Buses – The bus routes go through every neighborhood in the city. Routes 21, 30, 31, 42, and the LUCY loops are convenient to Drexel's campus. More routes are available from 30th Street Station. Route signs are posted on poles near street corners.
Regional Rail – The Regional Rail trains provide service to the surrounding suburbs from 30th Street Station, University City, Suburban Station, and Market East. The Airport Line has trains to and from Center City every half hour.
The 4A Data Security and Privacy Symposium is designed to stimulate dialog among professionals who see this as an interdisciplinary field and who want to learn from each other.
Information Security Professionals
Hospitals & other Healthcare Providers
Federal & State Policy Makers
Risk Management Professionals
Compliance and Audit
Machine Learning & AI
State, Regional & Community-Based Health Information Organizations
A lot! Food, art, music, entertainment, history, sports - and Philadelphia is a very accessible city. It's a beautiful time of year too. Bring your partner and make a holiday of it. Check out the Visit Philly website to see what's happening while you're here or to plan your trip in advance.