C-Circle – “Cybersecurity – What SMBs Should Learn From Target, Home Depot and SONY”

Date: Thursday, July 16, 2015
Time: 8:00am-10:00am
Location: Morgan Lewis
3000 El Camino Real
Two Palo Alto Square, 6th Floor
Palo Alto, CA 94304

Are you a CEO or other C-level executive and wish to request to be part of these events?


The ACG Silicon Valley C-Circle, now in its fifth year, proudly announces that it has attracted a following of approximately 250 CEOs and C-Level Executives and achieved a regular attendance of 35 executives per session.


Cybersecurity – What SMBs Should Learn From Target, Home Depot and SONY

The network security breaches at Target, Home Depot and SONY are a wake-up call for all businesses. However, the challenges faced by small-to-medium sized businesses (“SMBs”) are unique and significant. Whereas, large enterprises have the financial resources and personnel to devote to the network security challenges, SMBs do not. Taken together, the ongoing threat to network security and diverse challenges to SMBs necessitates a unique and comprehensive approach to risk management, auditing and best practices. Please join us for a discussion of the Target, Home Depot and SONY security breaches and what every SMB can learn from these events.

Please join us for an enlightening discussion on the following questions:

  • What really happened with Target, Home Depot and SONY?
  • How did the security breaches occur?
  • What damage was done?
  • How did Target, Home Depot and SONY discover the breaches?
  • How long did the breaches go on undetected?
  • How did each respond?
  • How can a company detect a security breach before the damage is done?
  • Who are likely targets for attack?
  • Who are the attackers? Disgruntled activists? Organized crime? Foreign governments? Disgruntled employees?
  • What are the typical vulnerabilities?
  • What are the typical attacks? Phishing? Man-in-the-middle? Man-in-the-browser?
  • Is a security breach inevitable or can they be prevented?
  • What are “Trojan horses”, “network sniffers”, “scanners”, “distributed attack tools”, and “denial of service tools”?
  • What is the role of human error in these attacks?
  • How effective is encryption?
  • What pro-active steps should a SMB take to protect it’s data?
  • What are the best network security practices for security with respect to people, operatons and technology?
  • How much money should a SMB expect to spend on data security?


Guest Experts

Jim Harlow

NetFuel, Inc.

Jim is on the lecturer’s list at the U.S. Military Academy-West Point, Naval Post-Graduate School in Monterey, and was recently invited to lecture at the Air Force University at Maxwell Air Force Base in Alabama. With bank executives, entrepreneurs and leadership in various branches of the U.S. military, Jim builds bridges between local start-ups and military technologists. The purpose is to cross-pollenate public and private cybersecurity expertise – to fortify vital military platforms and U.S. banking systems designated as a national security priority. Very recently, he presented plans at the Pentagon to effectively handle nation-state backed professional hackers and to ruggedize vital U.S. government platforms. He is a technology executive in Silicon Valley for over twenty years with two patents granted and seven pending in the area of cybersecurity.

Scott Gainey

Vice President of Product & Industry Initiatives,
Palo Alto Networks

Scott is the Vice President of Product & Industry Initiatives at Palo Alto Networks. He is responsible for the introduction of all new products and technologies, including solutions originating from joint technology and industry partnerships. Scott is also responsible for formulating the vision, definition and delivery of new programs aimed at driving Palo Alto Network’s growth, and cultivating opportunities in new and existing markets.

Scott has over 19 years of experience in security, cloud computing, storage systems, and enterprise networking. Prior to joining Palo Alto Networks, Scott held leadership positions at Cisco, Xsigo Systems (bought by Oracle), NetApp, VERITAS Software (bought by Symantec), and Sun Microsystems. He received his Bachelor of Science from Humboldt State University, and Executive Leadership Development from Stanford University Graduate School of Business.

Mark Krotoski

Morgan, Lewis & Bockius

Mark is currently a partner with Morgan, Lewis & Bockius. Prior to joining Morgan Lewis, he served as a federal prosecutor for nearly 20 years handling a variety of complex and novel investigations and high-profile cases. While at the US Department of Justice, Mark served as the national coordinator for the Computer Hacking and Intellectual Property (CHIP) Program in the DOJ’s Criminal Division, which involved approximately 250 federal prosecutors specially trained to prosecute cybercrime and intellectual property enforcement cases. He successfully prosecuted and investigated virtually every type of computer intrusion, cybercrime, and criminal intellectual property violation. As chief and deputy chief of the Criminal Division in the US Attorney’s Office for the Northern District of California, he supervised cases involving white collar crime, securities fraud, computer intrusion, intellectual property, organized crime, and anti-terrorism.


Are you a CEO or other C-level executive and wish to request to be part of these events?