NG Security Europe SIR by janagru

NG Security US www.gdsinternational.com/events/ngsecurity/us/

11th â&#x20AC;&#x201C; 13th May 2015 San Antonio, Texas

WELCOME!

At GDS International, we take huge pride in delivering the best value possible to our clients onsite ...Introducing the Summit Intelligence Report (SIR)

The SIR is a comprehensive overview of delegate profiles and key spending indicators. Each delegate provided us with their personal and company biographies along with answers to our questionnaire requesting key statistical analyses of their budgets, budget allocation strategies, and areas of technology priorities. The purpose of this report is to provide you with a useful resource when preparing for the Summit and all the information needed to make the best meeting selections. Please do not hesitate to contact our team if you have any queries. We look forward to seeing you at the summit and to working with you on many more in the future.

The NG Security Team at GDS International

TABLE OF CONTENTS SECTION 1 INTRODUCTION -

HOW OUR SUMMITS WORK

WHY ARE WE INDUSTRY LEADERS?

QUALITY CONTROL

SECTION 2 SUMMIT INTELLIGENCE SUMMARY -

STATISTICAL ANALYSIS OF QUESTIONNAIRES

STRATEGY BREAKDOWN BY INVESTMENT AREA

SECTION 3 DELEGATE INTELLIGENCE REPORT -

CONFIRMED DELEGATES

COMPANY PROFILES

EXECUTIVE PROFILES

INVESTMENT QUESTIONNAIRES

HOW OUR SUMMITS WORK GDS summits are designed to provide a number of different networking channels to execute and promote business. Each summit takes place over a 3 day period and includes a combination of one-to-one prescheduled meetings, focused interactive workshops as well as constant networking opportunities. Senior decision makers will engage in business meetings with solution providers who are specific to their business challenges and areas of future investment. The delegation is comprised of the most important and well respected, senior executives, in the industry, and the 40-minute meeting format is designed to surpass the traditional exchange of business cards and allow executives to have a good discussion on a personal level.

Key benefits:         

Industry leading decision makers, and your potential customers, under one roof at one time Be part of the discussions that shape the industry’s future Have a platform to announce new developments to the people who matter Network and develop contacts that will strengthen your business Position your company as a genuine market leader Maximize your spend by targeting your needs and solutions to relevant decision makers Educate your potential customers of the key benefits of your value proposition and raise your profile in the industry Increase your exposure to your target audience Win new business through the networking and one to one meetings

WHY ARE WE INDUSTRY LEADERS? FACE-TO-FACE MEETINGS Our Summits offer meetings on a pre-arranged, face-to-face, basis. According to a recent Forbes study, 92% of CEOs believe face-to-face meetings are the best way to win new business. The Forbes survey revealed:    

87% of company managers surveyed preferred face-to-face meetings 92% think such an approach saves them time and 88% say it saves money 85% believe such an approach creates a more solid and stronger relationship 75% believe such an approach creates better social interaction

C – LEVEL DELEGATES GDS events provide the highest level of delegates in the industry, senior executives from Fortune 200 companies who are responsible for budgets running into billions. Our summits offer unprecedented access to these individuals through the one-to-one meetings.

TARGETED CONTENT We work closely with the leading analyst companies on a global basis to deliver the best content and analysis at our events. All our workshops and panel discussions are targeted around pressing developments and need areas within the industry ensuring our events are at the cutting edge and helping to drive industry forward. Bringing the industries key leaders together allows a unique opportunity to identify key challenges and work together over the 3 days to understand the solutions that will enable them to improve their business.

“I found the last few days very valuable from many perspectives. The level of delegates has been fantastic – I can't ask for anything more. The great part has been doing lots of one-to-one meetings with the people we need to connect to in our customer base: the one-to-one meetings and the level of networking easily surpass any other event.” Simon Barnier – Lexmark

“It is one of the best formats that we are working with right now. We have sponsored two GDS summits and are looking forward to our third. The team have looked after us well and introduced us to customers we would not have otherwise met.” Andrew Wilson – Accenture

“This is clearly the best format on the market and the most cost effective way to do business development for us at Symantec. The meetings with delegates, their level, the business topics, the workshops and the networking – all make it a multifaceted event from which we got enormous value!” Arnaud Taddei – Symantec

QUALITY CONTROL At GDS International, our aim is to provide you with the optimum value for the two and a half days you’ll be joining us at the summit.

How we can guarantee this is simple: We ensure the best possible quality in delegate attendees. Just as it is important for you as a solution provider to meet with high level, budget holding, decision makers, it is important for us to provide our delegates with the targeted solution providers who can best meet their needs, thus justifying their time out of the office. Our delegation targets are determined through highly focused planning: 

Market research in partnership with global analyst firms to identify industry trends, challenges, and forecasted budget spending patterns



Review of topics and ideal delegates with our Summit Advisory Board, consisting of Global Industry Thought leaders and end users



Creation of a targeted program agenda to attract the relevant delegates



Formulation of a specific Delegate Target Report, which identifies the parameters in which we would define an ideal delegation, broken down by region, company size, budget size, and key focus areas.



Analysis of each delegate who confirms attendance with assigned points value based around correlation with delegate targets

SUMMIT INTELLIGENCE SUMMARY

STATISTICAL ANALYSIS OF SUMMIT DELEGATE QUESTIONNAIRES 2015 BUDGET BREAKDOWN 30 25 20 15

Number of 10 Delegates 5

Budget Size (in USD)

BUDGET BREAKDOWN BY ALLOCATION STRATEGY

21%

22%

Mandated Investments to meet regulatory/legal requirements Investments to maintain/run existing systems and processes

Investments to support business innovation

20% 37%

Investments to support business growth

INVESTMENT 2015: BUSINESS STRATEGY SERVICES / TECHNOLOGY CURRENTLY SOUGHT – LESS THAN 12 MONTHS 35 30 25

Number of 20 Delegates 15 10 5 0

Investment Priorities 0-12 months

INVESTMENT 2015: BUSINESS STRATEGY SERVICES / TECHNOLOGY CURRENTLY SOUGHT – BEYOND 12 MONTHS

35 30 25

Number of 20 Delegates 15 10 5 0

Investment Priorities 0-12 months

DELEGATE INTELLIGENCE REPORTS

CONFIRMED DELEGATE LIST Below you will find the list of confirmed executives that you will be meeting at the event. Utilizing this list and the information in the following pages will enable the business meetings you choose at the event to be best tailored around the service requirements of our delegation. Company

Attendee Name

Job Title

Advance Auto Parts Affirmative Insurance Holdings AIG AIG Property Casualty Army Aviation Center FCU Autozone Bank of America Bell Canada BNY Mellon Bunge

Joel Yonts Greg Kocek Chuck Herrin Michael Iwanoff Thomas Struan Stephen Agar Heinrich Smit Neil Greenberg Donna Taylor Bob Chen

Capital One Citi Citigroup Inc. Concho Resources DirecTV DPS Texas Gov Enterprise Products Fannie Mae FIS GLOBAL Genesis Healthcare Herbalife International Inc Hewlett-Packard

Ty Sbano Mark Kramer Christine Kincaid Vinnie Balasekaran Karthik Swarnam Aaron Blackstone Stuart Wagner Anthony Johnson Andrew Kim Ray Hawkins Darrell Jones Anil Katarki

CISO CIO SVP IT Security and Risk CISO CIO Chief Security Architect Security Architect (VP) Assoc. Director, Security Architecture VP Chief Architect Application Security and Perimeter Security Assessment (Red Team) Program Lead SVP, Global Information Security Global Security and Technology Strategy Infrastructure Manager CISO CISO Director, IT Security and Compliance VP, CISO Director Cybersecurity Chief Information Security Officer CISO CISO US Public Sector

Company

Attendee Name

Job Title

HQ Army Sustainment Command Hulu Indigo Books & Music JetBlue John Deere

Shadrack Roberts Christopher Hymes Ben Turgeon Jesse Martin-Alexander John Johnson

Merck & Co., Inc. MUFG NBA

John Patterson Nick Belov Darren Guarino Jose Francisco Mejia Hernandez Sergio Gonzalez Jeffrey Snyder Brian Betterton Robert Lautsch Joel Wuesthoff Kenneth Seeley Daniel Key Paul Mocarski Michael Botts Marcus Benson Dr. Sam Kurien Prentis Brooks Erik Rasmussen

Chief Privacy/Cyber Official Head of Information Risk and Compliance VP IT Operations IT Security Architect Global Security Strategist Executive Director of IT Risk Management, Research and Supply Chain VP Senior Director IT

Pemex Pemex Raytheon Company Reit Management & Research (RMR) Rite Aid Robert Half Santander Consumer USA Inc. Seattle City Light Sherwin Williams SunPower Texas Department of Public Safety The Alliance Time Warner Cable Visa

Security Operations Manager IAM Officer VP Cyber Programs Director Security, Risk and Compliance/ CISO Senior Director - Information Security Senior Director Director Information Security Director IT Infrastructure and Operations Senior Manager Global Info Security Information Security Director & CISO Sr. Cyber Security Engineer CIO Director, Cyber Security Director, NA Cyber Security Intelligence

PART 1: REGISTRATION PROFILE

NAME: Joel Yonts EXECUTIVE TITLE: CISO COMPANY NAME: Advance Auto Parts

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 15 Investments to maintain/run existing systems and processes 60 Investments to support business innovation 15 Investments to support business growth 10 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 4 5 Social Media Security 5 5 Unified Communications 5 5 Billing/Revenue Management 5 5 Cyber Security 4 5 Data Leakage Security 5 5 Data Protection & Storage 5 5 Data Security 5 5 Digital Signage 5 5 Encryption 5 5 End Point Security 5 5 Firewall Security 5 5 Governance, Risk & Compliance (GRC) 4 5 Identity and Access Management 5 5 Internet Security 5 5 ISMS/IT Risk Management 5 5 Malware Prevention 3 5 Managed Security 5 5 Mobile Security 3 5 Network Access Control 5 5 Network Security 5 5 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 3 5 SIEM 5 5 Smartphone Security 3 5 Single Sign On (SSO) 5 5 Threat Intelligence Management 3 5 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Greg Kocek EXECUTIVE TITLE: CIO COMPANY NAME: Affirmative Insurance Holdings

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 10 Investments to maintain/run existing systems and processes 50 Investments to support business innovation 20 Investments to support business growth 20 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 3 3 Data Leakage Security 3 3 Data Protection & Storage 2 2 Data Security 2 2 Digital Signage 4 4 Encryption 3 3 End Point Security 3 3 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 3 3 Mobile Security 3 3 Network Access Control 4 4 Network Security 4 4 PCI/Tokenization 4 4 PCI Compliance 4 4 Securing the Cloud 3 3 SIEM 4 4 Smartphone Security 4 4 Single Sign On (SSO) 4 4 Threat Intelligence Management 4 4 What are the most important security technologies for the line of business that you manage? Web filtering What type of security technologies are routinely utilized within your organization for making your organization run? Custom application security What is the most important technology challenge you are currently facing within your organization? Figuring out how to prioritize and confirming what to consider as we move to a cloud infrastructure (IaaS) Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes

PART 1: REGISTRATION PROFILE

NAME: Chuck Herrin EXECUTIVE TITLE: SVP IT Security and Risk COMPANY NAME: AIG

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million X Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 25 Investments to maintain/run existing systems and processes 25 Investments to support business innovation 25 Investments to support business growth 25 100%

PART 3: INVESTMENT PRIORITIES

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Michael Iwanoff EXECUTIVE TITLE: CISO COMPANY NAME: AIG Property Casualty

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 75 Investments to maintain/run existing systems and processes 15 Investments to support business innovation 10 Investments to support business growth 0 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 3 Social Media Security 3 3 Unified Communications 4 4 Billing/Revenue Management 5 5 Cyber Security 4 4 Data Leakage Security 3 3 Data Protection & Storage 4 4 Data Security 3 3 Digital Signage 3 3 Encryption 2 2 End Point Security 3 3 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 5 5 Identity and Access Management 5 5 Internet Security 4 4 ISMS/IT Risk Management 4 4 Malware Prevention 3 3 Managed Security 4 4 Mobile Security 2 2 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 2 2 PCI Compliance 3 3 Securing the Cloud 3 3 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 4 4 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? DLP, Malware, GRC, TVM, AV, SEIM, Web Proxy, Email Proxy, Gateway Encryption What type of security technologies are routinely utilized within your organization for making your organization run? See above What is the most important technology challenge you are currently facing within your organization? PKI, TVM Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Like anyone else

PART 1: REGISTRATION PROFILE

NAME: Thomas Struan EXECUTIVE TITLE: CIO COMPANY NAME: Army Aviation Center FCU

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 20 Investments to maintain/run existing systems and processes 30 Investments to support business innovation 25 Investments to support business growth 25 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 5 3 Social Media Security 4 3 Unified Communications 5 4 Billing/Revenue Management 3 2 Cyber Security 3 2 Data Leakage Security 3 1 Data Protection & Storage 3 1 Data Security 3 3 Digital Signage 3 2 Encryption 2 2 End Point Security 4 4 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 4 4 Identity and Access Management 4 3 Internet Security 4 3 ISMS/IT Risk Management 3 2 Malware Prevention 3 2 Managed Security 3 3 Mobile Security 3 3 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 4 4 PCI Compliance 3 2 Securing the Cloud 4 4 SIEM 4 4 Smartphone Security 3 2 Single Sign On (SSO) 3 1 Threat Intelligence Management 3 2 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Stephen Agar EXECUTIVE TITLE: Chief Security Architect COMPANY NAME: Autozone

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 1 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 3 3 Data Security 2 2 Digital Signage 5 5 Encryption 1 1 End Point Security 1 1 Firewall Security 1 1 Governance, Risk & Compliance (GRC) 2 2 Identity and Access Management 3 3 Internet Security 1 1 ISMS/IT Risk Management 2 2 Malware Prevention 2 2 Managed Security 4 4 Mobile Security 2 2 Network Access Control 1 1 Network Security 1 1 PCI/Tokenization 1 1 PCI Compliance 2 2 Securing the Cloud 1 1 SIEM 4 4 Smartphone Security 2 2 Single Sign On (SSO) 3 3 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? - Egress filtering Firewalls and Content Filters - IDS/IPS - Data Loss Prevention What type of security technologies are routinely utilized within your organization for making your organization run? - Endpoint Security - Firewalls What is the most important technology challenge you are currently facing within your organization? Attempting to use technology to solve business or process problems Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes

PART 1: REGISTRATION PROFILE Bank of America is one of the world's largest financial institutions, serving individual consumers, small and middle-market businesses and large corporations with a full range of banking, investing, asset management and other financial and risk management products and services. The company provides unmatched convenience in the US, serving approximately 57 million consumer and small business relationships with more than 5,800 retail banking offices and approximately 18,000 ATMs, and award-winning online banking with 29 million active users. Bank of America is among the world's leading wealth management companies and is a global leader in corporate and investment banking and trading across a broad range of asset classes, serving corporations, governments, institutions and individuals around the world. Bank of America offers industry-leading support to approximately four million small business owners through a suite of innovative, easy-to-use online products and services. The company serves clients through operations in more than 40 countries. Bank of America Corporation stock is a component of the Dow Jones Industrial Average and is listed on the New York Stock Exchange.

NAME: Heinrich Smit EXECUTIVE TITLE: Security Architect (VP) COMPANY NAME: Bank of America

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 65 Investments to maintain/run existing systems and processes 20 Investments to support business innovation 5 Investments to support business growth 10 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 4 4 Unified Communications 4 4 Billing/Revenue Management 5 5 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 4 4 Encryption 3 3 End Point Security 2 2 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 1 1 Identity and Access Management 1 1 Internet Security 2 2 ISMS/IT Risk Management 1 1 Malware Prevention 2 2 Managed Security 3 3 Mobile Security 3 3 Network Access Control 4 4 Network Security 4 4 PCI/Tokenization 4 4 PCI Compliance 3 3 Securing the Cloud 2 2 SIEM 5 5 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? Exchange; Endpoint; Active Directory; SharePoint; Lync; Mobile What type of security technologies are routinely utilized within your organization for making your organization run? All What is the most important technology challenge you are currently facing within your organization? Zero-day Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No, we are aware

PART 1: REGISTRATION PROFILE BCE Inc. is Canada's largest communications company, providing a comprehensive and innovative suite of broadband communications and content services to consumer, residential business and government customers in Canada. Powered by industry-leading investments in advanced networks and media content, Bell communications services are offered under the Bell Canada and Bell Aliant brands. These include fibre-based IPTV and highspeed Internet services, 4G LTE wireless, home phone and business network and communications services, including data hosting and cloud computing. Bell Media is Canada's premier multimedia company with leading assets in television, radio, out of home and digital media, including CTV, Canada's #1 television network, and the country's most-watched specialty channels.

NAME: Neil Greenberg EXECUTIVE TITLE: Assoc. Director, Security Architecture COMPANY NAME: Bell Canada

Neil is currently responsible for the development of enterprise security solutions and have over 25 years of experience along with a track record of guiding and implementing integrated, leading edge solutions and processes that achieve enterprise goals. Extensive experience in security analysis, corporate risk management, and threat and risk assessment, along with the design and implementation of security solutions. Depth of competency extends within the security field across the financial services, telecom and IT industries. PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million X $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 10 Investments to maintain/run existing systems and processes 20 Investments to support business innovation 50 Investments to support business growth 20 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 1 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 3 3 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 3 3 Digital Signage 4 4 Encryption 3 3 End Point Security 2 3 Firewall Security 3 2 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 2 2 Internet Security 3 3 ISMS/IT Risk Management 3 4 Malware Prevention 3 3 Managed Security 4 4 Mobile Security 3 3 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 3 4 PCI Compliance 3 4 Securing the Cloud 3 2 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? Identity and Access Management, Anti-virus, Intrusion Detection, Firewalls What type of security technologies are routinely utilized within your organization for making your organization run? Identity and Access Management, Anti-virus, Intrusion Detection, Firewalls What is the most important technology challenge you are currently facing within your organization? Funding Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes

PART 1: REGISTRATION PROFILE

NAME: Donna Taylor EXECUTIVE TITLE: VP COMPANY NAME: BNY Mellon

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other X

PART 3: INVESTMENT PRIORITIES

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Bob Chen EXECUTIVE TITLE: Chief Architect COMPANY NAME: Bunge

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 40 Investments to maintain/run existing systems and processes 35 Investments to support business innovation 15 Investments to support business growth 10 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 2 Social Media Security 2 2 Unified Communications 1 1 Billing/Revenue Management 2 2 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 3 3 Encryption 2 2 End Point Security 2 2 Firewall Security 1 1 Governance, Risk & Compliance (GRC) 1 1 Identity and Access Management 1 1 Internet Security 1 1 ISMS/IT Risk Management 2 2 Malware Prevention 2 2 Managed Security 2 2 Mobile Security 1 1 Network Access Control 1 1 Network Security 1 1 PCI/Tokenization 2 2 PCI Compliance 2 2 Securing the Cloud 1 1 SIEM 3 3 Smartphone Security 1 1 Single Sign On (SSO) 1 1 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Ty Sbano EXECUTIVE TITLE:

Application Security and Perimeter Security Assessment (Red Team) Program Lead

COMPANY NAME: Capital One

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 35 Investments to maintain/run existing systems and processes 35 Investments to support business innovation 15 Investments to support business growth 15 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 1 Social Media Security 5 5 Unified Communications 5 5 Billing/Revenue Management 5 5 Cyber Security 4 4 Data Leakage Security 5 5 Data Protection & Storage 5 5 Data Security 5 5 Digital Signage 5 5 Encryption 5 4 End Point Security 5 4 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 5 5 Identity and Access Management 5 5 Internet Security 5 5 ISMS/IT Risk Management 5 5 Malware Prevention 5 5 Managed Security 5 4 Mobile Security 2 2 Network Access Control 5 5 Network Security 5 5 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 5 5 SIEM 5 5 Smartphone Security 3 4 Single Sign On (SSO) 4 4 Threat Intelligence Management 4 5 What are the most important security technologies for the line of business that you manage? I focus purely on Application Security for the Enterprise. What type of security technologies are routinely utilized within your organization for making your organization run? I focus purely on Application Security for the Enterprise. What is the most important technology challenge you are currently facing within your organization? Emerging analysis capabilities with APIs, WebService and emerging programming languages Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No. I focus purely on Application Security for the Enterprise.

PART 1: REGISTRATION PROFILE Citi, the leading global bank, does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services and wealth management.

NAME: Mark Kramer EXECUTIVE TITLE: SVP, Global Information Security COMPANY NAME: Citi

Mark is the global consumer information security program director at Citigroup responsible for translating information security strategy and regulatory and compliance commitments into successful global program delivery. Prior to joining Citi, he built and led global information security programs and functions at Merck, Schering-Plough and Organon BioSciences. He has over 25 years of leadership experience in information security and IT. PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million X More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 15 Investments to maintain/run existing systems and processes 50 Investments to support business innovation 10 Investments to support business growth 25 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 3 3 Unified Communications 4 4 Billing/Revenue Management 5 5 Cyber Security 3 3 Data Leakage Security 4 4 Data Protection & Storage 4 3 Data Security 3 3 Digital Signage 4 4 Encryption 3 3 End Point Security 4 4 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 4 4 Identity and Access Management 4 4 Internet Security 3 3 ISMS/IT Risk Management 4 3 Malware Prevention 3 3 Managed Security 5 5 Mobile Security 2 2 Network Access Control 4 4 Network Security 4 3 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 3 3 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 5 5 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? Risk-based authentication, vulnerability scanning What type of security technologies are routinely utilized within your organization for making your organization run? Event logging What is the most important technology challenge you are currently facing within your organization? Implementing solutions that may disrupt/adversely impact business operations/customer experience Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes

PART 1: REGISTRATION PROFILE

NAME: Christine Kincaid EXECUTIVE TITLE: Global Security and Technology Strategy COMPANY NAME: Citigroup Inc.

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million X $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 25 Investments to maintain/run existing systems and processes 40 Investments to support business innovation 25 Investments to support business growth 10 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 4 4 Unified Communications 3 3 Billing/Revenue Management 5 5 Cyber Security 3 3 Data Leakage Security 2 2 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 3 3 Encryption 2 2 End Point Security 3 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 2 2 Internet Security 3 3 ISMS/IT Risk Management 4 4 Malware Prevention 4 4 Managed Security 5 5 Mobile Security 4 4 Network Access Control 4 4 Network Security 4 5 PCI/Tokenization 4 4 PCI Compliance 4 4 Securing the Cloud 3 3 SIEM 5 5 Smartphone Security 4 4 Single Sign On (SSO) 4 4 Threat Intelligence Management 5 4 What are the most important security technologies for the line of business that you manage? I support all the lines of business so every technology is important. What type of security technologies are routinely utilized within your organization for making your organization run? Network, datacenter, application, encryption/the list is massive What is the most important technology challenge you are currently facing within your organization? Upgrades Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? No Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

PART 1: REGISTRATION PROFILE

NAME: Vinnie Balasekaran EXECUTIVE TITLE: Infrastructure Manager COMPANY NAME: Concho Resources

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 3 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 5 5 Cyber Security 1 1 Data Leakage Security 3 3 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 4 4 Encryption 3 3 End Point Security 2 2 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 1 1 Managed Security 2 2 Mobile Security 3 3 Network Access Control 1 1 Network Security 1 1 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 1 1 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage? Malware protection What type of security technologies are routinely utilized within your organization for making your organization run? IPS, Endpoint Security What is the most important technology challenge you are currently facing within your organization? Protecting control systems Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No

PART 1: REGISTRATION PROFILE

NAME: Karthik Swarnam EXECUTIVE TITLE: CISO COMPANY NAME: DirecTV

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other X

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 20 Investments to maintain/run existing systems and processes 35 Investments to support business innovation 20 Investments to support business growth 25 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 2 Social Media Security 3 2 Unified Communications 4 4 Billing/Revenue Management 5 5 Cyber Security 1 1 Data Leakage Security 1 2 Data Protection & Storage 5 3 Data Security 2 4 Digital Signage 3 5 Encryption 4 4 End Point Security 3 3 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 4 4 Identity and Access Management 2 3 Internet Security 5 5 ISMS/IT Risk Management 2 4 Malware Prevention 3 3 Managed Security 4 3 Mobile Security 5 5 Network Access Control 5 5 Network Security 5 5 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 3 3 SIEM 4 4 Smartphone Security 4 4 Single Sign On (SSO) 4 4 Threat Intelligence Management 2 3 What are the most important security technologies for the line of business that you manage? Data Protection, Security Operations tools What type of security technologies are routinely utilized within your organization for making your organization run? Logging monitoring, network security What is the most important technology challenge you are currently facing within your organization? Security information management Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes

PART 1: REGISTRATION PROFILE

NAME: Aaron Blackstone EXECUTIVE TITLE: CISO COMPANY NAME: DPS Texas Gov

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 60 Investments to maintain/run existing systems and processes 40 Investments to support business innovation 0 Investments to support business growth 0 100%

PART 3: INVESTMENT PRIORITIES

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Stuart Wagner EXECUTIVE TITLE: Director, IT Security and Compliance COMPANY NAME: Enterprise Products

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 20 Investments to maintain/run existing systems and processes 60 Investments to support business innovation 0 Investments to support business growth 20 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 4 3 Social Media Security 4 4 Unified Communications 5 5 Billing/Revenue Management 5 5 Cyber Security 1 1 Data Leakage Security 4 4 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 5 5 Encryption 4 4 End Point Security 3 3 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 4 4 Mobile Security 4 4 Network Access Control 4 4 Network Security 3 3 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 4 4 SIEM 3 3 Smartphone Security 4 4 Single Sign On (SSO) 5 5 Threat Intelligence Management 1 1 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Anthony Johnson EXECUTIVE TITLE: VP, CISO COMPANY NAME: Fannie Mae

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million X $150-$300 Million More than $300 Million Other

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 1 Social Media Security 2 2 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 2 2 Encryption 1 1 End Point Security 1 1 Firewall Security 1 1 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 1 1 Internet Security 1 1 ISMS/IT Risk Management 3 3 Malware Prevention 2 2 Managed Security 2 2 Mobile Security 2 2 Network Access Control 2 2 Network Security 2 2 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 1 1 SIEM 2 2 Smartphone Security 3 3 Single Sign On (SSO) 2 2 Threat Intelligence Management 1 2 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE FIS™ is the world’s largest global provider dedicated to banking and payments technologies. With a long history deeply rooted in the financial services sector, FIS serves more than 14,000 institutions in over 110 countries. Headquartered in Jacksonville, Fla., FIS employs more than 39,000 people worldwide and holds leadership positions in payment processing and banking solutions, providing software, services and outsourcing of the technology that drives financial institutions. FIS is ranked 426 on the Fortune 500 and is a member of Standard & Poor’s 500® Index. FIS has also been named the No. 1 overall financial technology provider in the annual IDC Financial Insights FinTech 100 rankings four years running – 2011, 2012, 2013 and 2014. Despite these achievements, we never lose sight of the fact that it’s our clients that make us successful. That’s why FIS’ commitment to operational excellence and client satisfaction is at the forefront of our business strategies and top of mind with every decision we make. FIS continually strives to give every client a voice and listen and respond to their needs. With a focus on innovation, new product development and enhancements, NAME: Andrew Kim EXECUTIVE TITLE: Director Cybersecurity COMPANY NAME: FIS GLOBAL Andy has over 15 years of Information Security, IT Audit, Security Operations, and Business Continuity Planning and Disaster Recovery experience within the Banking, Investment Management, Insurance, and Healthcare industries. Originally coming from a high availability mission critical Internet infrastructure background, Andy has implemented enterprise class Information Security programs from large franchise risk banking organizations to small entrepreneurial pre-IPO companies. This unique set of experiences allows Andy to provide a tailored approach to Technology Risk Management, balancing risk with strategic business growth. Previously, Andy served as Senior Vice President and Chief Information Security Officer of One West Bank, N.A. the largest regional bank in Los Angeles, California with 75 branch offices and $25 billion in assets. Andy was responsible for the management of all aspects of information security, privacy, business continuity planning, disaster recovery, crisis management, regulatory relations, and security audits across the Lending, Retail, and Commercial Banking Businesses. Prior to One West, Andy was Vice President of Information Security at Citigroup, serving in the role of Business Information Security Officer for Citigroup Corporate Center and the Chief Technology Officer. Other positions include Director of IT Security and HIPAA Security Officer, and Security Officer of one of largest investment firms PART 2: BUDGETING AND SPENDING What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other X

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 25 Investments to maintain/run existing systems and processes 50 Investments to support business innovation 10 Investments to support business growth 15 100%

PART 3: INVESTMENT PRIORITIES Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 3 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 5 5 Cyber Security 1 3 Data Leakage Security 3 3 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 3 3 Encryption 3 3 End Point Security 3 3 Firewall Security 5 5 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 2 3 ISMS/IT Risk Management 3 3 Malware Prevention 1 3 Managed Security 3 3 Mobile Security 2 3 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 3 3 SIEM 1 3 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 1 3 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE Genesis HealthCare â&#x20AC;&#x201D; one of the nation's largest skilled nursing and rehabilitation therapy providers. We employ approximately 95,000 people, each one dedicated to the delivery of high-quality, personalized health care to all the patients and residents in our Centers. Our more than 500 Skilled Nursing Centers and Assisted/Senior Living Communities are located in 34 states across the nation, while our Genesis Rehab Services division provides therapy to approximately 1,600 locations in 46 states and the District of Columbia. We're headquartered in downtown Kennett Square, Pennsylvania - a historic borough located southwest of Philadelphia and about 20 minutes northwest of Wilmington, Delaware.

NAME: Ray Hawkins EXECUTIVE TITLE: CISO COMPANY NAME: Genesis Healthcare

Ray Hawkins is the Chief Information Security Officer for Genesis Healthcare, the largest provider of longterm healthcare services in the United States. He has over fifteen years of experience in Information Security across a number of industry sectors, public sector and consulting. In his leadership role Ray provides guidance and direction in all matters related to data protection, regulatory compliance, risk management, litigation support, e-discovery, and incident management. Ray holds a number of professional certifications and is currently pursuing a PhD. in Information Security. PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 30 Investments to maintain/run existing systems and processes 30 Investments to support business innovation 20 Investments to support business growth 20 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 3 Social Media Security 4 3 Unified Communications 5 5 Billing/Revenue Management 5 5 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 3 3 Data Security 2 2 Digital Signage 4 4 Encryption 4 4 End Point Security 1 1 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 2 2 Identity and Access Management 4 4 Internet Security 2 2 ISMS/IT Risk Management 3 3 Malware Prevention 2 2 Managed Security 5 5 Mobile Security 4 4 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 5 5 SIEM 2 2 Smartphone Security 2 2 Single Sign On (SSO) 5 5 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage? SEIM, DLP, Threat Intel, End Point protection What type of security technologies are routinely utilized within your organization for making your organization run? SEIM, End Point What is the most important technology challenge you are currently facing within your organization? DLP Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? No Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

PART 1: REGISTRATION PROFILE

NAME: Darrell Jones EXECUTIVE TITLE: CISO COMPANY NAME: Herbalife International Inc

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 4 4 Social Media Security 4 4 Unified Communications 4 4 Billing/Revenue Management 4 4 Cyber Security 2 2 Data Leakage Security 2 2 Data Protection & Storage 2 2 Data Security 2 2 Digital Signage 4 4 Encryption 4 4 End Point Security 4 4 Firewall Security 5 5 Governance, Risk & Compliance (GRC) 2 2 Identity and Access Management 2 2 Internet Security 4 4 ISMS/IT Risk Management 3 3 Malware Prevention 4 4 Managed Security 4 4 Mobile Security 4 4 Network Access Control 3 3 Network Security 5 5 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 5 5 SIEM 5 5 Smartphone Security 5 5 Single Sign On (SSO) 2 2 Threat Intelligence Management 5 5 What are the most important security technologies for the line of business that you manage? Tokenization What type of security technologies are routinely utilized within your organization for making your organization run? Tokenization What is the most important technology challenge you are currently facing within your organization? Obtaining trained individuals Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No

PART 1: REGISTRATION PROFILE

NAME: Anil Katarki EXECUTIVE TITLE: CISO US Public Sector COMPANY NAME: Hewlett-Packard

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 40 Investments to maintain/run existing systems and processes 30 Investments to support business innovation 15 Investments to support business growth 15 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 4 4 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 3 3 Data Leakage Security 3 3 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 3 3 Encryption 3 3 End Point Security 3 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 3 3 Mobile Security 3 3 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 3 3 SIEM 3 3 Smartphone Security 4 4 Single Sign On (SSO) 4 4 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? Endpoint Threat Management, Security Information Event Management & Vulnerability Assessment are critical technology areas for my line of business. What type of security technologies are routinely utilized within your organization for making your organization run? Endpoint Threat Management, SIEM, Vulnerability Assessment, Network Based IPS/IDS, Firewalls, GRC tools are tools we utilize on a daily basis What is the most important technology challenge you are currently facing within your organization? The most important technology challenge I'm currently facing within my organization is automating workflows and conducting risk assessment and risk management. The processes we have are still fairly manual. Securing Cloud Infrastructure is also another critical area for us. Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? Not at this time. Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

PART 1: REGISTRATION PROFILE

NAME: Shadrack Roberts EXECUTIVE TITLE: Chief Privacy/Cyber Official COMPANY NAME: HQ Army Sustainment Command

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million X Other

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 1 1 Unified Communications 2 2 Billing/Revenue Management 3 3 Cyber Security 1 1 Data Leakage Security 3 3 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 4 4 Encryption 3 3 End Point Security 3 3 Firewall Security 2 2 Governance, Risk & Compliance (GRC) 2 2 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 3 3 Mobile Security 3 3 Network Access Control 3 3 Network Security 1 1 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 1 1 SIEM 3 3 Smartphone Security 2 2 Single Sign On (SSO) 3 3 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage? Confidential What type of security technologies are routinely utilized within your organization for making your organization run? Confidential What is the most important technology challenge you are currently facing within your organization? Data exfiltration, account compromise, apt Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Confidential

PART 1: REGISTRATION PROFILE

NAME: Christopher Hymes EXECUTIVE TITLE: Head of Information Risk and Compliance COMPANY NAME: Hulu

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 1 Investments to maintain/run existing systems and processes 33 Investments to support business innovation 33 Investments to support business growth 33 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 3 Social Media Security 4 4 Unified Communications 4 4 Billing/Revenue Management 4 4 Cyber Security 2 2 Data Leakage Security 3 3 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 4 4 Encryption 3 3 End Point Security 3 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 4 4 Identity and Access Management 4 4 Internet Security 3 3 ISMS/IT Risk Management 4 4 Malware Prevention 3 3 Managed Security 4 4 Mobile Security 4 4 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 3 3 SIEM 3 3 Smartphone Security 4 4 Single Sign On (SSO) 4 4 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? People What type of security technologies are routinely utilized within your organization for making your organization run? Firewall, AV, threat intelligence, siem What is the most important technology challenge you are currently facing within your organization? Culture of excessive privilege Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes

PART 1: REGISTRATION PROFILE

NAME: Ben Turgeon EXECUTIVE TITLE: VP IT Operations COMPANY NAME: Indigo Books & Music

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 5 Investments to maintain/run existing systems and processes 50 Investments to support business innovation 20 Investments to support business growth 25 100%

PART 3: INVESTMENT PRIORITIES Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 3 3 Unified Communications 4 4 Billing/Revenue Management 4 4 Cyber Security 1 1 Data Leakage Security 3 3 Data Protection & Storage 3 3 Data Security 3 2 Digital Signage 3 3 Encryption 2 2 End Point Security 1 2 Firewall Security 2 2 Governance, Risk & Compliance (GRC) 2 2 Identity and Access Management 1 2 Internet Security 2 2 ISMS/IT Risk Management 3 3 Malware Prevention 1 2 Managed Security 3 3 Mobile Security 2 3 Network Access Control 4 4 Network Security 4 4 PCI/Tokenization 2 2 PCI Compliance 2 2 Securing the Cloud 1 1 SIEM 3 3 Smartphone Security 2 3 Single Sign On (SSO) 2 2 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage? The general topic of maintain adequate security when a lot of our on-prem applications and data are now migrating faster than ever to the cloud. Currently there are no solutions that can give an accurate picture of all these independent cloud solutions integrated into our on-prem solutions. What type of security technologies are routinely utilized within your organization for making your organization run? The usual crew, from firewalls, SIEM, anti-virus, anti-malware, credit card security encryption, access controls, multi-factor authentication. What is the most important technology challenge you are currently facing within your organization? We've been moving from a centralized, predictable, IT footprint on-prem to a much more dynamic, open, distributed, cloud model. The integration of these various technologies (and the security thereof) have become very challenging. Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No but we nonetheless pay significant attention to fraud and credit card security in the context of organized crime.

PART 1: REGISTRATION PROFILE

NAME: Jesse Martin-Alexander EXECUTIVE TITLE: IT Security Architect COMPANY NAME: JetBlue

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 20 Investments to maintain/run existing systems and processes 40 Investments to support business innovation 30 Investments to support business growth 10 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 1 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 1 1 Data Leakage Security 2 2 Data Protection & Storage 2 2 Data Security 2 2 Digital Signage 3 3 Encryption 3 3 End Point Security 3 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 2 2 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 4 4 Mobile Security 3 3 Network Access Control 4 4 Network Security 3 3 PCI/Tokenization 2 2 PCI Compliance 2 2 Securing the Cloud 2 2 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 4 3 Threat Intelligence Management 3 3 What are the most important security technologies for the line of business that you manage? Fraud prevention, PCI compliance, tokenization, web services security What type of security technologies are routinely utilized within your organization for making your organization run? Firewall, IDS, endpoint protection, proxy, TLS, IPSEC What is the most important technology challenge you are currently facing within your organization? Security for emerging technologies such as Websockets Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No

PART 1: REGISTRATION PROFILE

NAME: John Johnson EXECUTIVE TITLE: Global Security Strategist COMPANY NAME: John Deere

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 15 Investments to maintain/run existing systems and processes 65 Investments to support business innovation 5 Investments to support business growth 15 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 2 Social Media Security 4 4 Unified Communications 2 2 Billing/Revenue Management 4 4 Cyber Security 3 3 Data Leakage Security 2 2 Data Protection & Storage 2 2 Data Security 2 3 Digital Signage 4 4 Encryption 2 3 End Point Security 2 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 2 3 Internet Security 2 2 ISMS/IT Risk Management 2 3 Malware Prevention 3 3 Managed Security 2 2 Mobile Security 2 2 Network Access Control 2 2 Network Security 3 3 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 1 2 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 3 2 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: John Patterson EXECUTIVE TITLE:

Executive Director of IT Risk Management, Research and Supply Chain

COMPANY NAME: Merck & Co., Inc.

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 1 Social Media Security 1 1 Unified Communications 1 1 Billing/Revenue Management 3 3 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 3 3 Encryption 1 1 End Point Security 1 1 Firewall Security 1 1 Governance, Risk & Compliance (GRC) 1 1 Identity and Access Management 1 1 Internet Security 1 1 ISMS/IT Risk Management 1 1 Malware Prevention 1 1 Managed Security 1 1 Mobile Security 1 1 Network Access Control 1 1 Network Security 1 1 PCI/Tokenization 2 2 PCI Compliance 1 1 Securing the Cloud 1 1 SIEM 1 1 Smartphone Security 1 1 Single Sign On (SSO) 3 3 Threat Intelligence Management 1 1 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE The Mitsubishi UFJ Financial Group (MUFG) is one of the worldâ&#x20AC;&#x2122;s leading financial groups, with total assets of approximately $2.5 trillion (USD). Our services include corporate banking, commercial banking, retail banking, wealth management, investment banking, capital markets, personal and corporate trust, and transaction banking. In 2014, MUFG integrated the U.S. operations of its subsidiary The Bank of Tokyo-Mitsubishi UFJ, Ltd. (BTMU) with those of San Francisco-based Union Bank, N.A.

NAME: Nick Belov EXECUTIVE TITLE: VP COMPANY NAME: MUFG

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements Investments to maintain/run existing systems and processes Investments to support business innovation Investments to support business growth

40 25 20 15 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 2 Social Media Security 4 4 Unified Communications 3 3 Billing/Revenue Management 3 3 Cyber Security 1 1 Data Leakage Security 1 2 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 4 4 Encryption 2 3 End Point Security 2 1 Firewall Security 2 2 Governance, Risk & Compliance (GRC) 1 1 Identity and Access Management 3 3 Internet Security 2 1 ISMS/IT Risk Management 1 1 Malware Prevention 2 2 Managed Security 4 4 Mobile Security 2 1 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 2 2 PCI Compliance 1 1 Securing the Cloud 1 1 SIEM 3 3 Smartphone Security 2 2 Single Sign On (SSO) 2 2 Threat Intelligence Management 2 1 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Darren Guarino EXECUTIVE TITLE: Senior Director IT COMPANY NAME: NBA

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other X

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 0 Investments to maintain/run existing systems and processes 35 Investments to support business innovation 30 Investments to support business growth 35 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 2 Social Media Security 1 1 Unified Communications 4 3 Billing/Revenue Management 4 4 Cyber Security 2 2 Data Leakage Security 2 1 Data Protection & Storage 2 1 Data Security 2 1 Digital Signage 4 3 Encryption 2 2 End Point Security 3 2 Firewall Security 4 3 Governance, Risk & Compliance (GRC) 3 2 Identity and Access Management 2 1 Internet Security 3 2 ISMS/IT Risk Management 2 1 Malware Prevention 2 2 Managed Security 2 1 Mobile Security 2 1 Network Access Control 1 2 Network Security 2 1 PCI/Tokenization 2 2 PCI Compliance 1 2 Securing the Cloud 3 2 SIEM 2 1 Smartphone Security 2 1 Single Sign On (SSO) 3 2 Threat Intelligence Management 2 1 What are the most important security technologies for the line of business that you manage? E-mail security, malware protection What type of security technologies are routinely utilized within your organization for making your organization run? Lacking at this time What is the most important technology challenge you are currently facing within your organization? Getting BU buy in Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No

PART 1: REGISTRATION PROFILE

NAME: Jose Francisco Mejia Hernandez EXECUTIVE TITLE: Security Operations Manager COMPANY NAME: Pemex

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 5 Investments to maintain/run existing systems and processes 25 Investments to support business innovation 35 Investments to support business growth 35 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 1 Social Media Security 4 4 Unified Communications 3 3 Billing/Revenue Management 5 5 Cyber Security 2 1 Data Leakage Security 2 1 Data Protection & Storage 3 2 Data Security 3 3 Digital Signage 3 3 Encryption 3 2 End Point Security 2 1 Firewall Security 3 2 Governance, Risk & Compliance (GRC) 2 2 Identity and Access Management 2 2 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 2 2 Mobile Security 2 1 Network Access Control 2 1 Network Security 2 2 PCI/Tokenization 5 5 PCI Compliance 5 5 Securing the Cloud 2 1 SIEM 2 2 Smartphone Security 2 1 Single Sign On (SSO) 3 2 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage? Incident Response, Endpoint, Server & Network Security What type of security technologies are routinely utilized within your organization for making your organization run? Network & Server Security, Vulnerability Assessment, Application Architecture What is the most important technology challenge you are currently facing within your organization? Detection and Contention in a Security Breach (Incident Response), Establish a Security Architecture and a Security Governance Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes

PART 1: REGISTRATION PROFILE

NAME: Sergio Gonzalez EXECUTIVE TITLE: IAM Officer COMPANY NAME: Pemex

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 5 Investments to maintain/run existing systems and processes 10 Investments to support business innovation 30 Investments to support business growth 55 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 1 Social Media Security 3 2 Unified Communications 5 5 Billing/Revenue Management 5 5 Cyber Security 3 3 Data Leakage Security 3 2 Data Protection & Storage 3 2 Data Security 3 2 Digital Signage 3 2 Encryption 3 3 End Point Security 4 4 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 3 2 Identity and Access Management 1 1 Internet Security 4 3 ISMS/IT Risk Management 3 2 Malware Prevention 4 4 Managed Security 4 4 Mobile Security 4 4 Network Access Control 4 3 Network Security 4 3 PCI/Tokenization 3 2 PCI Compliance 5 5 Securing the Cloud 5 5 SIEM 3 2 Smartphone Security 3 3 Single Sign On (SSO) 1 1 Threat Intelligence Management 3 2 What are the most important security technologies for the line of business that you manage? Application Security and Identity Management What type of security technologies are routinely utilized within your organization for making your organization run? IAM platforms What is the most important technology challenge you are currently facing within your organization? Implement a methodology, IAM platform, Authentication technologies, Intelligence in identities Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Yes Iâ&#x20AC;&#x2122;m concerned

PART 1: REGISTRATION PROFILE Raytheon Company is a technology and innovation leader specializing in defense, security and civil markets throughout the world. With a history of innovation spanning 92 years, Raytheon provides state-of-the-art electronics, mission systems integration and other capabilities in the areas of sensing; effects; and command, control, communications and intelligence systems; as well as a broad range of mission support services

NAME: Jeffrey Snyder EXECUTIVE TITLE: VP Cyber Programs COMPANY NAME: Raytheon Company

Mr. Jeff Snyder is the Vice President of Cyber Programs, Raytheon Company. Raytheon Company (NYSE: RTN), with 2014 sales of $24 billion, is a technology and innovation leader specializing in defense, Cyber and homeland security, and other government markets throughout the world. Over the past 20 years, Mr. Snyder has held increasingly responsible positions involving Strategic planning, business development, and operations with a variety of high technology firms. Prior to joining Raytheon, he was Vice President, Cyber Programs for CUBIC Corporation (NYSE: CUB) where he formed Cubic Cyber Solutions, Inc. and lead an initial Cyber acquisition to launch the new subsidiary, and as Vice President, Business Development at SAIC Corporation (NYSE: SAI), overseeing marketing, business development, and execution for the firmâ&#x20AC;&#x2122;s large and diverse Information Assurance and Cyber Security business.Mr. Snyder is also a Senior Vice President of Cyber Programs for the Centre for Strategic Cyberspace + Security Science (CSCSS) a multilateral, international, non-profit organization that conducts independent cyber-centric research, development, and analysis in the areas of cyberspace, cyber defence intelligence, security, and cyber sciences shaping international security policies and cyber security initiatives. PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 20 Investments to maintain/run existing systems and processes 20 Investments to support business innovation 10 Investments to support business growth 50 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 3 3 Unified Communications 2 2 Billing/Revenue Management 4 4 Cyber Security 1 1 Data Leakage Security 2 2 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 4 4 Encryption 2 2 End Point Security 1 1 Firewall Security 2 2 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 2 2 Malware Prevention 3 3 Managed Security 2 2 Mobile Security 2 2 Network Access Control 3 3 Network Security 1 1 PCI/Tokenization 2 2 PCI Compliance 3 3 Securing the Cloud 2 2 SIEM 2 2 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage? Cyber Predictive Threat Technologies What type of security technologies are routinely utilized within your organization for making your organization run? All end-to-end Cyber Technologies What is the most important technology challenge you are currently facing within your organization? Enhanced Cyber automation technologies to allow us to do more with less Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No

PART 1: REGISTRATION PROFILE

NAME: Brian Betterton EXECUTIVE TITLE: Director Security, Risk and Compliance/ CISO COMPANY NAME: Reit Management and Research

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 20 Investments to maintain/run existing systems and processes 60 Investments to support business innovation 20 Investments to support business growth 0 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 3 Social Media Security 3 3 Unified Communications 5 5 Billing/Revenue Management 5 5 Cyber Security 2 2 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 2 2 Digital Signage 4 4 Encryption 1 1 End Point Security 1 1 Firewall Security 4 4 Governance, Risk & Compliance (GRC) 2 2 Identity and Access Management 2 2 Internet Security 5 5 ISMS/IT Risk Management 2 2 Malware Prevention 2 2 Managed Security 4 4 Mobile Security 3 3 Network Access Control 5 5 Network Security 5 5 PCI/Tokenization 1 1 PCI Compliance 1 1 Securing the Cloud 2 2 SIEM 2 2 Smartphone Security 4 4 Single Sign On (SSO) 5 5 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization? Enhanced Cyber automation technologies to allow us to do more with less Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No

PART 1: REGISTRATION PROFILE

NAME: Robert Lautsch EXECUTIVE TITLE: Senior Director - Information Security COMPANY NAME: Rite Aid

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

PART 3: INVESTMENT PRIORITIES

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Joel Wuesthoff EXECUTIVE TITLE: Senior Director COMPANY NAME: Robert Half

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 10 Investments to maintain/run existing systems and processes 13 Investments to support business innovation 19 Investments to support business growth 58 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 3 Social Media Security 2 2 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 3 3 Data Security 2 2 Digital Signage 3 3 Encryption 3 3 End Point Security 3 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 1 1 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 2 2 Malware Prevention 3 3 Managed Security 3 3 Mobile Security 3 3 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 2 2 PCI Compliance 2 2 Securing the Cloud 2 2 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Kenneth Seeley EXECUTIVE TITLE: Director Information Security COMPANY NAME: Santander Consumer USA Inc.

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 25 Investments to maintain/run existing systems and processes 15 Investments to support business innovation 30 Investments to support business growth 30 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 2 Social Media Security 4 3 Unified Communications 4 4 Billing/Revenue Management 4 4 Cyber Security 2 2 Data Leakage Security 2 2 Data Protection & Storage 2 2 Data Security 1 2 Digital Signage 3 3 Encryption 1 2 End Point Security 1 2 Firewall Security 2 2 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 1 2 Managed Security 1 1 Mobile Security 2 2 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 3 3 PCI Compliance 1 1 Securing the Cloud 1 1 SIEM 1 2 Smartphone Security 3 3 Single Sign On (SSO) 2 3 Threat Intelligence Management 1 2 What are the most important security technologies for the line of business that you manage? Protection of our customer data What type of security technologies are routinely utilized within your organization for making your organization run? Database activity monitoring, access controls, internet access controls, vulnerability management, configuration management What is the most important technology challenge you are currently facing within your organization? PCI compiance and vulnerability management Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? Yes, we are purchasing an identity management solution to overcome this Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

PART 1: REGISTRATION PROFILE

NAME: Daniel Key EXECUTIVE TITLE: Director IT Infrastructure and Operations COMPANY NAME: Seattle City Light PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 2 1 Social Media Security 3 3 Unified Communications 4 4 Billing/Revenue Management 3 3 Cyber Security 1 1 Data Leakage Security 3 2 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 3 3 Encryption 3 3 End Point Security 1 2 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 1 2 Identity and Access Management 2 3 Internet Security 1 2 ISMS/IT Risk Management 3 2 Malware Prevention 2 3 Managed Security 2 2 Mobile Security 3 3 Network Access Control 2 3 Network Security 3 3 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 3 3 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 1 2 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Paul Mocarski EXECUTIVE TITLE: Senior Manager Global Info Security COMPANY NAME: Sherwin Williams

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 10 Investments to maintain/run existing systems and processes 40 Investments to support business innovation 40 Investments to support business growth 10 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 1 Social Media Security 3 2 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 3 3 Encryption 3 3 End Point Security 3 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 1 1 Internet Security 1 1 ISMS/IT Risk Management 3 3 Malware Prevention 1 1 Managed Security 1 1 Mobile Security 1 1 Network Access Control 1 1 Network Security 3 3 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 1 1 SIEM 1 1 Smartphone Security 3 3 Single Sign On (SSO) 1 1 Threat Intelligence Management 1 1 What are the most important security technologies for the line of business that you manage? Firewalls, SIEM, IPS, and end point protection What type of security technologies are routinely utilized within your organization for making your organization run? Firewalls, SIEM, IPS, and end point protection What is the most important technology challenge you are currently facing within your organization? Using the SIEM in a manner that provides actionable events; moving from log aggregation to correlation and analysis Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? Privileged account management should be a concern for every organization of significant size

PART 1: REGISTRATION PROFILE

NAME: Michael Botts EXECUTIVE TITLE: Information Security Director & CISO COMPANY NAME: SunPower

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other X

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 15 Investments to maintain/run existing systems and processes 50 Investments to support business innovation 20 Investments to support business growth 15 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 4 3 Social Media Security 4 4 Unified Communications 4 4 Billing/Revenue Management 1 1 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 4 4 Encryption 1 1 End Point Security 1 1 Firewall Security 1 1 Governance, Risk & Compliance (GRC) 1 1 Identity and Access Management 2 2 Internet Security 2 2 ISMS/IT Risk Management 2 2 Malware Prevention 1 1 Managed Security 1 1 Mobile Security 3 3 Network Access Control 1 1 Network Security 1 1 PCI/Tokenization 4 4 PCI Compliance 4 4 Securing the Cloud 1 1 SIEM 1 1 Smartphone Security 3 3 Single Sign On (SSO) 1 3 Threat Intelligence Management 1 4 What are the most important security technologies for the line of business that you manage?

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Marcus Benson EXECUTIVE TITLE: Sr. Cyber Security Engineer COMPANY NAME: Texas Department of Public Safety

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million X $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 19 Investments to maintain/run existing systems and processes 23 Investments to support business innovation 24 Investments to support business growth 34 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 1 1 Social Media Security 1 1 Unified Communications 4 1 Billing/Revenue Management 4 1 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 1 1 Encryption 1 1 End Point Security 1 1 Firewall Security 1 1 Governance, Risk & Compliance (GRC) 1 1 Identity and Access Management 1 1 Internet Security 1 1 ISMS/IT Risk Management 1 1 Malware Prevention 1 1 Managed Security 1 1 Mobile Security 1 1 Network Access Control 1 1 Network Security 1 1 PCI/Tokenization 1 1 PCI Compliance 1 1 Securing the Cloud 1 1 SIEM 1 1 Smartphone Security 1 1 Single Sign On (SSO) 1 1 Threat Intelligence Management 1 1 What are the most important security technologies for the line of business that you manage? N/A What type of security technologies are routinely utilized within your organization for making your organization run? N/A What is the most important technology challenge you are currently facing within your organization? N/A Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? N/A

PART 1: REGISTRATION PROFILE The Alliance is a conglomerate of non profit organizations that include under its umbrella alliance colleges, retirement centers, 10 associations, 2020 affiliated US churches, camp grounds, alliance development fund (lending bank), the orchard foundation, CAMA and various other entities. We are a global Christian non-profit operating in more than 100+ countries in mission and developmental efforts.

NAME: Dr. Sam Kurien EXECUTIVE TITLE: CIO COMPANY NAME: The Alliance

Global CIO for the Alliance responsible for strategic vision and its alignment to drive core integration of projects, programs, processes and people for achieving organization wide objectives. Design, implement and scale management of enterprise architecture and all business related applications at the regional, national and international level. Position IT for Supporting 800+ workers internationally and 30 regional offices and become a true shared services technology group for all Alliance entities. Lead the technology group as smart strategic component for the organization. Provide oversight, input and lead directors and managers who oversee various team ranging from operations, systems, DMO, Events, Web Applications and various program offices. Responsible for stewarding and managing Capital and Expense Budgets. Portfolio of activities include visioning, strategic management, change management, risk management, and provide leadership and governance across all information/technology and business initiatives. PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other X

PART 3: INVESTMENT PRIORITIES

How is your 2015 budget allocated across these business strategy categories?

What type of security technologies are routinely utilized within your organization for making your organization run?

What is the most important technology challenge you are currently facing within your organization?

Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts?

PART 1: REGISTRATION PROFILE

NAME: Prentis Brooks EXECUTIVE TITLE: Director, Cyber Security COMPANY NAME: Time Warner Cable

PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 10 Investments to maintain/run existing systems and processes 70 Investments to support business innovation 10 Investments to support business growth 10 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 2 Social Media Security 3 3 Unified Communications 3 3 Billing/Revenue Management 4 4 Cyber Security 2 2 Data Leakage Security 3 3 Data Protection & Storage 3 3 Data Security 3 3 Digital Signage 4 4 Encryption 3 3 End Point Security 3 3 Firewall Security 3 3 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 3 3 Internet Security 3 3 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 4 4 Mobile Security 3 3 Network Access Control 3 3 Network Security 3 3 PCI/Tokenization 3 3 PCI Compliance 3 3 Securing the Cloud 3 3 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 3 3 Threat Intelligence Management 2 2 What are the most important security technologies for the line of business that you manage? Denial of service detection and mitigation technologies and attack detection technologies What type of security technologies are routinely utilized within your organization for making your organization run? Firewalls, Endpoint security, and DDoS technologies What is the most important technology challenge you are currently facing within your organization? Routine information asset inventory management Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No

PART 1: REGISTRATION PROFILE As a premier payments technology company, Visaâ&#x20AC;&#x2122;s global network connects thousands of financial institutions with millions of merchants and cardholders every day. VisaNet is one of the worldâ&#x20AC;&#x2122;s most advanced payment processing networks. Visa can trace its roots back to 1958, when the Bank of America launched BankAmericard, the first consumer credit card program available to middle-class consumers and small- to medium-sized merchants in the United States. Visa is a global payments technology company that connects consumers, businesses, banks and governments in more than 200 countries and territories worldwide. Visa Inc.'s headquarters are in the San Francisco Bay Area, and we have nearly 10,000 employees around the world. We operate three data centers on two continents. Visa Europe is a separate membership entity that is an exclusive licensee of Visa Inc.'s trademarks and technology in the European region.

NAME: Erik Rasmussen EXECUTIVE TITLE: Director, NA Cyber Security Intelligence COMPANY NAME: Visa

Erik Rasmussen is the Director of North America Cyber Intelligence for Payment System Risk at Visa Inc. Based out of Ashburn, Rasmussen runs external cyber intelligence and cyber investigative matters as it relates to merchant data breaches, point of sale (POS) attacks and other aspects of threat intelligence designed to protect the payment system. Rasmussen served over 9 years in the United States Secret Service and most recently was the Head of Investigations at Fidelity National Information Services (FIS Global). He has an extensive background investigating global financial crimes and intelligence cases and is extremely well connected with both national and international law enforcement agencies. Rasmussen is a native of Los Angeles and attended both Occidental College and Seattle University School of Law. PART 2: BUDGETING AND SPENDING

What is your total budget for 2015? Less than $25 Million X $25-$50 Million $50-$150 Million $150-$300 Million More than $300 Million Other

How is your 2015 budget allocated across these business strategy categories? (as a %) Mandated Investments to meet regulatory/legal requirements 0 Investments to maintain/run existing systems and processes 100 Investments to support business innovation 0 Investments to support business growth 0 100%

PART 3: INVESTMENT PRIORITIES

Priority within 12 Priority beyond 12 mths mths (1 Highest - 5 (1 Highest - 5 Lowest) Lowest) Application Security 3 3 Social Media Security 4 4 Unified Communications 1 1 Billing/Revenue Management 5 5 Cyber Security 1 1 Data Leakage Security 1 1 Data Protection & Storage 1 1 Data Security 1 1 Digital Signage 4 4 Encryption 1 1 End Point Security 1 1 Firewall Security 1 1 Governance, Risk & Compliance (GRC) 3 3 Identity and Access Management 1 1 Internet Security 1 1 ISMS/IT Risk Management 3 3 Malware Prevention 3 3 Managed Security 3 3 Mobile Security 1 1 Network Access Control 1 1 Network Security 1 1 PCI/Tokenization 1 1 PCI Compliance 1 1 Securing the Cloud 3 3 SIEM 3 3 Smartphone Security 3 3 Single Sign On (SSO) 1 1 Threat Intelligence Management 1 1 What are the most important security technologies for the line of business that you manage? Point of sale system security technology, third party security technology for merchants What type of security technologies are routinely utilized within your organization for making your organization run? All of them What is the most important technology challenge you are currently facing within your organization? Integration hurdles Are you concerned that you will have negative audit findings or be fined because you are unable to properly manage privileged accounts? How is your 2015 budget allocated across these business strategy categories?

Are you concerned that you are exposed to Nation-State or crime based cyber-attack because you are unable to properly manage privileged accounts? No