(as of Nov. 22, 2019 – subject to change)


8 a.m.: Registration Opens
9 a.m.: General Sessions
11:30 a.m. – 12:30 p.m.: CPS Innovation and Technology Showcases
12:30 p.m.: Networking Luncheon
4 – 6 p.m.: WiTH Workshop
4 – 6 p.m.: CDSA Workshop
6 – 7 p.m.: Networking Reception/MESA Holiday Party


9 – 9:10 a.m.
CPS 2019 – Opening Remarks
Guy Finley, President, CDSA and MESA

9:10 – 9:15 a.m.
Conference Welcome Remarks
Kai Pradel, Chief Executive Officer, SHIFT

9:15 – 9:45 a.m.
Setting the Stage: CPS 2019 and CDSA 2020
This session provides perspective on the strategic importance of the roles CDSA and the Content Protection Summit play within the Media & Entertainment industry by looking at a year-in-the-life of our global business. What’s been keeping our CDSA Board members busy, what incidents and emerging trends/threats are they facing on a daily basis and what do the next 12 months looks like?
Moderator: Guy Finley, President, MESA and Executive Director, CDSA
Shira Harrison, Vice President, Information Technology, Amblin Entertainment
Jaclyn Knag, Executive Director, Content Security, Paramount
Alex Pickering, Content Security Director, BBC Studios and Executive Committee Member, CDSA
Ben Stanbury, Chief Security Office, Amazon Studios and Chairman of the Board, CDSA

9:45 – 10:15 a.m.
MORNING KEYNOTE: How to Achieve World Class Security (Hint: It Isn’t technology)
Our opening speaker explores the human dimension of security. No data system is perfect with human behavior presenting the biggest security risk. So if nothing is safe, how can your organization operate on the assumption you’ve already been hacked? I will cover dealing with insider threats make the human side of your organization more secure. In this entertaining talk, former Director of R&D at the NSA and Associate Director on National Intelligence emphasizes the challenges with organizational behavior and blind spots in human perception of threats and risks.
Eric Haseltine, PhD, Chairman of the Board, US Technology Leadership Council

10:15 – 10:45 a.m.
Anatomy of a Leak
Earlier this year a system compromise impacted a platform used by multiple content owner companies. Immediately, a group of executives assembled to monitor the situation and forensically determine the nature and implication(s) of the incident. Understanding who, how and where the infiltration originated can become a virtual “murder board” of IP addresses, user IDs and email addresses. This session dissects recent incidents to analyze how we can react as companies and how collaboration can identify and mitigate threats to other platforms.
Christian Kennel, Vice President, Media Operations and Digital Product, Warner Bros.
Alex Nauda, Chief Technology Officer, SHIFT

10:45 – 11 a.m.
Forensic Watermarking as Key Pillar of Anti-Piracy Strategy
Recent updates in the CDN space have enabled scalable and cost-effective watermarking, revocation, and enforcement solutions. What are the Pros/Cons of client-side watermarking vs. server-side watermarking? This session will address the connection between watermarking and analysis of piracy sources and support of enforcement activities, describe the role of forensic watermark plays in an anti-piracy strategy, discuss considerations when protecting VOD (Movie and TV) and also Live (Sports and Events) content and help us understand the patterns on how commercial pirates’ source Live and VOD content.
Joe Daniel, Senior Solutions Architect, NAGRA

11 – 11:15 a.m.
Secure Journey to the Cloud: Part 1
As Media and Entertainment organizations embrace the benefits of open, internet based communications and cloud services, they are entering the realm of malicious actors, where even the most advances security organizations are challenged to stay ahead. In this session we’ll introduce the concept of how “doing” security the traditional way, probably won’t “work”. A new approach is required and now is the time for M&E security teams as well as the rest of the organizations, to adapt. Join us to hear about some of the unique challenges added by cloud environments and how to integrate the solutions to those challenges into your security program.
Andrew Lemke, North America Cyber Resiliency Technical Solution Leader, IBM

11:15 – 11:30 a.m.
CPS Innovation and Technology Showcase Introductions
Bob Gold, President, Bob Gold & Associates

11:30 – 12:30 p.m.
CPS Innovation and Technology Showcases (Multi-Track Break-Out Sessions)
Industry experts share innovative ideas, processes, or perspectives in an interactive and intimate way with the audience who are free to choose which topic/area they find most interesting. Sessions will address key areas on separate tracks:


11:30 a.m. – 12 p.m.
Vetting Techniques for Internet Sharing Recipients
Last spring saw an uptick in social engineering attacks on pre-release content. Sharing content beyond your organization can be risky, but is unavoidable in many pre-release workflows. From dailies, to work in progress reviews in post, to press screeners leading up to release, content owners find themselves sharing to “random” emails on the internet, without sufficient tools to uncover social engineers and con artists who have connived their way into sharing distribution lists. However, even small teams can implement basic vetting techniques using readily available tools at minimal cost, by using a set of proven techniques and by sharing information with each other. Learn how to strengthen your content protection by giving all of your teams what they need to take on these important controls, in the form of practical vetting processes, a cheat sheet to refer to, and the backup they need from expertise you already have in house.
Alex Nauda, Chief Technology Officer, SHIFT

12 – 12:30 p.m.
Breaches Are Everywhere: Costly Mistakes of Being Unprepared
Organizations are spending millions to clean up breaches. Seemingly weekly another company gets hit by crippling ransomware, a phishing attack, or leaks customers’ personal information. Could these organizations have been better prepared? Would the damages have been so devastating if they were well equipped? Poor cybersecurity hygiene often leads to gaps in security controls and costly incident response expeditions. In this talk, industry experts share strategies to combat the rise of cybercrime and how to be better prepared for your next cyberattack. Have you built a sustainable cybersecurity program? Do you have a dynamic Information Security Plan? Do you have executive buy-in? Do you have Continuous Security Monitoring (CSM) and Network Security Monitoring (NSM) programs? Have you tested your Disaster Recovery Plan or Incident Response Plan? If not, this talk is for you. Don’t allow your organization to become the next victim of a breach.
Chris Covino, Cybersecurity Policy Director, City of Los Angeles
Richard Greenberg, Former CISO, Department of Public Health & Health Services, LA County
Michael Wylie, MBA, CISSP, Director, Cybersecurity Services, Richey May Technology Solutions


11:30 a.m. – 12 p.m.
Secure Journey to the Cloud – Part 2
Following on from the Introduction on the CPS mainstage, we understand that a complete security program is required to maintain confidentiality, integrity and availability of our critical data and the infrastructure that holds it. In this breakout session we will look a little deeper into where organizations should focus their resources first, to gain the biggest immediate reductions in risk.
Andrew Lemke, North America Cyber Resiliency Technical Solution Leader, IBM

12 – 12:30 p.m.
Towards a Common Goal – Ensuring Security in Cloud Environments
If correctly configured and where relevant best practice standards are followed, cloud workflows create undisputed speed, cost and security benefits. If not done correctly, serious security pitfalls can occur, for example: unrestricted access, weak encryption, exposed keys and so on. So why is it so hard to get security right in the cloud? Each business is unique, there are differing methods of configuration plus many control frameworks to follow. It can be complex and confusing and this is where security vulnerabilities can exist.
Chris Johnson, President and Chief Executive Officer, Convergent Risks (Cloud Compliance)
Janice Pearson, Vice President, Global Content Protection, Convergent Risks (Methodology)
Mathew Gilliat-Smith, Advisor, Convergent Risks (Engagement)

11:30 a.m. – 12 p.m.
Advances in Direct to Consumer Watermarking to Combat Latest Pirate Attacks
In this day and age, ensuring end-to-end security from production to distribution to consumer devices is paramount. There is an ever-growing need for anti-collusion measures in any forensic watermarking environment: server-side, or client-side. What are some security techniques and ways to resist collusion? The first step is by taking an active approach with countermeasures with an Advanced Piracy Toolkit. D2C may need to emulate DCI watermarking by combining both video and audio watermarking measures. This session will discuss our main B2C watermarking products STB/OTT Server Side/Quickmark (which are in compliance with latest MovieLabs specifications) and how the latest releases for these products are able to combat attacks by professional pirates.
Ken Gerstein, Vice President, Sales, NAGRA

12 – 12:30 p.m.
How to Secure Collaboration from Insider Threats
The 2019 Insider Threat Report reveals 60% of organizations have experienced an insider attack in the past 12 months, and 70% disclosing that insider attacks have become more frequent. The report underscores the real threat posed by your trusted insiders. Security and IT team attention is mainly focused on hackers, but attacks from within are a significant threat to the entertainment industry as the BBC discovered with the leaked Doctor Who scripts. You need to safeguard sensitive information from outsiders and insiders alike, especially when using collaboration tools such as Office 365 and Microsoft Teams that make it easy to inadvertently or maliciously share or misuse files. This session will discuss: key findings of the 2019 Insider Threat Report and industry breach examples; basic steps for protecting collaboration content from insider threats; and how to provision and secure your collaboration tools to keep information safe
Rod Bray, Innovation and Experience Lead, LiveTiles
Steve Marsh, Vice President, Product, Nucleus Cyber

12:30 – 1:30 p.m.


1:30 – 2 p.m.
AFTERNOON KEYNOTE: Business in The Age of Manipulation
Visual media – not just video but anything we see or hear – is increasingly vulnerable to fakery, forgery and manipulation via tools and technology that are becoming commonplace (or even free). And, with the sophistication of AI and deep learning, these deep fakes are increasingly difficult to easily detect. We are on the precipice of a global revolution in how we determine what is “real” and what is “fake” and on what (or whose) authority. Our Keynote will discuss our need to be proactive in addressing this emerging business (and personal) threat and utilize those same advanced technologies into tools for detection and authentication.
Anthony Sahakian, Chief Executive Officer, Quantum Integrity

2 – 2:30 p.m.
Building Trust in Production Security
Producing content in a secure environment is a complex affair involving numerous entities, facilities, business units and cultures (and all of that before the first frame is shot!) Risk and opportunities are then multiplied with the migration of workflows to cloud environments. Taking advantage of the promise of native cloud production requires a new approach to security. That includes protection from malicious and unauthorized activity and protection of the integrity of data, workflows, applications and processes. MovieLabs and their studio participants are pointing the way toward securing the future of media production by offering key security principles as a foundation for a cloud-native security architecture. This session discusses how the industry can collaborate to deliver that foundation for secure cloud workflows.
Anthony Anderson, Senior Director, Film Security, Universal Pictures
Jim Helman, Chief Technology Officer, MovieLabs

2:30 – 3 p.m.
Tackling Scale at Netflix with an Embedded Security Model
Netflix is investing in a wide range of content from all over the world to provide a rich and dynamic trove of entertainment choices for our global membership base. Our studio and productions operate with great freedom and an ethos valuing context over control. To tackle these challenges the Studio Information Security team at Netflix leans into an embedded security model. We approach this trusted partnership with a risk prioritized lens to allow our content producers to operate at scale, enable innovation and allow creative freedom while remaining secure.
Ben Lim, Manager, Studio Information Security, Netflix

3 – 3:30 p.m.
Government Resources to Protect Your Networks
Cyber crimes are on the rise and every year the number of companies that fall victim to ransomware, business email compromise, data breaches, and other cyber attacks increases sharply. These attacks cost companies billions of dollars in losses every year. There are things you can do to protect your networks and data. This panel of industry experts from DHS, the LA Cyber Lab, and the ME-ISAC will provide you with resources available from their respective agencies that will help you improve your security and better defend against common threats from the Internet. These resources (most of them provided completely at no cost to you) will help your companies identify problems that need solved, better understand the threats, and provide guidance on how to defend yourselves from those threats.
Moderator: Christopher Taylor, Director, ME-ISAC
Chris Covino, Cybersecurity Policy Director, City of Los Angeles
Patrick Gaul, Executive Director, National Technology Security Coalition (NTSC)
Deron McElroy, Chief of Operations, Cybersecurity Advisor Program, DHS, Cybersecurity and Infrastructure Security Agency (CISA)

3:30 – 4 p.m.

4 – 6 p.m.
Click here to view the WiTH Workshop Program

4 – 6 p.m.
CDSA Workshop

6 – 7:30 p.m.