2023 Agenda
Please navigate to the Speakers tab for the latest listing of speakers.
October 5, 2023
7:30 AM – 8:30 AM
Registration
8:30 AM – 5:30 PM
General Session
Main Auditorium
8:30 AM – 8:40 AM
Welcome Remarks
Robert Rodriguez, Chairman of SINET and Venture Partner, SYN Ventures
8:40 AM – 9:20 AM
How CISOs are Advancing Innovation by Being Early Adopters
Abstract: In an ever-evolving digital landscape, CISOs are faced with the frequent need to adopt new technologies. From understanding emerging threats ahead of time to influencing the foundational features of new tools and platforms, early adopters play a pivotal role. However, it’s not without its challenges. Balancing the promise of innovation against the uncertainties of emerging technology often requires navigating uncharted territories. Join this discussion to delve into the important role early adopter CISOs play in driving security innovation, the tangible benefits, and the common pitfalls of being at the forefront of technology adoption.
Moderator:
John Brennan, Former Senior Partner, YL Ventures
Panelists:
– Josh Stabiner, CISO, General Atlantic
– Mario Memmo, CISO, Otis Elevator Co
– Stacey Halota, VP, Information Security and Privacy, Graham Holdings
– Allen Wilson, CISO, Axis Capital
– Lauren Dana Rosenblatt, VP and Chief Information Security Officer, IFF
9:20 AM – 10:00 AM
Large Language Models: Understanding the Challenges, Opportunities and Governance Needed
Abstract: Large language models have revolutionized the field of cybersecurity, providing defenders with powerful tools to better detect phishing attempts, prevent data loss, and more. However, if misused by malicious individuals, these very models introduce unprecedented risks and challenges.
Our goal is to promote the responsible development and deployment of large language models and address the security and governance issues surrounding their use. This discussion will shed light on potential vulnerabilities and attacks that spread false information, prompt injection attacks, and increase model and training data poisoning. We will also explore the implications of scalable generative threats. Finally, we will address how enterprises can establish GenAI governance and enforce policies to ensure security teams have greater visibility while employees harness the power of GenAI without creating security, privacy or compliance risks.
Moderator:
Richard Seewald, Managing Partner, Evolution Equity Partners
Panelists:
– DJ Sampath, VP of Product, AI, Cisco Secure
– Erik Naugle, VP Cyber Security, Intuit
– Arti Raman, Founder and CEO, Titaniam, Inc.
– Kurt John, Global Chief Security Officer, Expedia Group
– Anmol Misra, Senior Director Infrastructure Security, Autodesk
10:00 AM – 10:40 AM
Lessons Learned from Incident Responders and Threat Intelligence Analysts
Abstract: In the asymmetric battlefield of cybersecurity, threat intelligence analysts and incident responders are at the forefront of defending organizations against ever changing cyber threats. This panel will highlight the lesions learned and strategies developed which come from the deep knowledge gained during successes and setbacks. Panel discussion will include:
– Emerging threats and trends.
– The relationships between incident response and threat intelligence to increase speed and prioritize tasking during and before response actions.
– Collaboration and Information sharing within and external to an organization.
– The human element in defense operations, continuous development, cross training, and converged security.
– Measuring the value of CTI through action-based outcome reporting.
Moderator:
Jay Leek, Managing Partner and Co-founder, SYN Ventures
Panelists:
– Grant Jewell, Corporate Director & Deputy CISO, Northrop Grumman
– Heath Taylor, Former VP, Global Cyber Risk Management, Live Nation Entertainment
– Gavin Reid, CISO, HUMAN Security
– Jay Novak, US Head of Threat Detection & Response, TikTok
– David Mahon, Deloitte Global Senior Advisor, Deloitte
10:40 AM – 11:00 AM
Break
11:00 AM – 11:40 AM
Leveraging Tools To Increase Visibility and Automation to Help Manage Data Overload
Moderator: Ian Ellis, Partner and Co-Founder, OperAngels
Panelists:
– Nick Salian, MD, Group CISO, Cantor Fitzgerald
– Tim Callahan, SVP, Global CISO, Aflac
– Brian Lozada, CISO, Amazon, Prime Video & Studios
– James Chiappetta, Senior Vice President, Cybersecurity, Blackstone
11:40 AM – 12:20 PM
Approaches to Move on from Legacy Systems and Growing Technical Debt
Abstract: Budget limitations, new threats, and ever-evolving technology make maintaining updated, best-in-class enterprise systems a challenge. Existing tools need to be managed and patched for security, stability, and performance, and run the risk of accumulating technical debt. Selecting a new tool is time-consuming, complex, and often out of budget. How can you approach this challenge proactively in your organization?
In this panel, senior security leaders will discuss how to stabilize and protect legacy systems, while planning and preparing for the next evolution.
Moderator:
Kelly Haydu, VP of Information Security and Technology, CarGurus
Panelists:
– Rob Gurzeev, CEO & Co-Founder, CyCognito
– Kate Prouty, Chief Information Officer, Akamai Technologies
– Vitaliy Panych, State Chief Information Security Officer, California Department of Technology
– Ian Rathie, Chief Information Security Officer, Fitch Group
– Ron Layton, President, LCR Enterprises
12:20 PM – 1:10 PM
Lunch
1:10 PM – 1:50 PM
Making the Best of Your 30 Minutes: How to Sell Into a Complex Organization
Abstract: The opportunity to meet with a CISO and their team does not come along very often, and when it does, it is critical to ask the right questions and share your value-add strategically. At the end of the day, what an entrepreneur builds or what a VC invests is less important than where the practitioner (CISO / Risk Executive) prioritizes their spend. These practitioners are the ones who are driving your revenues and increasing your valuations and exit hopes.
These subject matter experts will share their thoughts on
– The importance for sales and marketing personnel to move from a transactional personality to one that strives to make a connection, build a relationship, and earn trust with the buyers.
– Tips for setting a meeting.
– What makes a great meeting and what makes a poor meeting.
– Recommendations for a good meeting, including to do your homework on the customer in order to better understand their business objectives and environment, and to stray away from the “Silver Bullet” approach. Instead, ask questions about your potential customer and what’s important to them.
Moderator:
Robert Rodriguez, Chairman, SINET & Venture Partner, SYN Ventures
Panelists:
– Jay Gonzalez, VP & CISO, James Hardie
– Arvin Bansal, CISO, Fortune 500
– Brian Fricke, CISO, City National Bank of Florida
– Antony Abraham, Deputy CISO, Enterprise, Hewlett Packard Enterprise (HPE)
– Rohan Singla, Sr. Director – Head of Security & Privacy, ChargePoint
1:50 PM – 2:30 PM
3rd Party Ecosystem: Models to Strengthen the Supply Chain, Especially for SMBs
Abstract: As the majority of companies across the globe have completed or are working through some version of a digital transformation, all are seeing more interconnectivity and sharing of information across their ecosystem of clients, customers, suppliers, and other partners. This change has significantly increased the cyber risks and operational dependency on the supply chain where many organizations have limited capabilities. This discussion is aimed at how organizations, especially ones with more mature cyber programs, can work together to help strengthen the overall supply chain.
Moderator:
James Beeson, CISO, Cigna
Panelists:
– Brandon Pinzon, SVP, Chief Security Officer, Argo Group
– Lenny Vayner, CISO, Elliott Management
– Rob Joyce, Director of Cybersecurity, U.S. National Security Agency (NSA)
– Mike Sullivan, CRO, Talon Cyber Security
– Jon Brickey, Senior Vice President, Mastercard
2:30 PM – 3:10 PM
How Viable Is the Implementation of Security by Design?
Abstract: This panel of industry experts will discuss what Secure By Design means, what it is, what it is not, and what consumers and providers of products should be doing to ensure secure products, systems, and services are provided to market.
Moderator:
Megan Samford, VP, Chief Product Security Officer, Schneider Electric
Panelists:
– Gene Sun, Corporate VP – CISO and Risk Management, FedEx Corporation
– Miten Marvania, SVP, Portfolio Cybersecurity, Blackstone
– Jack Cable, Senior Technical Advisor, U.S. Cybersecurity & Infrastructure Security Agency (CISA)
– Oliver Friedrichs, Founder and CEO, Pangea
– Vivek Kumar, Global Deputy CISO, Cboe Global Markets
3:10 PM – 3:30 PM
Break
3:30 PM – 4:10 PM
Security in DevOps: Best Practices for Continuous Integration, Deployment and Monitoring
Abstract: Risk continues to grow as APIs usage explodes and business vulnerability footprints increase. To counter these risks, great visibility, context, automation, and the ability to prioritize where to take action is a need being discussed in board rooms all over the world as expectations for corporate cyber responsibility continue to grow. In addition to the technology needed to mitigate risk to your environment, both security and development teams need to find new ways to drive agility. This deeply collaborative way of operating is new, will require unique skill sets and begs the question, what cultural challenges and change management approaches will be required to bridge into this next cyber challenge.
Moderator:
Upendra Mardikar, Chief Information Security Officer, TIAA
Panelists:
– Aleksandr Yampolskiy, CEO, SecurityScorecard
– Peter Keenan, CISO, Lazard
– Will Farrell, Interim Security Officer, TikTok U.S. Data Security
– Richard Barretto, Chief Information Security Officer, Progress Software
– Michael Dickman, Chief Product Officer, Gigamon
4:10 PM – 4:50 PM
The Rising Importance of Geopolitics on Corporate Cybersecurity Professionals
Abstract: Conflict domains have typically included air, land, sea, and more recently, space. Geopolitical conflict is on the rise and has traditionally consisted of easily identifiable rivals, uniformed enemies, state and lone actors utilizing known technologies and weapons, and witnessed by the world.
Today’s cyber adversaries are more difficult to identify as they increase nefarious ways to advance their agendas, often without fear of attribution or risk of reprisal as they continue to attack our nation’s critical infrastructures.
The 21st century Risk Executive must be more aware of geopolitics than ever before, in addition to their BODs.
Moderator:
Nathaniel Davis, VP Corporate & Defense Security, Rolls-Royce
Panelists:
– Patty Ryan, CISO, QuidelOrtho
– Alex Stamos, Partner, Krebs Stamos Group LLC
– Ed Goetz, CSO, Chemours
– Tom Wilson, SVP & CISO, Southern Company
4:50 PM – 5:30 PM
Achieving Optimal Operational Resilience Amidst Dire Catastrophes
Abstract: The March 2023, National Cybersecurity Strategy, highlighted that “Malicious cyber activity has evolved from nuisance defacement, to espionage and intellectual property theft, to damaging attacks against critical infrastructure, to ransomware attacks and cyber-enabled influence campaigns designed to undermine public trust.” It also stated that “cyber operations… represent a threat to the national security, public safety, and economic prosperity of the United States and its allies and partners.” While these warnings are profound, the question becomes whether the United States, or any nation, can truly achieve optimal operational resilience amidst a dire cyber catastrophe?
This panel of cross industry experts will explore how their sectors are obtaining resilience for catastrophic cyber attacks. The technologies they use, the benefit/limitations of laws and regulations, as well as the value of public/private cooperation will be explored. Finally, the panelists will debate the utility of deliberate planning, functional exercises, and cyber fusions centers to achieve operational resilience.
Moderator:
Tim Dawson, Former Group CISO, UBS
Panelists:
– Pablo Martinez, Head of Financial Intelligence Unit & Enterprise Business Resilience, Fidelity Investments
– Joe Sullivan, CEO, Ukraine Friends
– Timothy Torres, Chief Security Officer, TriNet Group
– Kelly Moan, CISO, City of New York
5:30 PM – 5:45 PM
Closing Keynote, Cyber as a Tool of Statecraft
Speaker: Peter Ranks, Director, Center for Cyber Intelligence, Central Intelligence Agency
5:45 PM
Closing Remarks
5:45 PM – 7:00 PM
General Reception