SINETNew York 2022


2022 Agenda

Please navigate to the Speakers tab for a complete listing of speakers. 

September 29, 2022

7:30 AM – 8:30 AM


8:30 AM – 8:35 AM

Welcome Remarks
Robert Rodriguez, Chairman & Founder, SINET
Rick Geritz, CEO, LifeJourney

8:35 AM – 8:40 AM

Cybersecurity Strategic Activity & Trends
Dino Boukouris, Founding & Managing Director, Momentum Cyber

8:40 AM – 9:20 AM

Mitigating Risk To the Growing DevSecOps, API, and SaaS Ecosystem
Matt Comyns, Co-Founder, President, Artico Search
Brendan O’Connor, CEO, AppOmni
David Cross, SVP, Chief Information Security Officer, Oracle
Eva Frankenberger, Chief Information Security Officer, (Germany, Switzerland, APAC) Lazard
Emery Csulak, Principal Deputy Chief Information Officer, U.S. Department of Energy (DOE)
Arvin Bansal, Senior Director, Cloud Security & Data Protection, Amerisource Bergen

9:20 AM – 10:00 AM

Intersecting National Security and Policy to Enhance Critical Infrastructure Protection
Abstract: Are public National Security partners and the private sector aligned on cyber and critical infrastructure protection policies? Have recent federal initiatives driven down risk or are they redundant with no real response and recovery benefits? This esteemed panel will discuss:
– Private sector ‘needs’ that the government can actually provide help with
– Recent and upcoming policy initiatives coming from the White House, DHS, etc.
– How the private sector can help the government craft better policy
– How can the public and private sectors work together to tackle issues like insider threat, convergence, and 3rd party risk management
Brian Harrell, Vice President and Chief Security Officer, AVANGRID
Thomas Quinn, Chief Information Security Officer, T Rowe Price
Candice Frost, JIOC Commander, US Cyber Command
Curley Henry, VP & Deputy CISO, Southern Company
Rob Knake, Deputy National Cyber Director for Strategy and Budget, Office of the National Cyber Director, White House

10:00 AM – 10:15 AM

Fireside Chat: Lessons Learned from the “Endemic” Log4j Vulnerability: A Briefing from the Cyber Safety Review Board
Abstract: DHS established the Cyber Safety Review Board, comprising of 14 cyber luminaries from the public and private sectors, to review significant cyber incidents to understand the facts and draw lessons learned for the future. DHS Under Secretary for Policy Robert Silvers, the Board’s chair, and Heather Adkins, deputy chair and VP of Security Engineering at Google, will provide a briefing on the Board’s inaugural review of the Log4j vulnerability. They will discuss how Log4j affected nearly every networked organization, how government and industry can act on the recommendations, and the unique and enduring role the Board will play in the cyber ecosystem.
Robert Rodriguez, Chairman & Founder, SINET

Robert Silvers, Under Secretary for Policy, Department of Homeland Security
Heather Adkins, VP, Security Engineering, Google

10:15 AM – 10:55 AM

The Evolving Relationship Between the CIO and CISO: What Matters
Moderator: Sashi Jeyaretnam, Senior Director, Security Product Management, Spirent

Kate Prouty, Chief Information Officer, Akamai Technologies
Sonia Arista SVP, Chief Information Security Officer, Signify Health
Lauren Dana Rosenblatt, VP, CISO, IFF
Beth-Anne Bygum, SVP, Chief Security and Compliance Officer, Acxiom
Karl Mattson, CISO, Noname Security

10:55 AM – 11:05 AM


11:05 AM – 11:45 AM

The Growing Attack Surface: Closing Gaps in the Security Stack and Opportunities For Entrepreneurs
Guy Filippelli, Managing Partner, Squadra Ventures
Steve Sparkes, Chief Information Security Officer, Scotiabank
Ann Barron-Dicamillo, Managing Director, Global Head of Cyber Operations, Citi
Alex Attumalil, Chief Information Security Officer, Under Armour
Dustin Wilcox VP, Chief Information Security Officer, Elevance Health
Jared Nussbaum, Managing Director, Chief Information Security Officer, Ares Management

11:45 AM – 12:25 PM

Managing Shadow IT and The Rise of Data Sovereignty In a Shared Responsibility, Multi-Cloud World
Taher Elgamal, Chief Technology Officer, Security, Salesforce
Tom Chowanski, SVP, Chief Information Security Officer, Kemper
Vikas Mahajan, Chief Information Security Officer, American Red Cross
Will Farrell, Head of Global Cyber and Data Defense, TikTok
Ariel Litvin, CISO, FirstQuality
Patricia Hinerman, CIO, Interpublic Group

12:25 PM – 1:15 PM


1:15 PM – 1:55 PM

Getting Ahead of the Software Supply Chain and Third Party Risk Management Tsunami
Abstract: The importance of third parties. vendors, suppliers, partners, distributors, and contractors make it simpler to conduct, build, distribute and sell a product or service. Third parties also increase the attack surface and open their clients up to additional risk as well. According to the Ponemon Institute, when a third party is involved in a breach, it can take longer to detect and mitigate the risk and the average cost of the data breach rises by 14%. Join this panel to hear more about:
–  Best practices on staying ahead of the curve to manage third party risk
–  Approaches that help better manage risk from third party access to systems and data
–  Shared metrics to enhance measurement, quantification, and articulate risk from third- and fourth-parties
–  Accelerating and leveraging automation for an improved risk management model

Kevin McCarty, Managing Director, Information Protection, Cigna
Eric Goldstein, Executive Assistant Director for Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), DHS
Tod Mitchinson, VP & Chief Information Security Officer, New York Life
Matthew McCormack, Chief Information Security Officer, BNY Mellon
Oliver Newbury, Global Chief Information Security Officer, Barclays
Sachin Bansal, Chief Business Officer, SecurityScorecard

1:55 PM – 2:35 PM

Communicating Modern Day Metrics To Better Measure Cyber Risk For Your Board of Directors
Abstract: Better business decision-making happens when you can translate cyber risk into financial terms that corporate leaders are able to understand and make informed decisions. Having a better understanding of residual risk following deployment of security suite controls within an organization’s operational environment must be thoroughly understood to determine if cyber security protection and resilience can be achieved. This panel will discuss how to ensure that their Cybersecurity controls are sufficient for their company’s needs, how companies can best ascertain whether or not they have sprinkled enough “cyber dust” throughout their enterprise to keep them safe from cyber attacks yet allow them the flexibility to operate their organization effectively.
Ed Devinney, Corporate Director Cyber Programs, Northrop Grumman
Sean Dobson, Chief Information Security Officer & CTO, Wafra
Nathaniel Davis, VP, Corporate & Defense Security, Rolls Royce
Henry Jiang, Chief Information Security Officer, Diligent Corporation
Gregory Touhill, Director, CERT Division, Software Engineering Institute, Carnegie Mellon University
Sudhanshu Kairab, VP Governance, Risk, & Compliance, Comcast Cybersecurity

2:35 PM – 3:15 PM

Ensuring Operational Resilience in OT and IT Environments Before & After Destructive Malware Attacks
Abstract: Destructive malware can stifle innovation, breach contracts, and have long-term effects on a company that impacts more than just products and financial gains. Organizations must address what is really a cultural and change management challenge due to a lack of communication, collaboration, and understanding between OT and IT roles and responsibilities.
These leaders will discuss best practices and strategies toward the development of a more cohesive and collaborative convergence of people, processes, and tools within the IT & OT ecosystem in order to establish incident response plans that better prepare their companies to be resilient against destructive malware.
Jane Harper, Associate Vice President, Info Security, Eli Lilly and Company
Ron Layton, VP Converged Security Operations, Sallie Mae Bank
Michael Palmer, Chief Information Security Officer, Hearst
Tomás Maldonado, Chief Information Security Officer, NFL
Yonesy Nuñez, CISO, Jack Henry & Associates
Vivek Kumar, Deputy CISO, Cboe (Chicago Board Options Exchange)

3:15 PM – 3:30 PM

Think Forward with Christopher Cleary
Christopher Cleary, Principal Cyber Advisor for the Department of the Navy, U.S. Navy

3:30 PM – 3:40 PM


3:40 PM – 4:20 PM

The Security Journey Towards Achieving and Implementing Strategies to Deliver a Viable Zero Trust Environment
Katherine Kuehn, Managing Director, SVP of Cyber Trust, Aon

Patrick Ford, Chief Information Security Officer, Americas, Schneider Electric
Bill Jones, Director of Cybersecurity Architecture and Engineering, Trane Technologies
Khalil Jackson, Chief Information Security Officer, Federal Reserve Bank of New York
Troy Wilkinson, Chief Information Security Officer, Interpublic
Matthew Plummer, Chief Technology Officer, Gigamon

4:20 PM – 5:00 PM

Risk Tolerance vs. Controls Compliance: Finding a Balance
Abstract: As Risk Executives, CISOs are inundated with various control compliance frameworks such as PCI, HITrust, HIPA, CMMC, ISO, SOC, etc., and are expected to comply with one or more of these frameworks depending on their industry and geography. But is using a security compliance framework as the basis of your cyber program/strategy a good idea? Is security a compliance discipline or is it a risk management discipline? Is it black and white or is it shades of grey? Can it be both at the same time? This panel will discuss the tradeoffs and how to bring balance to your approach.

Charles Blauner, Partner & Chief Information Security Officer in Residence Team8
Christine Herman, Chief Technology & Security Officer, Finance of America
Lisa Humbert, Managing Director, Operational Risk Management Officer, Bank of Tokyo/Mitsubishi Union Financial Group
Sajan Gautam, Chief Information Security Officer, Arvest Bank
George Smirnoff, Managing Director, Group Head of Operational Risk, Barclays
Brendan Welter, Chief Information Security Officer & Chief Data Officer, Rockefeller Capital Management

5:00 PM – 5:40 PM

Thinking From the Adversary’s Perspective: Lessons Learned On How To Better Protect Our Networks
Robert Rodriguez, Chairman & Founder, SINET
Tim Dawson, Group Chief Information Security Officer, UBS
Rob Gurzeev, CEO & Co-Founder, CyCognito
Mark Wassersug, Chief Information Officer, Intercontinental Exchange, Inc.
Avishai Avivi, CISO, SafeBreach
Ariel Weintraub, Chief Information Security Officer, MassMutual

5:40 PM

Closing Remarks
Robert Rodriguez, Chairman & Founder, SINET

5:40 PM – 7:00 PM


Interested in Sponsoring a SINET Event?