5:00 pm - 6:10 pm

Panel Discussion: Women in Security

• Creating a purpose-driven strategy that makes an impact as our organization grows and nurtures a diverse workforce
• Understanding the leader’s role as a force to shape and demonstrate corporate culture, and to serve as a catalyst for equality and inclusion
• Sharing typical challenges faced by corporations when trying to promote diversity in the workforce
• Illustrating the importance of today’s leaders building up and supporting the next generation our organizations will need for the future. What does that look like on a day-to-day basis?
• Offering examples of strong and effective mentorship programs in onboarding, cross-training, job shadowing, and continuing education that make the difference

6:15 pm - 7:30 pm

Welcome Drinks Reception

7:00 am - 7:45 am

Registration & Breakfast

7:45 am - 7:50 am

Opening Remarks and Important Announcements

7:50 am - 8:00 am

Chair’s Welcome Address

9:15 am - 9:50 am

How Good Data Security Practices Drive Data Governance

• Exploring key strategies to enable effective data stewardship, support innovation, and automate compliance while moving at the speed of the cloud
• Gaining complete visibility into your data repositories
• Ensuring scalability as you continue to generate exponential volumes of data
• Implementing cloud-managed environments to handle innovations and new workloads

Kostas Georgakopoulos
Chief Technology Officer & Chief Information Security Officer
Mondelez International

9:15 am - 9:50 am

Maximizing AI Innovation while Minimizing Security Risks

• Ensuring that AI’s immense potential and helpful technology works for everyone
• Strategies to leverage AI to help identify threats faster and benefit society overall
• Cutting through the noise around AI innovation
• Discussing what security standards should look like for responsible AI deployment

9:55 am - 11:35 am

Pre-Arranged One-to-One Meetings

• 10:00 am – 10:20 am: Meeting Slot 1/Networking
• 10:25 am – 10:45 am: Meeting Slot 2/Networking
• 10:50 am – 11:10 am: Meeting Slot 3/Networking
• 11:15 am – 11:35 am: Meeting Slot 4/Networking

11:40 am - 12:15 pm

Navigating the Challenges of Security in Serverless

• Does spending less time thinking about infrastructure mean neglect for important security concepts?
• Understanding why it is more essential to focus on security when developing and deploying serverless applications
• Diving into the important questions if you’re going serverless
• Demonstrating what an insecure serverless environment looks like, including how quickly a small vulnerability can lead to huge data loss

11:40 am - 12:15 pm

Why Your Cyber Resilience Strategy Should Be Intelligence-Led

• Designing a holistic and pragmatic cyber resiliency strategy to manage cyber risk and drive business value
• How to develop your strategy to ensure it is aligned with your business strategy
• Incorporating key aspects such as legal, compliance, and risk management to enable a return on investment
• Discussing how intelligence and the frontline experience should be leveraged within your organization

12:20 pm - 12:55 pm

Next-Generation Insider Risk Management

• Exploring the transformation of cybersecurity methodologies in the face of an evolving digital world
• Focusing on both unintentional and intentional Insider Risk Management and the threats posed to organizations
• Looking into various case studies of significant insider threat incidents to underscore the critical importance of IRM and its role in a holistic cybersecurity strategy

Allison Miller
Chief Information Security Officer & SVP, Global Cybersecurity Office
Optum Inc., United Health Group

12:20 pm - 12:55 pm

Never Let a Good Crisis Go to Waste: A Ransomware Case Study

• Highlighting the importance of designating key decision-makers for handling crises before they happen
• Getting comfortable making critical decisions during a ransomware attack without a lot of data
• How a crisis allowed for more effective implementation of security changes

12:55 pm - 1:55 pm

Innovate, Integrate, Influence: Tools for Effective Leadership

Mike Phillips
CISO
Cheniere Energy

12:55 pm - 1:55 pm

Building a Positive Security Culture

Michael McLaurin
Director of Global Cybersecurity
CoStar Group

12:55 pm - 1:55 pm

How To Implement Data Governance In The Consumer Space

Ashiq Ahamed
Global CIO
Destination Auto Group

12:56 pm - 1:55 pm

Cybersecurity and the Board: Strategies for Alignment

12:56 pm - 1:55 pm

Security Concerns for CISOs and How to Address Them

12:56 pm - 1:55 pm

Software Security in the Supply Chain

2:35 pm - 3:10 pm

Driving Real Value Through AppSec Processes and Tech

• Dissecting the efficacy of tools like SAST, DAST, and SCA; or processes like Threat Modeling and Pen Testing
• Addressing issues with these tools and processes through thoughtful exchange and actionable insights
• Challenging assumptions regarding long-accepted processes
• Sharing perspectives and gathering understanding through the experiences of CISOs

2:35 pm - 3:10 pm

Incorporating Threat Modeling into Cybersecurity Risk Assessments

• How can threat modeling enhance your organization’s cybersecurity posture? Why is it important to incorporate it into existing risk management frameworks?
• Identifying common challenges in integrating threat modeling into risk assessments
• Understanding the STRIDE and DREAD methodologies for threat modeling and how to prioritize and mitigate risks using a risk matrix
• Gaining insights into best practices for conducting successful risk assessments, including identifying and evaluating risks based on likelihood and impact

3:15 pm - 4:25 pm

Pre-Arranged One-to-One Meetings

• 3:15 pm – 3:35 pm: Meeting Slot 5/Networking
• 3:40 pm – 4:00 pm: Meeting Slot 6/Networking
• 4:05 pm – 4:25 pm: Meeting Slot 7/Networking

4:30 pm - 5:05 pm

Prevent, Detect, and Respond: Finding and Fixing Flaws

• Why increased security sometimes starts with developer competency in a developing environment or a growth period
• Exploring ways of managing and maintaining your attack surface
• Learning from actionable, practical response processes from major organizations that have been there, done that, and come out on the other side

Gary Harbison
Global Chief Information Security Officer
Johnson & Johnson

5:05 pm - 5:40 pm

Cyber Intelligence in a Rapidly Changing World

• Looking into the increasingly difficult yet more pertinent role of cyber intelligence teams
• How are geopolitical events and new technical demands transforming this landscape?
• Emphasizing the importance of multi-disciplinary intelligence for mitigating serious risks

David McKeown
Deputy DoD CIO for Cybersecurity/Chief Information Security Officer
United States Department of Defense

6:30 pm

Executive Dinners

7:30 am - 8:25 am

Registration & Breakfast

8:25 am - 8:35 am

Chair’s Opening Remarks

9:50 am - 10:25 am

Meeting Data Security Challenges in the Age of Digital Transformation

• Looking into the ways that which data can be stolen, corrupted, or compromised in some way now and in the future
• Understanding how modern requirements for securing data have grown beyond most enterprises’ capacity to meet them
• Discussing the acceleration of digital transformation and the ways in which this phenomenon has upended how data security works
• Strategies for applying new, more effective security controls

Marc Varner
Corp VP and Global Chief Information Security Officer
Lowe’s Companies, Inc.

9:50 am - 10:25 am

Defending Global Institutions from Supply Chain Cyber Risks

• Learning how supply chain cyber risks pose unacceptable risk levels to supply chain operations to the and how we can proactively mitigate
• Gaining a better understanding of both short and long term impacts that supply chain cyber risks pose across the value chain
• Taking a deep dive into real-world data to understand the magnitude of potential issues and how vulnerable some of the most critical industries are

10:25 am - 11:15 am

Pre-Arranged One-to-One Meetings

• 10:30 am – 10:50 am: Meeting Slot 8/Networking
• 10:55 am – 11:15 am: Meeting Slot 9/Networking

11:20 am - 11:55 am

Building Culture Bridges in Information Security and Cyber

• Understanding how navigating across cultures is essential to the success of any cyber initiative
• Determining which practices lead to long-term change for you and your organization
• Exploring areas such as international relations, the IT/OT gap, public/private partnerships, and diversity issues

Dave Estlick
Chief Information Security Officer
Chipotle, Inc.

11:20 am - 11:55 am

New Data Governance and Cyber Resiliency Standards for Healthcare

• Exploring why traditional vulnerability management approaches are limited in effectiveness in healthcare organizations
• Strategies for establishing standardized baseline cybersecurity controls to protect patient data and care
• Understanding the landscape of healthcare’s attack ecosystem and highlighting some of the common pitfalls

12:00 pm - 12:35 pm

Perfecting Your Operational Tech Security Journey

• Assessing your new or growing operational technology responsibilities
• Exploring examples of both how to and how NOT to start or revamp your OT security journey
• Presenting strategies on how to effectively bring IT and OT along on the journey

12:00 pm - 12:35 pm

Cloud Security Strategies for Success

• Looking at the different challenges that can occur when trying to manage the cloud as a security leader
• Understanding how to measure the cloud security scaling process
• Effectively enhancing organizational capabilities to detect and respond to threats targeting cloud environments
• Key considerations for formulating an effective incident response plan in the cloud
• Today’s unique compliance challenges organizations face when operating in the cloud

12:35 pm - 1:35 pm

The Challenges of CISO Burnout

12:35 pm - 1:35 pm

Latest Technology Trends to Mitigate Risks

12:35 pm - 1:35 pm

Is Your Security Program Effective?

1:35 pm - 2:10 pm

Network-Embedded Security: Securing Connections for Everyone

• How AT&T is using advanced cybersecurity services that are embedded into the network to combat the rising number of cyber-attacks
• Why network-embedded security offers a more robust defense by actively detecting and mitigating threats faster and more effectively than many options available today
• Discussing how businesses small to large can be thinking about their cyber defenses in the future

Rich Baich
SVP, Chief Information Security Officer
AT&T

2:15 pm - 2:50 pm

Panel: The Business of Global Talent

• Placing diversity and inclusivity at the core of everything you do
• Breaking new ground and finding new ways of managing the holistic talent life cycle, enabled by advanced technology
• Forging partnerships across the business to attract a new generation of talent from outside the core cyber function
• Using internal, external and unconventional talent pools to build and develop a sustainable global talent pipeline

Matt Conner
Chief Information Security Officer
Westinghouse Electric Corporation

2:50 pm - 3:00 pm

Chair’s Closing Remarks