IN-PERSON

Atlanta CISO Executive Summit

May 11, 2022 | The Westin Atlanta Perimeter

May 11, 2022
The Westin Atlanta Perimeter

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Derek Benz

Coca-Cola Company
Chief Information Security Officer

Tim Callahan

Aflac
Global Chief Information Security Officer

John Dickson

Republic National Distributing Company
VP, IT Infrastructure & Cybersecurity

David Levine

Ricoh Americas
VP Corporate & Information Security, CSO

Dean Mallis

Marta
CISO

Deborah Wheeler

Delta Air Lines
Chief Information Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Atlanta CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

May 10, 2022

afternoon

May 11, 2022

morning mid-afternoon afternoon

6:00pm - 8:30pm Governing Body Welcome Reception

Governing Body Private Dinner

Governing Body members host this dinner for attendees to launch the event with an evening of peer networking.

7:30am - 8:15am Registration & Breakfast

8:15am - 9:00am Keynote

Coaching Resilient Leaders Through Challenges and Change

Dr. Kiki Ramsey

CEO, The Positive Psychology Coaching and Diversity Institute

Guest Speaker

Challenges arise every day in the workplace whether it’s dealing with disgruntled staff, diversity, budget cuts, changes in management, shortage of good staff, or even managing personal issues. With all these challenges arising there is a need for leaders to understand and employ resilience. In this highly engaging keynote, Dr. Kiki, Executive Coach, and Positive Psychologist will teach leaders how to use coaching as an effective tool to resolve conflict and challenging issues and employ resilience, all while still setting and meeting meaningful company goals and remaining competent leaders.

Dr. Kiki Shares:

The Research On What Makes Resilient Leaders
How To Overcome The Tough Issues and Remain Relevant
How To Use Coaching As A Tool To Resolve Conflict and Develop Resilience

9:00am - 9:30am Networking Break

9:30am - 10:15am Breakout Session

An Unfiltered CISO's Take on Modern Resilience

Kishore Yerramreddy

Sr Director Security Engineering, Americas

Vectra

Jerry Perullo

Cybersecurity Advisor, Founder, and Professor

Guest Speaker

Recently retired ICE/NYSE CISO Jerry Perullo has always been known for testing popularly held assumptions, but now that he is retired, the gloves are off.

In this fireside chat, Jerry will:

Test his theories on why conventional practices like patching, encryption and asset management are overrated
Explain the real keys to keeping your organizations safe and resilient in the face of motivated cyber-attacks
Provide a buzz-word-less take on the responsibilities of the modern CISO

9:30am - 10:15am Breakout Session

Leader-Level Investment, Team-Level Buy In

Katie Ewers

Director of Cybersecurity, BISO Team, - MRxTS

McKesson Corporation

James Baird

VP Information Security & CISO

FOCUS Brands

It’s no longer enough to manage your team and hope they stick around. Instead, long-term retention calls for a plan. Now, in this era of labor uncertainty, it’s more important than ever to come together and share what’s working.

Together, we’ll figure out:

How CISOs are encouraging their teams and retaining their rosters
What many are noticing to be the red flags of security burnout
Retention practices you can immediately implement to maintain your camp

9:30am - 10:15am Executive Boardroom

Manage Security Posture and Risk Across SaaS Environments

Chris Thorpe

Senior Director, Information Security

Cox Communications

Harold Byun

Chief Product Officer

AppOmni

Tim Mullen

VP, Information Security

Change Healthcare

As the adoption of enterprise SaaS grows, high-profile SaaS application data breaches are also on the rise. CISOs are ultimately responsible for the security of their organization’s data, including access by third-party applications, and must implement appropriate security settings and data governance for their environments. The challenge is that the most widely-used gateway architecture solutions don’t deliver visibility into the complex, unique characteristics of different SaaS applications.

Join this Boardroom to discuss:

How to gain immediate visibility into what data can be accessed by all types of users and integrations, including third-party applications, to understand and mitigate risk
How to better secure your organization’s SaaS data across applications
How to integrate security into the Software Development Lifecycle to improve DevSecOps during the product development process

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs).

To reserve your seat, please contact:

Lauren Scott, Program Manager at lauren.scott@evanta.com

9:30am - 10:15am Executive Boardroom

The Goldilocks Principle — Getting Your Security Automation Program "Just Right"

Brian Phillips

VP, Information Security

Macy's

Joshua Thorngren

VP Growth

Torq

Matt Baker

Director, Information Security

MagMutual

There's no question that security automation is essential for successful threat response and risk mitigation. But automation isn't one size fits all. Automation that leads to a better security posture requires careful thought. What to automate, how much to automate, where to involve human analysts - all of these factors must be decided for truly successful automation.

In this roundtable discussion, your peers will:

Compare different approaches to automation - from fully autonomous processes, to human-in-the-loop and more
Share real stories about what works and what doesn't when starting your automation build
Study how some are building and scaling automation programs to deliver the best possible results

To reserve your seat, please contact: Lauren Scott, Program Manager at lauren.scott@evanta.com

10:15am - 10:45am Networking Break

10:20am - 10:45am Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

10:45am - 11:30am Breakout Session

Security Service Edge (SSE) — Security is a Team Sport

James Robinson

Deputy CISO

Netskope

Building trust and reliance across technology and security teams is key to defending the enterprise. As security stacks incorporate Security Service Edge (SSE) to sustain the SASE journey, the partnership between CIOs, CISOs, and their teams is more important than ever.

Join this session to learn about:

Best practices for IT and security collaboration
Communicating the importance of SSE to your CEO and Board
Improving internal stakeholder relationships to fuel business outcomes

10:45am - 11:30am Breakout Session

Navigating the Third-Party Threat Landscape

Kemper Seay

VP Infrastructure & Chief Information Security Officer

Carter's

Ray Griffin

Director, Head of Cyber Security

Cox Media Group

With an increasing dependence on vast, third-party networks, it’s more difficult to remain unfazed by major breaches than ever before. Monitoring your supplier, vendor, or partner’s every move is impossible – but the right risk management program could be the life-saving measure your business needs when everyone around you is under attack.

Join this session to discuss:

Prioritizing your vendor inventory for assessment
Leveraging automation for calculating risk and streamlining the review process
Expanding third-party risk conversations beyond cybersecurity

10:45am - 11:30am Executive Boardroom

Securing Sprawl – Mitigating Risk

Karl Mattson

CISO

Noname Security

As business and technology teams drive cloud adoption and implement modern application architectures, the security vulnerabilities of the sprawling IT stack multiply as visibility dwindles. Now is the time to explore new applications and API security strategies to proactively reduce risk, secure the environment, and capitalize on cloud-native capabilities to meet these challenges.

Join this boardroom to discuss:

Establishing effective vulnerability management and application security programs
Moving from a reactive to a proactive security posture
API governance and security challenges and opportunities

To reserve your seat, please contact: Lauren Scott, Program Manager at lauren.scott@evanta.com

10:45am - 11:30am Executive Boardroom

Architecting a More Adaptive and Integrated IAM Strategy

Wendy Nather

Head of Advisory CISOs

Cisco Secure

William DeMar

CISO

Mandarin Oriental

Scott Stanton

Business Information Security Officer (BISO)

Owens & Minor

IAM systems are the digital keys to your company’s castle. But the transition to remote, connect anywhere computing means there are thousands of keys created every day, each one exponentially increasing the risk of unauthorized access through any one of the systems your users access daily. So if identity is now the ultimate perimeter and that perimeter is constantly expanding and becoming more complex, how do you build a defense structure capable of protecting it?

During this peer-discussion you will explore:

The role of zero trust in access management
How to implement IAM tools without negatively impacting the user experience or core business operations
How to engage other stakeholders and functions on their access needs to move beyond surface-level coordination

11:30am - 11:40am Break

11:30am - 12:30pm Lunch Service

12:30pm - 1:05pm Keynote

Elevating Security for a Hyper-Connected World

Desiree Lee

Field CTO

Armis

Digital assets are enabling new revenue and growth opportunities, and accelerating transformation across industries. For CISOs that must ensure the security and continuity of business, however, they represent an ever-expanding attack surface at a time when the volume of attacks and the threat of ransomware is increasingly driving news cycles and board-level concern.

Attendees of this keynote will leave with the insights needed to:

Identify unseen security risks by gaining complete visibility in a rapidly expanding attack surface
Get ahead of exposure by prioritizing high impact vulnerabilities and threats
Secure the assets, recover unnecessary CapEx and OpEx and free staff for priority initiatives

1:05pm - 1:20pm Break

1:20pm - 2:05pm Breakout Session

Third-Party Cyber Risk — Zero-Day Findings and Mitigation

Joel Molinoff

Vice Chairman

BlueVoyant

Managing distributed risk is today’s defining cybersecurity challenge. Mitigation of zero-day vulnerabilities is critical as adversaries exploit supply chain entities. This session explores how to identify all third parties impacted by zero-day vulnerabilities and guide their mitigation efforts. Your vendor, supplier, and partner ecosystem is now your enterprise attack surface.

Join this session to learn:

How to manage distributed risk associated with hundreds and even thousands of vendors, suppliers, and partners
Approaches to identify, prioritize, and mitigate active threats and critical/zero-day vulnerabilities
Strategies to reduce supply chain/external ecosystem risk associated with zero-day

1:20pm - 2:05pm Breakout Session

Fire Away – CIO Office Hours

Curtis Carver Jr.

Vice President and CIO

University of Alabama at Birmingham

Have you ever wished you could pop into your CIO's mind and instantly understand how they approach important topics and decisions? Now is your chance to anonymously pose questions to a CIO who will pull back the curtain on their thought process and share candid context for why and how they make certain choices.

The questions in this session will be decided by the audience and will touch on themes such as:

Building relationships across the C-Suite, with stakeholders and within the enterprise
Pursuing innovation while keeping the lights on
What’s next for the role of CIO and CISO

1:20pm - 2:05pm Executive Boardroom

Ahead of the Cloud — Flexible Solutions for a Moving Target

Jason Mical

Field Chief Technology Officer - Americas

Rapid7

Colin Henderson

CISO

Bakkt

Bob Jett

Vice President, Chief Privacy Officer

Crawford

Sometimes, cloud can seem like a "one size fits none" type of hurdle. One thing is certain, however — as the cloud landscape continues to evolve, so too should a CISO's security strategies.

Join this boardroom to:

Gather practical takeaways and cloud solutions from your peers
Explore solutions to current and future cloud security issues
Gain feedback on your organization's cloud priorities

To reserve your seat, please contact:

Lauren Scott at Lauren.Scott@evanta.com

1:20pm - 2:05pm Executive Boardroom

Zero Trust – Hype or Hope?

John Velisaris

Associate Partner, Security Services

IBM

Martin Fisher

Director, Information Security & CISO

Northside Hospital

Nicole Dove

Head of Security, Games

Riot Games

An organization's ability to achieve successful digital transformation is in large part enabled by the security team. Distributed, loosely connected infrastructure and tools, coupled with the demand for almost any-to-any connectivity, complicates the mission. Regularly defined as being delivered by a single "silver bullet" point solution, the term zero trust is now often held in poor regard. It is however, a highly effective conceptual framework, and perhaps even a cultural shift, that many organizations have been working with for several years.

Join this interactive boardroom to discuss:

The broader definition of what a zero trust framework is
The foundational control required to build a zero trust program
Strategies for improving the user experience and proving value to get organization-wide acceptance

To reserve your seat, please contact:

Lauren Scott at lauren.scott@evanta.com

2:05pm - 2:35pm Networking Break

2:10pm - 2:35pm Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

2:35pm - 3:20pm Breakout Session

Execution Over Excuses - Paving Your Path to CISO Success

David Ehn

CISO

Agilysys, Inc.

Jorge Perez

SVP, Divisional CISO

Truist

Whether it's a lack of buy-in, a limited staff, or a heap of regulatory responsibilities - something will always attempt to hold you back. But even if you were handed the world, would you know how to make it count? The key may be stepping outside the box to tackle common hurdles.

Join Jorge Perez, CISO, Truist and David Ehn, CISO, Agilysys, Inc. to discuss:

Rethinking your unnecessarily expensive talent approach
Best practices for managing through a crisis with budget challenges
How to implement a risk-based approach and start selling your value proposition

2:35pm - 3:20pm Executive Boardroom

Effectively Managing Third-Party Risk with a Data-Centered Approach

Dave Stapleton

CISO

CyberGRX

Kelvin Arcelay

SVP, IS & IT Risk Management

EVO Payments International

Security assessment questionnaires are no longer the centerpiece of third-party risk management programs. As our third-party ecosystems become more diverse and dynamic, so too should our way of monitoring and collaborating with these critical business partners. Structured data, analytics, and automation have the potential to revolutionize traditional third-party risk management approaches.

Join this roundtable to discuss:

What data is most important to your organization
Where you can find your organization’s most powerful and precious data
How you can harness it to reduce your dependence on static, inefficient questionnaires

To reserve your seat, please contact:

Lauren Scott at lauren.scott@evanta.com

2:35pm - 3:20pm Executive Boardroom

The Ongoing Fight to Secure Business Email

Gretchen Hiley

CISO

Randstad North America

Crane Hassold

Director of Threat Intelligence

Abnormal Security

Ramesh Srinivasan

Head of Cybersecurity

Americold

Despite their efforts, from phishing simulations to security awareness campaigns, CISOs from organizations big and small keep falling short when it comes to stopping Business Email Compromise (BEC) attacks. But, if everyone has an email security program, why are the losses associated with BEC still climbing?

Join this session to discuss:

What is working, or not working, with existing processes and technology?
How do we solve the “human factor” in the equation?
Best practices for preventing loss related to a BEC attack?

To reserve your seat, please contact:

Lauren Scott at Lauren.Scott@evanta.com

2:35pm - 3:20pm Executive Boardroom

The Indispensable Human Element of Cybersecurity

Michael Leland

Chief Cybersecurity Evangelist

SentinelOne

Irene Thong

Senior Director, IT and Project Management

Printpack

Willard Dawson

Corp VP, Security Architecture, Threat Intelligence & Info Security Group

New York Life

Artificial Intelligence is a pervasive part of our lives today and cybersecurity teams and adversaries alike have learned to harness the speed and power of machines to strengthen their capabilities. With machine learning becoming one of the most important tools of defense, leaders must balance the overwhelming speed and accuracy advantage of AI with the need for measured and intuitive interactions with a real-world human element.

Join this session to discuss:

What these trends mean for the hands-on practitioner
When velocity of innovation outpaces the capabilities of human intellect
The role of automation in the effective practice of securing our digital world

To reserve your seat, please contact: Lauren Scott, Program Manager at lauren.scott@evanta.com

3:20pm - 3:35pm Networking Break

3:35pm - 4:10pm Keynote

In This Together — Public-Private Partnerships

Jason Sankey

Chief Information Officer

City of Atlanta, GA

Tim Callahan

Global Chief Information Security Officer

Aflac

Stanton Gatewood

Cyber Security Coordinator - Region IV (Georgia)

Cybersecurity and Infrastructure Security Agency

According to data from the FBI, Georgia is the 3rd most targeted state for cyber attacks. What can security leaders do? Should it be tolerated as a side effect of the state's intentionally-curated community of tech leaders or could it be helped by a strategic partnership between public and private information security minds?

Participate with a panel of private CISOs and public cyber experts to discuss:

How to get the conversation started between private and public agencies
How the State and Federal agencies can support and collaborate
Ways to collectively develop and bolster defenses

4:10pm - 4:40pm Closing Reception & Prize Drawing

May 10, 2022

afternoon

May 11, 2022

morning mid-afternoon afternoon

We look forward to seeing you at an upcoming in-person gathering

Location

Venue & Accommodation

The Westin Atlanta Perimeter

MORE INFORMATION

A block of rooms has been reserved at the The Westin Atlanta Perimeter at a reduced conference rate. Reservations should be made online or by calling 1-888-236-2427. Please mention Atlanta Executive Summit to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $149 USD (plus tax) is April 25, 2022.

RESERVE ROOM