IN-PERSON

Boston CISO Executive Summit

December 10, 2024 | Westin Copley Place

December 10, 2024
Westin Copley Place

APPLY TO PARTICIPATE

Collaborate with your peers

Get together with Boston's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Navigating the ethics of cutting edge AI

Optimizing costs to improve security across cloud environments

Strategizing for a risk-aligned, resilient organization

Boston CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Julie Fitton

Analog Devices
CISO

Eric Galis

Cengage
CISO

Javed Ikbal

Bright Horizons
VP/CISO

Ravi Thatavarthy

Rite Aid
Chief Information Security Officer

Michael Woodson

Sonesta
Director of Information Security and Privacy

Gernette Wright

Schneider Electric North America
IT Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Boston CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


December 10, 2024

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

Law & Order — Cross Examining AI's Legal Boundaries

Eran Kahana headshot

Eran Kahana

AI, Cybersecurity, and Intellectual Property Attorney

Maslon LLP

As AI technologies rapidly evolve, the laws and ethical standards designed to govern them lag behind, creating a mismatch in the pace of innovation and regulation. This misalignment often leads to inadequate alignment with core principles such as trustworthiness, safety, and ethics. For AI leaders, mastering governance strategies that drive alignment with these core principles is key to ensuring the organization’s risk profile is effectively managed.

Join AI, cybersecurity, and IP law expert Eran Kahana as he offers actionable insights on:

  • Navigating the Ethics of Cutting-Edge AI
  • Deciphering Global AI Legislation Dynamics
  •  Mastering AI Governance for Risk Mitigation


9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

Bridging Security and Risk — The Evolving CISO Reporting Structure

Doug DeMio headshot

Doug DeMio

CSO

Mapfre Insurance

In the evolving landscape of risk management, the integration of CROs and CISOs is quickly emerging. This new reporting structure empowers both CROs and CISOs to work synergistically, leveraging their combined expertise to protect the organization's assets, reputation, and strategic objectives in a rapidly changing threat landscape. It also creates a more cohesive and comprehensive approach to ensure that security becomes an enabler for faster, smoother business transactions rather than a bottleneck.

Join this session to discuss:

  • Allocating resources for risk management and cybersecurity initiatives
  • Aligning risk management strategies along with business objectives
  • Unifying to create a stronger Risk Management Framework

 

9:40am - 10:25am  Executive Boardroom

Navigating the Cyber Risks of Cloud — Evaluating Options

Mani Keerthi Nagothu headshot

Mani Keerthi Nagothu

Americas Field CISO Associate Director

SentinelOne

The use of cloud technology has become a popular choice for businesses, providing them with numerous advantages but also introducing new threats. Cyber security risks can cause financial and reputational damage if left unmanaged, which is why it is essential to understand all the ways to protect the enterprise.

In this boardroom we will discuss:

  • How cyber insurance policies differ
  • New insights to cloud-based attacks and the impacts
  • Defenses to financial and reputational damage

9:40am - 10:25am  Executive Boardroom

Innovating at Full Speed

Clinton Herget headshot

Clinton Herget

Field CTO

Snyk

Daniel Gortze headshot

Daniel Gortze

Chief Information Security Officer

MIB Group

Ravi Thatavarthy headshot

Ravi Thatavarthy

Chief Information Security Officer

Rite Aid

Matthew Wicker headshot

Matthew Wicker

Global Director of Cybersecurity

Regal Rexnord

Establishing trust between security and developers is crucial for successful outcomes, especially as modern development quickly embraces AI. Security and risk leaders need to move faster by adopting dynamic risk governance and use risk governance intensity, but how does the future of innovation hinge on achieving this open trust and communication.

Join this boardroom conversation with Snyk to delve into:

  • Communicating risk strategies & ownership to partners across the enterprise
  • Applying AI and how it can speed up and secure application security
  • Leveraging automation and analytics to safeguard the riskiest components of your digital portfolio

10:25am - 11:05am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:05am - 11:50am  Breakout Session

It is AI Incident O'clock — Do you know where your AI Security Program is?

Javed Ikbal headshot

Javed Ikbal

VP/CISO

Bright Horizons

There are two kinds of companies, those that had an AI Security/Privacy Incident, and those that will. Artificial Intelligence brings both groundbreaking opportunities and considerable risks. To effectively manage these risks, the National Institute of Standards and Technology (NIST) has published a risk management framework. However, this framework does not fully address the pressing question for cybersecurity experts: how to prevent or respond and recover.

Join this session to discuss:

  • Applying NIST's Five Functions to AI security
  • Protecting Gen AI applications with the OWASP LLM Top 10
  • Arming AI Governance with the NIST AI RMF


11:05am - 11:50am  Executive Boardroom

Securing the Everywhere World — Building Cyber Resilience through a “Connectivity Cloud”

Stephen Stierer headshot

Stephen Stierer

Senior Director of Solutions Engineering

Cloudflare

Stephen Danckert headshot

Stephen Danckert

Director, Enterprise Architecture, Cybersecurity and Privacy

Haemonetics

Brian McGowan headshot

Brian McGowan

CISO

SharkNinja

When users are everywhere and digital operations span cloud, SaaS, and on-premises environments, achieving cyber resilience becomes paramount. The challenge lies in navigating this complexity and maintaining visibility and control to ensure continuous operation despite cyber threats.

Join this interactive roundtable to discuss:

  • Optimizing costs and improving security across diverse cloud environments
  • Adopting Zero Trust philosophies to protect users, data, and applications
  • Innovating with AI while addressing global regulatory and data privacy requirements


11:05am - 11:50am  Executive Boardroom

Risk to the Nth-Party Degree

John Chisum headshot

John Chisum

VP, Solutions Consulting

RiskRecon - A MasterCard Company

Julie Fitton headshot

Julie Fitton

CISO

Analog Devices

Dean Lebron headshot

Dean Lebron

Vice President, Information Technology

Ameresco

Third party relationships are closest and may prove to be the most tangible risks to your business, yet the whole supply chain of your business partners still pose a substantial threat. Most organizations’ vendor relationships extend to the 8th party. CISOs need to understand this web of connectedness in order to better manage and communicate enterprise risk.

Join this session to discuss:

  • Gaining visibility into risk across the whole supply chain
  • Strategies for effective risk management and monitoring business partners
  • Overcoming resource challenges to prioritize third-party and extended supply chain risk

11:50am - 12:35pm  Lunch Service

12:35pm - 1:10pm  Keynote

Optimizing for Agility — Network and Security Convergence

Steve Riley headshot

Steve Riley

VP & Field CTO

Netskope

Integrating a complex ecosystem across all security areas can optimize defenses without simplifying adversaries’ challenges. This approach balances robust security with efficiency, crucial for navigating generative AI and tech advancements. Achieving this requires strategic selection and consolidation of platforms to enhance agility, reduce risk, and maintain cost-effectiveness.

In this session, you’ll learn:

  • The composition of an effective security architecture
  • Value you can derive from a converged networking and security platform
  • Common consolidation mistakes people make and how to avoid them

1:10pm - 1:35pm  Break

1:35pm - 2:20pm  Breakout Session

Who Knew It Could "BISO" Simple

Eric Galis headshot

Eric Galis

CISO

Cengage

Christina Mazzone headshot

Christina Mazzone

Global Managing Director, Corporate Information Security & Strategy

Omnicom Group

When it comes to success, people tend to offer silver bullets or single keys. However, true long-term success is achieved through multiple conversations and continued strategic relationships across the business – which is exactly where the BISO role can add tremendous value to a CISO's team.

Join this session to hear how CISOs are leveraging teams of BISOs to:

  • Improve collaboration between business units and the security team
  • More effectively identify and mitigate risks
  • Ensure its security posture is aligned with the rest of the business


1:35pm - 2:20pm  Executive Boardroom

The Silent Spread of AI — Are We Losing Control Over It?

Lior Yaari headshot

Lior Yaari

CEO and Co-Founder

Grip Security

Mick Leach headshot

Mick Leach

Field CISO

Abnormal Security

Astrid Lambert headshot

Astrid Lambert

Sr. Director Data & Development

Cambridge Health Alliance

Ravi Thatavarthy headshot

Ravi Thatavarthy

Chief Information Security Officer

Rite Aid

AI risk is quietly creeping into every corner of your enterprise, and you don’t even realize it. As more employees adopt AI-powered tools, applications, and processes, it is becoming deeply embedded in your tech stack — but it’s not just your employees using AI. Attackers are also leveraging AI to enhance their own tactics and sharpen their attacks. The real question for CISOs is: Do you have visibility into the countless ways AI is spreading, and what’s the best way to use AI to protect against AI?

Join this session to discuss:

  • The hidden ways AI is entering your enterprise, from third-party tools to shadow AI projects and why it’s slipping under the radar
  • How attackers are using AI to improve their attacks and making them harder to detect by both legacy security tools and humans themselves
  • Actionable steps for CISOs to gain visibility and control over AI use across the organization

1:35pm - 2:20pm  Executive Boardroom

Security Operations — Navigating a Moving Target

Gael Frouin headshot

Gael Frouin

CISO

AAA Northeast

Heinrich Piard headshot

Heinrich Piard

Chief Information Security Officer & Head of Global IT Operations

Hamilton Insurance Group

Many security operations (SecOps) programs focus on tooling and existing processes to identify new, critical threat activity. However, many of the true unknowns are left missing. How can CISOs enable SecOps performance in today's sophisticated and ever-evolving threat landscape?

Join this session to discuss:

  • Enabling SecOps through change and disruption
  • Working within resource constraints without compromising security posture
  • Elevating threat detection to drive SecOps efficiency


2:20pm - 3:00pm  Networking Break

2:25pm - 2:50pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm  Breakout Session

10-Minute Wins

Sara Hall headshot

Sara Hall

CISO

Teladoc Inc

Why learn from one peer when you can learn from three? In this unorthodox, but effective, breakout session you’ll hear from multiple members of your community — each taking the floor for 10 minutes to share what they’ve gleaned from their time in leadership.


3:00pm - 3:45pm  Executive Boardroom

Protecting Innovation: Rethinking Data Security Strategies

John Loya headshot

John Loya

VP Of Sales Engineering

Cyberhaven

Ravi Thatavarthy headshot

Ravi Thatavarthy

Chief Information Security Officer

Rite Aid

AI makes creating and consuming data easier than ever, with shadow AI and dark data presenting new challenges to security teams. As the tactics for protecting data evolve, security leaders must adopt a risk-based strategy to protect mission-critical data and safeguard innovation.

Join this session to discover:

  • Effective practices for ongoing monitoring to identify risks
  • Rapid investigation and response techniques for insider threats
  • Strategies for evolving your data protection approach

3:00pm - 3:45pm  Executive Boardroom

Cyber Risk — Telling the Right Story

Joe Burgoyne headshot

Joe Burgoyne

Sr. Director, Cyber Security

GE Healthcare

Jay Carter headshot

Jay Carter

CISO

MEMIC

Samir Sanghani headshot

Samir Sanghani

Head of Information Security

Coverys

In an era where cybersecurity incidents often dominate headlines, managing stakeholder risk expectations has become more critical than ever. CISOs must ensure key stakeholders remain informed and confident in the organization’s risk posture.

Join this session to discuss:

  • Telling the story of cybersecurity’s impact on people, processes, and technology
  • Navigating the complexities of risk management in a highly interconnected digital world
  • Articulating the business impact of assumed risk

3:45pm - 4:10pm  Break

4:10pm - 5:00pm  Keynote

Foundational Building Blocks of Your Cybersecurity Program

Jennifer West headshot

Jennifer West

SVP, Chief Digital Trust Officer (CISO)

Takeda

Gernette Wright headshot

Gernette Wright

IT Security Officer

Schneider Electric North America

In today's digital landscape there are many tooling options and with the influx of AI in every conversation, it is easy to forget the fundamental basics of your cybersecurity.  For CISOs, mastering and enabling these principles as the foundation of your program is not just a core maturity skill it is transformative as you approach critical areas such as AI, Data Management and IAM.  Focusing on these elements can help create a resilient security framework that adapts to emerging threats.

Join the session to discuss:

  • Instilling foundational security practices into your cybersecurity program
  • Translating these concepts to the board and your executive team leadership
  • Enabling transformation and preparing your organization for adopting new technologies such as AI & Zero Trust

5:00pm - 5:10pm  Closing Comments and Prize Drawing

5:00pm - 6:30pm  Governing Body Reception

Governing Body Reception

Governing Body members host a reception for executives to close out the event with an evening of peer networking, food and drinks.

December 10, 2024

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Westin Copley Place
MORE INFORMATION

A block of rooms has been reserved at the Westin Copley Place at a reduced conference rate. Reservations should be made online or by calling 617- 262-9600. Please mention Boston Executive Summit to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $259 USD (plus tax) is November 18, 2024.

Your Community Partners


CISO Thought Leaders
Key Partners
Program Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Spencer Bisgaard

Senior Community Program Manager

541-912-0183

spencer.bisgaard@evanta.com