IN-PERSON

Chicago CISO Executive Summit

December 3, 2024 | Chicago Marriott Downtown Magnificent Mile

December 3, 2024
Chicago Marriott Downtown Magnificent Mile

APPLY TO PARTICIPATE

ALREADY A MEMBER? SIGN IN TO REGISTER

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Erik Hart

Cushman & Wakefield
CISO

Ricardo Lafosse

The Kraft Heinz Company
Chief Information Security Officer

JJ Markee

Danaher
Global Chief Information Security Officer

Bill Podborny

Constellation Brands
CISO

Paolo Vallotti

Henry Schein
Global CISO

Angela Williams

UL Solutions
Global Chief Information Security Officer

Mike Zachman

Zebra Technologies
VP & Chief Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Chicago CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

December 3, 2024

morning afternoon evening

7:45am - 8:30am Registration & Breakfast

8:30am - 9:15am Keynote

Words That Work — Using Impactful Language to Deliver Results

Val Wright

Global Leadership & Innovation Expert, Author

Guest Speaker

Effective communication is a critical component of success for CISOs. The most successful executives realize this and prepare what to say and when to say it with precision using "words that matter". Conversation author, Val Wright, offers fresh perspective and techniques to help you elevate the conversation to deliver results.

Join this keynote to:

Create communication that resonates and simplifies complex information
Cultivate a dynamic relationship with your board and get positioned for board roles
Develop powerful responses to navigate resistance and achieve results

9:15am - 9:40am Networking Break

9:40am - 10:25am Breakout Session

Putting the ‘Sec’ in ‘DevSecOps’

Sandeep Johri

CEO

Checkmarx

Jeremy Mann

SVP- Senior Director Attack Surface Management

Northern Trust

As more of the business moves to applications, CISOs must ditch legacy mindsets and build a better working relationship with development teams to integrate security within DevOps pipelines at the speed of development.

Join this session to hear:

Best practices to achieve an effective DevSecOps framework
How to build a security culture with your development teams
How to build a DevOps mindset with your security teams

9:40am - 10:25am Executive Boardroom

Reducing Complexity and Risk

Gregg Evering-Brown

Field CTO Strategist

CrowdStrike

Marty Hetzel

VP of Information Security & IT

ComplyAuto

Nitin Raina

Global CISO

Thoughtworks

Security consistency, performance and visibility across on-premises, hybrid, and multi-cloud environments is the desired end state for enterprise CISOs. However, siloed security tools, increasing adversary attacks on cloud, limited runtime protection, lack of visibility, and evolving compliance all pose significant challenges.

Join this session to discuss how to:

Build attainable goals for a mature and effective security program
Implement proven strategies to improve security posture
Minimize risks to help achieve desired business outcomes

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to CISOs). To reserve your seat, please contact: Allie Brodie at allie.brodie@evanta.com

9:40am - 10:25am Executive Boardroom

Risk to the Nth-Party Degree

Emily Shipman

VP, Enterprise Cybersecurity Products

RiskRecon - A MasterCard Company

Partho Ghatak

CISO

Grant Thornton Advisors

Bruce Phillips

SVP, Chief Information Security Officer

WFG National Title Insurance

Third party relationships are closest and may prove to be the most tangible risks to your business, yet the whole supply chain of your business partners still pose a substantial threat. Most organizations’ vendor relationships extend to the 8th party. CISOs need to understand this web of connectedness in order to better manage and communicate enterprise risk.

Join this session to discuss:

Gaining visibility into risk across the whole supply chain
Strategies for effective risk management and monitoring business partners
Overcoming resource challenges to prioritize third-party and extended supply chain risk

9:40am - 10:25am Executive Boardroom

Protecting Innovation — Rethinking Data Security Strategies

Howard Ting

CEO

Cyberhaven

Frank Yanan

SVP / Business Information Security Officer

Bank of America Limited

AI makes creating and consuming data easier than ever, with shadow AI and dark data presenting new challenges to security teams. As the tactics for protecting data evolve, security leaders must adopt a risk-based strategy to protect mission-critical data and safeguard innovation.

Join this session to discover:

Effective practices for ongoing monitoring to identify risks
Rapid investigation and response techniques for insider threats
Strategies for evolving your data protection approach

10:25am - 11:05am Networking Break

10:30am - 10:55am Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:05am - 11:50am Breakout Session

Words That Work(shop) — Always Get a YES

Val Wright

Global Leadership & Innovation Expert, Author

Guest Speaker

As a security leader, the stakes are extraordinary in every conversation – from board meetings to crisis communications. Internationally acclaimed innovation expert, Val Wright, brings her expertise and toolkit to address unique leadership challenges.

Join this interactive workshop to explore:

Team galvanization toward a common objective
Practical exercises for cross-functional communication
Powerful responses to navigate resistance and get the YES

11:05am - 11:50am Breakout Session

A New Paradigm for Managing Third-Party Risk

Shimon Modi

VP, Product Management, Cyber

Dataminr

In the past 12 months, 87% of F1000 businesses were affected by significant cyber incidents as a result of a third-party. And yet, most rely on ‘snapshot in time’ questionnaires. While necessary, snapshots are insufficient by themselves, and must be augmented with continuous monitoring in support of ongoing security operations. This requires a different approach, that includes external threat detection capabilities by using AI across Public Data.

Join this session to learn about:

The Public Data opportunity: collect, process, alert across multiple languages / modalities
Real-time external threat detection on a rapidly evolving threat landscape
The most advanced AI techniques for automating the collection, processing, delivery, and initial analysis of millions of public data sources

11:05am - 11:50am Executive Boardroom

The ChatGPT Threat — Protecting Your Email from AI-Generated Attacks

Mike Britton

CIO

Abnormal Security

Kevin Dunne

COO

Valimail

Saira Harcus

Director, IT Security (Rare Disease)

Amgen

Saurin Patel

CISO

Lennar

The widespread adoption of generative AI meant increased productivity for employees, but also for bad actors. They can now create sophisticated email attacks at scale—void of typos and grammatical errors that have become a key indicator of attack. That means credential phishing and BEC attacks are only going to increase in volume and severity.

Join this session to discuss:

How the email threat landscape is changing as a result of generative AI
How businesses ensure that vital communication channels remain protected as cybercriminals become more sophisticated
What tools and capabilities are necessary to protect end users from AI-powered email threats

11:05am - 11:50am Executive Boardroom

Rethinking the Relationship Between Cybersecurity Teams and the People They Protect

Cheryl Tang

Senior Director Product Marketing

Proofpoint

Andrew Young

Senior Director - IT Security & Risk, US

Baker Tilly

Ricardo Lafosse

Chief Information Security Officer

The Kraft Heinz Company

You’ve heard it all before: the DBIR tells you people are your biggest risk, phishing simulations tell you your users fall for social engineering, and simple security measures you deploy are sometimes met with howls of protest. But what if it didn’t have to be that way?

Join this session for a fresh perspective on:

Moving security alerts from the SOC to where users work
Protecting end users perception of security controls
Transforming security teams’ interactions with end users

11:50am - 12:35pm Lunch Service

12:35pm - 1:10pm Keynote

Zero Trust, AI, and the Evolving Nature of Cyber Risk

Sam Curry

Global VP, CISO in Residence

Zscaler

GenAI is the latest in a line of emerging technologies that promise revolutionary advancement across a variety of business functions but introduce significant risks. Zero trust architecture augmented by AI/ML capabilities can be the key to capturing value while reducing risk, eliminating cost and complexity, and increasing agility. How can CIOs and CISOs embrace zero trust security across the organization to harness the power of emerging technologies?

Join this session to discuss:

Implementing zero trust architectures to secure users, workloads, and IoT/OT devices, addressing critical security shortcomings
Reducing risk, eliminating cost and complexity, and increasing agility through AI/ML-augmented zero trust architectures
Articulating the organization's cyber risk posture, controls, and mitigation strategies to internal stakeholders, including the board of directors

1:10pm - 1:35pm Break

1:35pm - 2:20pm Breakout Session

Business-First Security — A New Chapter for an Iconic Brand

Joe Mendel

CISO

Kellanova

Drew Pekkarinen

Senior Director of Security Architecture

Kellanova

The spinoff of the world-class Kellogg's brand into two independent companies posed considerable upsides and security challenges. Together, Joe Mendel and Drew Pekkarinen rallied their teams and enabled the business to execute a winning strategy, securely.

Join this fireside chat to explore:

Considering business context first, and technology second, to enable secure growth
Executing in high-stakes moments while navigating constraints
Leading a team through uncertainty and change

1:35pm - 2:20pm Executive Boardroom

How to Assess Security Maturity and Why It Matters

Ricky Dailey

Senior Engagement Manager

Expel

Rizwan Mir

CISO

Perrigo

Brian Palmer

Director, IT Security and Infrastructure

Ventas

Maturing your security posture requires knowing how to objectively assess your organization, use industry best practices and frameworks, and select the right tools to advance your business. This complex, time-intensive process often takes a backseat to defending yourself against ever-evolving threats. Getting started can be overwhelming, so finding time to assess and improve your security maturity is a tall task.

Join this session to discuss:

Benchmarking SOC performance using common assessment frameworks and tools
Determining your security maturity level, and how to fill gaps you’ve identified
Analyzing the impact of data and AI on your security posture

1:35pm - 2:20pm Executive Boardroom

Paving a Path for Tomorrow's CISOs

Todd Covert

National General CISO

Allstate

Kristie Fair

Deputy CISO

State Farm

Succession planning is critical for CISOs to ensure continuity and resilience in leadership roles. By identifying and developing internal talent, organizations can mitigate risks associated with unexpected departures and maintain strategic momentum.

Join this boardroom session to discuss:

Identifying emerging leaders and enabling development
Cultivating a forward-thinking security culture
Ensuring leadership continuity and organizational resilience

1:35pm - 2:20pm Executive Boardroom

Generative AI — Guardrails, Growth, and Governance

Matt Morton

Assistant Vice President and Chief Information Security Officer

University of Chicago

Victor Hsiang

Information Security Director

GATX

As the Generative AI lifecycle continues to unfold, CISOs must delicately leverage AI's potential for efficiency, innovation, and competitive advantage with the associated risks.

Join this peer-led boardroom to discuss:

Establishing and evaluating informed boundaries for Generative AI usage and adoption
Enabling responsible AI adoption that drives business growth across business units
Ensuring compliance, regulation, and ethical considerations throughout adoption

2:20pm - 3:00pm Networking Break

2:25pm - 2:50pm Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm Breakout Session

Breaking Barriers in Cybersecurity

Nidhi Luthra

VP & CISO

Baxter

Angela Williams

Global Chief Information Security Officer

UL Solutions

Inclusion has become a crucial pillar in building a resilient and well-rounded security team. As the industry evolves, it is critical to recognize and address the unique challenges and barriers women and non-binary people in cybersecurity face on their paths to advancement.

Hear from cybersecurity leaders as they explore:

Navigating the complexities of inclusion in cybersecurity
Building career paths that foster growth and opportunity
Cultivating a culture that supports both personal and professional demands

3:00pm - 3:45pm Executive Boardroom

Beyond Detection — Ensuring Business Resiliency

Christopher Clai

Director of Information Security

Green Thumb

Darin Hurd

EVP & CISO

Guaranteed Rate

Cybersecurity incidents are not an 'if' but a 'when,' even for organizations with mature programs. Security teams must go beyond initial detection and response to ensure business resilience in today's interconnected digital landscape.

Join this boardroom session to discuss:

Identifying cybersecurity's role in business resiliency
Engaging and communicating proactively with key partners and stakeholders
Enabling security and business operations to move forward through turbulence

3:00pm - 3:45pm Executive Boardroom

The CISO as a Steward of the Business

Bukky DaSilva

BISO

Blue Cross Blue Shield of Illinois

Brian Ekkebus

CISO

USG

As cybersecurity's role within the business continues to grow and evolve, cybersecurity leaders must create a clear line of sight between cybersecurity strategy and business outcomes and priorities.

Join this boardroom session to discuss:

Aligning cybersecurity strategy with business goals and objectives
Positioning security as a value driver, not a cost center
Shaping a business-driven culture within the security function

3:00pm - 3:45pm Executive Boardroom

Cyber Risk — Telling the Story

Paul Groisman

Sr. Director of Cyber Security

Fubo

Michael Myint

CISO

Cota Health

In an era where cybersecurity incidents often dominate headlines, managing stakeholder risk expectations has become more critical than ever. CISOs must ensure key stakeholders remain informed and confident in the organization’s risk posture.

Join this session to discuss:

Telling the story of cybersecurity’s impact on people, processes, and technology
Navigating the complexities of risk management in a highly interconnected digital world
Articulating the business impact of assumed risk

3:45pm - 4:10pm Break

4:10pm - 4:45pm Keynote

A NIST Perspective on AI

Katerina Megas

Program Manager, Cybersecurity for IoT, Privacy and AI

NIST

Recent advancements in AI technology bring great opportunities to organizations, but also new risks and impacts that need to be managed in the domain of cybersecurity. NIST is evaluating how to use existing frameworks, such as the Cybersecurity Framework 2.0, to assist organizations as they face new or expanded risks.

Katerina Megas, Program Manager for the Cybersecurity for IoT, Privacy and AI at NIST, pulls back the curtain on NIST guidance and research surrounding:

Cybersecurity of AI systems
AI-enabled cyber attacks
AI-enable cyber defense

4:45pm - 5:00pm Closing Comments and Prize Drawing

5:00pm - 6:30pm Governing Body Reception

Governing Body Reception

Governing Body members host this reception for executives to close out the event with an evening of peer networking, food and drinks.

December 3, 2024

morning afternoon evening

Apply to join

ALREADY A MEMBER? SIGN IN TO REGISTER

Evanta facilitates exclusive, C-level communities by personally qualifying and understanding the priorities, challenges and interests of each member.

Our selective approach maintains the high quality of the network and ensures top-level discussions with peers from the world’s leading organizations.

Community Member Criteria

To ensure peer connections and conversations at the highest level, members must meet the following criteria:

- C-level or senior most executive for respective function

- Organization revenue of $500M+

Exceptions are considered.

I meet the criteria above

I would still like to be considered

My contact information is….

By checking this box, you agree to our Privacy Policy and T&Cs.

FORM CONTAINS ERRORS, PLEASE REVIEW THE ABOVE

We look forward to seeing you at an upcoming in-person gathering

Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location

Venue & Accommodation

Chicago Marriott Downtown Magnificent Mile

MORE INFORMATION

A block of rooms has been reserved at the Chicago Marriott Downtown Magnificent Mile at a reduced conference rate. Reservations should be made online or by calling 1-877-303-0104.

Deadline to book using the discounted room rate of $329 USD (plus tax) is November 11, 2024.

RESERVE ROOM