In-Person

Chicago CISO Community

Executive Summit

May 13, 2025 | Convene at 233 South Wacker

May 13, 2025
Convene at 233 South Wacker

Governing Body Agenda Location Sponsors Contact

Governing Body Co-Chairs

Erik Hart

Cushman & Wakefield
CISO

Ricardo Lafosse

The Kraft Heinz Company
Chief Information Security Officer

Nidhi Luthra

Baxter
VP & CISO

JJ Markee

Danaher
Global CISO

Bill Podborny

Constellation Brands
CISO

Paolo Vallotti

Henry Schein
Global CISO

Angela Williams

UL Solutions
SVP, Global Chief Information Security Officer

Mike Zachman

Zebra Technologies
VP & Chief Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Chicago CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

May 13, 2025

morning afternoon

8:00am - 8:30am Registration & Breakfast

8:30am - 9:15am Keynote

Leading Resilient Teams Through Unpredictable Adversity

Lisa Thompson

Author of "Finding Elevation: Fear and Courage on the World's Most Dangerous Mountain"

Guest Speaker

Lisa Thompson is a high-altitude mountaineer and former healthcare executive who beat cancer months before standing on the summit of Everest. Lisa later became the first all-American woman to summit K2, which is considered the deadliest mountain in the world. In her talks and book, “Finding Elevation,” Lisa shares the experience of climbing the toughest mountains in the world and the importance of teamwork, resilience and defining boundaries.

Join this keynote session to learn about the importance of:

Embracing change and overcoming challenges
Creating a supportive environment inside and outside the office
Defining clear roles and goals to build a strong, communicative team

9:15am - 9:40am Networking Break

9:40am - 10:25am Breakout Session

Clarity in Concert — Trading Perspectives on Cyber Resilience

Nitin Raina

Global CISO

Thoughtworks

When it comes to cyber resilience, you've got questions. In conversation with your peers, you'll see they have… well, more questions. Though nobody has it totally figured out, you may be able to fill in the gaps in this interactive collaboration exercise.

Join your fellow Chicago CISOs and:

Collectively address your largest concerns regarding resilience
Identify peer concerns into which you may have insight
Benefit from the unique wisdom of those in your community

9:40am - 10:25am Executive Boardroom

Reducing Application Delivery Tech Debt from the Inside Out

Shawn Surber

VP Solutions Engineering

Island

Marcus Johnston

VP, CISO

Precisely

With high volumes of sensitive data now flowing through web browsers, three in five organizations say data leakage is likely given current IT and security infrastructures. Stop playing catch-up. Discover new approaches to enterprise operations to reduce risk while simplifying operations.

Join this roundtable to discover:

How disparate IT and security solutions create technical debt
What challenges impact internal and end user stakeholders
How simplifying IT can strengthen security, and boost productivity

9:40am - 10:25am Executive Boardroom

Enhancing Security Through Strategic Collaboration

Alex Duarte

Field CTO

Wiz

Eric Schulz

CISO

Primient

Rizwan Mir

VP, Global CISO & IT Risk

Perrigo

In today's fast-paced threat landscape, security depends on collaboration between technology and business teams. Tool consolidation is crucial to reduce noise, optimize resources, and ensure robust security. This session explores strategies to bridge security and business gaps, focusing on practical approaches to engage developers and leverage tools, including AI, to proactively address risks before they escalate.

Join this session to:

Explore collaboration methods to boost security
Understand strategies for tool consolidation
Align cyber efforts with business goals

9:40am - 10:25am Executive Boardroom

CISO Role Evolution — How Are You Adapting?

Bill Podborny

CISO

Constellation Brands

Brian Palmer

Director, IT Security and Infrastructure

Ventas

Being a well-rounded CISO can’t be hacked. It takes consistent reflection and re-invention as the role evolves from a solely technology-focused position to a business-enabling one.

Join this peer-led boardroom to discuss:

Embracing the evolving demands of the CISO role
Building trust and influence amongst C-Suite peers and key stakeholders
Demonstrating your value as a proven leader and business-enabler

10:25am - 11:10am Networking Break

10:35am - 11:00am Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:10am - 11:55am Breakout Session

Streamlining Compliance for Operational Excellence

Tony Lauro

Director of Security Strategy

Akamai Technologies

Navigating today’s complex regulatory environment is a challenge for even the most resourceful enterprises. From PCI DSS to DORA and HIPAA, businesses must adopt smarter strategies to meet evolving compliance requirements while maintaining operational efficiency.

Join this session to:

Discover how to narrow compliance scope with micro segmentation
Learn strategies to reduce the cost and complexity of audits
Build a compliance program that supports operational excellence and trust

11:10am - 11:55am Breakout Session

Introducing the BISO 2.0 — The Latest in Leadership Development

Daniel Manley

Managing Director & CISO

CME Group

Not just anyone could assume the CISO role tomorrow, though there are certainly a few who would like to. You know, however, the right person is more than technically skilled, certified, or even tenured, they're ready to go toe-to-toe with business leaders. The BISO 2.0, an invention of Daniel Manley, Managing Director & CISO at CME Group, is everything you need in a potential successor.

Appoint your BISO 2.0 now and you'll also receive:

A morale generator for senior members of your team
A personal source of security insights for ELT members
A budget-friendly growth role, perfect for your CFO

11:10am - 11:55am Executive Boardroom

Identity Security in the Agentic AI Era

Mike Towers

Chief Security & Trust Officer

Veza

David Fagan

Director of Cybersecurity

Ferrara

Fred Kwong

VP, CISO

DeVry University

The rise of Agentic AI is increasing risks and complexities for Non-Human Identities (NHIs) in cloud environments. AI agents need extensive NHI access, posing new challenges in identity governance and security.

Join this roundtable to discuss:

Exponential NHI growth impacting security
Management of AI access models and permissions
Complex AI interactions affecting identity management

11:10am - 11:55am Executive Boardroom

True Defense Against API & Application Incidents

Larry Maccherone

Evangelist

Contrast Security

Matt Morton

AVP & CISO

University of Chicago

Anthony O'Neill

CISO & Chief Risk Officer

Commonwealth of Massachusetts

Cybersecurity measures are adept at detecting and responding to incidents across various layers, but the application layer often remains vulnerable. Many organizations have a massive vulnerability backlog that demands timely and effective defense.

Join us to explore:

Understanding the scale of the backlog and strategies to prevent exploitation
The intricacies of application and API protection within the security operations ecosystem
Benefits of having a comprehensive blueprint that reveals attack surfaces, defenses, dangers, and connections

11:55am - 12:30pm Lunch Service

11:55am - 12:30pm Networking

Women In Security Networking Lunch

Devin Rudnicki

CISO

Fitch Ratings

Female, non-binary, and allied cyber leaders are invited to eat lunch and connect in our reserved networking space. Those in attendance can freely discuss best practices, key challenges and mission-critical priorities before heading over to the midday keynote.

Attendees will pair up or form small groups to discuss:

What’s your best advice, tip or trick when it comes to forming peer relationships or finding executive mentorship? How have you used that this year?
What is the biggest problem you and your team are hoping to solve this year?

12:30pm - 1:05pm Keynote

Zero Trust & AI — Strengthening Security, Reducing Complexity, and Driving Innovation

Jay Chaudhry

CEO, Chairman & Founder

Zscaler

Deneen DeFiore

VP & CISO

United Airlines

Businesses stand to benefit from AI in unprecedented ways, but only if IT and security leaders overcome transformation challenges. This includes implementing a modern zero trust architecture to protect data and users, embracing AI while managing its risks, and handling the technical and financial implications of ever-expanding environments. A risk-based approach to security ensures CISOs deliver a secure, phased transformation.

Join this session to:

Understand how zero trust and AI together, unlike firewalls, provide the strongest cyber defense by stopping threat actors from lateral movement within networks
Learn strategies for protecting AI applications developed in data centers and the cloud, while preventing data leaks from public AI applications
Discover how eliminating costly legacy hardware simplifies environments while cutting network and security costs

1:05pm - 1:30pm Break

1:30pm - 2:15pm Breakout Session

Safe and Sound — Advice and Alignment on "Reasonable" Risk

Erik Hart

CISO

Cushman & Wakefield

Karen Habercoss

VP, Chief Information Security and Privacy Officer

UChicago Medicine

Sunil Shenoi

Partner - Government & Internal Investigations Group

Kirkland & Ellis

The level of risk one can comfortably accept might vary depending on the scope of their role. For example, those in the privacy space might be willing to take on more risk than those charged with securing or legally protecting the enterprise. A guaranteed point of agreement across all functions, however - The final word belongs to compliance regulators.

Rest easy as savvy practitioners and legal experts share:

Their knowledge of modern liability norms and how they're enforced
Ways of reconciling disjointed risk appetites across the business
Expected changes to current regulations in 2025

1:30pm - 2:15pm Executive Boardroom

Be Ready! Preparing Your People for a Cyber Crisis

Daniel Potter

Senior Director, Cyber Drills & Resilience

Immersive

Scott Barnes

Sr Director, Enterprise Cyber Security

Fortune Brands Innovations

Ziggy Kowalski

Vice President of Information Security

Hendrickson

Security leaders face unprecedented challenges as evolving threats, including those posed by GenAI, rapidly increase enterprise risk. While new technologies offer defenses, they also introduce vulnerabilities. A cyber-ready workforce is crucial for organizational resilience, but how do you equip your organization to face the future of threats with confidence?

Join this interactive boardroom to discuss:

Acting decisively under pressure to manage and mitigate threats
Maintaining stakeholder confidence and protecting reputation during disruptions
Sharing threat intelligence and preparing for long-term attack consequences

1:30pm - 2:15pm Executive Boardroom

Pushing the Security Perimeter to the Edge

Matt Torrisi

Sales Engineering Manager

Fastly

Sean Ventura

Head of Information Security and Compliance

KinderCare

John McNicholas

Director of Information Security and Compliance

T.Y. Lin International

In today's landscape of pervasive data breaches and cyber threats, organizations must enhance their cybersecurity strategies, especially as reliance on cloud computing, IoT devices, and interconnected networks grows. Implementing an effective edge security strategy offers a vital defense layer for internet-facing applications and APIs. Centralizing security at the edge simplifies policy enforcement, crucial for organizations using multiple cloud providers with varied security configurations.

Join this boardroom to discuss:

Analyzing edge computing use cases that improve resiliency, performance, and scalability
Addressing common challenges in extending the security perimeter
Sharing best practices in securing multi-cloud environments

1:30pm - 2:15pm Executive Boardroom

Cyber Resilience — Meeting Security’s New Standard

Cynthia Hayward

Head, IT Risk

Enova International

Derek Dixon

CISO

Fresenius Kabi

With seemingly countless users and your operations now based in one or more clouds, the bar for what qualifies as a fundamental security practice must rise. Answering modern demands with anything less than enhanced visibility, offline protocols and proactively installed lines of C-suite communication could be the difference between your business’s survival and its indefinite interruption.

Join this session to discuss the following with your peers:

Cost-effective security practices applicable to multiple cloud environments
Leveraging innovation without neglecting data privacy standards
Proven methods for gaining the support of your executive leadership team

2:15pm - 3:00pm Networking Break

2:25pm - 2:50pm Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm Breakout Session

Maturity & Modernity — The Value and Values of Your CISO Generation

Devin Rudnicki

CISO

Fitch Ratings

Mark Morrison

CISO

Options Clearing Corporation

Being a CISO is an experience that differs from one cyber leader to the next, with one of the most influential variables in how one might handle the role being when they assumed it. Veteran CISOs remember a time and culture newbies will only ever hear stories about, while new CISOs are already managing an unprecedented set of powers and responsibilities.

Together, in conversation, new and established CISOs will:

Compare their era-specific perspectives on the common issues of the role
Identify the drawbacks and benefits of decades-long industry change
Find where each can provide value unique to the other, be it wisdom or vision

3:00pm - 3:45pm Executive Boardroom

The CISO as a Shepherd of the Enterprise

Art Chaisiriwatanasai

Chief Information Security Officer

Paylocity

Michael Wareman

CISO

The Marmon Group

As the significance of cybersecurity in the corporate world expands and transforms, leaders in cybersecurity need to establish a transparent connection between cybersecurity plans and the company's results and priorities.

Participate in this executive meeting to explore:

Integrating cybersecurity strategy with corporate aims and targets
Framing security as a contributor to value rather than an expense
Cultivating a business-focused mindset within the security department

3:00pm - 3:45pm Executive Boardroom

Maximize Velocity While Unlocking Incident Response Value

Paul Kurtz

Field CTO

Splunk

Greg Fisbeck

CISO

Tempus AI

With the ever-increasing frequency and sophistication of threat actor attacks, continuous improvement in processes and tooling are needed to meet today’s heightened challenges for cyber resilience. Cybersecurity leaders have invested in increased capabilities and must be able to take advantage of those to increase velocity of response and understanding of risk at scale.

Join this session to:

Discuss heightened expectations cybersecurity leaders should have of their tooling and teams
Gauge industry trends and capabilities for leading platform integration, reducing or eliminating manual handoffs, and allowing faster risk identification and decision making
Leverage a vast community and ecosystem to drive security innovation

3:00pm - 3:45pm Executive Boardroom

Proactive, Preventative and Resilient Cloud Security

Raf Chiodo

CRO

Orca Security

Brad Skibitzki

CISO

Zebra Technologies

Security teams are on the front lines of a dynamically changing threat landscape, especially in the cloud, where they need to understand their tech stacks while also building resilient processes. Detecting, investigating, and preventing threats in a multi-cloud environment, and ultimately securing those critical workloads, starts with visibility.

Join this closed-door conversation with your C-Level peers and:

Consider the strengths and weaknesses of your current cloud environment
Evaluate the legitimacy of emerging, newsworthy or trending threats
Collaboratively address what is and isn't working for modern application security

3:45pm - 4:00pm Networking Break

4:00pm - 4:45pm Keynote

Balancing Act — How We Scaled AI Responsibly Without Slowing Down Innovation

Daniel Mayer

CISO

Morningstar

Brandon Brooks

Global Head of Privacy - Legal

Morningstar

Generative AI emerged rapidly, prompting companies to quickly establish responsible AI practices while developing their in-house AI products. Morningstar was an early adopter and released its first AI-powered offering in May 2023.

Join Morningstar's CISO and Head of Privacy, Legal for:

An exploration of Morningstar’s journey to establish a balanced approach for a responsible AI program
An emphasis on the importance of building a program tailored to your company’s unique culture
A discussion on promoting innovation while managing risks and maintaining customer trust

4:45pm - 4:55pm Closing Comments and Prize Drawing

4:55pm - 6:00pm Networking

Governing Body Reception

Finish the day sharing lessons learned with your peers over light fare and drinks at this closing reception hosted by your governing body members.

May 13, 2025

morning afternoon

Apply to Participate

Already a Member? Sign In

Apply to participate in the Chicago CISO Community Executive Summit.

Gartner facilitates exclusive, C-level communities by personally qualifying and understanding the priorities, challenges and interests of each member.

Our selective approach maintains the high quality of the network and ensures top-level discussions with peers from the world’s leading organizations.

Each application will be reviewed, and once your participation is confirmed, you will have access to year-round community programs.

Community Member Criteria

To ensure peer connections and conversations at the highest level, members must meet the following criteria:

- C-level or senior most executive for respective function

- Organization revenue of $500M+

Exceptions are considered.

I meet the criteria above

I would still like to be considered

My contact information is….

First Name*

Last Name*

Organization*

Title*

Corporate Email Address*

Best Contact Number*

Organization Revenue *

You agree to our Privacy Policy and T&Cs, which includes sharing your contact details with your peers and sponsors.

Form contains errors, please review the above

Step

We look forward to seeing you at an upcoming in-person gathering

Gartner cares about the health and safety of our community. If you are feeling unwell, please refrain from attending the conference. At this time, Gartner does not have any health-related requirements in place for attendance. Should this change, we will follow up with updated guidance.