IN-PERSON

Chicago CISO Executive Summit

May 13, 2025 | Convene at 233 South Wacker

May 13, 2025
Convene at 233 South Wacker

APPLY TO PARTICIPATE

ALREADY A MEMBER? SIGN IN TO REGISTER

Governing Body Agenda Location Sponsors Contact

Governing Body Co-Chairs

Erik Hart

Cushman & Wakefield
CISO

Ricardo Lafosse

The Kraft Heinz Company
Chief Information Security Officer

Nidhi Luthra

Baxter
VP & CISO

JJ Markee

Danaher
Global CISO

Bill Podborny

Constellation Brands
CISO

Paolo Vallotti

Henry Schein
Global CISO

Angela Williams

UL Solutions
SVP, Global Chief Information Security Officer

Mike Zachman

Zebra Technologies
VP & Chief Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Chicago CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

May 13, 2025

morning afternoon

8:00am - 8:30am Registration & Breakfast

8:30am - 9:15am Keynote

Leading Resilient Teams Through Unpredictable Adversity

Lisa Thompson

Author of "Finding Elevation: Fear and Courage on the World's Most Dangerous Mountain"

Guest Speaker

Lisa Thompson is a high-altitude mountaineer and former healthcare executive who beat cancer months before standing on the summit of Everest. Lisa later became the first all-American woman to summit K2, which is considered the deadliest mountain in the world. In her talks and book, “Finding Elevation,” Lisa shares the experience of climbing the toughest mountains in the world and the importance of teamwork, resilience and defining boundaries.

Join this keynote session to learn about the importance of:

Embracing change and overcoming challenges
Creating a supportive environment inside and outside the office
Defining clear roles and goals to build a strong, communicative team

9:15am - 9:40am Networking Break

9:40am - 10:25am Breakout Session

Clarity in Concert - Trading Perspectives on Cyber Resilience

When it comes to cyber resilience, you've got questions. In conversation with your peers, you'll see they have… well, more questions. Though nobody has it totally figured out, you may be able to fill in the gaps in this interactive collaboration exercise.

Join your fellow Chicago CISOs and:

Collectively address your largest concerns regarding resilience
Identify peer concerns into which you may have insight
Benefit from the unique wisdom of those in your community

9:40am - 10:25am Executive Boardroom

Reducing Application Delivery Tech Debt from the Inside Out

Shawn Surber

VP Solutions Engineering

Island

Bruce Coffing

Chief Information Security Officer

City of Chicago

MJ McSheehy

VP of Information Security/CISO

Addison Group

With high volumes of sensitive data now flowing through web browsers, three in five organizations say data leakage is likely given current IT and security infrastructures. Stop playing catch-up. Discover new approaches to enterprise operations to reduce risk while simplifying operations.

Join this roundtable to discover:

How disparate IT and security solutions create technical debt
What challenges impact internal and end user stakeholders
How simplifying IT can strengthen security, and boost productivity

9:40am - 10:25am Executive Boardroom

Enhancing Security Through Strategic Collaboration

Sriya Potham

Field CTO

Wiz

Eric Schulz

CISO

Primient

Rizwan Mir

VP, Global CISO & IT Risk

Perrigo

In today's fast-paced threat landscape, security depends on collaboration between technology and business teams. Tool consolidation is crucial to reduce noise, optimize resources, and ensure robust security. This session explores strategies to bridge security and business gaps, focusing on practical approaches to engage developers and leverage tools, including AI, to proactively address risks before they escalate.

Join this session to:

Explore collaboration methods to boost security
Understand strategies for tool consolidation
Align cyber efforts with business goals

9:40am - 10:25am Executive Boardroom

CISO Role Evolution — How Are You Adapting?

Being a well-rounded CISO can’t be hacked. It takes consistent reflection and re-invention as the role evolves from a solely technology-focused position to a business-enabling one.

Join this peer-led boardroom to discuss:

Embracing the evolving demands of the CISO role
Building trust and influence amongst C-Suite peers and key stakeholders
Demonstrating your value as a proven leader and business-enabler

10:25am - 11:10am Networking Break

10:35am - 11:00am Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:10am - 11:55am Breakout Session

Streamlining Compliance for Operational Excellence

Tony Lauro

Director of Security Strategy

Akamai Technologies

Compliance doesn’t have to slow your business down. With the right tools and strategies, enterprises can turn regulatory challenges into opportunities for operational efficiency. Discover how unified security platforms and proactive threat hunting can reduce the burden of compliance, enhance productivity, and enable faster responses to emerging threats.

Join this session to explore:

Consolidate security management to reduce operational firefighting
Leverage AI-powered tools for real-time API protection
Achieve compliance while boosting productivity and resilience

11:10am - 11:55am Executive Boardroom

Identity Security in the Agentic AI Era

Mike Towers

Chief Security & Trust Officer

Veza

David Fagan

Director of Cybersecurity

Ferrara

Fred Kwong

VP, CISO

DeVry University

The rise of Agentic AI is increasing risks and complexities for Non-Human Identities (NHIs) in cloud environments. AI agents need extensive NHI access, posing new challenges in identity governance and security.

Join this roundtable to discuss:

Exponential NHI growth impacting security
Management of AI access models and permissions
Complex AI interactions affecting identity management

11:10am - 11:55am Executive Boardroom

True Defense Against API & Application Incidents

Larry Maccherone

Dev[Sec]Ops Transformation Architect

Contrast Security

Paul Groisman

Sr. Director of Cyber Security

Fubo

Matt Morton

AVP & CISO

University of Chicago

Cybersecurity measures are adept at detecting and responding to incidents across various layers, but the application layer often remains vulnerable. Many organizations have a massive vulnerability backlog that demands timely and effective defense.

Join us to explore:

Understanding the scale of the backlog and strategies to prevent exploitation
The intricacies of application and API protection within the security operations ecosystem
Benefits of having a comprehensive blueprint that reveals attack surfaces, defenses, dangers, and connections

11:55am - 12:30pm Lunch Service

12:30pm - 1:05pm Keynote

Lunch Keynote by Zscaler

Jay Chaudhry

CEO, Chairman & Founder

Zscaler

More details coming soon!

1:05pm - 1:30pm Break

1:30pm - 2:15pm Breakout Session

Safe and Sound - Advice and Alignment on "Reasonable" Risk

Karen Habercoss

VP, Chief Information Security and Privacy Officer

UChicago Medicine

The level of risk one can comfortably accept might vary depending on the scope of their role. For example, those in the privacy space might be willing to take on more risk than those charged with securing or legally protecting the enterprise. A guaranteed point of agreement across all functions, however - The final word belongs to compliance regulators.

Rest easy as savvy practitioners and legal experts share:

Their knowledge of modern liability norms and how they're enforced
Ways of reconciling disjointed risk appetites across the business
Expected changes to current regulations in 2025

1:30pm - 2:15pm Executive Boardroom

Be Ready! Preparing Your People for a Cyber Crisis

Daniel Potter

Senior Director, Cyber Drills & Resilience

Immersive

Security leaders face unprecedented challenges as evolving threats, including those posed by GenAI, rapidly increase enterprise risk. While new technologies offer defenses, they also introduce vulnerabilities. A cyber-ready workforce is crucial for organizational resilience, but how do you equip your organization to face the future of threats with confidence?

Join this interactive boardroom to discuss:

Acting decisively under pressure to manage and mitigate threats
Maintaining stakeholder confidence and protecting reputation during disruptions
Sharing threat intelligence and preparing for long-term attack consequences

1:30pm - 2:15pm Executive Boardroom

Executive Boardroom with Fastly

Details coming soon...

2:15pm - 3:00pm Networking Break

2:25pm - 2:50pm Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm Breakout Session

Maturity & Modernity - The Value and Values of Your CISO Generation

Devin Rudnicki

CISO

Fitch Ratings

Mark Morrison

CISO

Options Clearing Corporation

Being a CISO is an experience that differs from one cyber leader to the next, with one of the most influential variables in how one might handle the role being when they assumed it. Veteran CISOs remember a time and culture newbies will only ever hear stories about, while new CISOs are already managing an unprecedented set of powers and responsibilities.

Together, in conversation, new and established CISOs will:

Compare their era-specific perspectives on the common issues of the role
Identify the drawbacks and benefits of decades-long industry change
Find where each can provide value unique to the other, be it wisdom or vision

3:00pm - 3:45pm Executive Boardroom

The CISO as a Steward of the Business

As cybersecurity's role within the business continues to grow and evolve, cybersecurity leaders must create a clear line of sight between cybersecurity strategy and business outcomes and priorities.

Join this boardroom session to discuss:

Aligning cybersecurity strategy with business goals and objectives
Positioning security as a value driver, not a cost center
Shaping a business-driven culture within the security function

3:00pm - 3:45pm Executive Boardroom

Maximize Velocity While Unlocking Incident Response Value

Peter Sprenger

Field CTO

Splunk

With the ever-increasing frequency and sophistication of threat actor attacks, continuous improvement in processes and tooling are needed to meet today’s heightened challenges for cyber resilience. Cybersecurity leaders have invested in increased capabilities and must be able to take advantage of those to increase velocity of response and understanding of risk at scale.

Join this session to:

Discuss heightened expectations cybersecurity leaders should have of their tooling and teams
Gauge industry trends and capabilities for leading platform integration, reducing or eliminating manual handoffs, and allowing faster risk identification and decision making
Leverage a vast community and ecosystem to drive security innovation

3:00pm - 3:45pm Executive Boardroom

Proactive, Preventative and Resilient Cloud Security

Security teams are on the front lines of a dynamically changing threat landscape, especially in the cloud, where they need to understand their tech stacks while also building resilient processes. Detecting, investigating, and preventing threats in a multi-cloud environment, and ultimately securing those critical workloads, starts with visibility.

Join this closed-door conversation with your C-Level peers and:

Consider the strengths and weaknesses of your current cloud environment
Evaluate the legitimacy of emerging, newsworthy or trending threats
Collaboratively address what is and isn't working for modern application security

3:45pm - 4:00pm Networking Break

4:00pm - 4:35pm Keynote