Executive Summit

We’re told to do the “basics” right to mitigate the majority of our risks and are harshly criticized when they prove impossible to implement at enterprise scale. But some of those orthodoxies no longer make sense, or perhaps never did. 

Join this session as we question some of the assumptions that we’ve lived with for decades:

• Patching/alerting - hamster wheels or key controls?
• Data - why classify when no one has succeeded at scale?
• People - are humans destined to remain the weakest link or will AI replace us there too?

Cybersecurity is inherently complex, with lots of technical components and layers of risk to explore. As a result, the "story" of cyber often reads more like an operational manual rather than the kind of compelling narrative that boards and executive leadership teams want to engage with. For Eddie Contreras, a tenured CISO, the solution is simple: limit the "cyber" in your cyber metrics reporting.

Join Eddie as he shares insights from his own experiences reporting to and engaging with boards and other senior leaders on the complex concepts and concerns of cyber risk, including: 

• Communicating cybersecurity in the language of the business, not technical jargon
• Bringing any audience along into the story of cybersecurity and making it personal to them
• Recognizing -- and pivoting -- if you feel like your messages are falling on deaf ears

Being a CISO is an experience that differs greatly from one cyber leader to the next, with one of the most influential variables in how one might handle the role being when they assumed it. Veteran CISOs remember a time and culture much different to how cybersecurity is today, and those new(er) to the game had a much different experience coming up through the ranks and have assumed the CISO role at a time of unprecedented threats and responsibilities. Come together with CISOs from multiple eras to discuss how generational differences are impacting the cybersecurity field — not only at the top, but also across teams — including:

• How generation-specific perspectives impact approaches to shared challenges
• The drawbacks and benefits of constant, decades-long industry change
• Ways to leverage the multiple eras of experience on your team to provide unique value

CISOs are increasingly caught in a challenging dilemma as organizations push to adopt AI to drive efficiency, innovation, and competitive advantage. On one hand, business leaders often see AI as a way to streamline operations, reduce costs, and respond quickly to evolving threats. On the other hand, CISOs recognize that cybersecurity is not just a technical problem but a human one, requiring judgment, context, and ethical reasoning that AI cannot fully replicate.

Join this roundtable to discuss how CISOs are navigating this tension, diving into topics like:

• Deploying AI responsibly, keeping accountability top-of-mind
• Preparing security teams to remain relevant and indispensable as AI capabilities expand
• Assessing which cybersecurity functions are appropriate for AI vs. those that require human oversight

Connect with like-minded peers in a one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Cyber insurance is more complicated than ever. With rising premiums, lengthy applications, and shifting requirements, navigating the cyber insurance landscape can feel overwhelming—even for seasoned CISOs. 

Join this session for a frank conversation on what CISOs need to know to cut through the complexity and make smart choices when it comes to cybersecurity insurance, including:

• Keeping up with evolving insurer requirements for security controls and documentation
• Ensuring cyber insurance is part of a broader risk management and resilience strategy, not a standalone solution
• Interpreting and explaining the insuring agreements and emerging trends in coverage —not to mention the rising premiums—to leadership

As attackers use increasingly sophisticated tactics to exploit vulnerabilities across networks and supply chains, organizations must go beyond prevention and detection to ensure effective response and recovery. This includes comprehensive incident response planning, reliable data backup and restoration, clear communication protocols, and coordination with law enforcement and third-party partners. Building resilience against ransomware also requires strong executive leadership and ongoing business continuity planning to minimize operational and financial impact.

Join this session to:

• Share information on the latest ransomware attack vectors and real-world incident case studies
• Discuss actionable strategies for prevention, response, and recovery, including effective incident response planning and data restoration
• Gain insights into building organizational resilience, from business continuity planning to executive leadership and external collaboration

How do you know what you don’t know? What are your biggest blind spots and vulnerabilities? Dive into what’s top of mind when you wake up at 3am with CISO peers and discuss practical solutions to some of the toughest challenges in the back of your mind.  You might just find that helpful suggestion from a peer that could help you get a little extra sleep at night.

Join this roundtable to discuss:

• Latest threat trends CISOs are watching– what to pay attention to and what to tune out
• Solutions and products to help with challenges that are top of mind
• Pressure as a leader and ways to protect yourself legally and from burnout

Stepping into a new CISO role might seem like you've finally reached that pinnacle of your career, but it's just the start of the next journey, one with just as many -- if not more -- challenges and hurdles as it took to get there.
 
In this session, a panel of some of Houston's newest CISOs -- either in their first CISO role or taking on a CISO role at a new organization -- will reflect on their own experiences and share how they might advise the next "class" of CISOs stepping into a new role. They'll discuss lessons learned from:

• Navigating the process of landing their new CISO role
• Working to ensure stability during the crucial first 100-days on the job
• Charting their own courses as the new CISO to scale cybersecurity's business impact

Finish the day sharing lessons learned with your peers over light fare and drinks at this closing reception hosted by your governing body members.