Stream One Chair

Tomás Maldonado

Tomás Maldonado

Chief Information Security Officer

National Football League

Stream Two Co-Chair

Josh Reid

Josh Reid

Cybersecurity Leader, Consumer Markets and Life Sciences

Crowe

5:00pm - 6:10pm

Panel Discussion: Women in Security

Linda Marcone

Linda Marcone

CISO

Crate & Barrel

Stacee Jones

Stacee Jones

IT Director, Deputy CISO

Lear Corporation

Jennifer Franks

Jennifer Franks

Director, Center for Enhanced Cybersecurity

US Government Accountability Office

Hazleena Hashim

Hazleena Hashim

Chief Information Officer

Natural Habitat Adventures

Anne Coulombe

Anne Coulombe

CISO

Werfen

  • Creating a purpose-driven strategy that makes an impact as our organization grows and nurtures a diverse workforce
  • Understanding the leader’s role as a force to shape and demonstrate corporate culture, and to serve as a catalyst for equality and inclusion
  • Sharing typical challenges faced by corporations when trying to promote diversity in the workforce
  • Illustrating the importance of today’s leaders building up and supporting the next generation our organizations will need for the future. What does that look like on a day-to-day basis?
  • Offering examples of strong and effective mentorship programs in onboarding, cross-training, job shadowing, and continuing education that make the difference
6:15pm - 7:30pm

7:30am - 8:15am

8:15am - 8:20am

Opening Remarks and Important Announcements

8:20am - 8:30am

Chair’s Welcome Address

Tomás Maldonado

Tomás Maldonado

Chief Information Security Officer

National Football League

8:30am - 9:05am

The People-Led, Tech-Powered Future of Cybersecurity

Jason O’Dell

Jason O’Dell

VP, Security Operations

Walmart

  • Importance of digital trust (e.g., how to earn it, how to keep it, how to grow it)
  • The Evolving Threat Landscape and How to Stay Ahead
  • Challenges and opportunities with regulation and consolidation
9:05am - 9:40am

Fireside Chat: Navigating the Future: Scaling Secure AI Amidst Emerging Policies and Privacy Challenges

Xochitl Monteon

Xochitl Monteon

Chief Privacy Officer / VP Cybersecurity Governance, Risk & Compliance

Intel

  • Track precedent setting emerging policy and regulatory landscapes
  • Scale AI innovation globally with a security and privacy mindset
  • Identify common privacy and security threats to AI/ ML applications
  • Harness generative AI to maximize efficiency and minimize risk
  • Make the case for privacy-enhancing technology: solutions and legal insights
9:45am - 10:20am

Batman on a Beach, Einstein, and AI Robots

  • Hear the current state of security (spoiler alert it’s still bad). Understand how infrastructure, the surge in cybercrime, and attackers’ use of AI are affecting the threat landscape
  • Explore how a transition from a best-of-breed to a best-of-platform approach can streamline your portfolio, enhance visibility, and mitigate risks
  • Assess your company’s readiness for AI. Unveil its potential while also examining compliance challenges associated with this emerging technology
  • Learn how Microsoft leverages AI through Microsoft Copilot to simplify complexity, catch what others miss, and strengthen your team’s expertise
9:45am - 10:20am

It’s Time to Rethink Network Security for Cloud

Josh Cridlebaugh

Josh Cridlebaugh

Director, Solutions Marketing

Aviatrix

Bryan Woodworth

Bryan Woodworth

Dir. Solution Strategy

Aviatrix

  • Cloud architects, CIOs and CISOs will learn how their peers are reducing the complexity and costs of network security in the cloud
  • Find out how enterprises are saving tens of thousands to millions of dollars annually by removing expensive licenses, compute, cloud data processing costs tied to using “Last Generation Firewall” architecture in the cloud
  • Learn how the convergence of cloud networking and network security brings policy inspection and enforcement into the natural path of traffic to improve performance, strengthen compliance, boost cyber resiliency, and accelerate cloud infrastructure automation projects
10:25am - 12:05pm
  • 10:30 am – 10:50 am: Meeting Slot 1/Networking
  • 10:55 am – 11:15 am: Meeting Slot 2/Networking
  • 11:20 am – 11:40 am: Meeting Slot 3/Networking
  • 11:45 am – 12:05 pm: Meeting Slot 4/Networking

These mutually agreed-upon conversations are arranged and facilitated by Executive Platforms staff to ensure attendees have valuable discussions about their top-of-mind questions, challenges, and opportunities.

12:10pm - 12:45pm

Fireside Chat: The Best Security Offense is a Good Defense

Tomás Maldonado

Tomás Maldonado

Chief Information Security Officer

National Football League

  • Guarding potential new attack surfaces caused by growing digitization across operations
  • Exploring emerging concerns around attacks enabled by the growing availability of generative AI tools
  • Collaborating with everyone at the national, state, and local levels to test and trial scenarios leading up to a national event to ensure preparation
  • Constantly focusing on maximizing visibility and assessing threats
  • Working towards maximum visibility into networks and creating multiple layers of defense
12:45pm - 1:45pm

Explore this year’s themed lunch discussions led by industry leaders, where executives engage in focused conversations over a meal, discussing topics they’re passionate about alongside their peers.

Safely Utilizing Robotics to Extend Services Across the World

Phillip Arthur

Phillip Arthur

VP Chief Technical Architect

AdventHealth

Security Concerns for CISOs and How to Address Them

Josh Serba

Josh Serba

Chief Information Officer

AHC+ Hospitality

Cybersecurity and the Board: Strategies for Alignment

DeWayne Hixson

DeWayne Hixson

CISO

Bass Pro

Driving Real Value Through AppSec Processes and Tech

Jeremy Schumacher

Jeremy Schumacher

SVP, IT & Security

Cadent, LLC

Media Crisis vs. Cyber Reality: Guiding Executives Through the Noise

Mike Phillips

Mike Phillips

CISO

Cheniere Energy

Establishing a KRI/KPI Framework to Monitor Cyber Risk

Josh Reid

Josh Reid

Cybersecurity Leader, Consumer Markets and Life Sciences

Crowe

Securing the Flow: Enhancing Resilience In Municipal Water Utilities’ Industrial Control Systems

Joseph Welch

Joseph Welch

Chief Information Officer

Fort Wayne City Utilities

Cybersecurity at the Nexus of AI and Automation

Leo Howell

Leo Howell

Interim Vice President of Information Technology and Chief Information Officer

Georgia Tech

What Should We Take Away From Recent SEC Decisions Regarding CISOs?

Kishore Kumar

Kishore Kumar

Senior Technical Consultant

Manage Engine

Metrics and Measuring Success

Jim Blevins

Jim Blevins

CIO

Richwood Bank

1:45pm - 2:20pm

Building More Secure, Resilient and Safer Critical Infrastructure

Taylor Lehmann

Taylor Lehmann

Director, Office of the CISO

Google

This session will focus on critical elements of resilient systems and how to build them. We explore the work of the President’s Council of Advisors on Science and Technology (PCAST) and tie it to Google engineering practices to provide clear examples of how to build resilient systems that run the internet. We’ll discuss 4 critical pillars of cyber resilience and the role they play in fortifying systems against cyber threats in a cyber-physical environment. We’ll discuss the interconnectedness of these pillars and how they form the foundation of a robust cyber resilience strategy.

2:25pm - 3:00pm

Redefining DevSecOps After SolarWinds: Lessons from a Securities Lawyer Turned Cyber Hacker

Tom Tovar

Tom Tovar

Co-founder & CEO

Appdome

In this practical workshop, CISOs will learn from real world lessons and come away with a better understanding of:

  • The real meaning of SolarWinds and the SEC’s 4-day rule
  • How to define an “incident” for disclosure and remediation
  • Is there a remediation safe harbor?
  • The CISOs role in cyber disclosure do’s and don’ts
  • Using technology to claim control over cyber delivery
2:25pm - 3:00pm

From Crisis to Confidence: How Data Protection Can Enhance Your Incident Response and Recovery

Stephen Manley

Stephen Manley

CTO

Druva

Neil Ashworth

Neil Ashworth

Sr. Solution Architect - Security

Druva

Cyber threats are more prevalent than ever and security teams are faced with the daunting task of optimizing their security posture while balancing budget, risk, and operational efficiency. With even the most sophisticated security stack plagued with coverage gaps and vulnerabilities, security teams are fatigued and don’t want to add yet another security tool.

Sometimes help comes from an unexpected corner. Modern backup and data security can help IT and security come together and solve problems. Learn what a data security and protection partner like Druva can do to help strengthen your security posture and streamline your incident response and recovery workflows. We will cover:

  • What typically occurs in each phase of a cyber attack
  • Common security coverage gaps in your data infrastructure
  • How to work better with your IT and backup teams
3:05pm - 4:15pm
  • 3:05 pm – 3:25 pm: Meeting Slot 5/Networking
  • 3:30 pm – 3:50 pm: Meeting Slot 6/Networking
  • 3:55 pm – 4:15 pm: Meeting Slot 7/Networking

These mutually agreed-upon conversations are arranged and facilitated by Executive Platforms staff to ensure attendees have valuable discussions about their top-of-mind questions, challenges, and opportunities.

3:10pm - 3:45pm

Executive focus groups are informal moderated discussions among peers, held during networking breaks outside the summit agenda. No sign-up is required; delegates and speakers can join any group of interest.

Startups Unveiled: Adding Value to Your Stack

Andrew Wilder

Andrew Wilder

Chief Security Officer

Community Veterinary Partners

3:45pm - 4:15pm

4:20pm - 4:55pm

New Data Governance and Cyber Resiliency Standards for Healthcare

Arve Kjoelen

Arve Kjoelen

VP and Chief Information Security Officer

McAfee

  • Exploring why traditional vulnerability management approaches are limited in effectiveness in healthcare organizations
  • Strategies for establishing standardized baseline cybersecurity controls to protect patient data and care
  • Understanding the landscape of healthcare’s attack ecosystem and highlighting some of the common pitfalls
4:20pm - 4:55pm

Designing a Holistic Cyber Incident Response Plan

Cynthia Kaiser

Cynthia Kaiser

Deputy Assistant Director, Cyber Division

Federal Bureau of Investigation (FBI)

  • Designing a holistic and pragmatic cyber resiliency strategy to manage cyber risk and drive business value
  • How to develop your strategy to ensure it is aligned with your business strategy
  • Incorporating key aspects such as legal, compliance, and risk management to enable a return on investment
  • Discussing how intelligence and the frontline experience should be leveraged within your organization
4:55pm - 5:30pm

Building a Business Aligned, Risk Prioritized Cybersecurity Strategy

Gary Harbison

Gary Harbison

Global Chief Information Security Officer

Johnson & Johnson

  • Importance of defining a forward looking strategy, aligned to business and risk based priorities, and leveraging your operating model to support
5:30pm - 6:05pm

Achieving a Dominant Cybersecurity Posture in the Digital Economy

Gurpreet Bhatia

Gurpreet Bhatia

DoD Principal Director for Cybersecurity/DoD Deputy CISO

Dept of Defense (DoD)

  • Digital Transformation as an imperative to protect the homeland from the nation’s adversaries
  • Accelerating cloud migration to enhance war fighting effectiveness
  • Deploying a high-degree of automation to improve defensive capabilities across agencies
  • Zero Trust adoption as a federal priority and its implications for the industry at large
6:05pm - 6:10pm

Chair’s Closing Remarks

Tomás Maldonado

Tomás Maldonado

Chief Information Security Officer

National Football League

6:10pm

7:30am - 8:25am

8:25am - 8:30am

Chair’s Opening Remarks

Tomás Maldonado

Tomás Maldonado

Chief Information Security Officer

National Football League

8:30am - 9:05am

Managing Your Insider Risk Program

Bret Arsenault

Bret Arsenault

Corporate Vice President and Chief Cybersecurity Advisor

Microsoft

  • Emphasizing the balance between employee privacy and company security
  • Prioritizing collaboration across functions and the importance of shared goals with clear measures of success
  • Engaging employees with data protection and compliance training
  • Utilizing emerging new insider risk management tools with adaptive security capabilities that can detect risky activities and mitigate potential impact
9:05am - 9:40am

Security in the Open: How to Raise the Bar on Open Source Software Security

Mark Ryland

Mark Ryland

Director, Amazon Security

Amazon

  • Working upstream to improve long-term outcomes
  • Releasing security tools and libraries as open source to help secure the broader ecosystem
  • Providing engineering and financial support for security improvements across the ecosystem
  • Some reflections on software supply chain, secure software development, and memory-safe languages
9:50am - 10:25am

Panel: The Business of Global Talent

Tomás Maldonado

Tomás Maldonado

Chief Information Security Officer

National Football League

Eddie Borrero

Eddie Borrero

VP & CISO

Blue Shield California

Andrew Albrecht

Andrew Albrecht

Vice President – Chief Information Security Officer (CISO)

Domino's

Kelly Brickley

Kelly Brickley

VP, Threat Intelligence

TD Bank

Jason O’Dell

Jason O’Dell

VP, Security Operations

Walmart

  • Placing diversity and inclusivity at the core of everything you do
  • Breaking new ground and finding new ways of managing the holistic talent life cycle, enabled by advanced technology
  • Forging partnerships across the business to attract a new generation of talent from outside the core cyber function
  • Using internal, external and unconventional talent pools to build and develop a sustainable global talent pipeline
10:25am - 11:15am
  • 10:30 am – 10:50am: Meeting Slot 8/Networking
  • 10:55am – 11:15am: Meeting Slot 9/Networking

These mutually agreed-upon conversations are arranged and facilitated by Executive Platforms staff to ensure attendees have valuable discussions about their top-of-mind questions, challenges, and opportunities.

10:45am - 11:15am
11:20am - 11:55am

‘Shift Up’ Observability of Your Custom Software Security Risks and Beyond

Greg Rivera

Greg Rivera

VP of Product

CAST

Overwhelming complexity in custom software results in costly data breaches with open source and 3rd party component vulnerabilities like the log4j incident being a major culprit. Software Composition Analysis (SCA) technology is designed to help reduce these risks. However, most traditional SCA products are designed for developers and don’t give CISOs and CIOs the visibility they need to confidently make critical decisions and take control of open source and 3rd party component risks across their entire portfolio of software applications. How do you ensure you are covering all of your applications? How do you govern these risks without slowing down your developers?

Complexity is so high, it’s no longer good enough to rely solely on developers to be vigilant. Join this session to learn how some CISOs and CIOs are taking a smarter approach to open source and 3rd party component security risk management by ‘shifting up’ observability with an open source control tower, automatically across all their applications. Get answers to questions like:

  • Do I have new security or IP exposures this month?
  • Are risky components, like log4j, still being used?
  • Who exactly is using the custom framework we built and where?
  • How do I ensure I am ready for Software Bill of Materials (SBOM) requirements and regulations?
12:00pm - 12:35pm

Governing Generative AI: Safeguarding the Enterprise Without Stifling Exploration

Jeff Northrop

Jeff Northrop

Chief Information Officer, Mars Wrigley NA

Mars Inc

  • Identify and engage key stakeholders which may include developers, researchers, policymakers, ethicists, legal experts, affected communities, and end-users
  • Establish risk tolerance through a policy with clear objectives and guiding principles guide the development, deployment, and use of generative AI systems
  • Implement mechanisms for monitoring, auditing, and enforcing compliance with established policies and promote accountability
  • Provide education and training to enhance understanding of generative AI technologies, governance principles, and ethical considerations among stakeholders
12:00pm - 12:35pm

Serving Others: The Purpose Uniting Cyber Security Community

Sergio Torrontegui

Sergio Torrontegui

Business Information Security Officer, Americas

Unilever

  • Exploring ways to create digital trust, make it everyone’s business
  • Maximizing cyber security organizational impact one capability at a time.
  • Fuel a learning and innovative organization by embracing new skills, backgrounds, and perspectives
12:35pm - 1:35pm

Explore this year’s themed lunch discussions led by industry leaders, where executives engage in focused conversations over a meal, discussing topics they’re passionate about alongside their peers.

Lessons Learned: Failing Forward

Rick Rampersad

Rick Rampersad

Chief Information Officer

Early Learning Coalition of Hillsborough County

Securing the Resources You Need to Succeed in a Crowded and Noisy Business Environment

Brandon Carter

Brandon Carter

Sr. Cybersecurity Specialist

Environmental Protection Agency

Reinvigorating Long-Established and Too Comfortable Processes, Protocols, and Procedures

David Mullenix

David Mullenix

Vice President, IT

JPI

The Convergence of Legacy OT Networks and Industry 4.0

Andrew Cook

Andrew Cook

Senior Manager of IT Security & Infrastructure

Milos Tea Company

Cybersecurity for the Mid-Market Organization

Tom Shock

Tom Shock

Director, Information Technology

Shepherd Electric Supply

Managing Cyber Risk in Distributed Environments – Leading Through Influence, Policy, and Collaboration-Based Approaches

Jessie Minton

Jessie Minton

VC and CIO

Washington University in St. Louis

Challenges of Adversarial AI in Cybersecurity

Omar Valerio

Omar Valerio

CIO / CTO

Westminster Christian School

1:35pm - 2:10pm

Defending Global Institutions from Supply Chain Cyber Risks

Michael Milligan

Michael Milligan

Staff Vice President

FedEx Corporation

  • Learn about FedEx’s dual role as a tech consumer and provider, focusing on the risks associated with using external vendors and the impact on operations
  • Highlight the lack of uniform security standards and the tech industry’s safety evolution, emphasizing the implications for consumers and providers
  • Outline secure software initiatives such as SBOM, efforts to adopt best practices, and enhancements to security programs aimed at influencing provider security measures
2:10pm - 2:20pm

Chair’s Closing Remarks

Josh Reid

Josh Reid

Cybersecurity Leader, Consumer Markets and Life Sciences

Crowe

Agenda Day Filter
Agenda Session Type Filter

Sessions From Previous Years

Download The Agenda PDF

"*" indicates required fields

Are you a delegate or sponsor?*

By completing and submitting this form, you agree to receive marketing emails from Executive Platforms Inc. You can opt-out at any time by utilizing the unsubscribe link provided at the bottom of each email. All data collected will be handled in accordance with our Privacy Policy and Terms of Use.

Summit Floorplan

Sign Up For Our Newsletter

"*" indicates required fields

Are you a delegate or sponsor?*

By completing and submitting this form, you agree to receive marketing emails from Executive Platforms Inc. You can opt-out at any time by utilizing the unsubscribe link provided at the bottom of each email. All data collected will be handled in accordance with our Privacy Policy and Terms of Use.