Please note all times are local, Mountain Daylight Time

16 June, 2024


5:00 pm - 6:10 pm

ROOM 2

WELCOME DAY SPECIAL CONTENT

Panel Discussion: Women in Security
  • Creating a purpose-driven strategy that makes an impact as our organization grows and nurtures a diverse workforce
  • Understanding the leader’s role as a force to shape and demonstrate corporate culture, and to serve as a catalyst for equality and inclusion
  • Sharing typical challenges faced by corporations when trying to promote diversity in the workforce
  • Illustrating the importance of today’s leaders building up and supporting the next generation our organizations will need for the future. What does that look like on a day-to-day basis?
  • Offering examples of strong and effective mentorship programs in onboarding, cross-training, job shadowing, and continuing education that make the difference

Moderator:

Linda Marcone
CISO
Crate & Barrel

Panelists:

Stacee Jones
IT Director, Deputy CISO
Lear Corporation

Jennifer Franks
Director, Center for Enhanced Cybersecurity
US Government Accountability Office

Hazleena Hashim
Chief Information Officer
Natural Habitat Adventures

Anne Coulombe
CISO
Werfen

6:15 pm - 7:30 pm

Welcome Drinks Reception

17 June, 2024


7:30 am - 8:15 am

Registration & Breakfast

8:15 am - 8:20 am

Opening Remarks and Important Announcements

8:20 am - 8:30 am

Chair’s Welcome Address

Tomás Maldonado
Chief Information Security Officer
National Football League

8:30 am - 9:05 am

The People-Led, Tech-Powered Future of Cybersecurity
  • Importance of digital trust (e.g., how to earn it, how to keep it, how to grow it)
  • The Evolving Threat Landscape and How to Stay Ahead
  • Challenges and opportunities with regulation and consolidation

Jason O’Dell
VP, Security Operations
Walmart

9:05 am - 9:40 am

Fireside Chat: Navigating the Future: Scaling Secure AI Amidst Emerging Policies and Privacy Challenges
  • Track precedent setting emerging policy and regulatory landscapes
  • Scale AI innovation globally with a security and privacy mindset
  • Identify common privacy and security threats to AI/ ML applications
  • Harness generative AI to maximize efficiency and minimize risk
  • Make the case for privacy-enhancing technology: solutions and legal insights

Xochitl Monteon
Chief Privacy Officer / VP Cybersecurity Governance, Risk & Compliance
Intel

STREAM 1 CHAIR

Tomás Maldonado
Chief Information Security Officer
National Football League

STREAM 2 CHAIR

Josh Reid
Cybersecurity Leader, Consumer Markets and Life Sciences
Crowe

9:45 am - 10:20 am

WORKSHOP

ROOM 1

Batman on a Beach, Einstein, and AI Robots
  • Hear the current state of security (spoiler alert it’s still bad). Understand how infrastructure, the surge in cybercrime, and attackers’ use of AI are affecting the threat landscape
  • Explore how a transition from a best-of-breed to a best-of-platform approach can streamline your portfolio, enhance visibility, and mitigate risks
  • Assess your company’s readiness for AI. Unveil its potential while also examining compliance challenges associated with this emerging technology
  • Learn how Microsoft leverages AI through Microsoft Copilot to simplify complexity, catch what others miss, and strengthen your team’s expertise

Jerry Carlson
VP Cybersecurity US
Bulletproof

Jack M. Wilson
CRO
Bulletproof

9:45 am - 10:20 am

WORKSHOP

ROOM 2

It’s Time to Rethink Network Security for Cloud
  • Cloud architects, CIOs and CISOs will learn how their peers are reducing the complexity and costs of network security in the cloud.
  • Find out how enterprises are saving tens of thousands to millions of dollars annually by removing expensive licenses, compute, cloud data processing costs tied to using “Last Generation Firewall” architecture in the cloud.
  • Learn how the convergence of cloud networking and network security brings policy inspection and enforcement into the natural path of traffic to improve performance, strengthen compliance, boost cyber resiliency, and accelerate cloud infrastructure automation projects.
Josh Cridlebaugh
Director, Solutions Marketing
Aviatrix

Bryan Woodworth
Dir. Solution Strategy
Aviatrix

10:25 am - 12:05 pm

Pre-Arranged One-to-One Meetings
  • 10:30 am – 10:50 am: Meeting Slot 1/Networking
  • 10:55 am – 11:15 am: Meeting Slot 2/Networking
  • 11:20 am – 11:40 am: Meeting Slot 3/Networking
  • 11:45 am – 12:05 pm: Meeting Slot 4/Networking

12:10 pm - 12:45 pm

Fireside Chat: The Best Security Offense is a Good Defense
  • Guarding potential new attack surfaces caused by growing digitization across operations
  • Exploring emerging concerns around attacks enabled by the growing availability of generative AI tools
  • Collaborating with everyone at the national, state, and local levels to test and trial scenarios leading up to a national event to ensure preparation
  • Constantly focusing on maximizing visibility and assessing threats
  • Working towards maximum visibility into networks and creating multiple layers of defense

Tomás Maldonado
Chief Information Security Officer
National Football League

12:45 pm - 1:45 pm

Overflow Lunch Seating

12:45 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Safely Utilizing Robotics to Extend Services Across the World

Phillip Arthur
VP Chief Technical Architect
AdventHealth

12:45 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Security Concerns for CISOs and How to Address Them

Josh Serba
Chief Information Officer
AHC+ Hospitality

12:45 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Cybersecurity and the Board: Strategies for Alignment

DeWayne Hixson
CISO
Bass Pro

12:46 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Driving Real Value Through AppSec Processes and Tech

Jeremy Schumacher
SVP, IT & Security
Cadent, LLC

12:46 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Media Crisis vs. Cyber Reality: Guiding Executives Through the Noise

Mike Phillips
CISO
Cheniere Energy

12:46 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Establishing a KRI/KPI Framework to Monitor Cyber Risk

Josh Reid
Cybersecurity Leader, Consumer Markets and Life Sciences
Crowe

12:47 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Securing the Flow: Enhancing Resilience In Municipal Water Utilities’ Industrial Control Systems

Joseph Welch
Chief Information Officer
Fort Wayne City Utilities

12:47 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Cybersecurity at the Nexus of AI and Automation

Leo Howell
Interim Vice President of Information Technology and Chief Information Officer
Georgia Tech

12:47 pm - 1:45 pm

THEMED LUNCH DISCUSSION

What Should We Take Away From Recent SEC Decisions Regarding CISOs?

Kishore Kumar
Senior Technical Consultant
Manage Engine

12:48 pm - 1:45 pm

THEMED LUNCH DISCUSSION

Metrics and Measuring Success

Jim Blevins
CIO
Richwood Bank

12:48 pm - 1:45 pm

THEMED LUNCH DISCUSSION


12:48 pm - 1:45 pm

THEMED LUNCH DISCUSSION


1:45 pm - 2:20 pm

Building More Secure, Resilient and Safer Critical Infrastructure

This session will focus on critical elements of resilient systems and how to build them. We explore the work of the President’s Council of Advisors on Science and Technology (PCAST) and tie it to Google engineering practices to provide clear examples of how to build resilient systems that run the internet. We’ll discuss 4 critical pillars of cyber resilience and the role they play in fortifying systems against cyber threats in a cyber-physical environment. We’ll discuss the interconnectedness of these pillars and how they form the foundation of a robust cyber resilience strategy.

Taylor Lehmann
Director, Office of the CISO
Google

2:25 pm - 3:00 pm

WORKSHOP

ROOM 1

Redefining DevSecOps After SolarWinds: Lessons from a Securities Lawyer Turned Cyber Hacker

In this practical workshop, CISOs will learn from real world lessons and come away with a better understanding of:

  • The real meaning of SolarWinds and the SEC’s 4-day rule
  • How to define an “incident” for disclosure and remediation
  • Is there a remediation safe harbor?
  • The CISOs role in cyber disclosure do’s and don’ts
  • Using technology to claim control over cyber delivery

Tom Tovar
Co-founder & CEO
Appdome

2:25 pm - 3:00 pm

WORKSHOP

ROOM 2

From Crisis to Confidence: How Data Protection Can Enhance Your Incident Response and Recovery

Cyber threats are more prevalent than ever and security teams are faced with the daunting task of optimizing their security posture while balancing budget, risk, and operational efficiency. With even the most sophisticated security stack plagued with coverage gaps and vulnerabilities, security teams are fatigued and don’t want to add yet another security tool.

Sometimes help comes from an unexpected corner. Modern backup and data security can help IT and security come together and solve problems. Learn what a data security and protection partner like Druva can do to help strengthen your security posture and streamline your incident response and recovery workflows. We will cover:

  • What typically occurs in each phase of a cyber attack
  • Common security coverage gaps in your data infrastructure
  • How to work better with your IT and backup teams
Stephen Manley
CTO
Druva

Neil Ashworth
Sr. Solution Architect – Security
Druva

3:05 pm - 4:15 pm

Pre-Arranged One-to-One Meetings
  • 3:05 pm – 3:25 pm: Meeting Slot 5/Networking
  • 3:30 pm – 3:50 pm: Meeting Slot 6/Networking
  • 3:55 pm – 4:15 pm: Meeting Slot 7/Networking

3:10 pm - 3:45 pm

EXHIBITION HALL

FOCUS GROUP

Startups Unveiled: Adding Value to Your Stack

Andrew Wilder
Chief Security Officer
Community Veterinary Partners

3:45 pm - 4:15 pm

4:20 pm - 4:55 pm

CASE STUDY STREAM 1

DATA MANAGEMENT

Defending in the Era of AI
  • Explore how Generative AI changes the balance between attacker and defender
  • Defensive uses of AI built to protect the enterprise
  • Use cases to defend against attacker uses of AI

Arve Kjoelen
VP and Chief Information Security Officer
McAfee

4:20 pm - 4:55 pm

CASE STUDY STREAM 2

SECURITY STRATEGY

Designing a Holistic Cyber Incident Response Plan
  • Designing a holistic and pragmatic cyber resiliency strategy to manage cyber risk and drive business value
  • How to develop your strategy to ensure it is aligned with your business strategy
  • Incorporating key aspects such as legal, compliance, and risk management to enable a return on investment
  • Discussing how intelligence and the frontline experience should be leveraged within your organization

Cynthia Kaiser
Deputy Assistant Director, Cyber Division
Federal Bureau of Investigation (FBI)

4:55 pm - 5:30 pm

Building a Business Aligned, Risk Prioritized Cybersecurity Strategy
  • Importance of defining a forward looking strategy, aligned to business and risk based priorities, and leveraging your operating model to support

Gary Harbison
Global Chief Information Security Officer
Johnson & Johnson

5:30 pm - 6:05 pm

Achieving a Dominant CS Posture in the Digital Economy
  • Digital Transformation as an imperative to protect the homeland from the nation’s adversaries
  • Accelerating cloud migration to enhance war fighting effectiveness
  • Deploying a high-degree of automation to improve defensive capabilities across agencies
  • Zero Trust adoption as a federal priority and its implications for the industry at large

Gurpreet Bhatia
DoD Principal Director for Cybersecurity/DoD Deputy CISO
Dept of Defense (DoD)

 

6:05 pm - 6:10 pm

Chair’s Closing Remarks

Tomás Maldonado
Chief Information Security Officer
National Football League

6:10 pm - 7:10 pm

Drinks Reception

18 June, 2024


7:30 am - 8:25 am

Registration & Breakfast

8:25 am - 8:30 am

Chair’s Opening Remarks

Tomás Maldonado
Chief Information Security Officer
National Football League

8:30 am - 9:05 am

Fireside Chat: The New Security Landscape in the Era of AI

Join us for an insightful discussion on the new AI landscape with Bret Arsenault, CVP, Chief Cybersecurity Advisor at Microsoft. This session will explore the critical aspects of securing AI and delve into the challenges and strategies organizations are facing when it comes to fortifying AI systems and will provide insights into fostering a secure AI landscape while addressing future cybersecurity challenges.

Bret Arsenault
Corporate Vice President and Chief Cybersecurity Advisor
Microsoft

9:05 am - 9:40 am

Security in the Open: Let’s Raise the Bar in Open Source Software Security
  • Working upstream to improve long-term outcomes
  • Releasing security tools and libraries as open source to help secure the broader ecosystem
  • Providing engineering and financial support for security improvements across the ecosystem
  • Some reflections on software supply chain, secure software development, and memory-safe languages

Mark Ryland
Director, Amazon Security
Amazon

9:45 am - 10:25 am

Panel: The Business of Global Talent
  • Placing diversity and inclusivity at the core of everything you do
  • Breaking new ground and finding new ways of managing the holistic talent life cycle, enabled by advanced technology
  • Forging partnerships across the business to attract a new generation of talent from outside the core cyber function
  • Using internal, external and unconventional talent pools to build and develop a sustainable global talent pipeline

Moderator:

Tomás Maldonado
Chief Information Security Officer
National Football League

Panelists:

Eddie Borrero
VP & CISO
Blue Shield California

Andrew Albrecht
Vice President – Chief Information Security Officer (CISO)
Domino’s

Kelly Brickley
VP, Threat Intelligence
TD Bank

Jason O’Dell
VP, Security Operations
Walmart

10:25 am - 11:15 am

Pre-Arranged One-to-One Meetings
  • 10:30 am – 10:50 am: Meeting Slot 8/Networking
  • 10:55 am – 11:15 am: Meeting Slot 9/Networking

10:45 am - 11:15 am

11:20 am - 11:55 am

WORKSHOP

ROOM 1

‘Shift Up’ Observability of Your Custom Software Security Risks and Beyond

Overwhelming complexity in custom software results in costly data breaches with open source and 3rd party component vulnerabilities like the log4j incident being a major culprit. Software Composition Analysis (SCA) technology is designed to help reduce these risks. However, most traditional SCA products are designed for developers and don’t give CISOs and CIOs the visibility they need to confidently make critical decisions and take control of open source and 3rd party component risks across their entire portfolio of software applications. How do you ensure you are covering all of your applications? How do you govern these risks without slowing down your developers?

Complexity is so high, it’s no longer good enough to rely solely on developers to be vigilant. Join this session to learn how some CISOs and CIOs are taking a smarter approach to open source and 3rd party component security risk management by ‘shifting up’ observability with an open source control tower, automatically across all their applications. Get answers to questions like:

  • Do I have new security or IP exposures this month?
  • Are risky components, like log4j, still being used?
  • Who exactly is using the custom framework we built and where?
  • How do I ensure I am ready for Software Bill of Materials (SBOM) requirements and regulations?

Greg Rivera
VP of Product
CAST

11:59 am

STREAM 1 CHAIR

Josh Reid
Cybersecurity Leader, Consumer Markets and Life Sciences
Crowe

STREAM 2 CHAIR

Laura Jackson-Ryan
Senior Director Project Development & Operations
Executive Platforms Inc.

12:00 pm - 12:35 pm

CASE STUDY ROOM 1

DATA MANAGEMENT

Governing Generative AI: Safeguarding the Enterprise Without Stifling Exploration
  • Identify and engage key stakeholders which may include developers, researchers, policymakers, ethicists, legal experts, affected communities, and end-users
  • Establish risk tolerance through a policy with clear objectives and guiding principles guide the development, deployment, and use of generative AI systems
  • Implement mechanisms for monitoring, auditing, and enforcing compliance with established policies and promote accountability
  • Provide education and training to enhance understanding of generative AI technologies, governance principles, and ethical considerations among stakeholders.

Jeff Northrop
Chief Information Officer, Mars Wrigley NA
Mars Inc

12:00 pm - 12:35 pm

CASE STUDY ROOM 2

SECURITY STRATEGY

Serving Others: The Purpose Uniting Cyber Security Community
  • Exploring ways to create digital trust, make it everyone’s business
  • Maximizing cyber security organizational impact one capability at a time.
  • Fuel a learning and innovative organization by embracing new skills, backgrounds, and perspectives

Sergio Torrontegui
Business Information Security Officer, Americas
Unilever

12:35 pm - 1:35 pm

Overflow Lunch Seating

12:35 pm - 1:35 pm

THEMED LUNCH DISCUSSION

Lessons Learned: Failing Forward

Rick Rampersad
Chief Information Officer
Early Learning Coalition of Hillsborough County

12:35 pm - 1:35 pm

THEMED LUNCH DISCUSSION

Securing the Resources You Need to Succeed in a Crowded and Noisy Business Environment

Brandon Carter
Sr. Cybersecurity Specialist
Environmental Protection Agency

12:35 pm - 1:35 pm

THEMED LUNCH DISCUSSION

Reinvigorating Long-Established and Too Comfortable Processes, Protocols, and Procedures

David Mullenix
Vice President, IT
JPI

12:36 pm - 1:35 pm

THEMED LUNCH DISCUSSION

The Convergence of Legacy OT Networks and Industry 4.0

Andrew Cook
Senior Manager of IT Security & Infrastructure
Milos Tea Company

12:36 pm - 1:35 pm

THEMED LUNCH DISCUSSION

Cybersecurity for the Mid-market Organization

Tom Shock
Director, Information Technology
Shepherd Electric Supply

12:36 pm - 1:35 pm

THEMED LUNCH DISCUSSION

Managing Cyber Risk in Distributed Environments – Leading Through Influence, Policy, and Collaboration-Based Approaches

Jessie Minton
VC and CIO
Washington University in St. Louis

12:37 pm - 1:35 pm

THEMED LUNCH DISCUSSION

Challenges of Adversarial AI in Cybersecurity

Omar Valerio
CIO / CTO
Westminster Christian School

12:37 pm - 1:35 pm

THEMED LUNCH DISCUSSION


12:37 pm - 1:35 pm

THEMED LUNCH DISCUSSION


1:35 pm - 2:10 pm

Defending Global Institutions from Supply Chain Cyber Risks
  • Learn about FedEx’s dual role as a tech consumer and provider, focusing on the risks associated with using external vendors and the impact on operations
  • Highlight the lack of uniform security standards and the tech industry’s safety evolution, emphasizing the implications for consumers and providers
  • Outline secure software initiatives such as SBOM, efforts to adopt best practices, and enhancements to security programs aimed at influencing provider security measures

Michael Milligan
Staff Vice President
FedEx Corporation

2:10 pm - 2:20 pm

Chair’s Closing Remarks

Josh Reid
Cybersecurity Leader, Consumer Markets and Life Sciences
Crowe