Houston CISO Executive Summit

Julian Reeve, former Music Director of the Broadway musical Hamilton, has spent a lifetime chasing results. On and off Broadway, his achievements have been applauded, conducted by ambition, and underscored by self-criticism. But a major life event demanded a change of tune. Now, as a noted authority on burnout and perfectionism, he offers concrete tools on how to build a burnout-free culture, retain high achievers and optimize self-care and performance for you and your team. Reeve is an Advisory Board Member for HR.com’s Research Institute, and his work has been featured in The Hill Newspaper and Fast Company/CEO World Magazines in addition to his TEDx Talk and children's book.

Join Reeve as he explores: 

• Recognizing and managing stress and burnout in yourself and your team
• Identifying six keys to burnout control & avoidance
• Clarifying individual vs. organization burnout responsibility

Becoming a cyber-resilient organization requires changing the way risk ownership and responsibilities are addressed across the organization and with the C-suite and board – particularly in light of the SEC’s enhanced breach disclosure requirements. CISOs need to embrace zero trust security and adjust their board engagement approach to get the right level of support and guidance on cybersecurity initiatives.

In this session, we will discuss strategies for increasing cyber and business resilience, including:

• Articulating cyber risk posture, controls, and mitigation strategies in place, with messaging that will resonate with the board and C-suite leaders
• Leveraging zero trust architecture to secure users, workloads, and IoT/OT devices by addressing critical security shortcomings of routable networks
• Gaining confidence on cybersecurity oversight and forward direction

While the vast majority of infrastructure has been upgraded and modernized to secure the shift to the cloud, enterprise IT teams are still missing an equally seamless access method to safely deliver those now cloud-native apps and data. While traditional browsers have become the de facto access point for the majority of business critical applications, they lack the deep inspection capabilities and hyper-granular security controls enterprises need. This results in security teams surrounding their browsers with layers of tech to meet those needs.

Join this breakout session to discover:

• Why traditional cloud security methods undermine your modernization efforts and end-user experience
• Embracing technological momentum to adapt to a "more-with-less" security landscape
• How enterprise CISOs are using this solution to bolster cloud security

Prioritizing and eliminating the cyber risks that matter most is the ultimate goal of security leaders. But how do you validate that your efforts are hitting the mark? It all comes down to well-crafted measurements: metrics that are reliable and easily understood by all stakeholders across the business.

In this session, we will discuss:

• Cybersecurity risk assessment essentials and which risks truly carry weight
• Concrete approaches to determine effectiveness of security capabilities
• Creating simple "metric cards" to communicate across stakeholders

CISO doesn't have to be synonymous with solo. Just ask Mary Dickerson, who -- for the first time in her 10+ year CISO career -- now has a Deputy CISO on her team.

Join this session with Mary and Richard Anselme, her Deputy CISO at University of Texas Health Science Center at Houston, to: 

• See what a successful CISO/Deputy CISO partnership structure can look like
• Hear how they navigated potential pitfalls and how they see their roles evolving over time
• Discuss broader challenges with succession planning, delegating and leading within a security team

Today's threat landscape calls for a renewed focus on partnership and engagement, including up-to-the-minute information sharing, technology collaboration and critical infrastructure protection. But what does this look like in practice? The State of Texas has seen great improvement across these initiatives since moving to a "whole-of-state" approach to cybersecurity, a strategy that enables multiple levels of government – and private industry – to embrace greater collaboration. 

Join this session to hear State of Texas CIO Amanda Crawford and Deputy CISO Tony Sauerhoff share insights about Texas's "whole-of-state" model and facilitate an open discussion on:

• Benefits, challenges and dynamics of adopting a more centralized approach to statewide security operations
• Opportunities for better threat intelligence and analysis sharing between the State and Texas public sector organizations
• Perspectives on applying principles of "whole-of-state" beyond the public sector

Many executives envision their career including corporate board service at some point, but it's not often an easy path – especially for CISOs. (Only about 12% of S&P 500 organizations currently have at least one current or former "cyber expert" on the board.*) But the push for more board oversight and accountability around data breaches has put infosec expertise more squarely in the sights of board search teams than ever before. 

Join this session for a candid conversation on what CISOs should know if they're considering corporate board service as a career move, including:

• How the reality of corporate board service may -- or may not -- align with your expectations
• How to determine if corporate board service is something that really aligns with your professional and personal goals
• What skills and experience boards are looking for, and how CISOs can plan their next career moves with these criteria in mind

*"State of Cyber Awareness in the Board Room Report," NightDragon & Diligent Institute, September 2023

Today’s CISOs face daunting challenges. It’s a balance between fighting off increasingly sophisticated attacks, maintaining a positive company culture, and navigating governance and company-wide risk assessments. It's no surprise that CISOs are needing to find innovative ways to manage stress and burnout.

Join this boardroom session to connect with your peers on:

• Factors unique to infosec roles that contribute to it being such a high-burnout environment
• What CISOs are doing to support themselves and their teams
• Ways you can seek and advocate for better support from your organization

When users are everywhere and digital operations span cloud, SaaS, and on-premises environments, achieving cyber resilience becomes paramount. The challenge lies in navigating this complexity and maintaining visibility and control to ensure continuous operation despite cyber threats.

Join this interactive roundtable to discuss:

• Optimizing costs and improving security across diverse cloud environments
• Adopting Zero Trust philosophies to protect users, data, and applications
• Innovating with AI while addressing global regulatory and data privacy requirements

As CISOs look to build their array of leadership skills, effective talent and team career development cannot be overlooked. This critical skill has evolved from "nice to have" to instrumental in building a resilient cybersecurity team and pushing the business forward.

Join this executive boardroom to connect with your peers on best practices for:

• Fostering an environment of continuous learning and skill development
• Leveraging talent development within the security function as a business enabler
• Promoting and enabling a team to take ownership of their career paths

Despite investing in the appropriate solutions and conducting numerous tabletop exercises to prepare for a possible attack, the questions often linger: How helpful will your IR playbook actually be? How quickly will you be able to mobilize leadership? How will you handle the stress?

Wes Farris, ISO for The Harris Center, will lead this candid conversation using his own recent experience as a framework, and invites input, questions, and advice from peers on:

• Factors that really make a difference in preparing for a breach
• Fundamental priorities while actively responding and recovering
• Post-incident hindsight and reflections

Cybersecurity is often an afterthought when it comes to mergers and acquisitions processes, but infosec leaders have the power to leverage these changes into positive, permanent growth within an organization. How are you preparing now to thoughtfully execute the next business integration in a way that unlocks new potential for your organization?

Join this session as your peers discuss:

• Lessons learned from past mergers and acquisitions
• How to leverage the potential influx of funding and talent
• Why empathetic leadership is crucial during times of change