Boston CISO Executive Summit

November 17, 2021 | Renaissance Boston Waterfront Hotel

November 17, 2021
Renaissance Boston Waterfront Hotel

Collaborate with your peers

Get together with Boston's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Accelerating security to match the pace of digital business initiatives

Managing the risk created from a landscape of new core technologies

Achieving sustainability for the CISO role without compromising outcomes

Boston CISO Governing Body

The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.


Kevin Brown


Javed Ikbal

Bright Horizons

Lawrence Jarvis

Iron Mountain Inc
SVP, Chief Information Security Officer

Holly Ridgeway

Citizens Financial Group
Chief Security Officer

Ravi Thatavarthy

Rite Aid
Vice President & Chief Information Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Boston CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.


November 16, 2021

November 17, 2021

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Welcome Reception

Exclusive to Governing Body members and select guests, this dinner is a can’t-miss opportunity to connect with your peers prior to tomorrow’s Executive Summit. Please join your colleagues for an evening of good food, wine, and lively networking.

7:30am - 8:15am  Registration & Breakfast

8:15am - 9:00am  Keynote

The Art of Innovation — Creativity at Work

Noah Scalin headshot

Noah Scalin

Artist, Innovation Consultant

Hear from artist/author, Noah Scalin, on how to sustain innovation in both work and life. During this interactive session, participants will have the opportunity to practice key concepts immediately with a high-energy, hands-on workshop and a facilitated discussion to cull insights and applications.

In this interactive session you will:

  • Explore personal leadership practices that foster a culture of innovation
  • Discover “The Big 7” practices that you can use to continually learn and grow in your work
  • Participate in a Creative Sprint® challenge that will keep participants creating and connecting after the workshop ends

9:00am - 9:15am  Break

9:15am - 10:00am  Breakout Session

Being Stronger Allies — Supporting Women in Cybersecurity

Anne Coulombe headshot

Anne Coulombe

Head of Data Protection / Data Security

Massachusetts Mutual Life Insurance Co

Helen Negre headshot

Helen Negre

CISO of Americas

Siemens USA

The shortage of cybersecurity professionals and the even greater shortage of women in cyber has been widely reported for years. Many initiatives have been launched to find talented young women, encourage them, and develop their talent so they can become part of our next-generation cyber workforce.

Join this session to learn:

  • Importance of a diverse and inclusive sector for women in this area
  • Characteristics that seem to be the most important in attracting young women and girls into the field,
  • Barriers to entry for women in Cyber, opportunities, and lessons learned, and the way forward.

9:15am - 10:00am  Executive Boardroom

Data Privacy Meets Business Strategy — It’s a Matter of Trust

Ken Asnes headshot

Ken Asnes

Sr. Director, Information Security/CISO


Michael Woodson headshot

Michael Woodson

Director of Information Security and Privacy


Getting privacy right isn’t just an exercise in compliance. Increasingly, consumers expect that organizations are protecting their data while providing more control over its use. Without a robust data governance, security, and privacy triad, today’s digital enterprise will find customers losing trust and pivoting to rivals. Is your privacy program creating the necessary foundation of trust your company depends on?

During this session you will discover:

  • How privacy plays into business strategy across industries in today’s economy
  • Different reporting structures, roles, and the CISO’s responsibility in privacy
  • Specific challenges for data privacy and security across third-party vendors and amid accelerating moves to the cloud

9:15am - 10:00am  Breakout Session

An Indispensable Partnership Between Humans and Machines

Michael Leland headshot

Michael Leland

Chief Cybersecurity Evangelist


Artificial Intelligence seems to be a pervasive part of our lives today, from the delivery of highly targeted advertising to the introduction of sophisticated chatbots. Ransomware attacks increased over 150% in 2020 while the average breach life cycle now exceeds 300 days to detect and resolve a security incident. While machine learning is becoming one of the most important time-saving tools for the defenders in cybersecurity, so too have adversaries learned to harness the speed and power of machines to strengthen their capabilities.

Join this session to discuss:

  • Where does this trend leave the hands-on practitioner
  • At what point does the velocity of innovation outpace the capabilities of human intellect
  • Will robots ever replace us in the effective practice of securing our digital world

10:00am - 10:30am  Networking Break

10:30am - 11:15am  Breakout Session

Benchmarking Session – Protect your Data or Pay the Price?

Kevin Brown headshot

Kevin Brown



Ravi Thatavarthy headshot

Ravi Thatavarthy

Vice President & Chief Information Security Officer

Rite Aid

The risk of attacks are top-of-mind for all organizations today as threat actors become more sophisticated and their impact increasingly detrimental. Cybersecurity professionals must have the right strategy and tools in place to prevent, detect and respond quickly to breaches to avoid reputational risk or paying a hefty sum.

Join this benchmarking session to discuss:

  • Taking ransomware protection to the next level
  • Strategies to defend against bad actors 
  • Challenges and best practices in managing major security events

10:30am - 11:15am  Breakout Session

The Three Keys To Cybersecurity Transformation – Platform, People, and Process

Danny Connelly headshot

Danny Connelly

CISO Americas


Mark Teehan headshot

Mark Teehan

Chief Information Security Officer

Harvard Pilgrim Health Care

The process of digital transformation improves business agility and information flow, but dramatically expands the attack surface and exposes your business to new threats. Your employees are on the internet now more than they are on the corporate network, accessing applications and data from everywhere. Protecting your business and retaining the benefits of digital transformation requires migrating to a zero trust security model delivered through the cloud, closer to where your users and business assets are now centered.

Join your peers for a session focused on:

  • Building your security ecosystem on a Zero Trust foundation
  • Developing new skills and embracing a new cultural mindset at all levels of the enterprise
  • Defining the right tools to empower your adoption of Zero Trust

10:30am - 11:15am  Executive Boardroom

Third Party Risk: How to Measure and Manage your Risk with Outsourcing

Jeremiah Sahlberg headshot

Jeremiah Sahlberg

Managing Director | Federal, Third Party Risk


Bobbi Bookstaver headshot

Bobbi Bookstaver

Director of Information Security

Shawmut Design and Construction

In today’s business environment, organizations are held responsible for the actions of their suppliers, vendors and partners in addition to their own internal activities. Knowledge and understanding of supplier and third-party risk is of the utmost importance and CISOs and the business teams they support.  Organizations must know their business well enough to understand where risks may materialize and employ processes to detect and react to their evolving risk from third parties.

Join this session to discuss:

  • How to create an accurate inventory of all vendors within your ecosystem
  • Strategies to establish a process for continuous assessment and monitoring of third parties
  • What to do when your third party gets breached

11:15am - 11:25am  Break

11:25am - 12:40pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:45am - 1:15pm  Lunch Service

12:40pm - 1:00pm  Break

1:00pm - 1:35pm  Keynote

Training the Next Generation of Cyber Professionals

Gary Gauba headshot

Gary Gauba


NextGen Cyber Talent

Julie Fitton headshot

Julie Fitton

VP, Digital Product Security

Stanley Black & Decker

Compared with academic pursuits like history, philosophy or mathematics, the field of cybersecurity is still in its infancy. The word cybersecurity itself is barely three decades old, and by some estimates, the global cybersecurity workforce needs to grow at a blistering 145 percent each year simply to keep pace with the demand for skilled talent in the near future.

Join Julie Fitton and Gary Gauba as they discuss: 

  • Strategies for developing the next generation of cybersecurity professionals
  • Expanding diverse talents
  • How to successfully educate cohorts of underprivileged and underserved students about cyber technologies

1:35pm - 1:50pm  Break

1:50pm - 2:35pm  Breakout Session

Prepare for a Major Cyber Attack: An Interactive Exercise

Joe Burgoyne headshot

Joe Burgoyne

Sr. Director, Cyber Security

GE Healthcare

Adam Glick headshot

Adam Glick



Lorna Koppel headshot

Lorna Koppel

Director of Information Security/CISO

Trustees of Tufts College

Most CISOs feel comfortable managing the minor security incidents with standardized processes, but what about major incidents that shake the very foundation of your organization like the Solar Winds attack? Such crises can be career-changing.

Join this workshop to:

  • Learn the basic building blocks of effective cybersecurity crisis response
  • Share challenges and best practices in managing major security events
  • Benchmark against your peers and identify lessons learned

1:50pm - 2:35pm  Executive Boardroom

When Ransomware Strikes, Will You Be Ready?

Michael Powell headshot

Michael Powell

Special Cyber Representative and vCISO


Daniel Gortze headshot

Daniel Gortze

Chief Information Security Officer


IT leaders across the globe are asking themselves that question as ransomware grows increasingly prevalent and as attackers continue to raise their demands. It may seem difficult to prioritize building out your recovery plan when you could spend that time focused on increasing defensive measures but recovering from ransomware is not a process you want to wing.

Join this session to discuss:

  • Step-by-step guidance for navigating ransomware response protocols
  • Key pitfalls most organizations make when attempting a ransomware recovery and how to avoid them
  • How to build a foundation for developing a thorough, practical, and well-documented plan of action

1:50pm - 2:35pm  Executive Boardroom

Keeping the Cloud Clean

Eric Jacobsen headshot

Eric Jacobsen

Executive Director of Information Security

Boston University

Frederick Webster headshot

Frederick Webster

Director, Information Assurance and Business Continuity

Blue Cross Blue Shield Association

As the world continues to shift, the most common security challenges faced in the cloud stem from misconfigurations, the need for continuous compliance, and an exploding set of cloud infrastructure services. Whether you are migrating to cloud or building up cloud-native applications, getting basic hygiene right is the first step to building in the cloud with confidence. 

Join this session to discuss:

  • Best practices for securing your infrastructure, applications, and data across hybrid and multi-cloud environments
  • How to operate your cloud environment without misconfigurations
  • The most common attacks and how do you protect your business from application security threats

2:35pm - 3:05pm  Networking Break

3:05pm - 3:50pm  Breakout Session

Kick Start Your Company-Wide Risk Analysis Program

Robert Sullivan headshot

Robert Sullivan

CISO, VP Technology Shared Services


Most likely your risk management program has evolved due to outside influences such as client contract requirements, board requests, and/or specific security incidents. What you may not realize is that your risk program should be far more holistic, based not only on your business’ enterprise-wide risks but built around the unique assets critical to your organization's ability to deliver services.

Join Robert Sullivan, VP, Technology Shared Services and CISO at Agero as he discusses:

  • How you can quickly reorient your risk program to be based on your enterprise’s unique assets
  • Defining the cyber risk, potential for loss, disruption, exposure, or corruption of those assets, measured in terms of annualized loss expectancy
  • How to complete an initial asset valuation and business discovery without investing months of work

3:05pm - 3:50pm  Executive Boardroom

Is Identity and Access Enlightenment Possible?

Esmond Kane headshot

Esmond Kane


Steward Health Care System

Mark Teehan headshot

Mark Teehan

Chief Information Security Officer

Harvard Pilgrim Health Care

Abhi Sarmah headshot

Abhi Sarmah

Practice Director, Identity and Access Management

GuidePoint Security

What would it mean for the world of business if an organization could fully and effortlessly manage the access of its users? Every enterprise requires safeguards to ensure that the right people are accessing the right systems and information, and finding that balance between agility and security is a unique challenge for any CISO. After so many years spent tackling this issue, has a new way forward revealed itself?

Join this session to discuss:

  • Prudent approaches to right-size the balance of security controls and agile access
  • Ways your peers discuss strategy for trust and access with other senior leaders
  • New technologies that are improving the world of IAM

3:05pm - 3:50pm  Executive Boardroom

Securely Enable Remote Work

Joe Burgoyne headshot

Joe Burgoyne

Sr. Director, Cyber Security

GE Healthcare

Lorna Koppel headshot

Lorna Koppel

Director of Information Security/CISO

Trustees of Tufts College

Companies are under intense pressure to quickly expand their reliance on distributed, remote teams. But standing up this kind of capability isn’t easy: It means access and device challenges, communication and collaboration challenges, and new security and compliance concerns.

Join this session to learn how to:

  • Enable productivity without compromising on security
  • Unify access across your cloud and on-prem apps for all users, ensuring they have access to only the resources they need at the right time
  • Ensure business continuity and resiliency for your remote workforce

3:50pm - 4:05pm  Break

4:05pm - 4:40pm  Closing Reception & Prize Drawing

November 16, 2021

November 17, 2021

We look forward to seeing you at an upcoming in-person gathering


Venue & Accommodation

Renaissance Boston Waterfront Hotel

A block of rooms has been reserved at the Renaissance Boston Waterfront Hotel at a reduced conference rate. Reservations should be made online or by calling 1-877-901-6632. Please mention Evanta Boston Executive Summit to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $279 USD (plus tax) is October 29, 2021.

Your Community Partners

Key Partners
Program Partners

Community Program Manager

For inquiries related to this community, please reach out to your dedicated contact.

Cat Hogan

Program Manager