IN-PERSON

Chicago CISO Executive Summit

November 29, 2023 | Chicago Marriott Downtown Magnificent Mile

November 29, 2023
Chicago Marriott Downtown Magnificent Mile

Collaborate with your peers

Get together with Chicago's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Quantifying the business's cyber-risk appetite and leveraging it to frame security investments

Improving the agility of security operating models to keep pace with organizational priorities

Enabling and protecting the business as technology and AI continue to evolve

Chicago CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Waqas Akkawi

SIRVA Worldwide
VP, CISO

Michelle Ayala

AZEK Company
CISO

Erik Hart

Cushman & Wakefield
CISO

JJ Markee

Danaher
Global Chief Information Security Officer

Bill Podborny

Constellation Brands
CISO

Paolo Vallotti

Tate & Lyle
CISO & VP of Operations

Angela Williams

UL Solutions
Global Chief Information Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Chicago CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


November 28, 2023

November 29, 2023

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Welcome Reception — Giving Back to Chicagoland

Join the Chicago CISO Governing Body for dinner, drinks and an opportunity to give back on the eve of the Executive Summit. In partnership with a local foster care non-profit, we will be preparing care bags for children in the foster care system within the Chicagoland area. 

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

Building Trust Creates Equity

Minda Harts headshot

Minda Harts

Workplace and Equity Consultant, Author

The Memo, LLC

In today's complex and rapidly evolving corporate landscape, building trust isn't merely a "nice-to-have"; it's a critical foundation for cultivating equity. But how can senior leaders restore trust within themselves and among their teams to ensure equitable growth and collaborative success?
 
Join Minda Harts, Workplace and Equity Consultant & Author, to learn about:

  • Fostering trust to lay the foundation for a more equitable, inclusive, and harmonious workplace
  • Embarking on a journey of self-reflection and self-improvement to inspire trust among a team
  • Embracing trust as a dynamic bond that requires ongoing effort and adaptability

9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

Journey to the Cloud – Planning, Partnering & Executing

Brian Palmer headshot

Brian Palmer

Director, IT Security and Infrastructure

Ventas

From capital expenditures to supply chain disruptions, maintaining legacy on-premise data centers requires significant resources. For Brian Palmer, moving Ventas’ applications to the cloud has been an inclusive solution that has positioned the business to quickly take advantage of new technologies and opportunities.

Join this session to learn how to:

  • Lay the foundation through pre-migration training, planning and evaluation
  • Leverage resources to fill knowledge and skills gaps
  • Identify the pros, cons and pitfalls of cloud migration

9:40am - 10:25am  Breakout Session

Defeating Ransomware — The Art of Negotiation in the Age of AI

Oren Wortman headshot

Oren Wortman

VP, Client Leadership | NA

Sygnia

Shaked Tanchuma Yogev headshot

Shaked Tanchuma Yogev

Director of Incident Response

Sygnia

Ransomware attacks continue to evolve and AI is now leveraged by threat actors as both a weapon and an attack vector. Successfully handling a ransomware attack today requires skillful orchestration between multiple elements, including strategic negotiations. Delve into attackers mindset and tactics to gain valuable insights on how infamous threat actors think and operate.

Join this session to discuss:

  • Real-world case studies of destructive AI-driven ransomware attacks
  • The importance of integrating strategic negotiation into your overall response effort
  • Key insights from organizations that defeated ransomware attacks through effective response and preparedness

9:40am - 10:25am  Executive Boardroom

Strategic Pitfalls in Third-Party Risk Management

Mark Nafe headshot

Mark Nafe

Director, Solutions Consulting

RiskRecon - A MasterCard Company

Jay Gonzales headshot

Jay Gonzales

VP & CISO

James Hardie Industries

Brian McSweeney headshot

Brian McSweeney

Chief Cyber Risk Officer

Northern Trust

Managing cyber risk across an enterprise IT infrastructure has never been harder. Remote workers, advancing attack methods, and an ever-expanding vendor network are challenging every firm, as total visibility into threats has become nearly impossible. As digital business strategy matures, more organizations are becoming dependent on the cyber posture and protection of third parties. Third-party risks present a unique challenge because you are depending on vendors and partners to operate securely to keep your data and information safe. How are you mitigating the associated risks and demonstrating this to the business to ensure effective security programs?

Join our session to hear about:

  • Common failings across TPRM programs that led to breach events
  • How executives can provide strategic direction for third-party risk teams
  • Key practices being implemented by leading vendor risk firms to maintain strong supply chain risk management

9:40am - 10:25am  Executive Boardroom

Embracing AI — Pros, Cons, and the Challenge of Change

Drex DeFord headshot

Drex DeFord

Executive Strategist

CrowdStrike

Ryan Brichant headshot

Ryan Brichant

Field CTO

Abnormal Security

Darin Hurd headshot

Darin Hurd

EVP & CISO

Guaranteed Rate

Joe Suareo headshot

Joe Suareo

CISO

Restaurant Brands International

For leaders, there’s nothing new about managing internal expectations on hyped technologies, but the recent advancements in AI have caused an increased and urgent demand for the evaluation and adoption of generative AI models. There is no question that these breakthroughs are just the beginning, but technology executives must temper expectations and ensure a thoughtful approach to building AI models that will add more value than risk.

Join this session to discuss:

  • Opportunities and limitations in applying AI to security solutions
  • Identifying and aligning a business need and use case for AI implementation
  • Using native AI to secure the business amidst a quickly shifting landscape

10:25am - 11:00am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:00am - 11:45am  Breakout Session

CISO by Design – An Interactive Workshop

Shefali Mookencherry headshot

Shefali Mookencherry

Chief Information Security Officer and Privacy Officer

University of Illinois at Chicago

Rajesh David headshot

Rajesh David

VP, Global CISO

Molex | Koch Industries

Being a well-rounded CISO can’t be hacked. It takes consistent reflection and re-invention as the role evolves from a technology-focused position to a business-enabling one.

Join this interactive session to discuss:

  • Identifying common threads of a successful CISO across all organizations
  • Playing on your strengths and leaning into areas of opportunity
  • Finding your place as a proven leader and business enabler

11:00am - 11:45am  Breakout Session

Cybersecurity at Scale - Best of Breed vs. Standardization

Gregory Richardson headshot

Gregory Richardson

Advisory CISO

Palo Alto Networks

For over a decade, security leaders and architects utilized a disparate best of breed point solution framework to solve their security challenges. This resulted in bloated security architectures, overlap in capabilities and significant security architecture and integration failures. These failures impacted organization’s ability to scale to meet business demands and reduced stability of the security architecture as environments and data volumes grew. The use of AI driven detections, automation, endpoint security, attack surface management and realtime threat intelligence application were the moonshot achievements for security solutions like SIEM, but were never achieved.

Join this session to discuss:

  • Scaling to meet business demands and stabilizing your security architecture
  • Reimagining organizational  security operations programs based on standardization 
  • Achieving the impossible with security information and event management

11:00am - 11:45am  Executive Boardroom

Unifying the Analyst Experience to Improve Threat Detection and Response

Joseph Daw headshot

Joseph Daw

Principal Security Architect, Americas

IBM

Nitin Raina headshot

Nitin Raina

CISO

ThoughtWorks

Frank Yanan headshot

Frank Yanan

SVP / Business Information Security Officer

Bank of America Limited

Given today’s dynamic threat landscape, involving constantly changing malicious TTPs, CISOs must have a proactive threat management strategy to handle complex attacks. However, with widely distributed infrastructures and the number of tools with different levels of control and responsibility, maintaining true visibility is difficult. Staffing shortages and the high volume of alerts that come in from fragmented tools adds to this challenge. The solution? Unifying the analyst experience to connect existing tools and workflows across your hybrid cloud environment.

Join this session to discuss:

  • Detecting and responding to advanced attacks like ransomware
  • Unifying the analyst experience with AI and machine learning - starting with understanding your attack surface and through EDR/XDR, SIEM, SOAR
  • Identifying blind spots in your cloud security strategy due to information fragmentation

11:00am - 11:45am  Executive Boardroom

Break the Attack Chain — The Importance of Integrated Threat Protection

Julie Farrell headshot

Julie Farrell

Senior Regional Director

Proofpoint

Waqas Akkawi headshot

Waqas Akkawi

VP, CISO

SIRVA Worldwide

Brian Ekkebus headshot

Brian Ekkebus

CISO

USG

Organizations worldwide are being faced with multistage attacks such as BEC, ransomware, and supply chain, that happen with the same basic steps in the same sequence. It’s been a decade since defenders began referring to this as the attack chain, but the attacks continue to successful with the same tactics, from phishing to Active Directory abuse to data exfiltration. So how do we finally turn the tables on adversaries, and take away what they depend on across the attack chain?

Join this interactive round table as CISOs discuss:

  • Understanding the evolving nature of initial compromises
  • The art and science of preventing small compromises from becoming big incidents
  • Reducing your team's workload by using the attack chain to prioritize controls

11:45am - 12:30pm  Lunch Service

12:00pm - 12:30pm  Networking

Rising Together — Empowered Women, Empower Women

Michelle Ayala headshot

Michelle Ayala

CISO

AZEK Company

Join this dedicated networking session for women in cybersecurity leadership roles and their allies to freely discuss best practices, key challenges and mission-critical priorities surrounding mentorship and building a strong network. Come prepared to share ideas and forge new connections that can help empower each other to make an impact in your organizations and the Chicagoland area.

This session is aimed at, but not limited to, women who are leading the cybersecurity function at their organizations (CISO or equivalent) and those reporting directly to the CISO/equivalent. Priority access will be reserved to these groups.

12:30pm - 1:05pm  Keynote

Cultivating a Strong Security Culture and Transformation

Sean Cordero headshot

Sean Cordero

CISO - Americas & Latin America

Zscaler

Ricardo Lafosse headshot

Ricardo Lafosse

Chief Information Security Officer

The Kraft Heinz Company

By its very nature, the CISO role is flexible, adaptable and ever-evolving as adversaries exploit new attack vectors and the sun never rises on the same threat landscape two days in a row. In the current spotlight on cyber risk and strategy, how can security leaders leverage their skills as change agents to cultivate a strong security culture and foster inclusive conversations on cybersecurity throughout the organization? 

Join this session to discuss:

  • Framing cybersecurity conversations in terms of business risk
  • Driving the mindset and cultural changes essential to overcome inertia and accelerate transformation
  • Leveraging controls to architect behavioral change

1:05pm - 1:30pm  Break

1:30pm - 2:15pm  Breakout Session

Leading the Way – Talent Development as a Business Enabler

Jesse Magenheimer headshot

Jesse Magenheimer

Vice President & CISO

State Farm

Aman Raheja headshot

Aman Raheja

CISO, IT Risk & IT Vendor Management

Humana

As CISOs look to build their array of leadership skills, effective talent and team career development cannot be overlooked. This critical skill has evolved from "nice to have" to instrumental in building a resilient cybersecurity team and pushing the business forward.
 
Join this session to hear more on:

  • Fostering an environment of continuous learning and skill development
  • Leveraging talent development within the security function as a business enabler
  • Promoting and enabling a team to take ownership of their career paths
     

1:30pm - 2:15pm  Executive Boardroom

Building Trust in Security Operations

Jason Videll headshot

Jason Videll

Channel CISO

Red Canary

Ebenezer Arumai headshot

Ebenezer Arumai

Chief Information Security Director

Oldcastle BuildingEnvelope

Fred Kwong headshot

Fred Kwong

VP, CISO

DeVry University

Trust is at the center of what we do in cybersecurity. Trust in your team, trust in your tools, and the business’ trust in you. However, security teams face challenges every day that erode that trust: analysts get burned out and disengage, tools deliver more noise than outcomes, and your security program is more likely to slow down your business rather than help it run at full speed. 

In this session, we will discuss why this is the case and how to reverse this dynamic. Join this peer roundtable to discuss: 

  • How false positives can erode trust 
  • Building engineering principles into your SecOps process 
  • Why a flatter SOC is a better

1:30pm - 2:15pm  Executive Boardroom

Keeping It Simple - Breaking Down Cloud Misconfigurations

Corey Smith headshot

Corey Smith

Vice President of Solution Architects

Qualys

Todd Covert headshot

Todd Covert

National General CISO

Allstate

Steven McLean headshot

Steven McLean

Senior Manager, Information Security

QuidelOrtho

Arlan McMillan headshot

Arlan McMillan

Chief Security Officer

Kirkland & Ellis

Monitoring, alerting, immutable configurations are simple strategies that lead to security success. But why are we our own worst enemy?

Join this boardroom session to dig in deeper on:

  • The persistent issues of insecure configurations such as IAM, alerting, monitoring logging and encryption
  • Misconfigurations that are consistently exploited in the real world
  • The why AND how to addressing all of the above

2:15pm - 2:50pm  Networking Break

2:20pm - 2:45pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

2:50pm - 3:35pm  Breakout Session

Cybersecurity in the SEC’s Spotlight

Luna Bloom headshot

Luna Bloom

Chief, Office of Rulemaking, Division of Corporation Finance, U.S.

Securities and Exchange Commission

Angela Williams headshot

Angela Williams

Global Chief Information Security Officer

UL Solutions

CISOs are facing an important task as they navigate the U.S. Securities and Exchange Commission's (SEC) recently adopted rule amendments designed to improve the disclosure of cybersecurity risk management, strategy, governance, and incidents by public companies. Questions are surfacing with the date of enforcement on the horizon.

Join representatives from the SEC Office to discuss:

  • Defining and assessing materiality of an incident and the timeline for incident disclosure
  • Disclosing processes for assessing, identifying and managing material risks from cybersecurity threats
  • Describing the board and management’s roles in overseeing cybersecurity risks


2:50pm - 3:35pm  Executive Boardroom

From “No” to “Know-How” – Enabling a Collaborative and Secure Environment

Diane Brown headshot

Diane Brown

VP, IT Risk Management

Ulta Beauty

Paul Groisman headshot

Paul Groisman

Sr. Director of Cyber Security

Fubo

The security function and the word ‘no’ have become synonymous over time. Although security leaders are being called on to be stronger business enablers, there are still instances where ‘no’ or ‘not yet’ are the safest approach. How do you effectively communicate in these situations without compromising a collective and innovative culture?

Join this session to discuss:

  • Communicating an unpopular, yet informed, decision clearly
  • Managing stakeholder expectations of cybersecurity concerns
  • Gaining buy-in through education and fostering a “team sport” mindset

2:50pm - 3:35pm  Executive Boardroom

Cyber Resilience in Times of Geopolitical Conflict

Elizabeth Ogunti headshot

Elizabeth Ogunti

CISO

JBT Corporation

Paolo Vallotti headshot

Paolo Vallotti

CISO & VP of Operations

Tate & Lyle

As global tensions rise, coordinated cyber attacks are impacting organizations globally. Cyber-conflict isn’t just a security problem, it’s a business problem that requires a strategic partnership between CISOs and leaders across the enterprise.

Join this peer-led conversation to discuss:

  • Gauging the business’ appetite for risk amidst geopolitical unrest
  • Engaging leadership to make informed cybersecurity risk decisions
  • Identifying and responding to politically charged TTPs

3:35pm - 4:00pm  Break

4:00pm - 4:35pm  Keynote

CISOs on Generative AI – Balancing Innovation & Risk

Erik Hart headshot

Erik Hart

CISO

Cushman & Wakefield

Sarah Buerger headshot

Sarah Buerger

BISO

The Kraft Heinz Company

Bruce Coffing headshot

Bruce Coffing

Chief Information Security Officer

City of Chicago

Amir Niaz headshot

Amir Niaz

VP, CISO

Culligan

The early signs of how generative AI will shape future business processes have surfaced in 2023, and no sector is unaffected. CISOs and their teams have been tasked with securing how their organization utilizes and consumes the emerging technology. However, generative AI opens the business up to risk just as much as innovation. CISOs across industries are coming together to share their outlook on this emerging technology.

Join this keynote session to hear:

  • Opportunities and risks associated with the adoption and integration of AI
  • Developing a comprehensive generative AI risk management strategy
  • Strategies to maintain a strong security posture through the future evolution of generative AI

4:35pm - 5:00pm  Closing Reception & Prize Drawing

November 28, 2023

November 29, 2023

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


MORE INFORMATION

A block of rooms has been reserved at the Chicago Marriott Downtown Magnificent Mile at a reduced conference rate. Reservations should be made online or by calling 1-877-303-0104. Please mention Evanta CISO Executive Conference to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $319 USD (plus tax) is November 6, 2023.

Your Community Partners


Global Thought Leaders
CISO Thought Leaders
Key Partners
Program Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Chanelle Lawrence

Senior Community Program Manager

971-282-2228

chanelle.lawrence@evanta.com