IN-PERSON

Dallas CISO Executive Summit

November 15, 2023 | Renaissance Dallas Richardson Hotel

November 15, 2023
Renaissance Dallas Richardson Hotel

Collaborate with your peers

Get together with Dallas's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Quantifying the business's cyber-risk appetite and leveraging it to frame security investments

Focusing on the entire CISO lifespan - from position acceptance to potential paths that lie ahead

Anticipating the trajectory of tech advancements and adopting a protocol on behalf of the business

Dallas CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Sara Andrews

Experian
Global CISO

David Bell

American Airlines
Managing Director, Information Security & Technology Risk Management & Chief Information Security Officer

Patrick Benoit

Brinks
CISO

Mustapha Kebbeh

Ultimate Kronos Group
Chief Security Officer

Scot Miller

Mr. Cooper
SVP, CISO

Scott Moser

Sabre Corporation
SVP, Chief Information Security Officer

Harold Rivas

Trellix
SVP & CISO

Shamoun Siddiqui

Neiman Marcus
VP, CISO

Gary Toretti

CBRE
SVP, Chief Information Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Dallas CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


November 14, 2023

November 15, 2023

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Welcome Reception — Texas Style

Join members of the Dallas CISO Governing Body and their invited guests to launch the Executive Summit with a private networking reception.

Put on your favorite boots and join us for a night filled with music, food, handcrafted drinks, and an interactive leather branding and stamping station. Amidst the festivities you'll find opportunities to engage in meaningful discussions around leadership, mentorship and life after CISO.

Breakaway from the grind and connect with fellow attendees, community partners and speakers before the Dallas CISO Executive Summit with some Texas-style fun!


Discussion Questions

  1. How do you foster a collaborative and inclusive team culture within your department?
  2. Can you share examples of how you encourage open communication and active listening among team members?
  3. What role do mentorship and coaching play in developing the skills of your team members?
  4. How do you approach providing constructive feedback to team members to promote their professional development?
  5. As a leader, how do you balance empathy and decisiveness in challenging situations within the cybersecurity domain?
  6. What steps are you taking to grow as a leader and navigate life after CISO? What is next on your career path?
  7. How do you navigate and manage stress, and how do you encourage your team to maintain a healthy work-life balance?
  8. How do you demonstrate adaptability and resilience in the face of unexpected challenges, and how do you guide your team to do the same?

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

The Magic of Empathetic Leadership

Nash Fung headshot

Nash Fung

Keynote Speaker | Magician

More than 15 years of experience as a crisis line volunteer taught Nash Fung the value of empathy and how it can be used to empower others. Now, using his background as a magician, he’s passing those communication techniques on to you.

Join this magical, interactive keynote as Fung shares:

  • The importance of leading with empathy and authenticity
  • How to ensure your teammates feel heard, understood and valued
  • How empathy leads to empowerment

9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

The Path to Alignment – The CIO and CISO Relationship

Patrick Benoit headshot

Patrick Benoit

CISO

Brinks

Mike Santimaw headshot

Mike Santimaw

SVP, Chief Digital Officer

Mode Global

CIO-CISO partnerships are built on trust and thrive when leaders invest in each other throughout the organization. When the goals of each executive do not align, a cohesive approach becomes crucial. A well-disciplined, integrated and communicative strategy can help to avoid program failures and vulnerabilities, safeguarding both systems and the business.

Join this session to explore how to:

  • Overcome communication challenges and competing priorities
  • Ensure security is represented as a holistic element of the organization
  • Strengthen the IT-Security partnership to fuel innovation and accelerate new technology deployments


9:40am - 10:25am  Breakout Session

Keeping it Simple - Breaking Down Cloud Misconfigurations

Josh Hankins headshot

Josh Hankins

Chief Technical Security Officer (CTSO) - Americas

Qualys

Monitoring, alerting, immutable configurations are simple strategies that lead to security success. But why are we our own worst enemy?

Join this Jonathan Trull, CISO at Qualys in this session to dig in deeper on:

  • The persistent issues of insecure configurations such as IAM, alerting, monitoring logging and encryption
  • Misconfigurations that are consistently exploited in the real world
  • The why AND how to addressing all of the above

9:40am - 10:25am  Executive Boardroom

Crisis Planning – Flip the Asymmetry with Attackers

Marty Ray headshot

Marty Ray

CISO

Fossil

Nats Elluri headshot

Nats Elluri

Director, Cyber Security

United Surgical Partners International

Avi Sambira headshot

Avi Sambira

Director, Client Leadership | NA

Sygnia

Preparing for a cyber crisis is imperative and can determine whether it becomes a major catastrophe or a manageable incident. Whether you have experience navigating a crisis or are preparing for the inevitable attack to come, come together with your peers to leverage the wisdom in the room to tackle complex challenges and get ahead of the attackers.

Join this session to discuss:

  • Evaluating common options, dilemmas, and pitfalls in crisis planning
  • Understanding the impact of technical and stakeholder management decisions on the business
  • Identifying key gaps and vulnerabilities often overlooked by security teams

9:40am - 10:25am  Executive Boardroom

Cut Through the Noise - Protect Against Emerging Threat Vectors That Matter

Anthony (Tony) Lauro headshot

Anthony (Tony) Lauro

Director, Security Technology and Strategy

Akamai Technologies

Glen Armes headshot

Glen Armes

Chief Information Security Officer

Old Republic International Corporation

Royce Holden headshot

Royce Holden

AVP, Technology Security & Compliance, CISO

Dallas/Fort Worth International Airport

Organizations face an infinite number of potential threats as they pursue digital transformations and criminals evolve their attack techniques. While there are certain threats – malware, phishing, credential abuse, etc - that remain top trends year after year, there are always new threat vectors emerging. Since even the most well-funded organizations cannot address all threats, how can CISOs differentiate between what is emerging and dangerous and what is overhyped and a distraction?

Join this session to discuss:

  • Analyzing today’s emerging threat vectors to determine relevance and urgency
  • Contextualizing new threats within your detection and response protocols
  • Baselining your security posture and boosting resilience with multiple layers of defense

10:25am - 11:00am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:00am - 11:45am  Breakout Session

From the SEC to the Boardroom - The Evolving Nature of Cyber Risk

Sanjit Ganguli headshot

Sanjit Ganguli

CTO-in-Residence

Zscaler

Becoming a cyber-resilient organization requires risk ownership and responsibilities to be expanded across the C-suite and board, changing the way that cybersecurity challenges are addressed at all levels of the organization. This has been complicated by a recent SEC ruling requiring US public companies to publicly disclose “material breaches’. CISOs need to embrace zero trust security and adjust their board engagement approach to get the appropriate level of support and guidance on cybersecurity initiatives.

In this session, we will discuss how executives can increase cyber and business resilience with board buy-in and how to:

  • Gain confidence on cybersecurity oversight and forward direction, including messaging to the board
  • Articulate cyber risk posture, controls, and mitigation strategies in place, with board-level terminology and understand the dealing with new SEC rulings
  • Learn how zero trust architecture secures users, workloads, and IoT/OT devices by addressing critical security shortcomings of routable networks

11:00am - 11:45am  Breakout Session

GRC for a Changing World — Adaptation and Resilience

Sonja Hammond headshot

Sonja Hammond

VP, CISO

National Veterinary Associates

Having a secure data governance program that successfully aligns with business priorities and compliance is unparalleled. As data becomes increasingly available across multiple cloud environments, it's critically important to preserve the confidentiality, integrity, and availability of information. CISOs must establish a secure, modern framework that protects high quality data throughout its lifecycle.

Join this session to discover:

  • Aligning technology, process and operations to improve governance across a complex organization
  • Where the challenges and roadblocks lie, including privacy concerns & compliance issues
  • Lessons learned from implementation and operation

11:00am - 11:45am  Executive Boardroom

Strategic Pitfalls in Third-Party Risk Management

Dewakar Garg headshot

Dewakar Garg

Sr. Director of Information Security & Compliance

Mavenir

Syam Maddimsetty headshot

Syam Maddimsetty

Director, Information Security and Compliance

Overhead Door

Neal Roylance headshot

Neal Roylance

Director of Security Research

RiskRecon - A MasterCard Company

Managing cyber risk across an enterprise IT infrastructure has never been harder. Remote workers, advancing attack methods, and an ever-expanding vendor network are challenging every firm, as total visibility into threats has become nearly impossible. As digital business strategy matures, more organizations are becoming dependent on the cyber posture and protection of third parties. Third-party risks present a unique challenge because you are depending on vendors and partners to operate securely to keep your data and information safe. How are you mitigating the associated risks and demonstrating this to the business to ensure effective security programs?

Join our session to hear about:

  • Common failings across TPRM programs that led to breach events
  • How executives can provide strategic direction for third-party risk teams
  • Key practices being implemented by leading vendor risk firms to maintain strong supply chain risk management

11:00am - 11:45am  Executive Boardroom

The Most Important Shift for Cybersecurity in a Generation

Robert Pace headshot

Robert Pace

VP, CISO

Invitation Homes LP

Scott Moser headshot

Scott Moser

SVP, Chief Information Security Officer

Sabre Corporation

James Robinson headshot

James Robinson

Deputy CISO

Netskope

We live in a world where everything is hybrid and the blend between personal, corporate, private and public is ever-changing and presents us with a host of new challenges. This has increased and complicated the attack surface and the pressure to converge tools and do “more with less” is at peak levels. We must meet this watershed moment with the right team, plans, and technology.

Join this interactive session to learn:

  • How to build an effective plan for change without adding to the chaos
  • What consolidation approaches save money without sacrificing security
  • Use cases that deliver immediate value and efficiency while improving user experience

11:45am - 12:15pm  Networking

Rising Together — Empowered Women, Empower Women

Sara Andrews headshot

Sara Andrews

Global CISO

Experian

Brandi Johnson headshot

Brandi Johnson

Deputy CISO

Toyota Financial Savings Bank

Carol Weaver headshot

Carol Weaver

Director, Technology and Information Security Risk Management

Texas Capital Bank

This will be an intimate, informal space for women in leadership roles and their allies to freely discuss best practices, key challenges, and mission-critical priorities. Come prepared to share ideas and forge new connections that can help empower each other to make an impact in your organizations and communities.

This session is aimed at, but not limited to, women who are leading at their organizations (C-Level or equivalent) and those reporting directly to the C-Level/equivalent. Priority access will be reserved for these groups.


11:45am - 12:30pm  Lunch Service

12:30pm - 1:05pm  Keynote

Why Should CISOs Care About A Browser?

Brian Kenyon headshot

Brian Kenyon

Chief Strategy Officer

Island

David Bell headshot

David Bell

Managing Director, Information Security & Technology Risk Management & Chief Information Security Officer

American Airlines

IT professionals and cybersecurity practitioners face immense challenges adapting to shifts in the desired work models employed by users and their organizations. According to recent Gartner®️ research*, "Enterprise browsers will evolve to become the core platform for almost all of the day-to-day enterprise productivity and security software used by the workforce." Traditional architectural approaches are quite limited in such areas as BYOD programs, contractor/third-party provisioning, hybrid work, and modernization efforts.What if solutions to many of these difficult challenges could be solved by reimagining the browser as a core component of enterprise architecture? 

In this session, Island will provide examples on how this new category and technology:

  • Revolutionizes your organization, enabling you to address modern work challenges while unlocking new opportunities.
  • Streamlines BYOD, contractor/third-party, and hybrid work initiatives with innovative architectural approaches
  • Implements novel security measures to safeguard organizational applications and data

* Source: Source:Gartner, Emerging Tech: Security — The Future of Enterprise Browsers, DanAyoub, Evgeny Mirolyubov, Max Taggett, Dave Messett, 14 April 2023 

1:05pm - 1:30pm  Break

1:30pm - 2:15pm  Breakout Session

Communicating Risk — Translating Insight into Action

Eric Bowerman headshot

Eric Bowerman

CISO

Elara Caring

Measuring and communicating security risk is integral to reducing an organization's vulnerability to attack. For most security executives, strategic risk management describes a cross-organizational framework to assess different areas of risk and determine when accepting those risks is in the net interest of the business. In order to inform strategy and accountability for risk management, CISOs must be able to leverage meaningful metrics and messaging.

In this session, you will explore:

  • The role that the CISO plays in setting risk management strategy
  • Redefining the ‘what’ ‘why’ and ‘how’ of your cybersecurity strategy to translate its value for non-IT-focused teams
  • Linking risk measurement with technical metrics to demonstrate cyber risk’s role in company decision making

1:30pm - 2:15pm  Executive Boardroom

Managing Risk from Critical Vulnerabilities

Jason Mical headshot

Jason Mical

Field Chief Technology Officer - Americas

Rapid7

Aaron Munoz headshot

Aaron Munoz

Chief Information Security Officer

Texas Christian University

Mustapha Kebbeh headshot

Mustapha Kebbeh

Chief Security Officer

Ultimate Kronos Group

In today’s threat landscape, security teams are frequently forced into reactive positions, lowering security program efficacy and sustainability. Strong foundational security program components, including vulnerability and asset management processes, are essential to building resilience in a persistently elevated threat climate.

Join this interactive boardroom to discuss:

  • Defining what your emergency procedures and “playbooks” look like.

  • How you prioritize CVEs, VPNs and firewalls

  • Combatting the challenge of zero-day exploitation

1:30pm - 2:15pm  Executive Boardroom

Countdown to Compliance – Preparing for Changing SEC Requirements

James Beeson headshot

James Beeson

SVP, Global Chief Information Security Officer

Cigna

Tyler Zito headshot

Tyler Zito

Senior Solutions Architect

Expel

Manish Chokshi headshot

Manish Chokshi

Head of Cyber Security

Enhabit Home Health & Hospice

As we approach December 15th, a significant regulatory shift looms on the horizon for publicly traded companies, mandated to disclose security breaches with substantial impact within a stringent four-business-day window. Moreover, these entities are entrusted with the continuous task of sharing details on their risk management apparatus and practices, bringing an unprecedented level of transparency and urgency to the cybersecurity landscape.

Join this session to discuss:

  • Unraveling the intricate web of considerations surrounding the SEC's revised mandate
  • Approaching regulatory milestones with informed strategy and foresight
  • Looking ahead to future regulatory shifts that affect your security strategy

2:15pm - 2:50pm  Networking Break

2:20pm - 2:45pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

2:50pm - 3:35pm  Breakout Session

Str(AI)ght Talk – The Topic of the Year, Hold the Hype

Sujeet Bambawale headshot

Sujeet Bambawale

VP, CISO

7-Eleven

At the turn of 2023, executives across the globe found themselves challenged, inspired and concerned by the overwhelming possibilities of generative AI. Today, we find ourselves in a new phase of the AI hype cycle. It's time to get real. But it'll take a room full of collaborating CISOs to pull knowledge from the noise.

Join this interactive session to:

  • Hear resonant recounts of AI acclimation
  • Chime in with your proven methods for turning AI into a competitive advantage
  • Collectively discern what is and isn't helpful for today's cyber leaders


2:50pm - 3:35pm  Executive Boardroom

The CISO as a Savvy Board Communicator

Michael Anderson headshot

Michael Anderson

Chief Information Security Officer

Dallas Independent School District

Brian Mork headshot

Brian Mork

Chief Information Security Officer

Trinity Industries

Translating the organization's cybersecurity posture to the board can be a catalyst in improving organizational resilience and building strong rapport. How do you communicate security initiatives clearly when the stakes are high?

Join this session to discuss:

  • Leveraging your expertise to build trust
  • Demystifying cybersecurity spending
  • Translating cybersecurity into actionable language

2:50pm - 3:35pm  Executive Boardroom

Cyber Slim Down – Staying Secure with Limited Resources

Alain Espinosa headshot

Alain Espinosa

Sr. BISO

Rent-A-Center

Lili Ana headshot

Lili Ana

CISO, Transformation Lead

Trellix

In a world where security demands continue to rise while resources remain constrained, CISOs are challenged with the task of preserving and enhancing their organization's security program — even when headcount and budget are lacking. How can CISOs ensure security posture isn’t negatively impacted by low resources?

Join us for this session, where we'll explore:

  • The importance of setting expectations while aligning security with the rapid pace of business growth
  • Strategies to allocate tools and resources effectively
  • Methods to communicate the business value of security investment

3:35pm - 4:00pm  Break

4:00pm - 4:35pm  Keynote

Adapt and Achieve — The Evolving CISO Role

Ian Schneller headshot

Ian Schneller

CISO

Health Care Service Corporation

Ronald Banks headshot

Ronald Banks

CISO

Toyota Financial Services

The professional journey of a CISO is a bit like navigating a maze of cyber threats—unique and full of surprises. How can CISOs position themselves for success as an Enterprise C-Suite executive in a role that is rapidly evolving? In a world where things move faster than ever, it's crucial to rethink what it means to be a modern CISO.

Join this panel to dive into:

  • Why crafting a top-tier cybersecurity program is just one piece of the puzzle
  • Valuable insights and strategies elevate yourself within the business
  • The qualities and qualifications that make a security leader fit for the future


4:35pm - 5:00pm  Closing Reception & Prize Drawing

November 14, 2023

November 15, 2023

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Renaissance Dallas Richardson Hotel
MORE INFORMATION

A block of rooms has been reserved at the Renaissance Dallas Richardson Hotel at a reduced conference rate. Reservations should be made online or by calling 972/367/2000. Please mention Dallas Executive Summit to ensure the appropriate room rate.

Deadline to book using the discounted room rate of $149 USD (plus tax) is October 23, 2023.

Your Community Partners


Global Thought Leader
CISO Thought Leaders
Key Partners
Program Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Fernanda Casillas

Community Program Manager

469-933-4731

fer.casillas@evanta.com