Global CISO Executive Summit

Join this dedicated networking session for women in cybersecurity leadership and their allies to connect and build relationships with like-minded leaders around the globe who are making an impact in their organizations and communities. Come prepared to share ideas, inspire and be inspired, and forge new connections that can help empower each other to achieve your goals and broaden your perspectives.

This session is aimed at, but not limited to, women who are leading the cybersecurity function at their organizations (CISO or equivalent) and those reporting directly to the CISO/equivalent. Priority access will be reserved to these groups.

Today's businesses stand on the brink of a generation-defining change with the widespread adoption of AI. While it offers promise for productivity and proactive defense, cybercriminals are also using it to automate their attacks, hunt for targets, and exploit vulnerabilities. Global organizations must adopt a zero trust approach augmented by defensive AI capabilities to stay a step ahead of attackers.

Join this session to learn:

• How threat actors are using AI for attack surface discovery, to craft pretexts for advanced social engineering campaigns, and to exfiltrate sensitive data
• How organizations can achieve better visibility and more holistic risk management by “fighting AI with AI”
• Why zero trust architecture is critical in an era of rapid change and increasingly sophisticated threat actors

As a response to recent rulings, a feeling of satisfaction just covering your bases is understandable. But "compliance" and "security" are two different things. Only by deliberately working toward greater resilience can CISOs achieve both.

Join Tim Callahan, SVP, Global CISO, Aflac to:

• Discuss the dangers of prioritizing compliance over security
• Walk, step-by-step, through a proven route to resilience
• Access new paths to defensibility and personal insulation

In today's interconnected business landscape, the risks associated with third-party relationships extend far beyond immediate partners. Organizations must recognize the potential threats that exist throughout their entire supply chain, even up to the 8th party. CISOs play a critical role in understanding and effectively managing this complex web of connectedness to mitigate enterprise risk.

Join this session to discuss:

• Gaining holistic view of risk across the whole supply chain
• Developing effective third-party risk management strategies
• Implementing best practices for managing and monitoring business partners

Prioritizing and eliminating the cyber risks that matter most is the ultimate goal of global security leaders. But how do you validate that your efforts are hitting the mark? It all comes down to well-crafted measurements:  metrics that global CISOs can rely on and are easily understood by all stakeholders across the business.

In this session, we will discuss:

• Cybersecurity risk assessment essentials and which risks truly carry weight
• Concrete approaches to determine effectiveness of security capabilities
• Creating simple "metric cards" to communicate across stakeholders

While the vast majority of infrastructure has been upgraded and modernized to secure the shift to the cloud, enterprise IT teams are still missing an equally seamless access method to safely deliver those now cloud-native apps and data. While traditional browsers have become the de facto access point for the majority of business critical applications, they lack the deep inspection capabilities and hyper-granular security controls global organizations need. This results in security teams surrounding their browsers with layers of tech to meet those needs.

Join this breakout session to discover:

• Why traditional cloud security methods undermine your global modernization efforts and end-user experience
• Embracing technological momentum to adapt to a "more-with-less" security landscape
• How Global CISOs are using this solution to bolster cloud security

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

 Be among the first to see what’s new and next in the security solutions landscape. Three early-stage providers will get the chance to showcase their innovative solutions to the most pressing cybersecurity challenges.

Spotlight Presenters from: 

• BlueFlag Security
• Harmonic Security
• Aembit

 All organizations seek opportunities for growth and efficiency as they modernize. Digital transformation, cloud adoption, and the shift toward remote work have fundamentally changed the requirements for security and network architectures. Complex security challenges include the sophistication of cyber threats, the potential for sensitive data exposure through Generative AI, vulnerabilities within trusted SaaS applications, and the pervasive issue of data sprawl and how it challenges privacy and compliance.

The common denominator in these challenges is that traditional defenses are slow and increasingly inadequate. It simply isn’t enough to improve or add onto existing security and network tools; the entire approach to securing and optimizing infrastructure also needs to modernize.

Join Sanjay Beri, CEO & Co-Founder, Netskope as he guides you through:

• How to strategically select and consolidate technology tools to enhance agility, reduce risk, and maintain cost-effectiveness
• What an effective security architecture looks like from an executive governance point-of-view
• How to calculate the business value you can derive from a converged networking and security platform

Today's mandated notification protocols and shifting regulatory landscapes, along with the looming specter of professional liability, compel CISOs to solidify their alliances with legal advisors. Together, this partnership can create robust materiality assessment frameworks, elevate risk management strategies, and refine communication tactics. The goal is clear - precision in compliance.

This session brings together the insights of an experienced SEC lawyer and a seasoned CISO to:

• Decode the ramifications of the SEC's regulatory updates for CISOs
• Offer actionable strategies for navigating the SEC's requirements and broader legal challenges
• Review reporting practices using a good, better, best approach

Awareness, knowledge, education and training are not enough to change users' security behaviors in a sustainable way. That's because these core principles of traditional security awareness and training (SA&T) are focused on compliance. This makes sense in terms of ticking obligatory boxes, but it doesn’t actually tackle the issue at hand: cyber risk is fundamentally a human concern.

Join this session to discuss:

• Unpacking pain points and limitations of traditional security awareness training (SA&T)
• Quantifying cyber risk in more human terms of likelihood and impact
• Translating risk metrics into actionable insights for business stakeholders

 Session details coming soon! 

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

 When Marc Varner, CISO at Lowe’s, built-out an IAM program, he wanted to do things differently. With a team of internal developers, Lowe’s set out to build a customized, scalable and secure in-house program that supported enhanced user profiles and made strategic and financial sense with changes that could be deployed on a dime.

Join this session to learn the importance of:

• Identifying the strategic, financial and risk implications of building a ground-up program
• Understanding when it’s better to build vs. buy
• Recognizing the aspects of IAM an in-house program does not fix

Accurately measuring and communicating risk is no longer optional — it's crucial. CISOs today must manage an evolving threat landscape and shift company culture to prioritize risk mitigation. Making risk a top priority for the organization will require you to optimize metrics, enact strategic risk mitigation and foster effective communication.

Join this boardroom to hear strategies on how to:

• Develop precise frameworks and KPIs to drive actionable insights and decision-making.
• Align mitigation techniques with business goals to minimize exposure and reduce CISO liability.
• Master transparent and impactful communication to secure stakeholder buy-in and shift company culture.

Existing identity security tools mainly focus on human identities. However, NHIs (such as service accounts) often pose a greater risk and are harder to manage. They outnumber human identities, have high privileges, can't use MFA, and are challenging to find across the infrastructure.

Join this interactive roundtable to discuss:

• Challenges in finding NHI accounts, credentials and owners
• Existing tool successes and gaps
• Envisioning the ideal management of NHIs

 Session details coming soon! 

You've spent a good majority of your career in information security, climbing your way to the top - to the CISO role. You finally made it. But... what's next? What are your career options and how should you prepare for exploring them?

Join this panel of current and former CISOs to learn about:

• How to set yourself up for success when preparing for the transition after a CISO Role
• Knowing what your career options are
• The skills and experience you'll need to bolster your board position marketability

AI is the fastest adopted technology in history — changing how we work, write code and communicate. But hackers — by definition innovators and early adopters — have deployed AI to accelerate and scale attacks. AI can also turbocharge cyber defense with new levels of automation and flexibility.

In this session, learn:

• The AI threat landscape and building an appropriate defense
• How to secure the adoption of GenAI for employees and developers
• How new innovations in AI can help security teams improve risk management, operational efficiency and reduce costs

Partnership is possible. And, when that partnership is at its best, it can make life a lot easier for information and security executives alike. To pull it off, CIOs and CISOs will need transparency and a jointly-held goal to both avoid risk and meet business goals. 

Demonstrating their collaborative relationship, Luis Suarez and Marcos Marrero will discuss:

• Strengthening the IT-Security partnership to fuel innovation and accelerate new technology deployments
• How security became ingrained throughout the entire enterprise
• Making the relationship work regardless of the reporting structure

In today's sprawling enterprises, SaaS applications form the backbone of critical operations, yet their interconnected nature exposes your organization to complex cyber threats. It's essential for Global CISOs to understand how to protect these digital assets from breaches that can compromise sensitive data and disrupt business. 

Join this session to explore:

• How do modern SaaS breaches occur and what are the key vulnerabilities?
• What responsibilities do various stakeholders hold in maintaining SaaS security?
• How can zero trust principles be effectively applied to secure SaaS environments?

 Session details coming soon!

Session details coming soon!

Be among the first to see what’s new and next in the security solutions landscape. Three early-stage providers will get the chance to showcase their innovative solutions to the most pressing cybersecurity challenges.

You'll hear from: 

• Auguria
• BforeAI
• BreachRx

The challenges to protect sensitive data and meet increasingly stringent privacy laws and regulations is a daunting endeavor. The dramatic increase in the use of LLMs and Generative AI has only complicated matters more. Data discovery and classification are not enough, and organizations need an overall sense of data governance as they navigate this complex environment.

Join this session to learn how:

• Data lineage will play a key role in data governance strategies
• CISOs can establish a secure, modern governance framework
• To protect high quality data throughout its lifecycle while reducing risks

 The identity fabric has become non-human. The sprawl of ungoverned privileged service accounts, keys and secrets has opened a new threat vector that is increasingly exploited. What are you doing about it?

Join us in this session to discuss:

• The role of non-human identities in recent breaches
• The challenges of securing non-human identities
• Planning for the future of identity programs to meet both human and non-human requirements

 Session details coming soon! 

With the sensitivity of privileged accounts, unpatched vulnerabilities and an extensive remote workforce, robust and automated identify security is essential to securing your most critical systems and data. Implementing this is a journey, not a quick fix.

Join this interactive boardroom to:

• Discuss the difference between strong identity solutions and simple password management

• Address different approaches to solving Privilege Access Management

• Gain executive buy in from legal, HR and IT on effective solutions

Few people have impacted the modern world as significantly as Steve Wozniak. As Co-Founder of Apple Computer, Woz remains one of tech's most fabled figures. A witness and contributor to countless industry advancements, he's an unmatched source of insight and experience.

Members of Evanta's Global CIO & CISO communities receive access to:

• Woz, live and unrecorded from the Global keynote stage
• Rare stories, thoughts and opinions on tech's past, present and future
• Inspiring accounts of successful, innovation-led businesses