New York CISO Executive Summit

November 29, 2023 | Pier Sixty

November 29, 2023
Pier Sixty

Collaborate with your peers

Get together with New York's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Anticipating the trajectory of tech advancements and adopting a protocol on behalf of the business

Improving the agility of security operating models to keep pace with organizational priorities

Collectively conquering the challenges of the steadily-competitive talent hunt

New York CISO Governing Body

The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Michael Cena

A+E Networks
Vice President, Head of Cyber Security

Brian Lozada

Amazon Prime Video & Studios
Chief Information Security Officer

Tomas Maldonado

National Football League
Chief Information Security Officer

Tod Mitchinson

New York Life
VP, Chief Information Security Officer

Michael Palmer

Chief Information Security Officer

Kylie Watson

Sumitomo Mitsui Banking Corporation

Teresa Zielinski

General Electric
Chief Information and Product Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your New York CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.


November 28, 2023

November 29, 2023

6:00pm - 8:30pm  Governing Body Welcome Reception

Common Interests, Shared Opinions (C.I.S.O.) - Executive Summit Dinner and Welcome Reception

Steve Savard headshot

Steve Savard

Director of Information Technologies

ICC Industries Inc

Are you a musician? An outdoorsy type? A gamer? Join the New York CISO Governing Body and invited guests for a night of networking, dinner and drinks to discover which members of this executive community share your interests at one of our themed discussion spaces. 

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

Executive Presence for Lasting Leadership

Chris Ulrich headshot

Chris Ulrich

Body Language Expert

Guest Speaker

Any given gesture -a nod, a point of the finger - unconsciously communicates powerful ideas and feelings that have tangible consequences. Top executives are generally proficient in their ability to interact with others, but the stakes are raised during high-level negotiations, reporting to the board, inspiring and empowering senior managers or dealing with tricky internal matters. 

Join body language expert Chris Ulrich as he shares: 

  • Why every movement and action is magnified in high-level situations
  • Tools and techniques to build rapport quickly
  • How executives can communicate more effectively

9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

Building Cyber Resilience — Why Does it Matter and How Can You Get Started?

Jim Richberg headshot

Jim Richberg

Field CISO and VP of Information Security


Peter Rosario headshot

Peter Rosario

Chief Information Security Officer


 Building cyber resilience is gaining prominence as a priority for many organizations. The classic ingredients of people, process, technology can be applied creatively and in multiple ways to address this challenge. But how do you go about implementing this change?

Join this interactive discussion to learn:

  • Simplifying the framework for success
  • Multiplying approaches of implementation
  • Building resilience through best practices and common pitfalls

9:40am - 10:25am  Breakout Session

Imminent M&A – Making a Plan for Major Shifts

Almon Tse headshot

Almon Tse

Chief Information Security Officer

Saks Fifth Avenue

Mergers and acquisitions can be challenging transformations for an organization. The rapid change that accompanies M&A can leave the business vulnerable and pose a significant hurdle to CISOs. How do you protect the business from sophisticated threat actors throughout the M&A lifecycle without sacrificing culture or security posture? Help your fellow security leaders navigate a collection of nuanced and challenging M&A hurdles in this interactive, scenario-solving exercise.

Together, you and your team will grapple with:

  • Why CISOs need to be an active and strategic partner in M&A
  • What factors should be considered in merging security functions
  • How to protect the business over its lifecycle

9:40am - 10:25am  Executive Boardroom

Data IS Your Business – How Do You Secure it in the Cloud-Era

John Murphy, PhD headshot

John Murphy, PhD

Global Field Chief Security Officer/CISO


Bob Brown headshot

Bob Brown


Federal Home Loan Bank of New York

JT Jacoby headshot

JT Jacoby

Chief Information Security Officer

International Rescue Committee

Mike Lamberg headshot

Mike Lamberg



In these times of rapid technological advancement, data stands as the cornerstone of innovation. As we navigate through the information age, it's evident that data residing in the cloud represents the fastest area of growth. To maintain pace with the agility of cloud operations, it is imperative to discover and adopt strategic approaches and robust architectures.

Gather with your C-level peers to:

  • Start solving the challenge of data visibility in the cloud
  • Determine who in your organization should own data security (CISO? CDO? CPO?)
  • Discuss how automation and agility can be accomplished through tooling or processes

9:40am - 10:25am  Executive Boardroom

Meeting the SEC’s New Disclosure Requirements

Jacob Olcott headshot

Jacob Olcott

VP of Business Development


Tony Chryseliou headshot

Tony Chryseliou

Global Information Security Executive

Sony Corporation of America

Patrick Ford headshot

Patrick Ford

Chief Information Security Officer, Americas

Schneider Electric

The U.S. Securities and Exchange Commission (SEC) recently voted to adopt new cybersecurity requirements for publicly traded companies, creating new obligations for companies to report material cybersecurity incidents and disclose critical information about their cybersecurity programs.

Join this Town Hall to discuss:

  • How technology leaders can effectively tell their company’s cybersecurity story
  • What investors want — and need — to know about cybersecurity
  • Real-world examples of effective cybersecurity disclosures under the new requirements

9:40am - 10:25am  Executive Boardroom

Secure From the Jump - CISOs as Software Development Leaders

Gal Marder headshot

Gal Marder

EVP, Strategy


JR Riding headshot

JR Riding

Chief Information Security Officer


Steven Wallstedt headshot

Steven Wallstedt

Chief Information Security Officer

Abn Amro Bank

Today’s CISOs play a pivotal role in driving secure software implementation. By communicating the importance of security, establishing robust governance frameworks, and driving a culture of security awareness throughout the organization, CISOs can inspire and guide development teams to prioritize security, identify vulnerabilities and implement best practices to safeguard critical assets.

Join this session to:

  • Explore proven strategies for assessing and mitigating risks in the SSC
  • Integrating security into the development process
  • Align security practices with business objectives

10:25am - 11:00am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:00am - 11:45am  Breakout Session

Making Security a Core Company Value – And a Shared Responsibility

Danny Connelly headshot

Danny Connelly

Field CISO - Americas


 In an age where cyber risk is business risk, CISOs are ultimately responsible for instilling a security mindset in every employee within an organization. Rather than a siloed concern, managing this risk must risk to the highest levels of leadership. As we know, cyberattacks can be as devastating as lawsuits, legislative non-compliance, and fraud. This session offers board members, executives, and technology leaders ideas for cultivating a strong security mindset throughout their organization.

Join this session to learn:

  • How to foster inclusive conversations on cybersecurity by framing issues in terms of business risk
  • Methods for protecting your organization at every level by integrating security and automation into the CI/CD pipeline
  • How to identify, understand, and prepare for social engineering and AI-enabled attacks

11:00am - 11:45am  Breakout Session

A Cloud Chat For All Phases

James Chiappetta headshot

James Chiappetta

SVP, Cloud & Application Security

Blackstone Group

Oritse Uku headshot

Oritse Uku

VP, Business Information Security Officer & Information Risk Management

Northwestern Mutual

Rani Baki headshot

Rani Baki

Executive Director of Information Security Risk

Sumitomo Mitsui Banking Corporation

The risks and rewards of cloud migration can differ greatly depending on where you are in your journey. Whether you're just getting started, establishing your work flow or optimizing in a multi-cloud environment - There are challenges you'll need to keep in mind at every level.

Join in as this panel of three discusses:

  • Adapting to the changes that come before and after the deployment of new tooling and AI 
  • The realities that follow your cloud adoption and an upskilled workforce
  • The high-stakes risks of advancing your cloud proficiency and working with well-known providers

11:00am - 11:45am  Executive Boardroom

Unifying the Analyst Experience to Improve Threat Detection and Response

Andy Piazza headshot

Andy Piazza

Global Head of Threat Management

IBM Security

Harry Halikias headshot

Harry Halikias

Senior Director, Global Information Security

Sony Music Publishing

Bala Rajagopalan headshot

Bala Rajagopalan

Chief Information Security Officer

TradeWeb Markets

David Sheidlower headshot

David Sheidlower

Chief Information Security Officer

Turner Construction

Given today’s dynamic threat landscape, involving constantly changing malicious TTPs, CISOs must have a proactive threat management strategy to handle complex attacks. However, with widely distributed infrastructures and the number of tools with different levels of control and responsibility, maintaining true visibility is difficult. Staffing shortages and the high volume of alerts that come in from fragmented tools adds to this challenge. The solution? Unifying the analyst experience to connect existing tools and workflows across your hybrid cloud environment.

Join this session to discuss:

  • Detecting and responding to advanced attacks like ransomware
  • Unifying the analyst experience with AI and machine learning - starting with understanding your attack surface and through EDR/XDR, SIEM, SOAR
  • Identifying blind spots in your cloud security strategy due to information fragmentation

11:00am - 11:45am  Executive Boardroom

Strategic Pitfalls in Third-Party Risk Management

Steven Hasson headshot

Steven Hasson

Solutions Advisor

RiskRecon - A MasterCard Company

Prashanth Mekala headshot

Prashanth Mekala

Deputy Enterprise CISO

American Family Insurance

Daniel Nunez headshot

Daniel Nunez

Chief Information Security Officer

New York City Employees’ Retirement System

Managing cyber risk across an enterprise IT infrastructure has never been harder. Remote workers, advancing attack methods, and an ever-expanding vendor network are challenging every firm, as total visibility into threats has become nearly impossible. As digital business strategy matures, more organizations are becoming dependent on the cyber posture and protection of third parties. Third-party risks present a unique challenge because you are depending on vendors and partners to operate securely to keep your data and information safe. How are you mitigating the associated risks and demonstrating this to the business to ensure effective security programs?

Join our session to hear about:

  • Common failings across TPRM programs that led to breach events
  • How executives can provide strategic direction for third-party risk teams
  • Key practices being implemented by leading vendor risk firms to maintain strong supply chain risk management

11:00am - 11:45am  Executive Boardroom

Trends in AppSec — AI, Developer Experience and Consolidation

Chris Merritt headshot

Chris Merritt

VP of Solutions and Service Engineering


Jeff Brown headshot

Jeff Brown

Chief Information Security Officer

State of Connecticut

Ernie Rozado headshot

Ernie Rozado

Director, Head of Cybersecurity and Compliance


As your company’s chief security decision maker, having a full plate comes with the territory. Beyond the complex web of priorities, certain challenges come up repeatedly.

Join your peers in a closed-door, roundtable discussion on:

  • How AI tools could disrupt application development
  • How to actually build trust with your developers
  • What you can get out of consolidation, beyond reduced TCO

11:45am - 12:30pm  Lunch Service

12:30pm - 1:05pm  Keynote

The Most Important Shift for Cybersecurity in a Generation

Shamla Naidoo headshot

Shamla Naidoo

Head of Cloud Security & Innovation


We live in a world where everything is hybrid and the blend between personal, corporate, private and public is ever-changing and presents us with a host of new challenges. This has increased and complicated the attack surface and the pressure to converge tools and do “more with less” is at peak levels. We must meet this watershed moment with the right team, plans, and technology.

Join this interactive session to learn:

  • How to build an effective plan for change without adding to the chaos
  • What consolidation approaches save money without sacrificing security
  • Use cases that deliver immediate value and efficiency while improving user experience

1:05pm - 1:30pm  Break

1:30pm - 2:15pm  Breakout Session

Unveiling Top Cloud Exploits and Cyber Risk Facts

Jonathan Trull headshot

Jonathan Trull



Arun Abraham headshot

Arun Abraham

Chief Information Security Officer

Bose Corp

 For more than 10 years, organizations have been shifting their digital footprint to cloud computing. The ability to rapidly scale solutions in a cost-effective manner allows any organization to enhance their agility, improve application release timelines, and leverage additional computing resources on demand. While this has changed the way organizations manage their IT assets, the need for security remains just as strong. Throughout 2023, the Threat Research Unit at Qualys have been gathering data to uncover true cloud misconfigurations, and how to deal with them. 

 In this session, join Jonathan Trull, CISO at Qualys to look through this report and dive deeper on: 

  • Various vulnerabilities your organization might not be aware of or prepared for
  • 5 Risk Facts learned from cloud threat analytics reporting 
  • Best practices in solidifying all aspects of your cloud program

1:30pm - 2:15pm  Breakout Session

Doing Everything Imaginable — A CISOs Role in Promoting Equality

Ian Rathie headshot

Ian Rathie

Managing Director, Chief Information Security Officer

Fitch Ratings

You can't hope a diverse staff into existence. It takes action, effort, interest, attention, and often an open line of communication to those involved in the hiring process. Imagine a CISO reaching across the business and encouraging their colleagues in HR to give every candidate a fair shot. It's not just possible, it's proven. 

Through this true, applicable case study, you'll meet: 

  • Diverse applicants nearly lost to faulty hiring practices
  • Human Resource leaders working to perfect partnerships across the business
  • CISOs called to construct a multicultural cyber workforce

1:30pm - 2:15pm  Executive Boardroom

Protecting Your Data is a Top Priority

Gee Rittenhouse headshot

Gee Rittenhouse


Skyhigh Security

Davin Darnt headshot

Davin Darnt

CISO Americas

Louis Vuitton

Tim Somrah headshot

Tim Somrah

Vice President, Information Security

Major League Soccer

Data is perhaps the most important enterprise asset there is. As organizations continue enabling hybrid workforces and adopting new tools (like generative AI applications), keeping sensitive data from leaking into the wrong hands has become a top priority for security teams and executives. Modern day organizations require an entirely new approach to security by focusing on data.

Join this session to discuss:

  • How your peers are enforcing data-protection policies to meet compliance standards
  • Best practices for preventing intentional and unintentional data privacy violations
  • How a data-first approach can help reduce risk by providing visibility and control

1:30pm - 2:15pm  Executive Boardroom

Beyond Training — Harnessing Data and Science to Reduce Human Cyber Risk

Oz Alashe headshot

Oz Alashe

CEO & Founder


Michael Andreano headshot

Michael Andreano

Senior Director, Group Head of Information Security

Hikma Pharmaceuticals

Steve Savard headshot

Steve Savard

Director of Information Technologies

ICC Industries Inc

Doug Greene headshot

Doug Greene

VP, Chief Information Security Officer

Guardian Life Insurance

Many organizations are moving too slowly towards addressing the human risk elements of security. At the heart of it, a misunderstanding of the human factor, with many believing the only contributors are knowledge, understanding and security behaviors. Research now suggests there are many more risk factors to investigate.

Join this boardroom to discuss and learn how to:

  • Understand key human risk factors in cybersecurity
  • Identify, influence and measure specific security behaviors to drive program effectiveness
  • Improve the efficiency of security awareness programs at all workforce levels through automation

1:30pm - 2:15pm  Executive Boardroom

The Changing Landscape of API Security

Shreyans Mehta headshot

Shreyans Mehta

Co-Founder and Chief Technology Officer

Cequence Security

Dave Munroe headshot

Dave Munroe

Chief Information Security Officer

National Hockey League

Davinder Rodey headshot

Davinder Rodey

Chief Information Security Officer

Mizuho Americas

APIs accelerate digital transformation and are a critical component of every SaaS, web, and mobile application. APIs have proliferated so quickly that most organizations vastly underestimate the number of APIs in use, and existing mitigation solutions such as Web Application Firewalls (WAFs) fall short. As API attack frequency and complexity increases, how can organizations ensure their assets are protected?

Join this interactive discussion to learn:

  • How to gain visibility into your entire API landscape
  • How to test API security during development and fix issues before runtime
  •  How security and development teams can work together around API security

2:15pm - 2:50pm  Networking Break

2:20pm - 2:45pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

2:50pm - 3:35pm  Breakout Session

Elevating Security Through Risk and Compliance

Neil Carpenter headshot

Neil Carpenter

Principal Technical Evangelist

Orca Security

The cloud security landscape never stops evolving. Trying to keep pace will only get you so far. You'll need to stay ahead by highlighting risk, compliance, and collaboration strategies.

Join your C-level peers in an interactive discussion and begin:

  • Navigating the challenge of prioritization between risk mitigation and compliance
  • Evaluating the effectiveness of security tools in complex cloud environments
  • Discovering ways to unify security and development teams

2:50pm - 3:35pm  Breakout Session

Prep, Response or Resources — Solving the Puzzle of Threat Remediation

Steve Grossman headshot

Steve Grossman

Chief Information Security Officer

National Basketball Association

Incidents happen all the time, but not always for the same reason. Sometimes bad actors exploit vulnerabilities. Other times, it's your untested response plan slowing things down. It could be your team's tooling is mismanaged, delaying remediation. Work with a room of your peers to consider and solve three incident response scenarios in this highly-interactive, solution-focused session. 

Steve Grossman, CISO, NBA will lead you and your team as you:

  • Discuss the leading challenges of incident response
  • Consider what you can do to bolster your incident response playbook
  • Gain perspective and an advantage on the modern threat landscape

2:50pm - 3:35pm  Executive Boardroom

The Real Security Challenges Your CISO Peers are Struggling With

Chris Hines headshot

Chris Hines

VP of Strategy

Hewlett Packard Enterprise

Ronen Halevy headshot

Ronen Halevy

Vice President, Information Security

Sony Corporation of America

Linda Angles headshot

Linda Angles

Global IT Risk Leader


Pronay Mukherjee headshot

Pronay Mukherjee

Business Information Security Officer - Americas

Levi Strauss & Co.

As a CISO you're dealing with an ever-evolving set of threats, and trying your best to lean in on new concepts, new technologies and new cross-functional relationships - to help protect the business. Your plate is full, and that's a lot of new on new. We get it. So, it's time to peel back the curtain and discuss some critical topics that are keeping CISOs up night. 

Join your peers and dive into this open conversation on :

  • Making the business case for cloud-delivered access - do you really need it, and who do you trust?
  • Aligning with Networking leaders to address end user experience - It ain’t always pretty
  • Balancing the need for innovation with the reality of the compliance check box

2:50pm - 3:35pm  Executive Boardroom

Transforming Network Security with AI-Powered SASE

Jason Georgi headshot

Jason Georgi

Field Chief Technology Officer for Prisma Access

Palo Alto Networks

Sai Iyer headshot

Sai Iyer


Ziff Davis

Carlos Lyons headshot

Carlos Lyons

VP, Global Chief Information Security and Compliance Officer


Recent Advancements in Artificial Intelligence (AI) are creating new ways of working and creating new business opportunities. Leveraging AI/ML in cyber and network security delivers much better outcomes for today’s technology leaders. Join us in this exclusive roundtable to hear about:

  • Why a unified SASE approach maximizes the potential of AI
  • How AI/ML are delivering better security, network and operational outcomes
  • Best practices for delivering business value with SASE

2:50pm - 3:35pm  Executive Boardroom

Embracing AI — Pros, Cons, and the Challenge of Change

Dan Shiebler headshot

Dan Shiebler

Head of Machine Learning

Abnormal Security

Elia Zaitsev headshot

Elia Zaitsev



Leon Flaksin headshot

Leon Flaksin

Managing Director & Head of Technology and Cybersecurity Risk Management

BlackRock Inc

Nick Salian headshot

Nick Salian

Chief Information Security Officer

Cantor Fitzgerald

For leaders, there’s nothing new about managing internal expectations on hyped technologies, but the recent advancements in AI have caused an increased and urgent demand for the evaluation and adoption of generative AI models. There is no question that these breakthroughs are just the beginning, but technology executives must temper expectations and ensure a thoughtful approach to building AI models that will add more value than risk.

Join this session to discuss:

  • Opportunities and limitations in applying AI to security solutions
  • Identifying and aligning a business need and use case for AI implementation
  • Using native AI to secure the business amidst a quickly shifting landscape

3:35pm - 4:00pm  Break

4:00pm - 4:35pm  Keynote

Str(AI)ght Talk – The Topic of the Year, Hold the Hype

Chris Holden headshot

Chris Holden

SVP, Chief Information Security Officer

Crum & Forster

Reshma Budhwani headshot

Reshma Budhwani

VP, Chief Technology Security Officer

New York Life

Jeff Brown headshot

Jeff Brown

Chief Information Security Officer

State of Connecticut

At the turn of 2023, executives across the globe found themselves challenged, inspired and concerned by the overwhelming possibilities of generative AI. Today, we find ourselves in a new phase of the AI hype cycle. It's time to get real. But it'll take a room full of collaborating CISOs to pull knowledge from the noise.

Gather around a panel of your CISO peers to:

  • Hear resonant recounts of AI acclimation
  • Chime in with your proven methods for turning AI into a competitive advantage
  • Collectively discern what is and isn't helpful for today's cyber leaders

4:35pm - 5:00pm  Closing Reception & Prize Drawing

November 28, 2023

November 29, 2023

We look forward to seeing you at an upcoming in-person gathering

Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.


Venue & Accommodation

Pier Sixty

Your Community Partners

Global Thought Leaders
CISO Thought Leaders
Key Partners
Program Partners

Community Program Manager

For inquiries related to this community, please reach out to your dedicated contact.

Krista Robbins

Senior Community Program Manager