San Francisco CISO Executive Summit

December 7, 2021 | InterContinental San Francisco

December 7, 2021
InterContinental San Francisco

REGISTER NOW

Collaborate with your peers

Get together with San Francisco's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Accelerating security to match the pace of digital business initiatives

Managing the risk created from a landscape of new core technologies

Achieving sustainability for the CISO role without compromising outcomes

San Francisco CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Co-Chairs

Yassir Abousselham

Splunk
CISO

Selim Aissi

ICE Mortgage Technology
CISO

Krishnan Chellakarai

Gilead Sciences
Head of Information Security & Data Privacy (CISO)

Cassie Crossley

Schneider Electric Systems Usa Inc
Director, Product & Systems Cybersecurity

Devin Ertel

Blackhawk Network
CISO

Al Ghous

Snapdocs
CISO

Jeff Trudeau

Chime
CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your San Francisco CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


December 6, 2021

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Welcome Reception

Exclusive to Governing Body members and select guests, this dinner is a can’t-miss opportunity to connect with your peers prior to tomorrow’s Executive Summit. Please join your colleagues for an evening of good food, wine, and lively networking.

December 7, 2021 - morning

7:30am - 8:15am  Registration & Breakfast

8:15am - 9:00am  Keynote

Stress and the CISO — Practical Strategies to Mitigate Burnout

Sheila Hamilton headshot

Sheila Hamilton

Mental Health Thought Leader and Author of "All the Things We Never Knew"

Guest Speaker

Today’s CISOs face daunting challenges. It is a balance between fighting off increasingly sophisticated attacks, managing scarce resources, and working with stakeholders that often don't understand the inevitability of a breach. Since there continues to be a knowledge gap about the criticality of the CISO’s role, it is no surprise that they’re experiencing stress and burnout at unprecedented rates. How can CISOs make their careers sustainable and maintain a sense of well-being?

Join this keynote to explore:

  • How to recognize the signs and symptoms of toxic stress and burnout
  • How to remain engaged, energized, and focused during turbulent times
  • Methods to reduce stress at work and how to not let the stress overlap into personal lives
  • Mindfulness strategies that can help alleviate burnout
  • How to model work-life balance for Gen Y and Gen Z

9:00am - 9:15am  Break

9:15am - 10:00am  Breakout Session

A New Message for Automating Security Operations

John Jacobs headshot

John Jacobs

Field CISO

Fortinet

Each new system adds another stream of log and event information. These tributaries join the main river, often only to be viewed and processed by the same overburdened security operations staff recovering from the last application installation.

In this session, you’ll discuss:

  • New tools to help automate your security operations
  • Reducing the burden of repetitive tasks to free your staff to up-level their skillsets
  • Applying intelligent machine learning in easy-to-use functions

9:15am - 10:00am  Executive Boardroom

Protect your Data or Pay the Price

Joe Sullivan headshot

Joe Sullivan

SVP, Chief Security Officer

Cloudflare

Brad Jones headshot

Brad Jones

VP of Information Security

Seagate Technology

Kevin Neely headshot

Kevin Neely

Director of Corporate Security

Pure Storage

Ransomware is top-of-mind for all organizations today as attacks become more sophisticated and its impact increasingly detrimental. Cybersecurity professionals must have the right strategy and tools in place to prevent, detect and respond quickly to ransomware attacks and to avoid paying the hefty sum. 

Join this boardroom to discuss: 

  • How to reduce the risk of ransomware 
  • Taking ransomware protection to the next level 
  • Strategies to defend against ransomware

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager, Greg.Winterrowd@evanta.com

9:15am - 10:00am  Executive Boardroom

Enabling the Business as a CISO

Al Ghous headshot

Al Ghous

CISO

Snapdocs

Jeff Trudeau headshot

Jeff Trudeau

CISO

Chime

As business leaders, CISOs also need to position themselves as business enablers. It is important to strategize and stay one step ahead to ensure the business cannot just stay secure, but grow effectively.

Come together with your peers to discuss:

  • Tactics for enabling your business whether you are B2B, B2C or B2B2C
  • Building a sales enablement playbook to use for your prospective clients
  • Ways to gain confidence, trust and transparency with your clients

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

10:00am - 10:30am  Networking Break

10:30am - 11:15am  Breakout Session

Taming the Beast: Identities and Access-Based Threats in your Cloud Infrastructure

Toby Buschini headshot

Toby Buschini

Vice President of Worldwide Sales

Ermetic

Travis McPeak headshot

Travis McPeak

Advisory Board Member

Ermetic

Or Priel headshot

Or Priel

VP Product Management

Ermetic

Cloud identities and entitlements are no longer something you can ignore. With the explosion in the numbers of human and service identities across AWS, Azure and Google Cloud, uncontrolled access permissions pose an enormous risk.

Excessive entitlements - defined intentionally or unwittingly - can lead to accidental or malicious use, exposure of resources, lateral movement and more. Detecting, prioritizing and mitigating these risks is typically hampered by lack of visibility, lack of manpower, lack of coordination and an inability to scale protective measures.

Please join Travis McPeak, Head of Product Security at Databricks, and Or Priel, VP Product Management at Ermetic, as they explain why identities are the new security beast to tame and why governing access must be core to every security program. They will offer fresh views on using automation to remediate risk.

10:30am - 11:15am  Breakout Session

Mitigating New Third-Party Risks

Surbhi Tugnawat headshot

Surbhi Tugnawat

CISO

SRI International

Al Ghous headshot

Al Ghous

CISO

Snapdocs

Many third-party risks are identified after initial onboarding and due diligence, suggesting traditional methods in risk management policy fail to capture new and evolving vulnerabilities. As these external partnerships become increasingly complex, the need for a new approach is clear.

 In this benchmarking session, uncover answers to your pressing questions, including:

  • What strategies are most effective when assessing vendor risk?
  • How do you ensure vendors are complying with evolving privacy regulations?
  • How do you convey vendor risks to senior leadership and to your board?

10:30am - 11:15am  Executive Boardroom

The Art of Managing and Securing Workloads in the Cloud

Jon Anderson headshot

Jon Anderson

Director of Systems Engineering

SentinelOne

Colin Anderson headshot

Colin Anderson

SVP, CISO

Ceridian

Although most organizations do an exceptional job of layering different technologies to secure their data, breaches continue to occur. So what's going wrong and how can you identify these blindspots? In many instances, the point of failure can be traced to the user and their endpoint. In today’s changing landscape, CISO must demand a tight hold on the endpoints.

In this session, you can learn about:

  • What are the major Endpoint management capabilities you can implement
  • How you can combat the complex challenges of managing workloads in the new era
  • Ways you can continuously monitor endpoint metrics and manage system health

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager, Greg.Winterrowd@evanta.com.

11:15am - 11:25am  Break

December 7, 2021 - mid-afternoon

11:25am - 12:40pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:45am - 1:15pm  Lunch Service

12:40pm - 1:00pm  Break

1:00pm - 1:35pm  Keynote

Communicating the Present-Day Threat Landscape

Elvis Chan headshot

Elvis Chan

Asst. Special Agent in Charge, FBI San Francisco, Cyber Branch

Federal Bureau of Investigation

Today's varied threat landscape features both foreign and domestic online security concerns that must be shared across all levels of the organization. Join the FBI’s Elvis Chan as he:

  • Cuts through the "noise" and discusses a variety of the most pressing threats to business
  • Strategies for addressing the emerging threat landscape
  • Best practices of working with law enforcement before, during and after a breach

1:35pm - 1:50pm  Break

December 7, 2021 - afternoon

1:50pm - 2:35pm  Breakout Session

Next Gen Innovation Offense — Uniting DevSecOps

Mike Hansen headshot

Mike Hansen

SVP Engineering

Sonatype

Bruce Mayhew headshot

Bruce Mayhew

VP, Product Innovation

Sonatype

This is NOT your typical security conversation. We won’t be talking about how to play better "perimeter defense" at the end of your software supply chain. Instead, we will be talking about how to play better digital “innovation offense” as next-generation software supply chain attacks become more sinister with bad actors actively injecting malicious code into open source projects that feed the global software supply chain.

Join us to discuss:

  • The prevalence of software supply chain attacks with real-world examples such as dependency confusion and how to continuously identify and remediate open source risk, without slowing down innovation
  • Ways to integrate security guardrails directly within your DevOps pipeline
  • The importance of uniting developers, security, and operations on the same team

1:50pm - 2:35pm  Executive Boardroom

Becoming More Active Through Passive Security

Oscar Miranda headshot

Oscar Miranda

CTO - Healthcare

Armis

David Tugwell headshot

David Tugwell

Senior Director, Information Security/CISO

Agilent Technologies

As critical assets continue to expand and evolve, there is an increased need for better visibility to proactively manage your risk posture. How can CISOs inspire out-of-the-box thinking while designing cybersecurity strategies that will enhance visibility into their systems?

Come together to discuss:

  • Techniques to track asset inventory, including both managed and unmanaged devices
  • How passive security can increase bandwidth
  • Where to identify risk, threats, gaps and vulnerabilities within the enterprise

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager, Greg.Winterrowd@evanta.com.

1:50pm - 2:35pm  Executive Boardroom

Strengthening Your IAM Strategy

Mahesh Ayyala headshot

Mahesh Ayyala

Director of Security

Square

Tolgay Kizilelma headshot

Tolgay Kizilelma

Chief Information Security Officer

University of California - Merced

Moving beyond outdated tech and into a world of efficient, seamless access isn’t impossible. Fine-tuning IAM strategies is an important goal of CISOs across the country.

In this boardroom, you’ll discuss with your peers:

  • How to tailor an IAM strategy with limited resources
  • When to rely on legacy technology versus investing in new technology
  • What training is needed to strengthen your IAM program

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager.

2:35pm - 3:05pm  Networking Break

3:05pm - 3:50pm  Breakout Session

The Business of Risk — IT and Security Unite

Steve McMahon headshot

Steve McMahon

CIO & VP, Operations

CrowdStrike

As large-enterprise organizations become increasingly digitized, information security is ever more an integral part of the strategy at the very highest levels. Drawing from experience as a successful CIO for multiple prominent security organizations, Crowdstrike’s Steve McMahon shares key insights into ways that effective InfoSec-IT alignment can enable disruptive new business opportunities.

In this session, you will:

  • Hear real-world examples of building effective collaboration between IT and security
  • Learn actionable techniques for ensuring accountable security in new business initiatives
  • Discover what your board cares about in today’s risk landscape

3:05pm - 3:50pm  Executive Boardroom

What Matters Most for Your Security Operations

Justin Bajko headshot

Justin Bajko

Co-Founder, VP, Strategy & Business Development

Expel

Mark Lourenco headshot

Mark Lourenco

ISO

State of California - California Department of Education

Since cybercriminals never rest, a sound SOC - staffed by the right people using the right tools in the right way - should be a key part of your cyber defense strategy. Whether your security operations program is completely in-house, outsourced, or operating in a hybrid model you’ll want to measure its effectiveness. How do you think about measuring efficacy and how do these metrics feedback into your program to increase operational maturity over time?

In this session you will discuss:

  • Volume and trend metrics that speak to effectiveness; what does good look like?
  • How does automation come into play and how do you monitor what the robots are doing?
  • What impact does this have on hiring and ongoing job satisfaction?

Executive boardrooms are intimate and interactive sessions designed to foster dynamic dialogue around a specific, strategic topic. These private, closed-door discussions encourage attendee participation and are limited to 15 attendees (seating priority is given to C-level executives). To reserve your seat, please contact your event Program Manager, Greg.Winterrowd@evanta.com

3:05pm - 3:50pm  Executive Boardroom

Taking a Strategic Approach to Third-Party Risk

Mario Duarte headshot

Mario Duarte

VP of Security

Snowflake Computing

Sandeep Sharma headshot

Sandeep Sharma

Principal Security Architect

Blue Shield of California

For many businesses, third-party vendors have become an important source of strategic advantage and business value. Yet outsourcing is not without its risks. As these external partnerships become increasingly complex, the need for a new strategic approach to vendor risk management is clear.

Join this session to discuss:

  • Ways to partner across the c-suite on third-party risk efforts
  • New approaches for managing third, fourth, and even fifth-party partners
  • Strategies that will help you make the best choices for your organization

3:50pm - 4:05pm  Networking Break

4:05pm - 4:40pm  Keynote

All Together Now – DE&I: The Human Imperative

Krishnan Chellakarai headshot

Krishnan Chellakarai

Head of Information Security & Data Privacy (CISO)

Gilead Sciences

Jacob Luna headshot

Jacob Luna

Principal Technologist

ADP

Research shows that diverse teams are more innovative and productive, but it's no secret that IT and cybersecurity positions have a diversity shortage. It is imperative that leaders take responsibility for promoting diversity and CIOs and CISOs are uniquely positioned to lead the organization in fostering inclusion. With the new hybrid workforce, the opportunity to cast a wider net to build diverse teams is a moment that should not be wasted.

Join this keynote panel to discuss:

  • Accelerating innovation and business outcomes through the added advantage of having diversity and inclusion
  • Path to creating a psychologically safe place at work
  • The importance of establishing a support system to hire more diverse candidates

4:40pm - 5:10pm  Closing Reception & Prize Drawing

REGISTER

Returning to in-person conferences


We are excited to welcome you back, in person, to Evanta gatherings.

As previously shared, Evanta will hold in-person programs only in locations that meet our stringent health and safety criteria to help ensure the well-being of our participants, partners, and our associates. These criteria include adhering to government, venue, and health agency guidelines, in addition to taking all practical safety precautions onsite.

Please note that our onsite planning will continue to evolve, and all measures are subject to change to ensure the best and safest possible experience. Please refer to our COVID-19 Health and Safety Protocols for up-to-date local guidelines.

Location


Venue & Accommodation

InterContinental San Francisco
MORE INFORMATION

A block of rooms has been reserved at the InterContinental San Francisco at a reduced conference rate. Reservations should be made online or by calling 1-415-616-6500.

Deadline to book using the discounted room rate of $329 USD (plus tax) is November 29, 2021.

Your Community Partners


CISO Thought Leader
Key Partners
Program Partners

San Francisco CISO Program Manager


For inquiries related to this event, please reach out to your dedicated program contact.

Greg Winterrowd

Senior Program Manager

971-717-6628

greg.winterrowd@evanta.com