IN-PERSON

San Francisco CISO Executive Summit

November 20, 2024 | Grand Hyatt at SFO

November 20, 2024
Grand Hyatt at SFO

APPLY TO PARTICIPATE

Collaborate with your peers

Get together with San Francisco's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Balancing the dangers and benefits of AI innovation in an ethical way

Rethinking the relationship between cybersecurity teams, third parties, and the people they protect

Providing clear, actionable insights to stakeholders to ensure informed, secure decision-making

San Francisco CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Yassir Abousselham

UiPath
SVP, CISO

Sujeet Bambawale

7-Eleven
VP, CISO

Krishnan Chellakarai

Gilead Sciences
CISO, Head of Information Security & Data Privacy

Devin Ertel

Menlo Security
Chief Information Security Officer

Al Ghous


CISO

Leda Muller

Stanford University, Residential and Dining Enterprises
Chief Information Security and Privacy Officer

Kannan Perumal

Applied Materials
Vice President, Chief Information Security Officer

Jeff Trudeau

Chime
VP, CIO & CSO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your San Francisco CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


November 20, 2024

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

This is Resiliency — Navigating the New Era of Cybersecurity and Beyond

Eddie Borrero headshot

Eddie Borrero

VP, Chief Information Security Officer

Blue Shield of California

Becoming a truly resilient organization requires strategic planning around how security and risk challenges are addressed at all levels of the organization today, while continuing to look to the future. How are next-gen CISOs ensuring their organization stays resilient and adaptable when technology and third parties fail?

Join this session to hear how Eddie Borrero, VP & CISO at Blue Shield of California is:

  • Articulating cyber risk posture, controls, and mitigation strategies across the org
  • Leveraging security’s role as a business leader and enabler before, during and after disruptions 
  • Building third party relationships to ensure future growth and success, together


9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

Breaking the Breach Cycle — Continuous Identity Security for Tomorrow's Threats

Umaimah Khan headshot

Umaimah Khan

CEO & Co-founder

Opal Security

Managing identity risk is critical, but the challenge is building identity security that is both continuous and scalable. As companies grow, securing identities becomes more complex. While concepts like continuous identity security are familiar, implementing them to reduce risk and scale effectively is difficult.

In this session, we’ll explore:

  • How to design a scalable IAM framework that integrates continuous security principles
  • Leveraging AI to enhance your identity access, enabling real-time and scalable solutions
  • How businesses are building identity for trust and maturity while minimizing risk

9:40am - 10:25am  Executive Boardroom

Rethinking the Relationship Between Cybersecurity Teams and the People They Protect

Ryan Kalember headshot

Ryan Kalember

Chief Strategy Officer

Proofpoint

Sekhar Nagasundaram headshot

Sekhar Nagasundaram

Global Head of Cyber Defense and Threat Management and SVP Technology - Cybersecurity

Elevance Health

David Tugwell headshot

David Tugwell

Senior Director, Information Security/CISO

Agilent Technologies

You’ve heard it all before: the DBIR tells you people are your biggest risk, phishing simulations tell you your users fall for social engineering, and simple security measures you deploy are sometimes met with howls of protest. But what if it didn’t have to be that way?

Join this session for a fresh perspective on:

  • Moving security alerts from the SOC to where users work
  • Protecting end users perception of security controls
  • Transforming security teams’ interactions with end users 

9:40am - 10:25am  Executive Boardroom

How to Assess Security Maturity and Why It Matters

David Johnson headshot

David Johnson

Principal Solutions Architect

Expel

Al Ghous headshot

Al Ghous

CISO

Kevin Song headshot

Kevin Song

Interim Chief Information Security Officer and Sr. Director of Enterprise Security

WeWork

Maturing your security posture requires knowing how to objectively assess your organization, use industry best practices and frameworks, and select the right tools to advance your business. This complex, time-intensive process often takes a backseat to defending yourself against ever-evolving threats. Getting started can be overwhelming, so finding time to assess and improve your security maturity is a tall task.

Join this session to discuss:

  • Benchmarking SOC performance using common assessment frameworks and tools
  • Determining your security maturity level, and how to fill gaps you’ve identified
  • Analyzing the impact of data and AI on your security posture

10:25am - 11:05am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:05am - 11:50am  Breakout Session

Speaking the Board's Language -- A CISO's Guide to Effective Presentations

Prakash Kalaiah headshot

Prakash Kalaiah

Head of Security

Enphase Energy

Ody Lupescu headshot

Ody Lupescu

CISO

GoodLeap

Pavi Ramamurthy headshot

Pavi Ramamurthy

Global CISO & CIO

Blackhawk Network

CISOs need to know how to present complex security issues to the board in a way that resonates with non-technical stakeholders, aligning cybersecurity initiatives with business goals. By focusing on risk, compliance, and measurable outcomes, CISOs can ensure their board presentations drive informed decision-making and secure necessary investments in cybersecurity. 

Join this session to discuss: 

  • Framing cybersecurity issues in a business context, focusing on risk, cost, and ROI
  • Aligning cybersecurity strategies with broader business goals to secure board buy-in
  • Using metrics and KPIs to demonstrate the impact of security initiatives and investments on business operations

11:05am - 11:50am  Executive Boardroom

Risk to the Nth-Party Degree

Kelly White headshot

Kelly White

Co-Founder & CEO

RiskRecon - A MasterCard Company

Marty Ray headshot

Marty Ray

CISO

Williams-Sonoma

Third party relationships are closest and may prove to be the most tangible risks to your business, yet the whole supply chain of your business partners still pose a substantial threat. Most organizations’ vendor relationships extend to the 8th party. CISOs need to understand this web of connectedness in order to better manage and communicate enterprise risk.

Join this session to discuss:

  • Gaining visibility into risk across the whole supply chain
  • Strategies for effective risk management and monitoring business partners
  • Overcoming resource challenges to prioritize third-party and extended supply chain risk

11:05am - 11:50am  Executive Boardroom

Innovating at Full Speed

Matt Bartley headshot

Matt Bartley

GTM Lead, AppRisk

Snyk

Jonathan Chan headshot

Jonathan Chan

Head of Global IT & Security

EpiSource

Establishing trust between security and developers is crucial for successful outcomes, especially as modern development quickly embraces AI. How does the future of innovation hinge on achieving this open trust and communication?

Join this boardroom conversation with Snyk to delve into:

  • How to build a culture of security ownership across teams
  • What strategies and approaches to building trust are working
  • Where AI can speed up and secure application security 


11:50am - 12:30pm  Networking

Breaking Barriers in Cybersecurity

Tammy Hawkins headshot

Tammy Hawkins

VP of Cybersecurity and Fraud Prevention

Intuit

Female, non-binary and allied cyber leaders are invited to eat lunch in our reserved networking space. Hosted by a member of the San Francisco CISO community, those in attendance can freely discuss best practices, key challenges, and mission-critical priorities before heading over to the midday keynote.

11:50am - 12:35pm  Lunch Service

12:35pm - 1:10pm  Keynote

AI and Cybersecurity— Hope or Hype?

Oliver Tavakoli headshot

Oliver Tavakoli

Chief Technology Officer

Vectra AI

Despite increased spending on cyber technology and personnel, global costs from cyber-attacks continue to rise. At least some of the success attackers are having is due to the “hybrid enterprise” of loosely connected systems like federated identity, SaaS apps, and public clouds, whose threat models are not yet clearly understood. While some use of AI in cybersecurity is well understood, the potential of Gen AI remains uncertain. Can AI be the game changer defenders need?

Join this session to explore:

  • Understanding the applicability of various AI models to cybersecurity challenges
  • Recognizing the value of integrating several signals into a hybrid attack narrative
  • Grasping why this problem space is more like Minority Report than CSI

1:10pm - 1:35pm  Break

1:35pm - 2:20pm  Executive Boardroom

Securing Non-Human Identities— Current Issues and Future Directions

Rich Dandliker headshot

Rich Dandliker

Chief Strategy Officer

Veza

Colin Anderson headshot

Colin Anderson

SVP, CISO

Dayforce

Krishnan Chellakarai headshot

Krishnan Chellakarai

CISO, Head of Information Security & Data Privacy

Gilead Sciences

Existing identity security tools mainly focus on human identities. However, NHIs (such as service accounts) often pose a greater risk and are harder to manage. They outnumber human identities, have high privileges, can't use MFA, and are challenging to find across the infrastructure.

Join this interactive roundtable to discuss:

  • Challenges in finding NHI accounts, credentials and owners
  • Existing tool successes and gaps
  • Envisioning the ideal management of NHIs

1:35pm - 2:20pm  Executive Boardroom

Paving a Path for Tomorrow's CISOs

Andrew Schofield headshot

Andrew Schofield

SVP, Head of Information Security & IT Ops

Forge Global

Anand Thangaraju headshot

Anand Thangaraju

CISO

ePlus

Succession planning is critical for CISOs to ensure continuity and resilience in leadership roles. By identifying and developing internal talent, organizations can mitigate risks associated with unexpected departures and maintain strategic momentum.

Join this boardroom session to discuss:

  • Identifying emerging leaders and enabling development
  • Cultivating a forward-thinking security culture
  • Ensuring leadership continuity and organizational resilience

2:20pm - 3:00pm  Networking Break

2:25pm - 2:50pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm  Breakout Session

Into the Melting Pot -- An Industry-Wide Look At Navigating Disruption

Ramy Houssaini headshot

Ramy Houssaini

Chief Digital Trust Officer

BNP Paribas

Leda Muller headshot

Leda Muller

Chief Information Security and Privacy Officer

Stanford University, Residential and Dining Enterprises

Patrick Phelan headshot

Patrick Phelan

CISO

UCSF Medical Center

Marty Ray headshot

Marty Ray

CISO

Williams-Sonoma

Leslie Stevens headshot

Leslie Stevens

Global Privacy Officer

Agilent Technologies

In an era of rapid digital disruption, the stakes for businesses across industried have never been higher. This session,  led by a panel of industry peers, will offer an in-depth, cross industry examination of the challenges posed by incidents, outages, breaches and other threats. 

Join this session for:

  • Insights on industry-wide cybersecurity trends and breach mitigation strategies
  • Proven methods for building resilient technology infrastructures across sectors
  • Peer-led discussions on fostering collaboration to strengthen collective cybersecurity defenses

3:00pm - 3:45pm  Executive Boardroom

Data Security as a Business Driver

Anand Kashyap headshot

Anand Kashyap

CEO & Co-Founder

Fortanix

Jenee Byrd headshot

Jenee Byrd

Senior Director Information Security - Head of Cybersecurity

Ultragenyx

Prakash Kalaiah headshot

Prakash Kalaiah

Head of Security

Enphase Energy

Sensitive data is everywhere – from mobile apps to medical devices. CISOs must remain informed on the use of data throughout the pipeline to securely enable the business. 

During this peer-led discussion you will explore:

  • Gaining visibility and securing sensitive data in all its states
  • Identifying and communicating the impact of data security on the business
  • Leveraging data security as a team sport


3:00pm - 3:45pm  Executive Boardroom

Browsing the Future -- How Secure Enterprise Browsers are Transforming Work

Jonathan Kaplan headshot

Jonathan Kaplan

Director & CISO

San Francisco International Airport

The enterprise browser is becoming a crucial tool for enhancing security and productivity in the digital workplace. How can organizations leverage this technology to protect their data while optimizing workflows? 

Join this session to discover:

  • The importance of secure enterprise browsers in mitigating web-based threats
  • How enterprise browsers streamline workflows and improve productivity
  • Strategies for integrating security policies directly into browser environments to protect corporate data

3:45pm - 4:10pm  Break

4:10pm - 4:45pm  Keynote

Law & Order -- Cross Examining AI’s Legal Boundaries

Eran Kahana headshot

Eran Kahana

AI, Cybersecurity, and Intellectual Property Attorney

Guest Speaker

While AI technologies evolve at a breakneck pace, the law and ethical standards governing their development get lost in the process. In response, legislators, regulators, standard setting organizations and other stakeholders are working to ensure AI development and use aligns with principles like “trustworthy,” “safe,” and “ethical” — but this is a slow process that has so far fallen short.

 Join this session with AI, cybersecurity and IP law expert Eran Kahana as he offers actionable insights on:

  • AIs core principles
  • Implementing effective AI policies and procedures
  • Fostering cross-divisional collaboration


4:45pm - 5:00pm  Closing Comments and Prize Drawing

5:00pm - 7:00pm  Governing Body Reception

Governing Body Reception

Governing Body members host this reception for executives to close out the event with an evening of peer networking, food and drinks.

November 20, 2024

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Grand Hyatt at SFO
MORE INFORMATION

A block of rooms has been reserved at the Grand Hyatt at SFO at a reduced conference rate. Reservations should be made online or by calling 1-402-501-9860.

Deadline to book using the discounted room rate of $309 USD (plus tax) is October 28, 2024.

Your Community Partners


CISO Thought Leader
Key Partners
Program Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Sam Flaherty

Senior Community Program Manager

208-871-6409

samantha.flaherty@evanta.com