2023 Southern California CISO Inner Circle

Governing Body Agenda Location Partners Contact

CISO Southern California CISO Community Southern California CISO Programs

Collaborate with your peers

Join Southern California's top CISOs for an intimate networking dinner and facilitated discussion on key business challenges. Enjoy a relaxed evening of dinner and drinks with your peers to share best practices, make new connections and build professional relationships.

Join your peers to discuss the most critical issues impacting CISOs today:

Accelerating High Growth and Digitally-Driven Outcomes

Advancing the Business Value of Security

Thriving through Volatility - Empowering People, Resiliency and Insights

Co-Chairs

Matt Crouse

Taco Bell
CISO

Ginny Davis

Technicolor
SVP, CIO & CSO

James Davis

University of California - Los Angeles
Vice Provost IT & CTO, Manufacturing USA, Smart Manufacturing Innovation Institute

Lara Divi

Dine Brands Global, Inc.
VP, CISO

Agenda

April 12, 2023

4:30pm - 5:30pm Executive Networking Reception

5:30pm - 6:45pm Discussion Topics

Cyber Risk is Business Risk – Bringing the Board up to Speed

Jay Chaudhry

CEO, Chairman & Founder

Zscaler

Yev Avidon

Director, Data Protection

The Kroger Co.

Glenn Coles

VP & CIO

Yamaha Motor Corporation USA

Rosalia Hajek

Business Information Security Officer

MGM Resorts International

Theresa Miller

CIO & EVP, IT

LionsGate Entertainment

Michael Mongold

Vice President, Information Security and Chief Information Security Officer

Deckers Brands

Greg Moore

VP & CIO

KB Home

John Rojas

VP, Head of IT (CIO/CISO)

Air Lease Corporation

Tony Velleca

CISO

UST

Arlene Yetnikoff

CISO

California Institute of Technology

Ted Ross

CIO

City of Los Angeles, CA

Becoming a cyber-resilient organization requires ownership and responsibilities to be expanded across the C-suite and board, changing the way that cybersecurity challenges are addressed at all levels of the organization. CIOs and CISOs need to embrace zero trust security and adjust their board engagement approach to get the appropriate level of support and guidance on cybersecurity initiatives, which includes: messaging for impact, evidencing a clear understanding of the organization’s overall risk exposure, outlining what assumed risks the organization is taking on and the trade-offs, and pursuing further secure digital transformation efforts in benefit of the organization’s business initiatives, stability, and future growth.

In this interactive conversation, CIOs and CISOs will share strategies for increasing cyber and business resilience with board buy-in.

Discussion topics include:

How zero trust architecture secures users, workloads, and IoT/OT devices by addressing critical security shortcomings of routable networks.
Gaining confidence from the board on the cybersecurity oversight and forward direction
Articulating cyber risk posture, controls, and mitigation strategies in place, with board-level terminology
Proving how building cyber resilience also drives business growth

Topic 1: Zero Trust Security and Business Benefits

What are the challenges you're facing in securing a modern enterprise that is mobile-centric, cloud-first, and work-from-anywhere?
How have you implemented the principles of zero trust in your organization (if applicable), and what benefits have you seen from this approach?
If you have already implemented zero trust security measures, what were some of the biggest challenges you faced, and how did you overcome them?
Based on your experience in building roadmaps, how can CXOs build a zero trust roadmap and implementation plan that aligns with their organization’s overall security strategy, and what are some key factors to consider when developing these plans?

Topic 2: Articulating Cyber Risk Posture and Board Engagement

What role do board members play in managing cyber risk, and how can CIOs and CISOs work with them to ensure that cyber risks are effectively managed and mitigated?
How have you communicated your cyber risk posture, mitigating controls, and remediation strategies to your board? What challenges did you face and how did you overcome them?
What strategies have you used to gain confidence from the board on cybersecurity oversight and direction, and how can these strategies be tailored to the needs of different types of organizations?
What metrics and KPIs have you used to measure the effectiveness and demonstrate the business case of cyber resilience initiatives, and how have you effectively communicated these to the board?