IN-PERSON

Minneapolis CISO Community
Executive Summit

June 12, 2024 | Marriott Minneapolis West

June 12, 2024
Marriott Minneapolis West

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Vince Aimutis

Federated Insurance
VP – Director of Information Services / CISO

Mary Faulkner

Thrivent
VP, CISO & IT Operations

Jeff Johnson

Digi-Key
CISO, Director, IT Security and Privacy

Greg Matthias

Agiliti
VP, CISO

Tina Meeker

Sleep Number
VP, Information Security & Enterprise Architecture

Param Vig

Solventum
SVP, CISO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Minneapolis CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

June 12, 2024

morning afternoon evening

7:45am - 8:30am Registration & Breakfast

8:30am - 9:15am Keynote

Words That Work — Using Impactful Language to Deliver Results

Val Wright

Global Leadership & Innovation Expert, Author

Guest Speaker

Effective communication is a critical component of success for CISOs. The most successful executives realize this and prepare what to say and when to say it with precision using "words that matter". In this keynote conversation author, Val Wright offers fresh perspective and techniques to help you elevate the conversation to deliver results.

In this session Val shares how to:

Create communication that resonates and simplifies complex information
Foster productive relationships with internal and external stakeholders
Develop powerful responses to navigate resistance and achieve results

*This speaker will be recorded during the session; however, no attendees will be included in the recording*

9:15am - 9:40am Networking Break

9:40am - 10:25am Breakout Session

Balancing the Opportunities and Perils of GenAI in Security Operations

Rohit Tandon

VP & CISO

Essentia Health

Vince Aimutis

VP – Director of Information Services / CISO

Federated Insurance

David Gold

Americas Field CTO

SentinelOne

Generative AI can be solution to many cyber defense problems, from boosting productivity to diversifying capabilities to acting as a force multiplier for short-staffed security teams. However, the initial hype around GenAI rushed many organizations into adopting the technology without requisite planning and led to mixed success. What are the risks and considerations that CISOs need to be aware of to gain the rewards of GenAI?

Join this panel for a candid conversation on:

Managing internal expectations about AI without dampening enthusiasm for opportunities it offers
Identifying areas to leverage AI and other emerging technologies for maximum risk mitigation and increased productivity
Fortifying your security framework for tomorrow's technologies

9:40am - 10:25am Executive Boardroom

Breaking the Mold — CISOs Driving Gender Diversity

Aimee Martin

CISO

Data Recognition Corporation

Tina Meeker

VP, Information Security & Enterprise Architecture

Sleep Number

Param Vig

SVP, CISO

Solventum

The gender gap in cybersecurity — particularly in leadership roles — has been widely reported for years. How can CISOs come together as a community to support and elevate their female peers in information security?

Join this session to hear from and discuss with your peers:

Impacts of promoting a diverse and inclusive sector for women in security
Competencies women leaders need to overcome the hurdles to advancement
Opportunities, and lessons learned, for today’s CISOs to move the industry forward

9:40am - 10:25am Executive Boardroom

The Art of Incident Response

Matthew Bohne

VP, Chief Product Security Officer

Honeywell

Glenn Toby

Information Security Officer

Minnesota State Lottery

CISOs need more than a plan. They need to know what it takes to master the art of containment, eradication and recovery while keeping the business's costs (both financial and reputational) to a minimum.

Only in a room of your security-focused peers will you:

Unlock specific, essential incident response practices
Hear relatable cases of what is and isn't working for others in your position
Gather the threat mitigation insights of your fellow cyber leaders

10:25am - 11:05am Networking Break

10:30am - 10:55am Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:05am - 11:50am Breakout Session

Navigating the New Identity Landscape

Derek Dahlen

SVP, Head of Customer Identity

Regions Bank

Tom Sheffield

Senior Director, Cybersecurity

Target

The number of human and machine identities seeking access to data and critical business systems has grown exponentially, in turn increasing the threat landscape and challenging traditional IAM paradigms. How can CISOs stay ahead of the curve?

Join this session to explore:

Prioritization of managing and securing all identities
Understanding your environment and keeping IAM as a core strategic control
Navigating time and resources for successful implementation

11:05am - 11:50am Breakout Session

Protecting Our Assets — Leveraging FAIR for Strategic Decisions

Mary Faulkner

VP, CISO & IT Operations

Thrivent

Jack Jones

Chairman Emeritus

The FAIR Institute

Information security leaders are the stewards of limited resources they have been allocated to protect the organization's valuable assets — information and information systems. CISOs typically excel at tactical responses to security threats, but how can they elevate decision-making to a strategic level?

Join this session and explore ways to:

Prioritize security investments based on potential financial impact
Effectively communicate risks to leadership in business terms
Measure the effectiveness of security controls

11:05am - 11:50am Executive Boardroom

Rethinking SIEM — Embracing the Modern Security Landscape

Kevin Kirkwood

Deputy CISO

LogRhythm

Abdeslam Mazouz

CISO

City of Minneapolis

Todd Carreno

VP, CISO

Wings Financial

In a world where traditional SIEM solutions are often described as “dead,” the need for reevaluation and innovation in security practices becomes paramount. It is important for CISO’s to consider the myths and realities surrounding cost, deployment, and maintenance.

Join this session to discuss:

A shift towards intuitive tuning mechanisms to enhance security posture
The importance of agility, scalability, and comprehensive threat visibility in the evolving landscape
Contemporary security strategies for streamlined threat detection

Discussion questions:

What methods are you currently employing for security monitoring?
What challenges do you face in your security monitoring aptitude and abilities?
What are some best practices for CISOs to collaborate with IT teams and other stakeholders in integrating modern SIEM solutions effectively into their organization's security framework?

11:50am - 12:35pm Lunch Service

12:35pm - 1:10pm Keynote

Unlocking Full Cloud Potential – Security Enhancements for Today’s Enterprise

Uy Huynh

VP Solution Engineering

Island

While the vast majority of infrastructure has been upgraded and modernized to secure the shift to the cloud, enterprise IT teams are still missing an equally seamless access method to safely deliver those now cloud-native apps and data. While traditional browsers have become the de facto access point for the majority of business critical applications, they lack the deep inspection capabilities and hyper-granular security controls enterprises need. This results in security teams surrounding their browsers with layers of tech to meet those needs.

Join this keynote session to discover:

Why traditional cloud security methods undermine your modernization efforts and end-user experience
Embracing technological momentum to adapt to a "more-with-less" security landscape
How enterprise CISOs are using this solution to bolster cloud security

1:10pm - 1:35pm Break

1:35pm - 2:20pm Breakout Session

From Silos to Solutions — Strategies for an IT-Centric Security Culture

Yan Kravchenko

Core Technology & Information Security Director

Hennepin Healthcare

Julie Flaschenriem

CIO

Hennepin Healthcare

In today's rapidly evolving digital landscape, the need for a robust, resilient information security culture has never been more critical. How can CISOs and CIOs come together to maximize efficiency and establish a unified front?

Join CISO Yan Kravchenko and CIO Julie Flaschenriem, with Hennepin Healthcare as they explore:

Practical steps for uniting IT and Information Security into a single, resilient team
Leveraging available tools available to align IT and information security goals
Building a partnership that fosters a culture of awareness and cooperation

1:35pm - 2:20pm Executive Boardroom

Organizational Risk Mitigation — Protecting Humans from Themselves

Pat Joyce

Global Resident Chief Information Security Officer (RCISO)

Proofpoint

Thomas Dolan

SVP of Information Security & Risk

Exela

Daniel May

Senior Director Information Security

Choice Hotels International

Sometimes it's hard to see a future beyond ransomware, BEC and data loss. But how do we not only ensure our cyber defense teams and the workforce they protect stay afloat in the current risk landscape, while simultaneously building toward future consolidation and risk mitigation scenarios?

Join this session to discuss:

Developing a human risk framework
Moving human-centric security controls from reactive and manual to proactive and automated
Leveraging AI to protect humans from themselves

1:35pm - 2:20pm Executive Boardroom

Securing the Future of Work — Challenges and Strategies for the Hybrid Landscape

Jason Georgi

Field Chief Technology Officer for Prisma Access

Palo Alto Networks

Jasper Li

Director of Global IT Infrastructure & Cybersecurity

Banner Engineering

Duane Lenander

SVP, Director of IAM

U.S. Bank

The rise of unmanaged devices, dispersed teams, and sophisticated AI-powered attacks demands a comprehensive rethinking of security architectures. Organizations must examine the critical challenges facing the modern workplace and explore emerging strategies to future-proof security.

Join this boardroom discussion to learn:

How organizations can maintain control and visibility in a BYOD and contractor-driven environment
How AI and LLMs are reshaping data protection, minimizing false positives, and proactively identifying risks.
Today's emerging technologies that can deliver seamless application experiences, even across distributed workforces

Discussion Questions:

1. Hybrid work is evolving in terms of how much time employees spend between home, work and the office, which only accentuates the need for consistency. How are you approaching ensuring consistency, regardless of where employees are working from?

2. How has your security team focused on the control and visibility in a BYOD or contractor-driven environment?

3. Are AI and LLMs helping reshape your data protection? And if so, what have been the effects?

4. How are you protecting the use of Gen AI tools to allow your employees to increase productivity while keeping your organization’s data safe?

2:20pm - 3:00pm Networking Break

2:25pm - 2:50pm Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm Executive Boardroom

Navigating Cyber-Physical Risks

Kory Nadeau

Vice President of IT

Presbyterian Homes

Jason Meszaros

CISO/Dir of IT & Cybersecurity

ATS

Tim Dokken

VP- Infrastructure & Information Security

Johnson Brothers Liquor

Cyber-physical systems (CPS) come in many forms including industrial control systems (ICS), operational technology (OT) devices, and Internet of Things (IoT), to name a few. As they connect to each other and to enterprise systems, the attack surface is significantly expanded and securing these very systems that join the physical and digital worlds is no simple task.

Join this session to discuss:

Identifying and managing the risks of cyber-physical technology
Understanding the parallels in your approach to IT and CPS security without neglecting the differences
Innovative practices to adapt security controls to business operational realities

3:00pm - 3:45pm Breakout Session

A New Era of Liability for CISOs

Jeff Johnson

CISO, Director, IT Security and Privacy

Digi-Key

Steve Cosentino

Partner, Stinson LLP

Guest Speaker

CISOs are accustomed to answering for the business when security programs fall victim to attack. However, recent personal legal scrutiny of CISOs has set a precedent, stirred up concern and left security leaders questioning their protection.

Join this session to uncover:

Resources to prepare for increased scrutiny and potential liability
Best practices to proactively protect personal assets and reputation
Keys to communicate role responsibility and liability to stakeholders

3:00pm - 3:45pm Executive Boardroom

Routing Your Generative AI Implementation Marathon

Judy Hatchett

VP & CISO

Surescripts

Billie Chock

Director, Cybersecurity - Governance, Risk & Compliance

General Mills

Scott Ostrander

VP, CISO

SPS Commerce

Early adopters confirm, AI-implementation isn't for the faint of heart (or the light of checkbook). Yet the expectation to welcome this booming tech advancement into your organization remains. Today, studying the efforts of those same early adopters proves the easiest first step in drawing up your own AI road map.

Gather with your CISO peers to:

Compare your varying stages of AI-adoption progress
Share what you've learned through that progress so far
Gather proactive tips on clearing hurdles to come

3:45pm - 4:10pm Break

4:10pm - 4:45pm Keynote

Preparing for the Future — FBI Cybersecurity Update

Jacob Iverson

Supervisory Special Agent

Federal Bureau of Investigation

Today's varied threat landscape features both foreign and domestic security concerns that could stop or delay business. With so many avenues for malicious actors, how should CISOs be prioritizing their resources to improve resiliency? Come with your questions as one of the FBI’s foremost experts on cybersecurity discusses what trends they are seeing and monitoring.

Join this keynote to explore:

The evolving geo-political threat landscape
Best practices of working with law enforcement before, during and after a breach
Case studies and lessons learned

4:45pm - 5:00pm Closing Comments and Prize Drawing

5:00pm - 7:30pm Networking

Arcade Afterparty — Governing Body Reception

Join your peers for dinner, drinks and Donkey Kong! The Minneapolis CISO Governing Body invites attendees to close this year's executive summit with an evening of peer networking — Skee-Ball & snacks included.