IN-PERSON

San Francisco CISO Community
Executive Summit

November 20, 2024 | Grand Hyatt at SFO

November 20, 2024
Grand Hyatt at SFO

Governing Body Agenda Location Partners Contact

Governing Body Co-Chairs

Yassir Abousselham

UiPath
SVP, CISO

Krishnan Chellakarai

Gilead Sciences
CISO, Head of Information Security, Risk & Compliance

Cassie Crossley

Schneider Electric North America
VP, Supply Chain Security

Devin Ertel

Menlo Security
Chief Information Security Officer

Al Ghous

CISO

Leda Muller

Stanford University, Residential and Dining Enterprises
Chief Information Security and Privacy Officer

Kannan Perumal

Applied Materials
Vice President, Chief Information Security Officer

Jeff Trudeau

Chime
VP, CIO & CSO

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your San Francisco CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda

November 20, 2024

morning afternoon evening

7:45am - 8:30am Registration & Breakfast

8:30am - 9:15am Keynote

This is Resiliency — Navigating the New Era of Cybersecurity and Beyond

Eddie Borrero

VP, Chief Information Security Officer

Blue Shield of California

Becoming a truly resilient organization requires strategic planning around how security and risk challenges are addressed at all levels of the organization today, while continuing to look to the future. How are next-gen CISOs ensuring their organization stays resilient and adaptable when technology and third parties fail?

Join this session to hear how Eddie Borrero, VP & CISO at Blue Shield of California is:

Articulating cyber risk posture, controls, and mitigation strategies across the org
Leveraging security’s role as a business leader and enabler before, during and after disruptions
Building third party relationships to ensure future growth and success, together

9:15am - 9:40am Networking Break

9:40am - 10:25am Breakout Session

Breaking the Breach Cycle — Continuous Identity Security for Tomorrow's Threats

Umaimah Khan

CEO & Co-founder

Opal Security

Managing identity risk is critical, but the challenge is building identity security that is both continuous and scalable. As companies grow, securing identities becomes more complex. While concepts like continuous identity security are familiar, implementing them to reduce risk and scale effectively is difficult.

In this session, we’ll explore:

How to design a scalable IAM framework that integrates continuous security principles
Leveraging AI to enhance your identity access, enabling real-time and scalable solutions
How businesses are building identity for trust and maturity while minimizing risk

9:40am - 10:25am Executive Boardroom

Rethinking the Relationship Between Cybersecurity Teams and the People They Protect

Ryan Kalember

Chief Strategy Officer

Proofpoint

Sekhar Nagasundaram

Global Head of Cyber Defense and Threat Management and SVP Technology - Cybersecurity

Elevance Health

David Tugwell

Senior Director, Information Security/CISO

Agilent Technologies

You’ve heard it all before: the DBIR tells you people are your biggest risk, phishing simulations tell you your users fall for social engineering, and simple security measures you deploy are sometimes met with howls of protest. But what if it didn’t have to be that way?

Join this session for a fresh perspective on:

Moving security alerts from the SOC to where users work
Protecting end users perception of security controls
Transforming security teams’ interactions with end users

9:40am - 10:25am Executive Boardroom

How to Assess Security Maturity and Why It Matters

David Johnson

Principal Solutions Architect

Expel

Kevin Song

Interim Chief Information Security Officer and Sr. Director of Enterprise Security

WeWork

Ajay Wadhwa

CISO

State of California - State Compensation Insurance Fund

Maturing your security posture requires knowing how to objectively assess your organization, use industry best practices and frameworks, and select the right tools to advance your business. This complex, time-intensive process often takes a backseat to defending yourself against ever-evolving threats. Getting started can be overwhelming, so finding time to assess and improve your security maturity is a tall task.

Join this session to discuss:

Benchmarking SOC performance using common assessment frameworks and tools
Determining your security maturity level, and how to fill gaps you’ve identified
Analyzing the impact of data and AI on your security posture

10:25am - 11:05am Networking Break

10:30am - 10:55am Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

11:05am - 11:50am Breakout Session

Speaking the Board's Language -- A CISO's Guide to Effective Presentations

Prakash Kalaiah

Head of Security

Enphase Energy

Ody Lupescu

CISO

GoodLeap

Pavi Ramamurthy

Global CISO & CIO

Blackhawk Network

CISOs need to know how to present complex security issues to the board in a way that resonates with non-technical stakeholders, aligning cybersecurity initiatives with business goals. By focusing on risk, compliance, and measurable outcomes, CISOs can ensure their board presentations drive informed decision-making and secure necessary investments in cybersecurity.

Join this session to discuss:

Framing cybersecurity issues in a business context, focusing on risk, cost, and ROI
Aligning cybersecurity strategies with broader business goals to secure board buy-in
Using metrics and KPIs to demonstrate the impact of security initiatives and investments on business operations

11:05am - 11:50am Executive Boardroom

Solving Supply Chain Risk with Intelligence, Analytics, and Action

Kelly White

Co-Founder & CEO

RiskRecon - A MasterCard Company

Kannan Perumal

Vice President, Chief Information Security Officer

Applied Materials

Intelligence-driven decisions and actions are often deeply embedded into the enterprise security fabric, with defenses against malware, malicious sites, and application attacks dynamically updated based on rapid deployment of intelligence-based rules. In contrast, most third-party risk management programs are deeply rooted in episodic, questionnaire-based assessments which, according to RiskRecon surveys, are trusted by less than 20% of third-party risk teams.

Join this session to discuss:

Gaining full visibility into risks across the entire supply chain using advanced analytics and AI
Effective strategies for utilizing intelligence to manage and monitor business partners
Actionable steps to overcome resource challenges and scale your risk management efforts

11:05am - 11:50am Executive Boardroom

Innovating at Full Speed

Matt Bartley

GTM Lead, AppRisk

Snyk

Jonathan Chan

Head of Global IT & Security

EpiSource

Leda Muller

Chief Information Security and Privacy Officer

Stanford University, Residential and Dining Enterprises

Establishing trust between security and developers is crucial for successful outcomes, especially as modern development quickly embraces AI. How does the future of innovation hinge on achieving this open trust and communication?

Join this boardroom conversation with Snyk to delve into:

How to build a culture of security ownership across teams
What strategies and approaches to building trust are working
Where AI can speed up and secure application security

11:50am - 12:30pm Networking

Breaking Barriers in Cybersecurity

Tammy Hawkins

VP of Cybersecurity and Fraud Prevention

Intuit

Female, non-binary and allied cyber leaders are invited to eat lunch in our reserved networking space. Hosted by a member of the San Francisco CISO community, those in attendance can freely discuss best practices, key challenges, and mission-critical priorities before heading over to the midday keynote.

11:50am - 12:35pm Lunch Service

12:35pm - 1:10pm Keynote

AI and Cybersecurity— Hope or Hype?

Oliver Tavakoli

Chief Technology Officer

Vectra AI

Despite increased spending on cyber technology and personnel, global costs from cyber-attacks continue to rise. At least some of the success attackers are having is due to the “hybrid enterprise” of loosely connected systems like federated identity, SaaS apps, and public clouds, whose threat models are not yet clearly understood. While some use of AI in cybersecurity is well understood, the potential of Gen AI remains uncertain. Can AI be the game changer defenders need?

Join this session to explore:

Understanding the applicability of various AI models to cybersecurity challenges
Recognizing the value of integrating several signals into a hybrid attack narrative
Grasping why this problem space is more like Minority Report than CSI

1:10pm - 1:35pm Break

1:35pm - 2:20pm Breakout Session

Future-Proofing Cloud Security Compliance & Risk Management

Arnab Chakraborty

Partner and Sector Head, Cybersecurity & Risk Services

Wipro

As organizations expand operations across hybrid and multicloud environments, they gain agility and cost efficiency but face increased security risks and compliance challenges. The cross-border nature of cloud operations complicates data protection, while governments intensify efforts to safeguard consumer data. How can CISOs build resilient risk and continuous compliance management strategies in today’s cloud environments?

Join this session to discuss:

Enhancing security and streamlining compliance processes
Addressing emerging regulatory risks effectively
Ensuring business resilience in the digital economy

1:35pm - 2:20pm Executive Boardroom

Securing Non-Human Identities— Current Issues and Future Directions

Rich Dandliker

Chief Strategy Officer

Veza

Colin Anderson

SVP, CISO

Dayforce

Krishnan Chellakarai

CISO, Head of Information Security, Risk & Compliance

Gilead Sciences

Existing identity security tools mainly focus on human identities. However, NHIs (such as service accounts) often pose a greater risk and are harder to manage. They outnumber human identities, have high privileges, can't use MFA, and are challenging to find across the infrastructure.

Join this interactive roundtable to discuss:

Challenges in finding NHI accounts, credentials and owners
Existing tool successes and gaps
Envisioning the ideal management of NHIs

1:35pm - 2:20pm Executive Boardroom

Paving a Path for Tomorrow's CISOs

Andrew Schofield

SVP, Head of Information Security & IT Ops

Forge Global

Mo Balakrishnan

Director, Information Security

University of the Pacific

Anand Thangaraju

CISO

ePlus

Succession planning is critical for CISOs to ensure continuity and resilience in leadership roles. By identifying and developing internal talent, organizations can mitigate risks associated with unexpected departures and maintain strategic momentum.

Join this boardroom session to discuss:

Identifying emerging leaders and enabling development
Cultivating a forward-thinking security culture
Ensuring leadership continuity and organizational resilience

2:20pm - 3:00pm Networking Break

2:25pm - 2:50pm Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

3:00pm - 3:45pm Breakout Session

Into the Melting Pot -- An Industry-Wide Look At Navigating Disruption

Leda Muller

Chief Information Security and Privacy Officer

Stanford University, Residential and Dining Enterprises

Patrick Phelan

CISO

UCSF Medical Center

Leslie Stevens

Global Privacy Officer

Agilent Technologies

In an era of rapid digital disruption, the stakes for businesses across industries have never been higher. This interactive session, led by discussion amongst industry peers, will offer an in-depth, cross industry examination of the challenges posed by incidents, outages, breaches and other threats.

Join this session for:

Insights on industry-wide cybersecurity trends and breach mitigation strategies
Proven methods for building resilient technology infrastructures across sectors
Peer-led discussions on fostering collaboration to strengthen collective cybersecurity defenses

3:00pm - 3:45pm Executive Boardroom

Data Security as a Business Driver

Anand Kashyap

CEO & Co-Founder

Fortanix

Jenee Byrd

Senior Director Information Security - Head of Cybersecurity

Ultragenyx

Prakash Kalaiah

Head of Security

Enphase Energy

Sensitive data is everywhere – from mobile apps to medical devices. CISOs must remain informed on the use of data throughout the pipeline to securely enable the business.

During this peer-led discussion you will explore:

Gaining visibility and securing sensitive data in all its states
Identifying and communicating the impact of data security on the business
Leveraging data security as a team sport

3:00pm - 3:45pm Executive Boardroom

Browsing the Future -- How Secure Enterprise Browsers are Transforming Work

Jonathan Kaplan

Director & CISO

San Francisco International Airport

Mahesh Ayyala

CISO

Hidden Road Inc

The enterprise browser is becoming a crucial tool for enhancing security and productivity in the digital workplace. How can organizations leverage this technology to protect their data while optimizing workflows?

Join this session to discover:

The importance of secure enterprise browsers in mitigating web-based threats
How enterprise browsers streamline workflows and improve productivity
Strategies for integrating security policies directly into browser environments to protect corporate data

3:45pm - 4:10pm Break

4:10pm - 4:45pm Keynote

Law & Order -- Cross Examining AI’s Legal Boundaries

Eran Kahana

AI, Cybersecurity, and Intellectual Property Attorney

Guest Speaker

While AI technologies evolve at a breakneck pace, the law and ethical standards governing their development get lost in the process. In response, legislators, regulators, standard setting organizations and other stakeholders are working to ensure AI development and use aligns with principles like “trustworthy,” “safe,” and “ethical” — but this is a slow process that has so far fallen short.

Join this session with AI, cybersecurity and IP law expert Eran Kahana as he offers actionable insights on:

AIs core principles
Implementing effective AI policies and procedures
Fostering cross-divisional collaboration

4:45pm - 5:00pm Closing Comments and Prize Drawing

5:00pm - 7:00pm Governing Body Reception

Governing Body Reception

Governing Body members host this reception for executives to close out the event with an evening of peer networking, food and drinks.

November 20, 2024

morning afternoon evening

Apply to join

ALREADY A MEMBER? SIGN IN TO REGISTER

Evanta facilitates exclusive, C-level communities by personally qualifying and understanding the priorities, challenges and interests of each member.

Our selective approach maintains the high quality of the network and ensures top-level discussions with peers from the world’s leading organizations.

Community Member Criteria

To ensure peer connections and conversations at the highest level, members must meet the following criteria:

- C-level or senior most executive for respective function

- Organization revenue of $500M+

Exceptions are considered.

I meet the criteria above

I would still like to be considered

My contact information is….

You agree to our Privacy Policy and T&Cs, which includes sharing your contact details with your peers and sponsors.

FORM CONTAINS ERRORS, PLEASE REVIEW THE ABOVE

We look forward to seeing you at an upcoming in-person gathering

Gartner cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location

Venue & Accommodation

Grand Hyatt at SFO

MORE INFORMATION

A block of rooms has been reserved at the Grand Hyatt at SFO at a reduced conference rate. Reservations should be made online or by calling 1-402-501-9860.

Deadline to book using the discounted room rate of $309 USD (plus tax) is October 28, 2024.

RESERVE ROOM