CSO50 2023: Leadership connections and agenda

Proven security leaders who understand today’s challenges and will help you chart a course for a more protected, aware and results-oriented future.

Register here to attend in-person

Monday, October 2

1:00pm

Registration Opens

Location: Wassaja Foyer

2:00pm - 3:30pm

The Evolving Threat Landscape

Join experts from IBM and technology leaders from around the country for a roundtable discussion on how to optimize security posture through periods of rapid transformative change. According to IBM’s Threat Intelligence Index report, the average cost of data breaches has risen 13% since 2020, making it critical for security capabilities to improve both efficiency and effectiveness. Meanwhile, the threat landscape has never been more dangerous with both attacks and successful breaches. A 2022 IDC survey of 500 enterprises showed that over 70% experienced at least one major security breach of their on-premises data centers with the majority experiencing two or more major breaches. The cloud was even more susceptible to breaches with 75% reporting major breaches in their cloud IaaS environments.Security leaders are consequently exploring security strategies that can effectively manage risk through periods of great change by harnessing emerging technologies that deliver predictive insights and accelerate threat response over open architectures to protect their business across hybrid cloud infrastructures.

Glenn Dally, Security Advisor & Architect, US National Market Southwest, IBM

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Sponsored by IBM
Pre-registration required

Location: Wassaja 110

4:00pm - 5:00pm

Discussion Groups: Hot Topics in Security

Join a discussion topic that best meets your needs. Facilitated by our partner subject matter experts, take a deep-dive into ideas, common questions, and proven solutions in an interactive, peer-sharing environment.

Discussion Topic: The Generative AI Threat to Email
Mick Leach, Field CISO, Abnormal Security

Discussion Topic: Fortifying the Software Supply Chain Ensuring Enterprise Security
Chris Eng, Chief Research Officer, Veracode

Discussion Topic: Human Risk Management
Mika Aalto, CEO, Hoxhunt

Location: Wassaja 109

5:00pm - 6:00pm

CSO50 Welcome Reception

Meet your peers and celebrate the kick off of the CSO50.

Sponsored by IBM

Location: The Courtyard

Tuesday, October 3

8:00am

Registration Opens

Location: Wassaja Foyer

8:00am - 9:00 am

Networking Breakfast

Grab a coffee and breakfast while connecting with our sponsoring partners.

Location: The Courtyard, Wassaja Foyer

9:00am - 9:15am

Where Is the CSO Role Headed?

Today’s security leaders are facing existential questions: What are the challenges facing CSOs in the years to come? How will technology advancements impact their ability to mitigate risks? How will increasingly intrusive regulations impact them? Exploring these questions will set the stage for the panels, interviews, and presentations to come at the CSO50 Conference + Awards.

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

9:15am - 10:00am

In Conversation with Joe Sullivan: Protecting the Business, Protecting Yourself

In a case closely watched by security leaders globally, the former Uber CSO was convicted of two felonies related to a 2016 security incident at the company. The decision reverberated throughout the security community, leaving unanswered questions particularly about personal liability. Today Sullivan advises startups and mentors security leaders in addition to serving as CEO of the nonprofit humanitarian relief organization Ukraine Friends. In a candid conversation, Sullivan will share the lessons he hopes security leaders learn from his case, so that they, their team, and their company don’t ever go through anything similar. He will also make suggestions for how the private sector can better collaborate with the government and share other insights about the high-stakes pressures on CSOs in an era of unrelenting breaches, ransomware, and automated attacks.

Joe Sullivan, CEO, Ukraine Friends, Former CSO, Uber

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

10:00am - 10:30am

IBM: AI-Powered Security – Empowering Organizations to Stay Ahead of Evolving Threats

Organizations must adapt their security strategies to effectively combat the evolving risk landscape. John will discuss what ‘AI in security’ means and focus on cutting-edge approaches and trends to shape the future of threat and vulnerability management. Discover how organizations are leveraging AI, machine learning, and advanced analytics to enhance their security operations and bolster their resilience against emerging threats.

John Velisaris, Associate Partner, Security Services, IBM

Location: Wassaja Ballroom

10:30am - 11:00am

Networking Break

Grab a coffee or iced beverage, enjoy the fresh air, and connect with award-winning CISOs and sponsoring partners.

Location: Wassaja Foyer

11:00am - 11:30am

Digital Poster Program #1

Learn more about this year’s award-winning projects in a tour of digital poster presentations. Ask questions and dig into the technical and management details of these innovative projects, as well as network with peers who interested in similar initiatives. This self-directed experience means you can focus your time on projects that are most relevant for you.

The Effectiveness of Phishing Competitions and its Effect on Incident Reporting, Carrier

Cisco Federal Operational Security Stack, Cisco

Security Control Validation Platform, Aaron’s

Secure by Design, Wesco

Location: Wassaja Ballroom

11:35am - 12:05pm

Digital Poster Program #2

Security at the Speed of Trust: Creating a Security-as-Code Model, Equinix

Privacy Operations Center, Headspace

CMMC eDiscovery Tool, Camelot Secure

Frontline Team Member Passwordless MFA, ABM Industries

Location: Wassaja Ballroom

12:05pm - 1:30pm

Networking Lunch

Grab lunch, enjoy the fresh air, and connect with award-winning CISOs and sponsoring partners.

Location: The Courtyard

1:30pm - 1:50pm

The Future of Sustainable Data Transformation: Programmatic Governance & Compliance at Scale

Secure and compliant data is the last frontier for automation in DevOps. Enterprise data infrastructure is some of the most expensive, complex, and duplicative in IT. Organizations are facing very real tradeoffs between data access for better application development with extreme cost and risk, both due to the infrastructure as well as the effort required to maintain it. Join this interactive session to hear from technology and risk leaders who are challenging the status quo, delivering award-winning solutions that protect data at accelerated speeds to increase the pace of innovation. We’ll discuss how modern DevOps data platforms can enable sustainable IT practices by consolidating data, driving ephemeral use, and ensuring compliant, safe data. Walk away with new ideas for satisfying privacy and risk mandates while delivering value far beyond compliance that you can bring back to your company.

Ilker Taskaya, Field CTO Compliance Solutions, Delphix

Zackary Aboud, Information Security Engineering Manager, Data Masking Team, Wells Fargo

Location: Wassaja 109

CISO Chat(GPT): Protecting Against the Threat of Generative AI

With rapid advancements in AI, the emergence of generative models has revolutionized how we work. But the rise of generative AI has also presented challenges for cybersecurity, as malicious actors exploit it to create sophisticated attacks at a higher volume than ever before. Featuring insights from Navan, this session will explore how cybercriminals are weaponizing tools like ChatGPT and offer insight into how to defend against AI-generated attacks. Attendees will hear about real-world threats targeting these organizations today and leave empowered with new ideas on how to fight AI with AI.

Mick Leach, Field CISO, Abnormal Security

Prabhath Karanth, Global Head of Security & Trust, Navan

Location: Wassaja 110

2:00pm - 2:30pm

Where Security Can Lead in GenAI Adoption

The security pitfalls of generative AI have been well publicized in cases such as employees inadvertently disclosing proprietary data or malicious actors using self-learning algorithms in attacks. But what about the benefits? If AI becomes the transformative tool that experts predict, then security needs to be part of the conversation from the start. Join us to find out how to lead the executive conversations essential to adopting and sustaining a smart and secure GenAI strategy.

Nicole Darden Ford, Global VP & CISO, Rockwell Automation

Tera Ladner, Vice President, Information Risk Management and Governance, Aflac Inc

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

2:30pm - 3:00pm

Security Predictions: The Toughest Challenges CISOs Will Face

The job of CISO requires strategic, visionary, and vigilant leadership. Join this dynamic panel to find out what their internal threat detectors identify as the biggest near-term challenges. Identifying threats associated with generative AI and other emerging technologies? An overly complex security environment? Increasingly complex regulations? Personal burnout? We’ll dive into it all and more, as well as their plans to tackle them.

Kris Burkhardt, Chief Information Security Officer, Accenture

Holly Ridgeway has extensive experience in providing visionary leadership and innovation while empowering the business strategy, balancing risk, privacy and compliance. For the past 20 years, Ridgeway has built enterprise security programs in both the commercial sector and the federal government. Ridgeway served as FireEye/Mandiant’s Director, Information Security Programs, and led the Global Government and the Innovation Center. She spearheaded significant efforts to mature key services like the Security Program Assessment and developed new strategic offerings and partnerships in areas such as M&A and cyber insurance. Ridgeway either led or was instrumental in many of the largest and most strategically significant clients and engagements around the world. Ridgeway has served as the Chief Information Security Officer for PNC Financial Services Group, and the Department of Justice. In these roles, she led the organization's information security efforts with responsibility for leading all cyber program activities, including the creation of detection, monitoring, incident response, reporting and security services of the 24x7 PNC Fusion Center, and Department of Justice Security Operations Center. She is credited with developing and implementing a highly successful real-time situational awareness program and has successfully led many large incident response efforts, including Distributed Denial of Service attacks against the financial sector that occurred in 2012-13.

Holly Ridgeway, EVP, Chief Security Officer, Citizens Bank

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

3:00pm - 3:30pm

Break

Now’s the time to grab your coffee, visit sponsor booths, or answer a couple of emails.

Location: Wassaja Foyer

3:30pm - 3:55pm

The Innovation Panel: New Fronts for Cybersecurity Solutions

Stay at the forefront of security technology with a conversation with cybersecurity startups who are forging new solutions to an ever-changing threat landscape. Find out what they see as the best way to manage risk, and what they see as the most formidable future threats.

Ryan Boulais, CISO, AES

Mike DeNapoli, Director and Cybersecurity Architect, Cymulate, Cymulate

Pete Morgan, Co-Founder & CSO, Phylum

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

3:55pm - 4:15pm

Lightning Insights

Join us for a lively series of 5-minute market insights geared towards solving your biggest challenges.

Trends in AI, Developer Experience and Consolidation presented by Checkmarx

Secure Service Edge presented by Lookout

Top Recommendations from the State of Software Security 2023 presented by Veracode

Slaying the GenAI Data Loss Dragon presented by Polymer

Location: Wassaja Ballroom

4:15pm - 4:25pm

Closing Remarks

Bob Bragdon wraps up the day with some key highlights.

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

Wednesday, October 4

8:00am

Registration Opens

Location: Wassaja Foyer

8:00am - 9:00am

Networking Breakfast

Grab a coffee and breakfast while connecting with our sponsoring partners.

Location: The Courtyard, Wassaja Foyer

9:00am - 9:45am

Recognizing the Purpose in Your Work

No matter how much we enjoy our jobs we sometimes get caught up in the day-to-day activities and can forget the big picture. This can even happen to astronauts. Former NASA astronaut Mike Massimino stresses the importance of trying to remember the reason why we work as hard as we do and how we are making the world a better place through our work. For security leaders, that purpose ranges from defending against bad actors to protecting internal and customer data to fending off sophisticated nation-state cyberthreats. As an astronaut, Mike found purpose in servicing and repairing the Hubble Space Telescope. Arguably the greatest scientific instrument ever built, Hubble made some of the greatest scientific discoveries in history while showing us the beauty of our universe. Contributing to great projects makes all the hard work and sacrifice worthwhile.

Mike Massimino, Former NASA Astronaut & Best-Selling Author of Spaceman

Location: Wassaja Ballroom

9:45am - 10:10am

Ransomware Readiness: How to Prepare for the Worst

Ransomware is a problem that needs to be anticipated, not wished away. A proactive stance means elevating your security posture across multiple fronts to minimize damage and keep critical revenue-generating applications operational. Easier said than done? Learn from security leaders who have figured out how to mobilize teams across business units to coordinate multiple lines of defense.

Mia Boom-Ibes, Vice President of Security Innovation, Strategy, Analytics and Governance, Risk and Compliance, Allstate Insurance Company

Robert Neel, Vice President, Security Operations, Allstate Insurance Company

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

10:10am - 10:25am

Guided Networking

Join us for a lightly structured and low-stress way to connect with other security leaders.

Location: Wassaja Ballroom

10:25am - 10:45am

Networking Break

Grab a coffee or iced beverage, enjoy the fresh air, and connect with award-winning CISOs and sponsoring partners.

Location: Wassaja Foyer

10:45am - 11:15am

Digital Poster Program #3

API Fortress: Next-Gen Secure Integration, Delta Dental Insurance

Guardian, RunBuggy

Overcoming Challenges: Our Incident Response Program Journey, Cox Automotive

Craton, Pangea Cyber

Location: Wassaja Ballroom

11:20am - 11:50am

Digital Poster Program #4

Blackstone’s Threat Based Rapid Vulnerability Eradication, Blackstone

Penn Medicine Cybersecurity Phishing Detection & Response Initiative, Penn Medicine

Beyond SAT to Security Behavior Change and Human Risk Management, AES

Institutional Video Management System Stabilization and License Plate Camera Deployment, The University of Texas Police at Houston

Location: Wassaja Ballroom

11:55am - 12:20pm

Security Initiatives that Drive Serious Business Value

Proactive security strategies supported by a modern technology stack can help companies reap financial benefits for years to come. Learn how two CSO50-winning companies – the financial services giant Wells Fargo and the corporate travel management firm Navan – demonstrated the value of their initiatives by incorporating enhanced security measures that reduced costs and increased efficiency.

Prabhath Karanth, Global Head of Security & Trust, Navan

Zackary Aboud, Information Security Engineering Manager, Data Masking Team, Wells Fargo

Moderated by:

Beth Kormanik, Event Content Director, Foundry, IDG

Beth Kormanik, Event Content Director, Foundry, an IDG Inc. company

Location: Wassaja 109

Redefining the Security Perimeter: The Innovative Partnership Behind Dynamic Edge Segmentation

In the ceaselessly evolving cybersecurity landscape, staying ahead of threats while maintaining operational efficiency is no small feat. Traditional network edge segmentation needs to catch up, plagued by rigid policies and mounting costs. Dynamic Edge Segmentation (DES) offers a groundbreaking alternative. This transformative paradigm, co-developed by GSK and security startup Elisity, focuses on adaptive, identity-based policies for a more agile and effective security posture. Join us to delve into the real-world applications and performance metrics of DES, sharing valuable insights from pilot projects across multiple continents. Walk away with a comprehensive understanding of how to bolster your organization’s cybersecurity strategies through DES.

Jeff Binkley, Cyber Security Consultant, GSK

Mike Elmore, CISO, GSK

Mark Finch, Global OT Cyber Security Program Lead, GSK

James Winebrenner, CEO, Elisity

Location: Wassaja 110

12:25pm - 12:45pm

Explore Trends to Stay Ahead of Threats

This impactful session will showcase innovative technologies and new solution from our top partner.

Glenn Dally, Security Advisor & Architect, US National Market Southwest, IBM

Location: Wassaja Ballroom

12:45pm - 1:50pm

Networking Lunch

Grab lunch, enjoy the fresh air, and connect with award-winning CISOs and sponsoring partners.

Location: The Courtyard

1:50pm - 2:15pm

Managing the Stress of a CISO: A Story of Personal Resilience

The stress of constant vigilance, new threats, and the possibility of cyber-attacks can take a toll not only professionally but also personally on CISOs. Following a medical scare, NextEra Energy’s Ben Miron has reflected on how to manage the stress of the job and prioritize practices that help him balance work and home – with data to back up his strategies. Miron will share his own lessons and how you can put them into action.

Ben Miron, Vice President, IT Infrastructure and Cybersecurity, NextEra Energy

Location: Wassaja Ballroom

2:15pm - 2:45pm

Cyber in the Boardroom: The Conversations You Should Be Having

Corporate boards – and the U.S. Securities and Exchange Commission – have elevated the importance of security expertise. What does effective risk oversight look like? What are the metrics that boards need to understand, and which ones do not matter? How do you engage all board members about security, rather than relegate the discussion to one or two designated experts? Join us for a forward-thinking approach to security governance.

Devon Bryan was appointed as the Global Chief Information Officer for Carnival Corporation in 2022. He joined Carnival Corporation in October 2021 as the Global Chief Information Security Officer with responsibilities for conceiving, implementing, and leading technology solutions that assure compliance, protect personal data and corporate assets, increase organizational capability, and advance productivity within Carnival Corporation and its world-leading cruise line brands. Prior to Carnival Corporation, Bryan was Managing Director, Chief Information Security Officer, MUFG Union Bank N.A where he was responsible for establishing and maintaining a comprehensive information security strategy and program to ensure that information assets and technologies were appropriately protected. He was also responsible for ensuring that information security risks were identified, evaluated, mitigated, and reported in a manner that meets compliance and regulatory requirements and aligned with the risk tolerance for MUFG in the Americas region. Most recently, he served as the CISO for KPMG where he was charged with effectively designing and executing a best-in-class information and data security function with a proactive approach to enable business results. Bryan is a co-founder of Cyversity, a nonprofit geared toward improving the representation of women and minorities in the field of cybersecurity through academic scholarships, certifications, mentoring, and networking opportunities.

Devon Bryan, Global Chief Information Officer, Carnival Corporation

Donna Hart, Chief Information Security Officer, Ally Financial

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

2:45pm - 3:15pm

Generative AI, Predictive AI & the CISO

Combinations of artificial intelligence (AI) and machine learning (ML) have influenced the cybersecurity landscape for the better part of 15 years. What computers have always been able to do is make correlations to the bytes, files, hashes, and code that compromise a network. However, for all of the improvements in computing and years of refining algorithms, so much of operating the network and the cybersecurity software that protects the network are still manually intensive processes.

Frank Dickson, Program Vice President, Cybersecurity Products, IDC

Location: Wassaja Ballroom

3:15pm - 3:45pm

Wrapping Up: What’s Your Security Priority?

To close out our conference, we need your help. Attendees will choose the focus on this session in a vote on Tuesday, and we will announce the results Wednesday morning. Then this panel of experienced and thoughtful CISOs will share their collective wisdom in a candid conversation. Want to hear more about AI and security? Is it time for a frank discussion about careers and how CISOs can get the respect they deserve? Or perhaps there’s a new industry development that week that everyone is buzzing about. Let’s go there.

Tim Youngblood, Board Member, Angel Investor, Former Fortune 500 CSO

Stephanie Franklin-Thomas, Senior Vice President and Chief Information Security Officer, ABM Industries

Dave Ruedger, VP, Enterprise Technology Services and Chief Information Security Officer, Sunrun

Moderated by:

Bob Bragdon, Publisher Emeritus, CSO, Foundry, an IDG Inc. company

Location: Wassaja Ballroom

6:00pm - 6:30pm

CSO50 and Hall of Fame Cocktail Reception

Join us to toast to the 2023 honorees.

Location: The Courtyard

6:30pm - 8:30pm

CSO50 and Hall of Fame Awards Dinner & Ceremony

Celebrate security excellence at this elegant dinner and award ceremony. The 2023 CSO50 Awards presentation will honor the winning organizations for their use of innovative security to deliver business value, followed by the induction of our newest members into the CSO Hall of Fame.

Dinner celebration sponsored by IBM

Location: Wassaja Ballroom