San Francisco CISO Executive Summit

Join the San Francisco CISO Governing Body and their invited guests for an evening of peer networking, food and drinks, plus the opportunity to give back to the local community!

Our community partner this season is R.O.C.K – Real Options for City Kids, which is the largest provider of academic and social support for at-risk youth in San Francisco's Visitacion Valley. As part of the evening's festivities, you'll have the opportunity to put together simple circuit kits and messages of encouragement to promote curiosity and early interest in STEM fields among elementary school students in and around Visitacion Valley.

Location: Parc 55 (55 Cyril Magnin St.) | Same venue as the Executive Summit

Dietary restrictions: If you plan to attend the welcome reception but have dietary restrictions that we should be aware of, please ensure to fill out the "dietary restrictions" section of your profile in the My Evanta app, or email the San Francisco CISO Sr. Program Manager, Samantha Flaherty, at samantha.flaherty@evanta.com. 

About R.O.C.K.: Since 1994, R.O.C.K. has served the needs of children in the community by providing structured programs that foster personal development within a safe, loving and supportive environment. With the help of their programs, children who might not otherwise have a reasonable chance to succeed are granted a level playing field. In addition to active learning and development programs, their team provides an in-school and after-school presence at public schools in Visitacion Valley. You can learn more at https://rocksf.org/.

When a CISO recently posted on LinkedIn advising other CISOs to limit their commentary to cybersecurity topics, a storm of polarized responses followed. Let’s transcend the hollow banter of social media by having a real conversation about when and how CISOs should handle topics beyond the traditional infosec realm.

Join this interactive session to discuss handling challenging leadership scenarios like:

• How do we ensure that our non-expert opinions enhance discussion and group knowledge?
• If we disagree with a decision leadership makes outside of security, what strategies can we use to broach the topic?
• How do we differentiate between the perception of an unwarranted attack or a respectful counterpoint to our own decisions?

Despite a dynamic threat landscape and constantly changing malicious TTPs, CISOs must prepare their organizations to thrive in growing complexity. From widely distributed infrastructures to high volumes of tools with different levels of control and responsibility, it can be difficult to maintain true visibility across environments. How can shifting from reactive to proactive threat management be incorporated into your security strategy to help achieve this?

Join this session to discuss:

• Identifying blind spots due to information fragmentation
• Understanding your full attack surface and the challenges of lowering risks
• Reducing the noise and stress being fed into threat management systems and pressure on teams

Sometimes, cloud can seem like a "one size fits none" type of hurdle. One thing is certain, however — as the cloud landscape continues to evolve, so too should a CISO's security strategies.

Join this boardroom to:

• Gather practical takeaways and cloud solutions from your peers
• Explore solutions to current and future cloud security issues
• Gain feedback on your organization's cloud priorities

This will be an intimate, informal space for women in cybersecurity leadership roles and their allies to freely discuss best practices, key challenges, and mission-critical priorities. Come prepared to share ideas and forge new connections that can help empower each other to make an impact in your organizations and the wider Bay Area community.

This session is aimed at, but not limited to, women who are leading the cybersecurity function at their organizations (CISO or equivalent) and those reporting directly to the CISO/equivalent. Priority access will be reserved to these groups.

Presented by Zscaler

Learn how zero trust architecture secures users, workloads, and IoT/OT devices by addressing critical security shortcomings of legacy network architecture. This session covers key steps in a phased zero trust transformation journey as well as advice for winning the support of organizational leadership.

Join this session and learn to:

• Recognize issues inherent to routable networks
• Identify key phases of zero trust transformation
• Demystify zero trust architecture for business leaders

Innovation is the lifeblood of business. Security's role is protecting the enterprise. Nothing about those statements is contradictory, and yet security teams often have a reputation as a roadblock for new ideas. How can security leaders change this narrative and establish their team as key partners in driving and facilitating innovation?

Join this session to hear from a panel about:

• Adopting a "culture of yes" mindset within the security organization
• Leveraging risk to position security as a driver of business value
• Collaborating cross-functionally to champion innovation across the enterprise

The number of human and machine identities seeking access to data and critical business systems has grown exponentially, in turn increasing the threat landscape and challenging traditional IAM paradigms. How do security leaders keep a pulse on tools and capabilities to assess their organization’s cybersecurity posture?

 Join this boardroom to discuss: 

• Managing and securing all identities
• Mitigating risks in multi-cloud and hybrid environments 
• Addressing user fatigue and balancing usability with security

Trust is at the center of what we do in cybersecurity. Trust in your team, trust in your tools, and the business’ trust in you. However, security teams face challenges everyday that erode that trust: analysts get burned out and disengage, tools deliver more noise than outcomes, and your security program is more likely to slow down your business rather than help it run at full speed. In this session, we will discuss why this is the case and how to reverse this dynamic.

 Join this executive boardroom to discuss:

• How false positives can erode trust
• Building engineering principles into your SecOps process
• Why a flatter SOC is a better SOC

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

There's no denying the power and popularity of generative AI programs like ChatGPT. For good or for evil, its uses seem endless. Predicting exactly how this advanced AI will impact the future of cyber security is impossible. But through collaboration with your C-level peers, you might be able to prepare.

Join this interactive session to:

• Share your thoughts on enterprise use cases for generative AI
• Gauge the impact this tech advancement is having across industries
• Unpack concerns around developing policies, loss of IP, etc.

Today’s business leaders find themselves squaring up against a two-headed monster: more attack surfaces and threats to cover than ever before and macroeconomic challenges loom. Cybersecurity isn’t something that orgs can afford to “cut down on,” so increasingly, leaders are asked to achieve even greater outcomes with the same or fewer resources — from budgets to tech to headcount. As security continues to evolve as a business-critical function, how can CISOs evaluate spend without compromising on risk?

Join this session to discuss:

• Ways organizations are improving ROI on existing security investments
• How leaders can translate risk into business outcomes for leadership and boards, enabled by security investment
• How to overcome challenges security leaders face as they work to scale, grow, and innovate without sacrificing security

There's no denying that technology with the ability to be creative is a game changer for businesses. As with any new tool, the obvious question for CISOs is always, "Is it worth the risk?" One company that said yes is Navan (formerly TripActions), which integrated ChatGPT into its online travel and expense platform earlier this year.

In this session, leaders from Navan's security, engineering and communications teams will discuss:

• Working together to leverage ChatGPT for internal and customer-facing projects
• Balancing security and business needs when developing policies and controls
• Assessing the impact of ChatGPT on their teams and the business