IN-PERSON

Southern California CISO Executive Summit

May 24, 2023 | Renaissance Long Beach Hotel

May 24, 2023
Renaissance Long Beach Hotel

Collaborate with your peers

Get together with Southern California's top CISOs to tackle shared business challenges and critical priorities facing your role today. Participate in this one-day, local program with peer-driven topics and interactive discussions with your true C-level peers.

Join your peers to discuss the most critical issues impacting CISOs today:

Protecting against the Rapid Evolution and Sophistication of Cyberattacks

Strengthening Traditional IAM Approaches to Keep Up with the Pace of Digital Acceleration

Setting Expectations and Navigating Challenges in Third-Party Relationships

Southern California CISO Governing Body


The Governing Body Co-Chairs shape the summit agenda, ensuring that all content is driven by CISOs, for CISOs.

Governing Body Co-Chairs

Matt Crouse

Taco Bell
CISO

Lara Divi

Dine Brands Global, Inc.
VP, CISO

Todd Friedman

ResMed
CISO

Arthur Lessard

Universal Music Group
SVP & CISO

Dan Meacham

Legendary
VP, Global Security and Corporate Operations, CISO

Emily O'Carroll

Topgolf Callaway Brands Corp.
Sr. Director, Global Information Security & IT Compliance

David Tyburski

Wynn Resorts
Vice President, Chief Information Security Officer

What to Expect

Interactive Sessions

Hear from CISO practitioners and thought leaders on how they're solving critical challenges impacting your role today in Keynote sessions, and join smaller, interactive discussions with your peers in Breakout and Boardroom sessions.

Community Networking

Make new connections and catch up with old friends in casual conversations during dedicated time for networking designed to better acquaint you with your Southern California CISO community.

Peer-to-Peer Meetings

Connect with like-minded peers in a private, one-on-one setting through Evanta's Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

Agenda


May 23, 2023

6:00pm - 8:30pm  Governing Body Welcome Reception

Governing Body Welcome Reception

Governing Body members host this dinner for attendees to launch the event with an evening of peer networking. 

We are partnering with Together We Rise (https://www.togetherwerise.org/about-us/)

  • "Children in foster care transition from home to home with their processions in trash bags.
  •  Whether you are an individual, group, or organization looking for a charitable team-building opportunity, you can support children in your community by decorating and assembling Sweet Case duffle bags.
  •  Make a difference in the lives of these children and replace trash bags with custom Sweet Case duffle bags."

11:00am - 11:45am  Breakout Session

Making Security a Core Company Value

Sean Cordero headshot

Sean Cordero

CISO - Americas & Latin America

Zscaler

Cyber risk is often viewed as something for IT departments to worry about, while business risk is a shared concern. Of course, any company that has suffered a serious breach knows cyberattacks can be as devastating as lawsuits, legislative non-compliance, and fraud. This session covers key steps in a phased zero trust transformation journey and offers CISOs advice for winning the support of organizational leadership to cultivate a strong security mindset and unleash the full power of secure digital transformation.

Join this session and learn to

  • Identify key phases of zero trust transformation
  • Demystify zero trust architecture for business leaders
  • Include everyone in conversations on cybersecurity by framing issues in terms of business risk

11:00am - 11:45am  Breakout Session

The Future of Third Party Risk

Konrad Fellmann headshot

Konrad Fellmann

VP & CISO

Cubic Corporation

Rudy Ramirez headshot

Rudy Ramirez

CISO

Citizens Business Bank

In this era of constant digital transformation, organizations rely heavily on their third parties, however, third-party relationships come with risks. There is new a push for an industry standard. The White House recently released a cybersecurity strategy pushing manufacturers and software developers to do better. CISOs are concerned because it’s not a one size fits all solution.

Join this session to discuss:

  • Why government regulation may not be the fix all
  • How can CISOs better collaborate on how to vet suppliers and software
  • Who should be on the hook for a breach, where should the responsibility fall

11:00am - 11:45am  Executive Boardroom

Security Strategies for a Robust Threat Management Program

Jeff Crume headshot

Jeff Crume

Distinguished Engineer, CTO IBM Security - Americas

IBM

Emily O'Carroll headshot

Emily O'Carroll

Sr. Director, Global Information Security & IT Compliance

Topgolf Callaway Brands Corp.

Jeffrey Aguilar headshot

Jeffrey Aguilar

CISO

Los Angeles County, CA

Wael Younan headshot

Wael Younan

Chief Information Officer/Chief Information Security Officer

CalOptima

Despite a dynamic threat landscape and constantly changing malicious TTPs, CISOs must prepare their organizations to thrive in growing complexity. From widely distributed infrastructures to high volumes of tools with different levels of control and responsibility, it can be difficult to maintain true visibility across environments. How can shifting from reactive to proactive threat management be incorporated into your security strategy to help achieve this?

Join this session to discuss:

  • Identifying blind spots due to information fragmentation
  • Understanding your full attack surface and the challenges of lowering risks
  • Reducing the noise and stress being fed into threat management systems and pressure on teams

11:00am - 11:45am  Executive Boardroom

IaC, Malware, Ransomware, Oh My!

Jonathan Trull headshot

Jonathan Trull

CISO

Qualys

Sasha Pereira headshot

Sasha Pereira

CISO / Director of IT Security

Wash Multifamily Laundry Systems

Gary Landau headshot

Gary Landau

vCISO

Unisys

Shift Left? Shift Right? CSPM, CNAPP, CDR, the list of cloud security acronyms can be lengthy, and are often used interchangeably depending upon the prism of the vendor you use. At the end of the day, its crucial security leaders have a clear thought-process on what tool their organization uses, so they don’t get left with one hand tied behind their back.

Join Qualys in this executive boardroom to discuss:

  • Identifying cloud tools, what works and does not
  • Best practices for a modern organization to defend and monitor cloud infrastructure
  • Potential differences in the approach for single vs. multi-cloud

11:45am - 12:30pm  Lunch Service

12:30pm - 1:05pm  Keynote

The Most Important Shift for Cybersecurity in a Generation

James Christiansen headshot

James Christiansen

VP, CSO Cloud Security Transformation

Netskope

Jerry Sto. Tomas headshot

Jerry Sto. Tomas

CISO

HealthEdge

We live in a world where everything is hybrid and the blend between personal, corporate, private and public is ever-changing and presents us with a host of new challenges. This has increased and complicated the attack surface and the pressure to converge tools and do “more with less” is at peak levels. We must meet this watershed moment with the right team, plans, and technology.

Join this interactive session to learn:

  • How to build an effective plan for change without adding to the chaos
  • What consolidation approaches save money without sacrificing security
  • Use cases that deliver immediate value and efficiency while improving user experience

1:10pm - 1:30pm  Break

7:45am - 8:30am  Registration & Breakfast

8:30am - 9:15am  Keynote

The ROI of Creativity

Noah Scalin headshot

Noah Scalin

Artist, Innovation Consultant

Guest Speaker

The World Economic Forum named creativity one of the top must-have skills for success in all industries. It is the key to thriving in this era of rapid innovation and change. But very few organizations have truly invested in the development of this essential capability. Why? Because creativity is considered too intangible to measure, too messy to fit into a strategic plan or simply something that is only for a few specially talented people.  In this engaging presentation, Artist/Author Noah Scalin pulls back the curtain on his own creative practice to explain the real ROI of creativity.

In this session, we will learn:

  • Why creativity is a crucial skill for fostering innovation at your organization
  • How to use creativity strategically for long-term impact
  • Simple strategies that anyone can use to innovate, grow and inspire others

9:15am - 9:40am  Networking Break

9:40am - 10:25am  Breakout Session

Generative AI — Enhancing Cybersecurity and Beyond

Cyrus Tibbs headshot

Cyrus Tibbs

CISO

PennyMac

Jeremy Smith headshot

Jeremy Smith

Global Head of IT Risk & Security

Avery Dennison

AI and chatbots are quickly making their way into our daily lives, revolutionizing the way we interact with technology. The introduction of Chat GPT is bringing a new level of sophistication to chatbots, enabling them to generate human-like responses with high accuracy. As a CISO, you might be wondering how AI and Chat GPT can be leveraged to enhance cybersecurity and other aspects of your business. But you also may be thinking how you are exposing the company to potential threats.

 Join this session to learn:

  • What possibilities and limitations these technologies provide
  • Why you may be at a disadvantage if you don not embrace the future of AI and Chat GPT
  • What risks are involved in using AI and Chat GPT type applications


9:40am - 10:25am  Executive Boardroom

Cloud Native Security – Shifting from Adversarial to Collaborative

Keith Mokris headshot

Keith Mokris

VP, Product Marketing

Orca Security

Arthur Lessard headshot

Arthur Lessard

SVP & CISO

Universal Music Group

Webb Deneys headshot

Webb Deneys

SVP, Information Technology, CISO

Cardinal Financial Company

Jason Borinski headshot

Jason Borinski

Director of Information Security

Dexcom

As we move into a cloud native, DevOps-driven world where agility is key, some of the best security teams are finding it’s time to shed the reputation of being “The Department of No” to break down barriers and embrace change.

Join this boardroom to learn:

  • How to implement practical approaches for reducing friction and increasing collaboration
  • What areas you can implore the power of “yes” without worry of exposure        
  • How to keep your commitment to governance, risk, and compliance


9:40am - 10:25am  Executive Boardroom

Making Every Security Investment Count

Justin Bajko headshot

Justin Bajko

Co-Founder, VP, Strategy & Business Development

Expel

Rosalia Hajek headshot

Rosalia Hajek

Business Information Security Officer

MGM Resorts International

John Rojas headshot

John Rojas

VP, Head of IT (CIO/CISO)

Air Lease Corporation

Jeff Farinich headshot

Jeff Farinich

SVP Technology and Chief Information Security Officer

New American Funding

Today’s business leaders find themselves squaring up against a two-headed monster: more attack surfaces and threats to cover than ever before and macroeconomic challenges loom. Cybersecurity isn’t something that orgs can afford to “cut down on,” so increasingly, leaders are asked to achieve even greater outcomes with the same or fewer resources — from budgets to tech to headcount. As security continues to evolve as a business-critical function, how can CISOs evaluate spend without compromising on risk?

Join this session to discuss:

  • Ways organizations are improving ROI on existing security investments
  • How leaders can translate risk into business outcomes for leadership and boards, enabled by security investment
  • How to overcome challenges security leaders face as they work to scale, grow, and innovate without sacrificing security

9:40am - 10:25am  Executive Boardroom

IAM and IGA Strategies for Achieving Least Privilege

Rich Dandliker headshot

Rich Dandliker

Chief Strategist

Veza

David Tyburski headshot

David Tyburski

Vice President, Chief Information Security Officer

Wynn Resorts

Michael Mongold headshot

Michael Mongold

Vice President, Information Security and Chief Information Security Officer

Deckers Brands

Everybody wants 'least privilege', so why does nobody achieve it? The scale and distribution of the modern hybrid data and SaaS landscape have made managing permissions harder than ever, and legacy IAM and IGA systems have serious gaps. As a result, companies accumulate unnecessary permissions (“privilege sprawl”), opening new attack surfaces for breaches, insider threats, IP theft, and ransomware.


Join this boardroom to discuss:

  • The most common types of hidden and over-privileged access 
  • Successes and challenges with existing tools and processes
  • Emerging innovations to address these problems more effectively


10:25am - 11:00am  Networking Break

10:30am - 10:55am  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

1:30pm - 2:15pm  Breakout Session

Taking Action with Threat Intelligence

Anthony Lauro headshot

Anthony Lauro

Director, Security Technology and Strategy

Akamai Technologies

Cyber threats don't take time off. And with varying budgets, staffing and technologies challenges, CISOs find that they must react and adapt accordingly to ensure their SOC is performing effectively. Find out how you can gain deep visibility into assets, access, and network flows, and granular enforcement of security policy.

Join this session to learn:

  • How to provide internal visibility as it relates to threat intel and ransomware attacks
  • Protect the modern enterprise from vulnerabilities introduced by the cloud and a distributed workforce
  • How to set priorities and build a threat-hunting road map.

1:30pm - 2:15pm  Breakout Session

CISO Says — The Game Show

David Tyburski headshot

David Tyburski

Vice President, Chief Information Security Officer

Wynn Resorts

Billy Norwood headshot

Billy Norwood

Chief Information Security Officer

FFF Enterprises

What will the security industry look like in 2025 — and beyond? Put your future forecasting skills to the test and share where your team stands by playing "CISO Says," a game show-style session powered by the top predictions prepared by Gartner's cybersecurity experts.

Come on down to:

  • Compete in a data-driven quiz game with your peers
  • Discover more about projected opportunities and challenges
  • Share how you're preparing to lead your team through changing market conditions

1:30pm - 2:15pm  Executive Boardroom

Reducing Cloud Complexity and Risk Through an Effective Cloud Security Strategy

Tina Thorstenson headshot

Tina Thorstenson

VP, Industry Business Unit & Executive Strategist

CrowdStrike

Steve Schwartz headshot

Steve Schwartz

Vice President and CISO

LionsGate Entertainment

David Suh headshot

David Suh

Director Information Security & Risk Management

Enlyte

Security consistency, performance and visibility across on-premises, hybrid, and multi-cloud environments is the desired end state for enterprise CISOs. However, challenges including siloed security tools, increasing numbers of adversary attacks on cloud, limited runtime protection, and the lack of visibility while trying to enforce compliance can stand in the way of getting there.

Join this session to discuss how to:

  • Build attainable goals for a mature and effective cloud security model
  • Implement proven strategies to improve cloud security posture
  • Minimize risks to help achieve desired business outcomes

1:30pm - 2:15pm  Executive Boardroom

Viewing Endpoint Management Through a Security Lens

Robert Leong headshot

Robert Leong

Sr. Director Product Management

HCL BigFix

Arlene Yetnikoff headshot

Arlene Yetnikoff

CISO

California Institute of Technology

Raj Gupta headshot

Raj Gupta

BISO

Pacific Life Insurance

Sunil Agarwal headshot

Sunil Agarwal

CISO, VP Information Security and Risk Management

OSI Systems

Many cybersecurity incidents result from well-known vulnerabilities that went unpatched. Delays in remediation can lead to a cascade effect of higher security risks, breaches and attacks. What strategies and tools are CISOs using to identify, prioritize and remediate security vulnerabilities across every computing device?

Join this boardroom to discuss:

  • Significantly compressing the time between discovery and remediation
  • Better leveraging threat intel to more aggressively reduce vectors of attack
  • Efficiently managing the ever-expanding number and types of devices needing protection



2:15pm - 2:50pm  Networking Break

2:20pm - 2:45pm  Peer-to-Peer Meetings

Peer-to-Peer Meetings

Connect with like-minded peers in a one-on-one setting through Evanta’s Peer-to-Peer Meetings. You will be matched with peers in your community based on your shared interests and priorities.

2:50pm - 3:35pm  Breakout Session

Tips and Tricks — Designing a Tabletop Exercise for the C-Suite

Robert Fell headshot

Robert Fell

CISO

Jazz Pharmaceuticals

Awwab Arif headshot

Awwab Arif

SVP & CISO

Bank of Hope

Getting senior executives to understand what you are trying to communicate can be tricky, daunting and at times frustrating. In this session we will help alleviate the stress as you learn from two top notch CISOs how to design an executive tabletop that produces effective results aimed towards achieving goals which are pre-established from your gap assessments.

Join this session to learn:

  • How to create the scenario that is most effective in capturing capabilities and highlighting weaknesses
  • Who should be involved in creating the tabletop scenario
  • Where your authority matrix is in your organization

2:50pm - 3:35pm  Executive Boardroom

Building Trust in Security Operations

Todd Gaiser headshot

Todd Gaiser

Vice President, Customer Security Operations, Red Canary

Red Canary

Alex Bermudez headshot

Alex Bermudez

Chief Information Security Officer

Fisker Automotive, Inc.

Manny Khan headshot

Manny Khan

Director Cybersecurity

Elsevier

Trust is at the center of what we do in cybersecurity. Trust in your team, trust in your tools, and the business’ trust in you. However, security teams face challenges everyday that erode that trust: analysts get burned out and disengage, tools deliver more noise than outcomes, and your security program is more likely to slow down your business rather than help it run at full speed. In this session, we will discuss why this is the case and how to reverse this dynamic.

 Join this executive boardroom to discuss:

  • How false positives can erode trust
  • Building engineering principles into your SecOps process
  • Why a flatter SOC is a better SOC

2:50pm - 3:35pm  Executive Boardroom

Generative AI — The Good, Bad & Scary

Mick Coady headshot

Mick Coady

CTO

Armis

John Underwood headshot

John Underwood

VP, Information Security

Big 5 Sporting Goods

Brett Cumming headshot

Brett Cumming

Sr. Director, Information Security Officer

Skechers

AI is revolutionizing the way we use technology. In just a few months Generative AI has jumped from the lab rooms and into the hands of anyone with a computer or phone. Technology like Chat GPT is moving so fast most IT teams cannot keep up with the pace. It may be the most powerful force of our time, but it’s also posed to be the most harmful. CISOs and their teams are trying to figure out how to say on the cutting edge of technology but at the same time are being proactively cautious about the risks that may arise.

In this session, you will explore:

  • What risks and benefits cybersecurity teams face embracing the new era of AI
  • How failing to leverage and adopt Generative AI may cause some enterprises to fail
  • Where potential threats and weakness lie


2:50pm - 3:35pm  Executive Boardroom

Strategically Securing Your Inbox

Abhishek Agrawal headshot

Abhishek Agrawal

Co-Founder & CEO

Material Security

Michael Mongold headshot

Michael Mongold

Vice President, Information Security and Chief Information Security Officer

Deckers Brands

Ghalib Kassam headshot

Ghalib Kassam

CIO & CISO

LA Times

Email is still at the top of the heap when it comes to a great collaboration and productivity tool, but understanding and mitigating the risks of data in mailboxes remains a formidable challenge. Email is a major an attack vector and a store of confidential data, but move to cloud-hosted, API-enabled mailboxes provides new opportunities for protecting mailbox data from threats.

Join this session to discuss:

  • Opportunities to understand and mitigate mailbox data storage
  • Strategies to protect critical data without hurting productivity
  • Methods for flexible and tailored protection

3:35pm - 4:00pm  Break

4:00pm - 4:35pm  Keynote

Risk, More an Art than a Science

Kris Virtue headshot

Kris Virtue

VP, Cybersecurity

Qualcomm

Terrence Weekes headshot

Terrence Weekes

CISO

Jack in the Box

Lara Divi headshot

Lara Divi

VP, CISO

Dine Brands Global, Inc.

The myth that companies can buy themselves out of risk is false. It doesn’t matter how much money you throw at a risk program, there is never a 100% guarantee that your company is safe from a breach. Keeping security risk to a minimum is the goal, but how do you contain risk when the playing field is constantly changing? CISOs need to look at risk management though a new lens and incorporate actionable steps to drive better frameworks, prioritizations, business alignments and risk tolerance.
 
Join this keynote to discuss:

  • Why a solid framework and effective prioritization is critical
  • What is your risk tolerance and how to calibrate investments around it
  • How to use risk to further discussions on future business alignment and investment

4:35pm - 5:00pm  Closing Reception & Prize Drawing

May 23, 2023

We look forward to seeing you at an upcoming in-person gathering


Evanta cares about the health and safety of our community. Please review the following recommendations prior to attending the gathering.

Location


Venue & Accommodation

Renaissance Long Beach Hotel
MORE INFORMATION

A block of rooms has been reserved at the Renaissance Long Beach Hotel at a reduced conference rate. Reservations should be made online or by calling 1-800-468-3571.

Deadline to book using the discounted room rate of $339 USD (plus tax) is April 21, 2023.

Your Community Partners


Global Thought Leaders
CISO Thought Leader
Key Partners

Community Program Manager


For inquiries related to this community, please reach out to your dedicated contact.

Zack Hellmann

Senior Community Program Manager

971-717-6691

zack.hellmann@evanta.com