2024 Agenda
October 15, 2024
SINET VIP Reception for Speakers, Sponsors, and Platinum Members Only.
October 16, 2024
SINET New York
7:30 AM – 8:30 AM
Registration
8:30 AM – 5:30 PM
General Session
Main Auditorium
8:30 AM – 8:40 AM
Welcome Remarks
Robert Rodriguez, Chairman of SINET and Venture Partner, SYN Ventures
8:40 AM – 9:20 AM
Articulating and Aligning Risk Tolerance: Building Credibility Across Company Lines
Abstract: The modern security leader must be skilled at clearly articulating their risk tolerance to internal and external stakeholders across departments—particularly between technical teams, business units, and executive leadership. How can companies bridge gaps in understanding and communication regarding cybersecurity risks, ensuring that decisions are informed and credible across all levels of the organization? We will discuss methods for fostering collaboration between technical and non-technical teams, aligning risk appetite with broader business goals, and building credibility in cross-company risk management discussions.
Moderator:
Michael Piacente, Managing Partner & Cofounder, Hitch Partners
Panelists:
– Michael McNeil, Former CISO, McKesson
– Rinki Sethi, VP & CISO, Bill.com
– Lucas Moody, SVP and CISO, Alteryx
– Tomás Maldonado, CISO, National Football League (NFL)
9:20 AM – 10:00 AM
A Holistic Incident Response Model: Beyond the Technical
Abstract: Incident response transcends technical measures, requiring a holistic approach that includes strategic partnerships with law enforcement, legal counsel, insurance providers, and communications professionals. This discussion will explore
– Critical areas of SEC solutions that garner attention from insurance companies, highlighting where prudent investments can fortify defenses.
– The importance of clear and effective messaging before, during, and after an incident.
– Proactive measures to minimize the risk of incidents and achieve a higher level of operational resilience
Moderator:
Erik Hart, CISO, Cushman & Wakefield
Panelists:
– Dawn Marie Berry, Managing Director, Technology Risk, Fitch Group
– Nick Salian, CISO, Cantor Fitzgerald
– Ed Devinney, Corporate Director Cyber Programs, Northrop Grumman
– Iranga Kahangama, Assistant Secretary for Cyber, Infrastructure, Risk and Resilience, U.S. Department of Homeland Security (DHS)
10:00 AM – 10:40 AM
Operational Resilience: The New Currency
Abstract: Optimal operational resilience moves beyond the limitations of traditional business continuity and disaster recovery plans — it requires a holistic approach to enterprise resilience that encompasses internal operations and the broader supply chain ecosystem.
This discussion will explore the legal and regulatory landscape, plus the value of various strategies to enhance an organization’s ability to anticipate, withstand, and recover from disruptions, including deliberate planning and functional simulation exercises.
Moderator:
Amandeep Lamba, Partner / Principal, Cybersecurity, Risk & Regulatory, PwC
Panelists:
– Benjamin Eason, Managing Director, Cyber, Apollo Global Management
– Davinder Rodey, CISO, Mizuho Americas
– Jay Gonzales, Former CISO, James Hardie
– Yasmine Abdillahi, Executive Director Cybersecurity GRC, Comcast
– Peter Keenan, CISO, Lazard
10:40 AM – 11:00 AM
Break
11:00 AM – 11:40 AM
Balancing Consolidation vs. Innovation
Abstract: As acquisitions across the Cyber industry become more common, small companies risk getting lost in the environment of large corporations, reducing their value-add. This complex market will continue to increase vulnerability footprints and adversely impact security teams, creating the need for nimble and innovative young companies as a result. This session will debate the critical question of a double-edged sword: Is it better to streamline operations with fewer vendors and tools via two or three large company platforms, or embrace innovation with cutting-edge solutions from emerging startups?
While streamlining with fewer vendors might boost efficiency, it could limit access to the latest tools needed to combat the evolving threat landscape. And while the best-of-class approach with tailored solutions offers an innovation edge, managing a complex web of vendors can create integration headaches. We will explore tools that security teams can use to manage varying approaches and stay protected amidst this changing landscape.
Moderator:
Gamiel Gran, Chief Commercial Officer, Mayfield Fund
Panelists:
– Jason Rouse, CISO, Bloomberg
– Paul Vixie, Deputy CISO, Amazon Web Services (AWS)
– Maria Cardow, Global CIO, Aon Cyber Solutions
– Nag Sheegihalli, VP, Identity & Access Management, MGM Resorts International
– Sai Iyer, CISO, Ziff Davis
11:40 AM – 12:20 PM
Understanding a CISO’s Perspective: Vendor Evaluation, Budget Prioritization, and Accepting Meetings
Abstract: Vendor evaluation can be a meticulous process where CISOs and security teams assess potential partners based on security standards and alignment with organizational goals — plus the balance of limited resources to address pressing security needs while ensuring long-term strategic initiatives are funded. Determining which vendor meetings to accept can become a strategic decision that CISOs navigate on a regular basis. This discussion will explore the complex vendor decision-making process and how it is influenced by a CISO’s daily responsibility of ensuring their organization’s security posture and minimizing risks to various assets across the organization.
Moderator:
Jon Brickey, SVP, Cybersecurity Evangelist, Mastercard
Panelists:
– Mark Eggleston, CISO, CSC Global
– Yonesy Núñez, CISO, The Depository Trust & Clearing Corporation (DTCC)
– Tyson Kopczynski, Former CISO, Aledade
– Randy Vickers, Deputy CISO, National Student Clearinghouse
– Brad Hildreth, CISO, Oppenheimer
12:20 PM – 1:10 PM
Lunch
1:10 PM
SINET16 Innovator Award, 2024 Winners Announcement
1:10 PM – 1:50 PM
State of Software Supply Chain Security: Rise of Material Risks and Personal Liability
Abstract: The landscape of software security is shifting dramatically. This discussion will explore the current state of software supply chain security, unpack the complexities of material risk, its impact on business viability, and the growing personal liability faced by security leaders. Whether you are investing or building the next killer platform, or the cybersecurity person approved that platform, your business and you are now potentially at risk for exposures and breaches.
Moderator:
Saša Zdjelar, Chief Trust Officer, ReversingLabs
Panelists:
– Allen Wilson, CISO, AXIS Capital
– Mike Riemer, SVP, Network Security Group (NSG) and Field CTO, Ivanti
– David Schwed, CISO, Brokerage & Money, Robinhood
– Ryan Davis, CISO, NS1, an IBM Company
– John Cadavid, CISO, UBS
1:50 PM – 2:30 PM
How Can We Achieve a More Cohesive Balance of Privacy and Security?
Abstract: This discussion will explore strategies and actionable approaches for safeguarding personal data while still maintaining robust security measures. Finding a delicate balance between privacy and security within an increasingly complex regulatory environment — without compromising one over the other — involves ethical and practical considerations including governance frameworks, the impact of AI and data-driven innovations, regulatory compliance, and the future of privacy amid cyber threats.
Moderator:
Brandon Pinzon, Former CSO, Argo Group
Panelists:
– Ben Carr, Chief Security & Trust Officer, Halcyon
– Ramachandra Hegde, SVP, CISO, Genpact
– Alain Espinosa, Global Director Cybersecurity, Upbound Group
– Taher Elgamal, Partner, Evolution Equity Partners
– Indy Dhiman, Senior Security Architect, Humana
2:30 PM – 3:10 PM
AI-Driven Software Meets Secure by Design
Abstract: Millions of developers now use AI code assistance tools like GitHub, Copilot, and Amazon Q Developer to help them build software products. In parallel, thousands of organizations seek to embed AI-capabilities like AI-enabled chatbots within their own software products, to enrich customer service. This movement is causing CISOs and product security leaders to reconsider their roles and work harder at bridging the gap with engineering to ensure that this code is both secure by design and secure by default. This panel will discuss how CISA’s Secure by Design practices can and should adapt for AI-specific considerations.
Moderator:
Tony Parrillo, VP Global Head of Cybersecurity, Enterprise IT, Schneider Electric
Panelists:
– Jeremy Gibb, MD, Global Cybersecurity Governance, Risk & Compliance, Deloitte
– Richard Barretto, CISO, Progress
– Oliver Friedrichs, Founder and CEO, Pangea
– Ann Dunkin, CIO, U.S. Department of Energy
– Janet Cinfio, CIO, Acxiom
3:10 PM – 3:30 PM
Break
3:30 PM – 4:10 PM
Deepfakes, Misinformation and Disinformation: A New Cybersecurity Threat Vector With Real Consequences
Abstract: This discussion will delve into the rapidly evolving threat of narrative attacks created by deepfakes, misinformation and disinformation — how they are created, why they have proliferated so quickly, their profound financial and reputational impacts, and regulatory efforts by government and industry groups.
Narrative attacks imply an array of cyber risks and fraud to corporations and national security. We will provide insights on how cybersecurity teams and the media industry are preparing for and responding to a growing global risk moving forward.
Moderator:
Robert Rodriguez, Chairman, SINET and Venture Partner, SYN Ventures
Panelists:
– Wasim Khaled, CEO, BLACKBIRD.AI
– Khalil Jackson, CISO, Federal Reserve Bank of New York
– Ariel Litvin, CISO, First Quality Enterprises
– Adrian Peters, MD, CISO, Vista Equity Partners
– Will Farrell, Security Officer, TikTok U.S. Data Security
4:10 PM – 4:50 PM
Advancing Automation to Create Greater Efficiency, ROI, and Scale Your Team
Abstract: The modern Cyber Risk Executive is faced with balancing business value and leverage creation, while securing enterprises at the rapid pace and scale of global technology change. Automation is viewed as a key solution and mechanism to successfully balance, but the journey can be complex and challenging.
The discussion will explore:
– Creating a culture and strategy with a automation mindset
– Automation success stories that can provide high value/high impact to enterprises
– Frameworks and insights to successfully identify and sponsor automation projects within your programs
Moderator:
Jared Nussbaum, CISO, Ares Management
Panelists:
– Tyler Tom, Chief Security Architect & Executive Director, RTX Security Architecture and Assurance, RTX
– Josh Stabiner, CISO, General Atlantic
– Troy Wilkinson, CISO, Interpublic
– Paolo del Mundo, Director of Application Security, The Motley Fool
– John Cordo, Investor, Evolution Equity Partners
4:50 PM – 5:30 PM
Risks and Controls Around Open Source and Third Party AI Models
Abstract: This discussion will explore the critical risks and the necessary governance and controls associated with the use of open-source and third-party AI models. From Shadow AI to the integration of GenAI by third-party service providers without informing clients while regulators are demanding greater visibility, regardless of the deployment model.
Moving forward, how can AI be implemented in a practical way? How can AI be used to improve efficiency? Can it truly be wielded to drive profit growth, or will it ultimately serve as just another productivity tool? We will explore predictions and questions:
– AI in all of its forms (ML, AI, Gen AI) will be embedded into everything. LLMs (and small language models) will be embedded and available everywhere.
– How can data be managed/restricted from these models? How can you create and monetize LLM?
– Is AI implementation more of a process and governance issue or a technology issue?
Moderator:
Patty Ryan, CISO, QuidelOrtho
Panelists:
– Tom Quinn, VP & CISO, T. Rowe Price
– Sandip Wadje, Managing Director, Global Head of Emerging Tech Risks, BNP Paribas
– John Shier, Field CTO, Sophos
– Robert Costello, CIO, Cybersecurity & Infrastructure Security Agency (CISA), DHS
– Sanaz Sadoughi, Senior Manager Cybersecurity, Discover Financial Services
5:30 PM
Closing Remarks
5:30 PM – 7:00 PM
General Reception