Hotel Van Zandt
Austin, TX

SINC National CISO & Security Leaders Forum

Date

December 15 - 17, 2024

Gathering the foremost Cybersecurity Executives from across America, we will be addressing the most prevailing Technology and Leadership challenges encountered within a constantly evolving corporate environment.

Over two and a half days, we will cultivate meaningful connections and confront cybersecurity challenges in an intimate, dynamic setting. Attendees will gain insights from peers through diverse workshops, panels, roundtables, and presentations. Upholding a closed-door policy ensures that all dialogues remain within the confines of the Forum walls, fostering genuine and engaging conversations.

Discover cutting-edge technologies poised to address organizational gaps through tailored one-on-one engagements, strategically scheduled throughout the Forum and chosen based on individual needs.

Forge new connections, nurture existing ones, celebrate successes, and empathize with the shared challenges encountered by fellow Cybersecurity Leaders.

Join us at the F1000 CISO & Security Leaders Forum and depart equipped to inspire actionable change within your organization!

Master of Ceremonies

Michele Chubirka

Staff Cloud Security Advocate, Google

Connect with Me!
Attend
Sponsor

Hotel Van Zandt

Inspired by Austin’s musical roots and rich Texas history, Hotel Van Zandt’s sophisticated rock-and-roll meets your favorite worn-in leather boots. Located in the heart of Austin’s vibrant Rainey Street District, the luxury hotel features a collection of 319 guest rooms and suites, each adorned with musical prints and subtle nods to the city we love while creating a comfortable spot to settle in. Whether you’re visiting for business or a weekend getaway, you’ll enjoy all the Live Music Capital of the World has to offer. From iconic music venues and old-fashioned honky tonks to award-winning culinary, Hotel Van Zandt is your all-access pass to an authentic Austin experience.

Forum Agenda

Agenda may be subject to change. Click on each day to view full agenda.

2:00 PM - 5:00 PM CT
FORUM REGISTRATION & APP DEMONSTRATION

Get familiar with SINC Staff and the event layout. Secure your complimentary Swag Bag and learn how to use the Onsite Application for Peer Engagement and win great prizes!

5:30 PM - 7:00 PM CT
SINC WELCOME NETWORKING RECEPTION

Engage your Peers over canapes and cocktails

7:00 PM - 9:00 PM CT
SINC NETWORKING & ENGAGEMENT DINNER

Open seating buffet meal serving 5-star food and great Peer engagement before Day 1 kick’s off

7:00 AM - 7:55 AM CT
SINC IT LEADERS NETWORKING BREAKFAST

Full breakfast and lots of coffee available!

8:00 AM - 8:30 AM CT
SINC OPENING REMARKS - Setting the Tone for a Great Forum!

Let’s discuss Cybersecurity’s Social Problem

By Master of Ceremonies: Michele Chubirka, Staff Cloud Security Advocate, Google

8:30 AM - 9:20 AM CT
KEYNOTE PRESENTATION - The Art & Science of Using AI to Make Data Security Easy

Leveraging AI to transform your data security program so that it enables your business to innovate and grow is today’s reality. Historically though, data security has been the least mature domain in all of security, but due to new innovations now is the time that it can become security’s most mature program. This session will discuss why having a fundamental understanding of what data exists within your environment, where it’s running, its risk level, who has access to it, and how it’s being used are foundational to having a strong security posture – and to driving innovation and growth for your business.

Speaker:

Shane Coleman, Chief Data Security Evangelist, Cyera

Presented by: Cyera

9:30 AM - 10:10 AM CT
PANEL - Redefining Data Protection: Building Resilient and Secure Strategies for Modern Threats

In this session, we will explore both foundational and advanced strategies for protecting sensitive data across hybrid and multi-cloud environments. As organizations face increasing challenges with data storage, compliance, and security, it is essential for security teams to have clear visibility into where data is located and how it is managed. We’ll dive into best practices for data security, compliance frameworks, and effective threat detection techniques to safeguard against risks such as ransomware, misconfigurations, and unauthorized access. Additionally, we’ll discuss disaster recovery planning and innovative methods to enhance data resilience. Attendees will leave with actionable insights on how to track, secure, and manage sensitive data, enabling them to improve their security posture and ensure business continuity in an ever-changing cloud landscape.

Moderator: Lamont Orange, Global CISO, Cyera

Panelists:

Kevin Gowen, CISO, Synovus

Vinod Duggirala, Chief Security Architect

10:20 AM - 11:00 AM CT
PRESENTATION - A New Paradigm for Managing Third-Party Risk

In the past 12 months, 87% of F1000 businesses were affected by significant cyber incidents as a result of a third-party. And yet, most rely on ‘snapshot in time’ questionnaires. While necessary, snapshots are insufficient by themselves, and must be augmented with continuous monitoring in support of ongoing security operations. This requires a different approach, that includes external threat detection capabilities by using AI across Public Data.

  • The Public Data opportunity: collect, process, alert across multiple languages / modalities
  • Real-time external threat detection on a rapidly evolving threat landscape
  • The most advanced AI techniques for automating the collection, processing, delivery, and initial analysis of millions of public data sources

Speaker: Jack Carraway, Field CISO, Dataminr

Presented by: Dataminr

11:00 AM - 11:15 AM CT
SINC NETWORKING & REFRESHMENT BREAK

Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack

11:15 AM - 11:45 AM CT
WORKSHOP 1 - Proactive Exposure Hunting: Putting your Defense on Offense

Organizations are weary of playing defense. As we look to go on the offensive in our fight against relentless threat actors, emerging disciplines like Threat Exposure Management transform historically reactive tactics into proactive battle strategies. In this way, we understand not only our risk posture, but also factor our available compensating controls in our defense strategies. Join Nate Rollings, as he shares his perspective on this emerging cybersecurity practice and how Zafran is helping customers adopt and adapt.

Speaker: Nate Rollings, Field CISO, Zafran

Presented by: Zafran

11:15 AM - 11:45 AM CT
WORKSHOP 2 - Reducing Risk and Accelerating Security Investigations with Observability Data

The growing complexity of cloud-native architectures has led to an ever-expanding attack surface for bad actors to exploit vulnerabilities. The dynamic nature of these environment and the accelerated rate of change with DevOps practices has it increasingly difficult for traditional approaches to secure these applications and environments.

In this session we’ll explore:

  • The importance of a unified observability and security strategy to improve an organization’s risk posture
  • Leveraging observability data to investigate vulnerabilities and attacks more accurately and rapidly
  • Developing best practices for IT and security teams to minimize risk

Speaker: Jason Ostroski, Field CTO, Dynatrace

Presented by: Dynatrace

11:30 AM - 11:45 AM CT
SINC NETWORKING & REFRESHMENT BREAK

Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack

11:50 AM - 12:20 PM CT
Fireside Chat - Navigating the Rapidly Evolving Threat & Risk Landscape

As the cyber threat landscape continues to shift at an unprecedented pace, organizations face growing challenges in identifying, mitigating, and responding to evolving risks. This panel will bring together cybersecurity experts to discuss how businesses can stay ahead of emerging threats and create robust, adaptable risk management strategies. Through real-world examples and expert insights, we will explore the complexities of managing cyber risks in today’s dynamic environment.

Key Panel Discussion Questions:

  • What are the most significant emerging cyber threats that organizations need to be prepared for in 2025 and beyond?
  • How should organizations approach risk management in the context of accelerating digital transformation and the increasing complexity of their IT environments?
  • What role does threat intelligence play in staying ahead of cyber attackers, and how can organizations leverage it to enhance their defense strategies?
  • How can organizations foster a security-first culture to ensure that cybersecurity is not just a technical concern, but a company-wide priority?

Panelists:

Sahar Samiei, Senior Director, Product Security, Salesforce

Jalen Byford, CIO, Aetna Better Health of Oklahoma

12:20 PM - 1:25 PM CT
SINC NETWORKING LUNCH

Open seating, Buffet-style lunch. Serving food for all tastes, Palates, and preferences. Vegan, vegetarian, halal options available

1:30 PM - 2:20 PM CT
PANEL - IAM Sooo Lost- Building a Robust Security Architecture

As organizations strive to secure their digital landscapes, building a robust Identity and Access Management architecture is crucial yet fraught with challenges. This panel will bring together industry experts to discuss the complexities and obstacles faced in developing effective IAM systems. Attendees will gain valuable insights into overcoming these hurdles while ensuring security, compliance, and user experience.

Topics to Discuss:

  • User Experience vs. Security: Balancing seamless access with stringent security measures—can we really have both?
  • Scalability Issues: Preparing IAM solutions for rapid growth and changing business needs.
  • Managing Diverse User Identities: Strategies for handling multiple user types, from employees to third-party vendors.
  • Compliance Nightmares: Understanding regulations and how to maintain compliance without losing sleep.
  • Automation vs. Human Oversight: Finding the right mix of automated processes and manual checks.
  • The Threat Landscape: Addressing evolving cyber threats and ensuring IAM remains a proactive defense.
  • Cultural Challenges: Fostering a security-first mindset across the organization.
  • Mitigating Identity Exposure Holistically: Protecting your business from employees’ and vendors’ personal exposure in breaches—is that even possible?

Join us for a thought-provoking discussion that will equip you with practical solutions and insights into the complexities of building an effective IAM architecture!

Moderator: Michele Chubirka, Staff Cloud Security Advocate, Google

Panelists:

Erik Scoralick, Director of Sales Engineering, Delinea

Damon Fleury, Chief Product Officer, SpyCloud

Sasha Pereira, CISO, Wash

Ed Moore, AVP of IT Security – IAM, Carnival Corporation

2:30 PM - 3:00 PM CT
WORKSHOP 1 - Beyond the Hype: Making Autonomous Security Operations a Reality

The relentless growth of cyber threats and the increasing complexity of modern IT environments have stretched security teams to their breaking point. Autonomous solutions promise much-needed relief, but CISOs are rightly cautious. This session cuts through the hype, providing a pragmatic roadmap for incorporating autonomous capabilities into your security operations.

We’ll explore the spectrum of autonomy, from basic automation (Level 4) to true AI-driven decision-making (Level 5), clarifying what’s possible today and what lies on the horizon. Discover the compelling reasons driving the need for autonomous alert triage and response and understand the critical role of the “virtual analyst” in this evolution.

This session will equip you with the knowledge to:

  • Demystify “autonomous” and its varying levels.
  • Grasp the urgency for autonomous solutions in modern security operations.
  • Conceptualize the “virtual analyst” and its potential impact.
  • Learn key criteria for evaluating virtual analyst solutions.
  • Understand the challenges in building and deploying virtual analysts.
  • Define the evolving role of human analysts in an autonomous future.

Join us to explore a realistic path toward autonomous security operations and prepare your organization for a more secure tomorrow.

Speaker: Kumar Saurabh, CEO, AirMDR

Presented by: AirMDR

2:30 PM - 3:00 PM CT
WORKSHOP 2 - The Real Weakness is Your Supply Chain: As supply chain attacks become more sophisticated are we as an industry focusing efforts to reduce risk in the right areas?

In the last decade, an explosion of AppSec tools has come to market designed to help find and remediate vulnerabilities. However, organizations are still getting breached as attackers have shifted their focus to software pipelines – using exploits such as secrets harvesting and SCM and pipeline misconfigurations – areas that traditional AppSec tools don’t cover. Join us as we walk through some recent supply chain attacks and talk through the weakness that allowed them to happen, and then talk through some areas of focus within your security practices that can help you reduce the risk of a supply chain attack happening in your environments.

Speaker: Joe Nicastro, Field CTO, Legit Security

Presented by: Legit Security

3:00 PM - 3:15 PM CT
SINC NETWORKING & REFRESHMENT BREAK

Circle back with your Peers on the content so far while grabbing a coffee and a snack

3:15 PM - 3:45 PM CT
WORKSHOP - From Crisis to Confidence: How Data Protection Can Enhance Your Incident Response and Recovery

Cyber threats are more prevalent than ever and security teams are faced with the daunting task of optimizing their security posture while balancing budget, risk, and operational efficiency. With even the most sophisticated security stack plagued with coverage gaps and vulnerabilities, security teams are fatigued and don’t want to add yet another security tool.
Sometimes help comes from an unexpected corner. Modern backup and data security can help IT and security come together and solve problems. Learn what a data security and protection partner like Druva can do to help strengthen your security posture and streamline your incident response and recovery workflows. We will cover:

  • What typically occurs in each phase of a cyber attack
  • Common security coverage gaps in your data infrastructure
  • How to work better with your IT and backup teams

Speaker: Charles Green, Solutions Architect, Druva

Presented by: Druva

3:50 PM - 4:20 PM CT
WORKSHOP - Increased Focus on AI and Machine Learning in Cybersecurity

AI is evolving from a mere tool to a transformative catalyst for enterprise innovation. While it unlocks new business models and enhances decision-making through actionable insights, it also poses significant risks related to data privacy, security, and ethics.

Key Points:

  • AI as a Catalyst for Change: Understanding how AI can drive business transformation and efficiency.
  • Balancing Innovation and Risk: Addressing the dilemma faced by security teams—restricting AI use or risking exposure.
  • Tools for Success: Providing CIOs & CISOs with enforcement tools and developers with AI security solutions to promote safe and rapid innovation.
  • Future Resilience: Empowering organizations to navigate evolving markets by fostering responsible AI use.

Join us in exploring how to harness AI’s potential while safeguarding your organization’s future.

Speaker: Eric Harris, CISO, U.S. Department of Veterans Affairs

4:25 PM - 5:05 PM CT
PRESENTATION - Planning for the Unthinkable, what to do when the Worst Happens

OK, you’ve discovered the breach/attack, congrats, good job, gold star! Now let’s talk about the steps you’ll take to respond.

  • Is your IR plan REALLY ready?
  • Are you ready if the incident is a LOT bigger and uglier than you had planned?

In this presentation, Chris will speak to some more frightening incidents he’s seen, lessons learned from the responses, and how even with a great plan, things can go horribly, horribly wrong.

Speaker: Chris Roosenraad, Former CISO, Google Fiber

6:00 PM - 7:00 PM CT
SINC NETWORKING RECEPTION

Engage your Peers over canapés and cocktails

7:00 PM - 9:00 PM CT
SINC NETWORKING & ENGAGEMENT DINNER

Open seating buffet meal serving 5 star food and great Peer engagement

8:00 AM - 8:50 AM CT
SINC IT LEADERS NETWORKING BREAKFAST

Full Breakfast and lots of coffee available!

8:55 AM - 9:40 AM CT
KEYNOTE PRESENTATION - Navigating the Evolution of Cybersecurity: AI's Role in Securing Your Infrastructure from Past to Future

In the ever-evolving landscape of cybersecurity, staying ahead of threats is imperative. As we reflect on the past, embrace the present, and prepare for the future, the integration of artificial intelligence (AI) into security infrastructure has emerged as a disruptive technology in safeguarding digital assets. Join us at this exclusive event led by Trend Micro as we delve into the dynamic journey of AI’s impact on cybersecurity. From historical insights to current advancements and future projections, discover how AI is reshaping the defense mechanisms against cyber threats, fortifying your infrastructure, and empowering organizations to navigate the digital frontier with confidence.

Speaker: Franz Fiorim, Field CTO, Trend Micro

Presented by: Trend Micro

9:45 AM - 10:15 AM CT
PRESENTATION - Creating a Generative Security Culture

We will explore how organizations can foster a generative security culture to improve collaboration, innovation, and performance. This presentation will cover strategies for embracing restorative practices, balancing delivery speed with operational goals, and empowering teams to thrive.

By Master of Ceremonies: Michele Chubirka, Staff Cloud Security Advocate, Google

10:20 AM - 10:50 AM CT
WORKSHOP - Redefining Secure Web Access: Transforming the Browser into the First Line of Defense

As organizations increasingly adopt web-based applications and remote work models, traditional security measures are proving insufficient to safeguard against modern threats. This session explores the transformative role of secure enterprise browsers in elevating web access from a potential vulnerability to a robust security advantage. Attendees will learn how innovative browser technologies can provide enhanced data protection, mitigate insider threats, and seamlessly integrate with existing security frameworks, ensuring both productivity and resilience in today’s dynamic digital landscape.

Speaker: Jeremy Sanders, Sales Engineer, Seraphic

Presented by: Seraphic

10:50 AM - 11:05 AM CT
SINC NETWORKING & REFRESHMENT BREAK

Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack

11:05 AM - 11:45 AM CT
PANEL - Cyber Risk Management: Bringing Security to the Boardroom

In an era where cyber threats continue to escalate in sophistication and impact, ensuring cybersecurity is a top priority at the boardroom and senior management level is no longer optional—it’s a strategic imperative. This session will explore how cybersecurity leaders can effectively communicate cyber risks to the board, integrate cybersecurity into the overall business risk framework, and collaborate with executives to build a resilient, secure organization.

CISOs, risk officers, and IT leaders will share best practices for aligning cybersecurity efforts with business objectives and translating technical threats into business terms that resonate with C-suite executives and board members. Attendees will gain practical insights on how to make the case for cybersecurity investments, manage cross-functional collaboration, and drive a security-first culture from the top down.

Key Takeaways:

  • How to position cybersecurity as a critical business risk in boardroom discussions
  • Best practices for bridging the gap between technical cybersecurity teams and executive leadership
  • Building a cybersecurity strategy that aligns with business goals, financial priorities, and risk tolerance
  • Key metrics and reporting frameworks to communicate cyber risk effectively to the board
  • Strategies for fostering a collaborative relationship between security, legal, compliance, and business stakeholders
  • Real-world case studies on board-level engagement in cyber risk management and crisis response

Moderator: Chris Roosenraad, Former CISO, Google Fiber

Panelists:

Tamika Bass, Cybersecurity Director, Gannett Fleming

Eric Brown, CISO, Metropolitan Council

Nish Majmudar, VP, CISO, Mathematica

Joe Marroquin, CISO, Vestis

11:45 AM - 12:00 PM CT
CLOSING REMARKS

By Master of Ceremonies: Michele Chubirka, Staff Cloud Security Advocate, Google

12:00 PM - 1:00 PM CT
SINC NETWORKING LUNCH

Serving food for all tastes, palates, and preferences. Vegan and vegetarian options available. Serving to-go boxes for those in a hurry!

Forum Speakers