Gathering the foremost Cybersecurity Executives from across America, we will be addressing the most prevailing Technology and Leadership challenges encountered within a constantly evolving corporate environment.
Over two and a half days, we will cultivate meaningful connections and confront cybersecurity challenges in an intimate, dynamic setting. Attendees will gain insights from peers through diverse workshops, panels, roundtables, and presentations. Upholding a closed-door policy ensures that all dialogues remain within the confines of the Forum walls, fostering genuine and engaging conversations.
Discover cutting-edge technologies poised to address organizational gaps through tailored one-on-one engagements, strategically scheduled throughout the Forum and chosen based on individual needs.
Forge new connections, nurture existing ones, celebrate successes, and empathize with the shared challenges encountered by fellow Cybersecurity Leaders.
Join us at the F1000 CISO & Security Leaders Forum and depart equipped to inspire actionable change within your organization!
Hotel Van Zandt
Inspired by Austin’s musical roots and rich Texas history, Hotel Van Zandt’s sophisticated rock-and-roll meets your favorite worn-in leather boots. Located in the heart of Austin’s vibrant Rainey Street District, the luxury hotel features a collection of 319 guest rooms and suites, each adorned with musical prints and subtle nods to the city we love while creating a comfortable spot to settle in. Whether you’re visiting for business or a weekend getaway, you’ll enjoy all the Live Music Capital of the World has to offer. From iconic music venues and old-fashioned honky tonks to award-winning culinary, Hotel Van Zandt is your all-access pass to an authentic Austin experience.
Forum Agenda
Agenda may be subject to change. Click on each day to view full agenda.
2:00 PM - 5:00 PM CT
FORUM REGISTRATION & APP DEMONSTRATION
Get familiar with SINC Staff and the event layout. Secure your complimentary Swag Bag and learn how to use the Onsite Application for Peer Engagement and win great prizes!
5:30 PM - 7:00 PM CT
SINC WELCOME NETWORKING RECEPTION
Engage your Peers over canapes and cocktails
7:00 PM - 9:00 PM CT
SINC NETWORKING & ENGAGEMENT DINNER
7:00 AM - 7:55 AM CT
SINC IT LEADERS NETWORKING BREAKFAST
Full breakfast and lots of coffee available!
8:00 AM - 8:30 AM CT
SINC OPENING REMARKS - Setting the Tone for a Great Forum!
Let’s discuss Cybersecurity’s Social Problem
By Master of Ceremonies: Michele Chubirka, Staff Cloud Security Advocate, Google
8:30 AM - 9:20 AM CT
KEYNOTE PRESENTATION - The Art & Science of Using AI to Make Data Security Easy
Leveraging AI to transform your data security program so that it enables your business to innovate and grow is today’s reality. Historically though, data security has been the least mature domain in all of security, but due to new innovations now is the time that it can become security’s most mature program. This session will discuss why having a fundamental understanding of what data exists within your environment, where it’s running, its risk level, who has access to it, and how it’s being used are foundational to having a strong security posture – and to driving innovation and growth for your business.
Speakers:
Jason Clark, Chief Strategy Officer, Cyera
Lamont Orange, Global CISO, Cyera
Presented by: Cyera
9:30 AM - 10:10 AM CT
PANEL - Redefining Data Protection: Building Resilient and Secure Strategies for Modern Threats
In this session, we will explore both foundational and advanced strategies for protecting sensitive data across hybrid and multi-cloud environments. As organizations face increasing challenges with data storage, compliance, and security, it is essential for security teams to have clear visibility into where data is located and how it is managed. We’ll dive into best practices for data security, compliance frameworks, and effective threat detection techniques to safeguard against risks such as ransomware, misconfigurations, and unauthorized access. Additionally, we’ll discuss disaster recovery planning and innovative methods to enhance data resilience. Attendees will leave with actionable insights on how to track, secure, and manage sensitive data, enabling them to improve their security posture and ensure business continuity in an ever-changing cloud landscape.
Panelists:
Lamont Orange, Global CISO, Cyera
Kevin Gowen, CISO, Synovus
Vinod Duggirala, Chief Security Architect
10:20 AM - 11:00 AM CT
PRESENTATION - A New Paradigm for Managing Third-Party Risk
In the past 12 months, 87% of F1000 businesses were affected by significant cyber incidents as a result of a third-party. And yet, most rely on ‘snapshot in time’ questionnaires. While necessary, snapshots are insufficient by themselves, and must be augmented with continuous monitoring in support of ongoing security operations. This requires a different approach, that includes external threat detection capabilities by using AI across Public Data.
- The Public Data opportunity: collect, process, alert across multiple languages / modalities
- Real-time external threat detection on a rapidly evolving threat landscape
- The most advanced AI techniques for automating the collection, processing, delivery, and initial analysis of millions of public data sources
Speaker: Jack Carraway, Field CISO, Dataminr
Presented by: Dataminr
11:00 AM - 11:15 AM CT
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack
11:15 AM - 11:45 AM CT
WORKSHOP 1 - Proactive Exposure Hunting: Putting your Defense on Offense
Check back for updates on this session.
Presented by: Zafran
11:15 AM - 11:45 AM CT
WORKSHOP 2 - Reducing Risk and Accelerating Security Investigations with Observability Data
The growing complexity of cloud-native architectures has led to an ever-expanding attack surface for bad actors to exploit vulnerabilities. The dynamic nature of these environment and the accelerated rate of change with DevOps practices has it increasingly difficult for traditional approaches to secure these applications and environments.
In this session we’ll explore:
- The importance of a unified observability and security strategy to improve an organization’s risk posture
- Leveraging observability data to investigate vulnerabilities and attacks more accurately and rapidly
- Developing best practices for IT and security teams to minimize risk
Speaker: Jason Ostroski, Field CTO, Dynatrace
Presented by: Dynatrace
11:30 AM - 11:45 AM CT
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack
11:50 AM - 12:20 PM CT
Fireside Chat - Navigating the Rapidly Evolving Threat & Risk Landscape
As the cyber threat landscape continues to shift at an unprecedented pace, organizations face growing challenges in identifying, mitigating, and responding to evolving risks. This panel will bring together cybersecurity experts to discuss how businesses can stay ahead of emerging threats and create robust, adaptable risk management strategies. Through real-world examples and expert insights, we will explore the complexities of managing cyber risks in today’s dynamic environment.
Key Panel Discussion Questions:
- What are the most significant emerging cyber threats that organizations need to be prepared for in 2025 and beyond?
- How should organizations approach risk management in the context of accelerating digital transformation and the increasing complexity of their IT environments?
- What role does threat intelligence play in staying ahead of cyber attackers, and how can organizations leverage it to enhance their defense strategies?
- How can organizations foster a security-first culture to ensure that cybersecurity is not just a technical concern, but a company-wide priority?
Panelists:
Vijay Raghunaathan, Director of Cybersecurity, Albertsons Companies
David Lackey, CISO, World Vision USA
12:20 PM - 1:25 PM CT
SINC NETWORKING LUNCH
Open seating, Buffet-style lunch. Serving food for all tastes, Palates, and preferences. Vegan, vegetarian, halal options available
1:30 PM - 2:20 PM CT
PANEL - IAM Sooo Lost- Building a Robust Security Architecture
As organizations strive to secure their digital landscapes, building a robust Identity and Access Management architecture is crucial yet fraught with challenges. This panel will bring together industry experts to discuss the complexities and obstacles faced in developing effective IAM systems. Attendees will gain valuable insights into overcoming these hurdles while ensuring security, compliance, and user experience.
Topics to Discuss:
- User Experience vs. Security: Balancing seamless access with stringent security measures—can we really have both?
- Scalability Issues: Preparing IAM solutions for rapid growth and changing business needs.
- Managing Diverse User Identities: Strategies for handling multiple user types, from employees to third-party vendors.
- Compliance Nightmares: Understanding regulations and how to maintain compliance without losing sleep.
- Automation vs. Human Oversight: Finding the right mix of automated processes and manual checks.
- The Threat Landscape: Addressing evolving cyber threats and ensuring IAM remains a proactive defense.
- Cultural Challenges: Fostering a security-first mindset across the organization.
- Mitigating Identity Exposure Holistically: Protecting your business from employees’ and vendors’ personal exposure in breaches—is that even possible?
Join us for a thought-provoking discussion that will equip you with practical solutions and insights into the complexities of building an effective IAM architecture!
Moderator: Michele Chubirka, Staff Cloud Security Advocate, Google
Panelists:
Erik Scoralick, Director of Sales Engineering, Delinea
Damon Fleury, Chief Product Officer, SpyCloud
Sasha Pereira, CISO, Wash
Ed Moore, AVP of IT Security – IAM, Carnival Corporation
2:30 PM - 3:00 PM CT
WORKSHOP 1 - Beyond the Hype: Making Autonomous Security Operations a Reality
The relentless growth of cyber threats and the increasing complexity of modern IT environments have stretched security teams to their breaking point. Autonomous solutions promise much-needed relief, but CISOs are rightly cautious. This session cuts through the hype, providing a pragmatic roadmap for incorporating autonomous capabilities into your security operations.
We’ll explore the spectrum of autonomy, from basic automation (Level 4) to true AI-driven decision-making (Level 5), clarifying what’s possible today and what lies on the horizon. Discover the compelling reasons driving the need for autonomous alert triage and response and understand the critical role of the “virtual analyst” in this evolution.
This session will equip you with the knowledge to:
- Demystify “autonomous” and its varying levels.
- Grasp the urgency for autonomous solutions in modern security operations.
- Conceptualize the “virtual analyst” and its potential impact.
- Learn key criteria for evaluating virtual analyst solutions.
- Understand the challenges in building and deploying virtual analysts.
- Define the evolving role of human analysts in an autonomous future.
Join us to explore a realistic path toward autonomous security operations and prepare your organization for a more secure tomorrow.
Speaker: Kumar Saurabh, CEO, AirMDR
Presented by: AirMDR
2:30 PM - 3:00 PM CT
WORKSHOP 2 - The Real Weakness is Your Supply Chain: As supply chain attacks become more sophisticated are we as an industry focusing efforts to reduce risk in the right areas?
In the last decade, an explosion of AppSec tools has come to market designed to help find and remediate vulnerabilities. However, organizations are still getting breached as attackers have shifted their focus to software pipelines – using exploits such as secrets harvesting and SCM and pipeline misconfigurations – areas that traditional AppSec tools don’t cover. Join us as we walk through some recent supply chain attacks and talk through the weakness that allowed them to happen, and then talk through some areas of focus within your security practices that can help you reduce the risk of a supply chain attack happening in your environments.
Speaker: Joe Nicastro, Field CTO, Legit Security
Presented by: Legit Security
3:00 PM - 3:15 PM CT
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee and a snack
3:15 PM - 3:45 PM CT
WORKSHOP 1 - From Crisis to Confidence: How Data Protection Can Enhance Your Incident Response and Recovery
Cyber threats are more prevalent than ever and security teams are faced with the daunting task of optimizing their security posture while balancing budget, risk, and operational efficiency. With even the most sophisticated security stack plagued with coverage gaps and vulnerabilities, security teams are fatigued and don’t want to add yet another security tool.
Sometimes help comes from an unexpected corner. Modern backup and data security can help IT and security come together and solve problems. Learn what a data security and protection partner like Druva can do to help strengthen your security posture and streamline your incident response and recovery workflows. We will cover:
- What typically occurs in each phase of a cyber attack
- Common security coverage gaps in your data infrastructure
- How to work better with your IT and backup teams
Speaker: Charles Green, Solutions Architect, Druva
Presented by: Druva
3:15 PM - 3:45 PM CT
WORKSHOP 2 - Redefining Secure Web Access: Transforming the Browser into the First Line of Defense
As organizations increasingly adopt web-based applications and remote work models, traditional security measures are proving insufficient to safeguard against modern threats. This session explores the transformative role of secure enterprise browsers in elevating web access from a potential vulnerability to a robust security advantage. Attendees will learn how innovative browser technologies can provide enhanced data protection, mitigate insider threats, and seamlessly integrate with existing security frameworks, ensuring both productivity and resilience in today’s dynamic digital landscape.
Speaker: Jeremy Sanders, Sales Engineer, Seraphic
Presented by: Seraphic
3:50 PM - 4:20 PM CT
WORKSHOP - Increased Focus on AI and Machine Learning in Cybersecurity
AI is evolving from a mere tool to a transformative catalyst for enterprise innovation. While it unlocks new business models and enhances decision-making through actionable insights, it also poses significant risks related to data privacy, security, and ethics.
Key Points:
- AI as a Catalyst for Change: Understanding how AI can drive business transformation and efficiency.
- Balancing Innovation and Risk: Addressing the dilemma faced by security teams—restricting AI use or risking exposure.
- Tools for Success: Providing CIOs & CISOs with enforcement tools and developers with AI security solutions to promote safe and rapid innovation.
- Future Resilience: Empowering organizations to navigate evolving markets by fostering responsible AI use.
Join us in exploring how to harness AI’s potential while safeguarding your organization’s future.
4:25 PM - 5:05 PM CT
PRESENTATION - Planning for the Unthinkable, what to do when the Worst Happens
OK, you’ve discovered the breach/attack, congrats, good job, gold star! Now let’s talk about the steps you’ll take to respond.
- Is your IR plan REALLY ready?
- Are you ready if the incident is a LOT bigger and uglier than you had planned?
In this presentation, Chris will speak to some more frightening incidents he’s seen, lessons learned from the responses, and how even with a great plan, things can go horribly, horribly wrong.
Speaker: Chris Roosenraad, Former CISO, Google Fiber
6:00 PM - 7:00 PM CT
SINC NETWORKING RECEPTION
Engage your Peers over canapés and cocktails
7:00 PM - 9:00 PM CT
SINC NETWORKING & ENGAGEMENT DINNER
8:00 AM - 8:50 AM CT
SINC IT LEADERS NETWORKING BREAKFAST
Full Breakfast and lots of coffee available!
8:55 AM - 9:40 AM CT
KEYNOTE PRESENTATION - Navigating the Evolution of Cybersecurity: AI's Role in Securing Your Infrastructure from Past to Future
In the ever-evolving landscape of cybersecurity, staying ahead of threats is imperative. As we reflect on the past, embrace the present, and prepare for the future, the integration of artificial intelligence (AI) into security infrastructure has emerged as a disruptive technology in safeguarding digital assets. Join us at this exclusive event led by Trend Micro as we delve into the dynamic journey of AI’s impact on cybersecurity. From historical insights to current advancements and future projections, discover how AI is reshaping the defense mechanisms against cyber threats, fortifying your infrastructure, and empowering organizations to navigate the digital frontier with confidence.
Speaker: Franz Fiorim, Field CTO, Trend Micro
Presented by: Trend Micro
9:45 AM - 10:15 AM CT
PRESENTATION - Building a Generative Security Culture with Restorative Practices
Check back for updates on this session.
By Master of Ceremonies: Michele Chubirka, Staff Cloud Security Advocate, Google
10:20 AM - 10:50 AM CT
PRESENTATION - Cybersecurity Skills Gap and Education
The growing demand for cybersecurity professionals has highlighted a significant skills gap in the industry. This session will discuss the current state of cybersecurity education, the challenges in developing a skilled workforce, and strategies to bridge the gap. Topics will include training programs, certifications, and partnerships between academia and industry. Attendees will learn about initiatives to attract and retain cybersecurity talent and how to cultivate a culture of continuous learning within their organizations.
10:50 AM - 11:05 AM CT
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee or tea and a snack
11:05 AM - 11:45 AM CT
PANEL - Cyber Risk Management: Bringing Security to the Boardroom
In an era where cyber threats continue to escalate in sophistication and impact, ensuring cybersecurity is a top priority at the boardroom and senior management level is no longer optional—it’s a strategic imperative. This session will explore how cybersecurity leaders can effectively communicate cyber risks to the board, integrate cybersecurity into the overall business risk framework, and collaborate with executives to build a resilient, secure organization.
CISOs, risk officers, and IT leaders will share best practices for aligning cybersecurity efforts with business objectives and translating technical threats into business terms that resonate with C-suite executives and board members. Attendees will gain practical insights on how to make the case for cybersecurity investments, manage cross-functional collaboration, and drive a security-first culture from the top down.
Key Takeaways:
- How to position cybersecurity as a critical business risk in boardroom discussions
- Best practices for bridging the gap between technical cybersecurity teams and executive leadership
- Building a cybersecurity strategy that aligns with business goals, financial priorities, and risk tolerance
- Key metrics and reporting frameworks to communicate cyber risk effectively to the board
- Strategies for fostering a collaborative relationship between security, legal, compliance, and business stakeholders
- Real-world case studies on board-level engagement in cyber risk management and crisis response
Moderator: Chris Roosenraad, Former CISO, Google Fiber
Panelists:
Tamika Bass, Cybersecurity Director, Gannett Fleming
Eric Brown, CISO, Metropolitan Council
Nish Majmudar, VP, CISO, Mathematica
Joe Marroquin, CISO, Vestis
11:45 AM - 12:00 PM CT
CLOSING REMARKS
By Master of Ceremonies: Michele Chubirka, Staff Cloud Security Advocate, Google
12:00 PM - 1:00 PM CT
SINC NETWORKING LUNCH
Interested in sponsoring? Please submit a request.
Submit RequestForum Sponsors
- diamond Sponsor
- platinum Sponsor
- gold Sponsor
- silver Sponsor
diamond
Cyera
Cyera is the data security company that gives businesses context and control over their most valuable asset: data. As a pioneer in Data Security Posture Management, Cyera instantly provides companies visibility over their sensitive data, context over the risk it represents and their security exposure, and automated remediation to reduce the attack surface and ensure operational resilience. We are redefining the way companies secure their data.
Learn Morediamond
Trend Micro
We’re a global cybersecurity leader, helping to make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, our cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints.
As a leader in cloud and enterprise cybersecurity, our platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.
More from Trend Micro:
Empowering CISOs to Communicate Cyber Risk
Survival Guide For Ai-Generated Fraud
Learn Moreplatinum
Dataminr
Dataminr puts real-time AI and public data to work for our clients, generating relevant and actionable alerts for global corporations, public sector agencies, newsrooms, and NGOs. Our leading AI platform detects the earliest signals of high-impact events and emerging risks from hundreds of thousands of public data sources. Our real-time alerts enable tens of thousands of users at hundreds of public and private sector organizations across the globe to learn first of breaking events around the world, develop effective risk mitigation strategies, and respond with confidence as crises unfold.
Learn Moregold
Legit Security
Legit Security provides an application security posture management platform that secures application delivery from code to cloud and protects an organization’s software supply chain from attack.
Our enterprise-grade platform helps CISOs, application security and development teams successfully defend against the latest threats to your pre-production development environments and helps ensure governance, compliance, and integrity for every software release. The platform’s ability to auto-discover, analyze and secure from code-to-cloud in a single platform enables it to contextualize security risks, consolidate vulnerability management, and prioritize remediation so that AppSec programs can keep their businesses safe while releasing software fast.
More from Legit Security:
Modernizing Application Security to Scale for Cloud-native Development
A New Approach to Application Security
Learn More
gold
Delinea
Delinea is a pioneer in securing identities through centralized authorization, making organizations more secure by seamlessly governing their interactions across the modern enterprise.
Delinea allows organizations to apply context and intelligence throughout the identity lifecycle across cloud and traditional infrastructure, data, and SaaS applications to eliminate identity-related threats.
With intelligent authorization for all identities, Delinea is the only platform that enables you to identify each user, assign appropriate access levels, monitor interaction across the modern enterprise, and immediately respond upon detecting any irregularities.
The Delinea Platform enables your teams to accelerate adoption and be more productive by deploying in weeks, not months, and requiring 10% of the resources to manage compared to the nearest competitor.
Learn Moregold
Zafran
The Zafran Threat Exposure Management Platform is the first and only consolidated platform that integrates with your security tools to reveal, remediate, and mitigate the risk of exposures across your entire infrastructure. Zafran uses an agentless approach to reveal what is truly exploitable, while reducing manual prioritization and remediation through automated response workflows.
Learn Moregold
AirMDR
AirMDR delivers the first Managed Detection and Response (MDR) service primarily operated by AI-powered virtual analysts. This innovation materially improves the speed and accuracy of incident investigation and response, lowers costs, and reduces the workload of human security analysts. With an AI virtual analyst first approach, customers enhance their threat detection and threat intelligence while gaining uninterrupted 24/7 incident response that is backstopped by live expert humans.
Learn Moregold
Druva
Druva is the leading provider of data security, helping customers secure data against all threats. The Druva Data Security Cloud is a fully managed SaaS solution that delivers air-gapped and immutable data protection across cloud, on-premises, and edge workloads. By centralizing protected data for each customer, Druva goes beyond traditional security to accelerate incident response, cyber recovery & remediation, and data governance. The company is trusted by its more than 6,000 customers, including 65 of the Fortune 500, to protect business data in an ever-connected world.
Learn Moregold
SpyCloud
SpyCloud transforms recaptured darknet data to protect businesses from cyberattacks. Its products operationalize Cybercrime Analytics (C2A) to produce actionable insights that allow enterprises to proactively prevent ransomware and account takeover, protect their business from consumer fraud losses, and investigate cybercrime incidents. Its unique data from breaches, malware-infected devices, and other underground sources also powers many popular dark web monitoring and identity theft protection offerings.
Learn Moregold
Dynatrace
Dynatrace exists to make software work perfectly. The Dynatrace platform unifies observability, business, and security data at a massive scale (Grail) with continually updated topology and dependency mapping (Smartscape) to capture and retain full-stack data context. It leverages hypermodal AI (Davis), combining predictive AI to anticipate future behaviors, causal AI to deliver precise answers and intelligent automation, and generative AI to automatically provide recommendations, create suggested workflows or dashboards, and let people use natural language to explore, solve, and complete tasks. Dynatrace analytics and automation capabilities enable teams to modernize and optimize cloud operations, deliver software faster and more securely, and ensure flawless digital experiences.
More from Dynatrace:
Learn Moregold
Seraphic
Seraphic is a unique browser security solution that protects enterprise assets and provides your security team with advanced governance and policy enforcement. It’s based on innovative technology – providing robust protection against all browser attacks, including full protection against zero-day and unpatched n-day attacks. Seraphic is easy to deploy, has no impact on performance, leaves user experience untouched, and is fully compatible across all browsers and devices.
Learn Moresilver
Apex
Apex detects and prevents AI risks across your AI stack. Apex enables you to discover your shadow AI, deeply understand how your org is using AI, and protect your AI-chat platforms, AI code assistants, Copilots, and AI applications.
More from Apex:
Learn Moresilver
Intezer
Leave the SOC grunt work to Intezer. Automatically triage alerts 24/7, respond faster, and cut out noise & false positives. Try free: analyze.intezer.com
More from Intezer:
Extend Your Security Team with AI
Improving SOC Efficiency in 2024
Learn More