CISO New York schedule

•    How to communicate cyber risk in business language executives understand 
•    What is driving increased board accountability for cybersecurity oversight 
•    Insights into how leading CISOs influence strategic business decisions
Afzal Khan, Global Chief Information Security Officer, OPKO
Alan Halfenger, Chief Compliance Officer, ARCTARIS IMPACT INVESTORS
Tammy Klotz, Chief Information Security Officer, TRINESO

•    Exploring how digital transformation, AI, and third-party dependencies are redefining enterprise cyber risk
•    What CISOs need to know about the next generation of supply chain, vendor, and ecosystem threats
•    Insights into the technologies, strategies, and operating models helping organizations gain greater visibility and resilience across their extended enterprise
Reserved

•    How to create governance frameworks for enterprise AI use
•    What is the risk of unmanaged AI tools and shadow AI adoption
•    Exploring data protection concerns in generative AI environments
Rahul Patel, Chief Information Officer/Chief Innovation Officer, Managing Director, KBC BANK & VERZEKERING

•    How to lead executive decision-making during high-pressure incidents
•    What is expected from CISOs during ransomware or operational disruption
•    Insights into communication strategies during crisis response
Angela Silva, US Deputy Chief Information Security Officer, LLOYDS BANKING GROUP

•    How to build a resilient security culture across the organization
•    What is driving risky employee behavior in modern workplaces
•    Insight into fatigue, trust, and security adoption challenges
•    Exploring human decision-making during cyber incidents
•    How to create security ownership beyond the security team
Shawn Campbell, Chief Information Security Officer, OUTTEN & GOLDEN LLP

•    What is the single most important decision a leadership team makes in the first 24 hours
•    Has the threat of personal liability changed how security leaders operate?
•    How much should organizations rely on vendor-provided forensic findings?
•    Where do Security and Legal teams most commonly misalign during a crisis?
•    Will AI give defenders an advantage, or are attackers winning the race?
Corey Dennis, Chief Privacy Officer & Assistant General Counsel, LEGEND BIOTECH
Reserved for BreachRX

•    What separates successful AI agent initiatives from pilots that fail to scale
•    How to align AI agent development with business objectives, operational needs, and risk requirements
•    Insights into the organization's journey from concept to deployment, including key successes, setbacks, and takeaways
Alaa Moussawi, Chief Data Scientist, NEW YORK CITY COUNCIL

•    How to identify hidden risks introduced by generative AI tools
•    What is increasing organizational exposure through AI adoption
•    Insight into shadow AI and unmanaged integrations
•    Exploring how AI changes data access patterns
•    How to monitor and govern expanding AI ecosystems
Randy Rose, Vice President, Security Operations & Intelligence, CENTER FOR INTERNET SECURITY 
Moderator: Reserved Rocket Software 

•    Navigating the tension between rapid innovation (AI, digital transformation) and cyber risk management
•    How CISOs and business leaders align on priorities without stifling progress
•    AI governance vs innovation: how organisations can safely adopt transformative technologies
•    Delivering change at scale: when security becomes a critical enabler of transformation
•    Why tension between security and innovation is necessary, and how to manage it effectively
Reserved

•    How to identify emerging AI-driven attack techniques 
•    What is changing in phishing, fraud, and social engineering through AI 
•    Insight into attacker adoption of automation and synthetic content
Afzal Khan, Global Chief Information Security Officer, OPKO

•    Translating technical findings into business risk
•    Where GRC adds value vs creates friction
•    Balancing compliance with real risk reduction
•    What boards want vs what security reports deliver
Prasant Tangirala, Chief Information Security Officer, CITY OF STAMFORD

•    How to govern enterprise copilots and AI assistants
•    What is creating data leakage concerns in AI productivity tools
•    Insight into security gaps in embedded AI workflows
•    Exploring access control and permissions within AI ecosystems
John Decker, Chief Technology Officer, TRIAN PARTNERS

•    Identifying insider risk without creating surveillance culture
•    Key drivers of insider threats across users and contractors
•    Impact of hybrid work, burnout, and AI on insider risk
• Building insider risk programs without harming culture

•    Moving beyond vendor questionnaires in risk assessment
•    Lessons from recent supply chain and third-party incidents
•    Gaining visibility into fourth- and downstream dependencies
• Where third-party risk programs succeed and fail
•Balancing security requirements with business and vendor needs

•    Drivers of identity-based breaches in modern enterprises
•    Managing privileged access at scale
•    Rising challenge of machine identities and AI agents
•    Lessons learned from Zero Trust implementations
•    Prioritizing identity investments under budget 

•    Measuring outcomes from security investments
•    Drivers of security platform consolidation
•    Lessons from reducing tool and vendor overlap
•    Balancing best-of-breed vs platform approaches
•    Metrics that demonstrate security effectiveness

•    How organizations are addressing burnout and turnover
•    What skills CISOs are prioritizing in 2026
•    Whether AI will reduce or increase cybersecurity staffing needs
•    How leaders are developing future security managers and executives
•    What compensation, culture, and career growth strategies are working

•    Ownership of AI risk across security, privacy, legal, and business
•    Governing AI before regulations mature
•    Risks of AI outpacing governance controls
•    Privacy, compliance, and security trade-offs in AI
•    CISO collaboration with legal and risk for responsible AI

•    How organizations are modernizing security operations for today's threat landscape 
•    What role AI and automation should realistically play in detection and response 
•    Lessons learned from MDR, XDR, SIEM, and SOC transformation initiatives 
•    How CISOs are measuring SOC effectiveness beyond alert volumes 
•    Where security operations teams are still struggling despite increased investment

•    What AI-powered deception means for executive trust, business operations, and cyber risk management
•    How to prepare for deepfake-driven fraud, executive impersonation, and increasingly sophisticated social engineering attacks
•    Insights into the controls, processes, and cultural shifts organizations are adopting to verify what is real in an AI-driven world
Liron Golan, Group Chief Information Security Officer, LASER DIGITAL (Nomura Group)

•    How to structure immediate response actions during a crisis
•    What is most critical during the early hours of incident response
•    Insight into executive decision-making under uncertainty
•    How to reduce chaos during high-pressure situations
Keith Bettencourt, Director, Member Supervision Specialist Program, FINRA 
Catherine Burns, Senior Principle Intelligence Specialist, FINRA

•    How to identify and mentor future security leaders
•    What is required for long-term leadership development
•    Insight into skill gaps facing emerging CISO candidates
•    Exploring how organizations build leadership pipelines
•    How to create sustainable succession strategies