-
08:00AM
Registration & Coffee in the Exhibition Area
-
8:50AM
Chair’s Opening Remarks
Prof. Dan Haagman - , CEO Chaleit, Honorary Professor of Practice, CISO - CHALEIT
-
9:00AM
PANEL DISCUSSION: Aligning Cybersecurity Governance with Business Objectives
• Translating business priorities into actionable cybersecurity strategies.
• Ensuring executive buy-in and effective communication with the board.
• Bridging the gap between cybersecurity teams and business units.
Craig Shrader, Chief Information Security Officer & Country Cyber Security Lead – Canada, HSBC
David Schwed, Chief Information Security Officer, Brokerage & Money, ROBINHOOD
Aaron Katz, Chief Information Security Officer, THE TWC GROUP -
9:25AM
Designing a Future-Ready Security Program
• Aligning your program with evolving business needs.
• Implementing scalable, modular security architectures.
• Engaging stakeholders throughout the development process.
Reserved -
9:45AM
Beyond the Horizon: The Future of Cybersecurity in an AI & Quantum World
• How AI-driven threats are evolving and how security teams can harness AI for defense.
• What post-quantum computing means for encryption, risk management, and regulatory compliance.
• Strategies to adapt cybersecurity programs to an AI- and quantum-powered world.
Bil Harmer, Operating Partner & Chief Information Security Officer, CRAFT ADVENTURES -
10:10AM
The Future of Identity in a Decentralized World
As organizations and individuals move toward a decentralized digital future, the way we manage identity is undergoing a radical transformation. In this engaging fireside chat, thought leaders will delve into the role of blockchain and decentralized identity systems, discussing how they can reshape authentication, trust, and privacy. This fireside chat will discuss balancing user privacy with organizational security while navigating the complex regulatory and technological challenges that stand in the way of widespread adoption.
• Exploring the role of blockchain and decentralized identity
• Balancing user privacy with organizational security
• Overcoming regulatory and technological barriers
Reserved -
10:30AM
Networking Break in the Exhibition Area
-
CISO PROGRAM
-
11:00AM
The Future of Risk Management – Adapting to a New Era of Threats
• Bridging the Gap: Why today’s risk management strategies fall short and how to align security with business transformation.
• Emerging Threats: The impact of AI, evolving supply chain risks, and post-quantum security challenges.
• Future-Ready Security: How organizations can redefine their approach to compliance, automation, and proactive defense.
Aaron Katz, Chief Information Security Officer, THE TWC GROUP -
11:20AM
Agentic AI: Autonomous Innovation or Emerging Threat?
Understanding Agentic AI: What distinguishes agentic AI from traditional AI systems, and why does this matter for security?
Security Risks and Threats: Exploring the unique vulnerabilities of agentic AI, including prompt injection and data poisoning.
Governance and Compliance: Strategies for aligning agentic AI deployment with regulatory frameworks like the EU AI Act and implementing effective oversight mechanisms.
Reserved -
11:40AM
PANEL DISCUSSION: AI and Machine Learning in Cybersecurity
• Exploring how AI and machine learning can enhance the efficiency of security teams by automating repetitive tasks and focusing human efforts on complex threats
• How AI tools can assist in containing and mitigating threats in real-time by analyzing vast amounts of data quickly
• Using machine learning to identify anomalies in user behavior and detect insider threats or compromised accounts
• Leveraging machine learning to create dynamic security systems that evolve with new threat patterns and emerging attack vectors
• Discussing the emerging arms race between AI-powered cybersecurity defenses and AI-driven attack methods
Luis Velandia, CIO/CISO, BEST DOCTORS INSURANCE
Abhishek Sinha, CEO & CIO, NELUMBIUM CAPITAL
Amit Basu, Vice President, Chief Information Security Officer & Chief Information Officer, INTERNATIONAL SEAWAYS, INC
Ellis Wong, Chief Information Security Officer & Head of Infrastructure Engineering, JST DIGITAL -
12:05PM
Evolving your supply chain security practices and advancing its maturity
• How security is changing and how to ideally address it
• The shift-left reality and how the solution didn't work
• The cost implications of a wrong security workflow
• How to make DevSecOps work, strategically
Thomas Shola, Chief Information Security Officer, NORTHERN BANK -
12:25PM
Leveraging Threat Intelligence in Incident Response
• Using threat intelligence to anticipate and prepare for attacks.
• Applying real-time intelligence during active incidents.
• Sharing threat data to strengthen collaborative defences.
Reserved -
DEVSECOPS PROGRAM
-
11:00AM
The Future of AI in Devsecops
• How AI is evolving from supporting security teams (assistive intelligence) to making autonomous decisions in threat detection, vulnerability management, and remediation.
• Balancing AI Regulation with Innovation in DevSecOps
• Will AI replace security engineers, or will it empower them to focus on higher-value tasks?
Mahesh Devalla, Chief Technology Officer, PLAYERS HEALTH -
11:20AM
Building Secure CI/CD Pipelines: Automation from End to End
• Automating vulnerability scans in CI/CD workflows
• Using tools like Jenkins, GitHub Actions, or GitLab for security checks
• Eliminating bottlenecks while maintaining security integrity
Reserved -
11:40AM
PANEL DISCUSSION: AI in DevSecOps: Hype vs. Reality
• Where AI is truly making an impact in security automation.
• The risks of blindly trusting AI-driven security tools.
• Balancing human expertise and AI-driven decision-making.
Mahesh Devalla, Chief Technology Officer, PLAYERS HEALTH
Kevin Ruthen, Chief Technology Officer, FORA FINANCIAL
Christopher Lundy, Senior Principal Enterprise Architect, PFIZER
Varun Duggal Principal R&D Solutions Architect, AT&T LABS -
12:05PM
Detection Engineering and IR Automation in Azure: Leveraging Sentinel, Logic Apps, Workbooks, and Azure Functions
A technical demonstration of how SecOps and DevOps teams can use a powerful mix of Azure technologies to monitor their cloud environment and automate remediation actions for suspicious activity
Felipe G, Cyber Security Engineer, CHUBB -
12:25PM
Securing the Trade: DevSecOps in High-Frequency Trading Environments
• Balancing Speed and Security – How to integrate security into ultra-low-latency trading systems without impacting performance.
• Automating Threat Detection & Incident Response – Leveraging AI, real-time monitoring, and DevSecOps pipelines to detect and mitigate threats instantly.
• Protecting Market Data & FIX Protocol Communications – Best practices for securing trade execution, preventing data leaks, and ensuring regulatory compliance.
Carl Gordon, DevOps Engineer/Trade Support/Automation, CREDIT SUISSE -
CLOUD SECURITY PROGRAM
-
09:50AM
Navigating U.S. Privacy Laws in the Cloud
-
11:20AM
Architecting Security for Multi-Cloud Success
• Designing unified security frameworks across AWS, Azure, GCP
• Implementing centralized visibility and monitoring solutions
• Harmonizing controls and governance to reduce complexity
Natalia Bakhtina, Director of Cyber Security & Risk Management, BFL CANADA -
11:40AM
PANEL DISCUSSION: The Future of Cloud Security: Balancing Innovation, Compliance, and Resilience
• How can organizations innovate rapidly in the cloud without compromising security or regulatory compliance?
• How can businesses design cloud infrastructures to withstand disruptions, ransomware attacks, and evolving threat landscapes?
• What are the best practices for fostering cross-team collaboration and ensuring everyone is invested in secure outcomes?
• How will emerging technologies like AI-driven security analytics, post-quantum cryptography, and zero trust frameworks shape the next generation of cloud security?
Vinay Venkatesh, Director, Technology – DevSecOps, Cloud – Site Reliability, Observability Engineering, EVELANCE HEALTH
Bijit Ghosh, Chief Technology Officer, Global Head of Cloud Product & Engineering &
AI/ML, DEUTSCHE BANK
Sean Greenberg, Senior Cloud Security Engineer, Practice Lead Cloud Security, CERBERUS CAPITAL MANAGEMENT -
12:05PM
Implementing Zero Trust Architectures in Cloud Environments
• Verifying every user, device, and service request
• Using adaptive authentication and continuous verification
• Minimizing implicit trust zones within the network
Reserved -
12:25PM
Detection Engineering and IR Automation in Azure: Leveraging Sentinel, Logic Apps, Workbooks, and Azure Functions
A technical demonstration of how SecOps and DevOps teams can use a powerful mix of Azure technologies to monitor their cloud environment and automate remediation actions for suspicious activity
Felipe G, Cyber Security Engineer, CHUBB -
12:45PM
Lunch & Networking Break in the Exhibition Area
-
CISO PROGRAM
-
1:45PM
PANEL DISCUSSION: Leadership in Cybersecurity: Driving Organizational Change
• Aligning Cybersecurity with Business Objectives: Exploring how leaders can integrate cybersecurity into the organization’s strategic goals to ensure it is viewed as a growth enabler, not just a cost center
• The Evolving Role of the CISO: Exploring how CISOs can move from technical specialists to strategic advisors who drive board-level decisions
• How CISOs can lead the adoption of autonomous AI tools while embedding security and governance from day one — avoiding "shadow agents" that operate outside oversight
• Leadership in Zero Trust Environments: How leaders can champion the adoption of Zero Trust models to strengthen organizational security
• How leaders can future-proof their organizations by adopting advanced encryption techniques such as homomorphic encryption to protect sensitive data
Pedro Venancio, Chief Information Officer, PROWER TELCO SERVICES
Dane Fenner, Chief Information Security Officer, FENNER LEGACY HOLDINGS, LLC
Jonathan Fuller, Chief Information Security Officer, UNITED STATES MILITARY ACADEMY AT WESTPOINT
Aruneesh Salhotra, Global Head of Application Security, NOMURA -
2:30PM
Key Metrics for Monitoring and Managing Information Risks
• Choosing indicators to measure risk management success.
• Developing dashboards to visualize risk data for stakeholders.
• Using metrics to support continuous improvement efforts
Reserved -
2:50PM
Integrating Data Science and Application Security
• Leveraging Data Science for Threat Detection: Using machine learning and predictive analytics to identify vulnerabilities and enhance application security.
• Automating Security with AI: Implementing AI-driven solutions to streamline security operations and mitigate risks in real-time.
• Balancing Innovation and Security: Ensuring robust security measures while enabling agile development and scalable cloud solutions.
Ellis Wong, Chief Information Security Officer & Head of Infrastructure Engineering, JST DIGITAL -
3:10PM
Nelumbium: A case study in Risk Management and Gen AI
• AI-Driven Cyber Threats: Deepfake fraud, model poisoning, data leakage.
• NIST AI RMF & Cybersecurity: Mapping AI risks to security threats.
• Financial Sector Risks: Insights from the US Treasury & regulatory concerns.
• Emerging Defenses: Secure AI development, Zero Trust AI.
• Case Study: Real-world AI security breach & lessons learned.
Abhishek Sinha, CEO & CIO, NELUMBIUM CAPITAL -
DEVSECOPS PROGRAM
-
1:45PM
PANEL DISCUSSION: From Checkboxes to Mindsets: Moving Beyond Compliance
• Shifting from reactive compliance to proactive security.
• Teaching teams to view security as a competitive advantage.
• Embedding a security-first philosophy into decision-making processes
Vinay Venkatesh, Director, Technology – DevSecOps, Cloud – Site Reliability, Observability Engineering, EVELANCE HEALTH
Robert LaRosa, Information Security Engineer, GELLER
Imran Khan, Cyber Transformation Lead Security Strategist, BNP PARIBAS -
2:30PM
Aligning DevSecOps with Business Objectives: Bridging Security and Strategy
• Embedding security into business strategy.
• Measuring security’s impact on business outcomes.
• Implementing automation and security frameworks that align with business growth.
• Using DevSecOps practices to ensure agentic AI behaviors stay aligned with strategic goals, enabling innovation without compromising compliance or control
Robert LaRosa, Information Security Engineer, GELLER -
2:50PM
From Noise to Necessity: Using Exploitation Intelligence to Strengthen Security in SSDLC
• What is Exploitation Intelligence in Secure Development?
• How to Apply Exploitation Intelligence in DevSecOps
• The Business Impact: Reducing Risk While Improving Efficiency
Aman Parmer, Senior Security Engineer – Application Security, HARVARD MEDIAL SCHOOL -
3:10PM
Integrating AI and Cloud Security: Strategies for Effective DevSecOps Transformation
• Leveraging AI for DevSecOps Automation
• Architecting Secure Multi-Cloud Environments
• Driving Digital Transformation with DevSecOps
Varun Duggal Principal R&D Solutions Architect, AT&T LABS -
CLOUD SECURITY PROGRAM
-
1:45PM
PANEL DISCUSSION: Post-Incident Forensics and Lessons Learned
• Collecting and preserving evidence in cloud environments
• Analyzing root causes to prevent repeat breaches
• Integrating lessons learned into improved playbooks and policies
Natalia Bakhtina, Director of Cyber Security & Risk Management, BFL CANADA -
2:30PM
Real-Time Threat Intelligence for Cloud Workloads
• Consuming global threat feeds and IOCs for proactive defense
• Correlating threat intel with cloud telemetry data
• Adjusting controls dynamically based on emerging threats
Reserved -
2:50PM
Enhancing Cloud Security with Mobile Device Management
• Unified Security Posture: Strategies for integrating MDM with cloud security protocols to protect enterprise data.
• Real-World Applications: Examples of successful MDM implementations enhancing security in diverse industries.
Sean Greenberg, Senior Cloud Security Engineer, Practice Lead Cloud Security, CERBERUS CAPITAL MANAGEMENT -
3:10PM
Privacy by Design in Cloud Architectures
• Embedding privacy considerations into system and app design
• Minimizing data collection and applying anonymization techniques
• Conducting privacy impact assessments for cloud services -
03:30PM
Networking Break in the Exhibition Area
-
4:00PM
PANEL DISCUSSION: My Story – The Journey of the Chief Information Security Officer (CISO)
In this session, hear from some of the top cybersecurity leaders as they share their personal journeys to becoming a Chief Information Security Officer (CISO). Learn about the challenges they faced, the key decisions that shaped their careers, and the skills that helped them succeed in an ever-evolving security landscape. This discussion will offer insights into leadership, risk management, and the future of the CISO role in a rapidly digitizing world.
Tammy Klotz, Chief Information Security Officer, TRINSEO
Pedro Venancio, Chief Information Officer, PROWER TELCO SERVICES
Sulohita Vaddadi, Chief Information Security Officer, GE
Aaron Katz, Chief Information Security Officer, THE TWC GROUP -
4:30PM
Is Your Cybersecurity Program Ready for AI?
• AI-Powered Threats: The New Attack Landscape
• How cybercriminals are leveraging AI for advanced phishing, deepfakes, and automated attacks
• AI for Defense: Strengthening Your Security Posture
• How AI and machine learning can enhance threat detection, response, and automation
Amit Basu, Vice President, Chief Information Security Officer & Chief Information Officer, INTERNATIONAL SEAWAYS, INC -
5:00PM
End of Conference & Networking Drinks
Not Found