CISO Dinner

Senior level executive with excellent relationship management and leadership skills including building high performance teams, operations, applied technology and product management. Through my in-depth insurance and financial services knowledge, I have proven experience in bridging the gap between customer and market needs and driving revenue through strategic new products. MBA-University of Chicago. Senior level executive with excellent relationship management and leadership skills including building high performance teams, operations, applied technology and product management. Through my in-depth insurance and financial services knowledge, I have proven experience in bridging the gap between customer and market needs and driving revenue through strategic new products. MBA-University of Chicago.

Mr. Zalewski currently provides CISO, security consulting and security advisory services. These include: • International cybersecurity advisor and trainer. • Executive advisory board member for security startups, providing guidance on security market direction and product requirements. • CISO advisory board member for venture capital firms internationally. • vCISO for companies requiring temporary or part-time CISO expertise. Services also include guidance and solutions to address incident response, security program design, security assessment, security due-diligence, vendor/supplier due-diligence, security architecture review, board reporting and other key security leadership requirements. Operational experience in Healthcare, Utilities and International Retail verticals. Key Strengths: •Organizational Management •Strategic Planning & Execution •Enterprise Security Architecture/Strategy •Executive and BOD Security Governance/Reporting •Cybersecurity Incident Response •Security Risk & Compliance Management Additionally, I co-hosts the CISOSeries Defense-in-Depth Podcasts and am a frequent speaker and panel moderator at industry events.

Prabhath (PK) leads TripActions Security & Trust Org which is responsible for Product & Platform Security, Detection & Response, Enterprise Sec and Security Architecture & Engineering & GRC. His organizations core mission is to ensure Tripactions meets its security & privacy obligations to its customers, investors, regulators, and employees. PK is Senior security leader with 16+ years of leading global, cross-functional teams across hyper-growth startups, fortune 100 and big 4 consulting firms. Prior to Tripactions, PK served as a security leader in Adobe for 9+ years where he drove several initiatives to level up security & privacy as Adobe reinvented itself in the cloud and grew from $30B to $300B business. Prior to Adobe, PK was with PwC, advising fortune 100 companies on info sec & privacy strategy, governance, operations & technologies. PK is active in the security community and advice startups on product & business strategy, market positioning and to solve security and business problems at scale. PK also mentors several professionals and presents in national and international conferences on thought leadership topics. His educational background includes a bachelor’s degree in electronics & communications engineering and holds CISA, CISSP, CIPT, CDPSE, ISO 27001 Lead Implementor & PCI ISA certifications. At TripActions my organization drives several defensive and offensive security disciplines and serves as the single voice for security both internally to employees and externally with customers. Past: - Served as a security leader at Adobe for 9+ years where I drove several security programs and initiatives to level up security as Adobe reinvented itself in the cloud to grow from $30B to $300B business - Architect of Adobe common Controls Framework. Championed the implementation of CCF across all Adobe cloud products, services, platforms and operations. CCF became the backbone of Adobe’s security & trust strategy, opened up global GTM opportunities and enabled Adobe to achieve compliance with various worldwide cloud security and privacy certifications - Built a SWAT team of secops engineers & security TPMs to enforce security & ops best practices at scale for multi cloud via a companywide repeatable program through security automation - Global leadership role around security policies, automation and cloud security. Built a team of leaders who embraced an agile mindset, and deeply engaged with 500+ product teams to ensure controls are baked into the product and feature development roadmaps Specialities: i)Compliance Frameworks - PCI, SOC1/SOC2/SOC3, SOX 404, HITRUST, HIPAA, FedRAMP, GDPR, CCPA, NIST 800-53, ISO27001, ISO 27701, SSPA, ISO 22301, ISMAP, IRAP, CAIQ, SIG, UK Cyber essentials, Spanish ENS, FERPA etc. ii)Security Maturity, Risk & Governance - NIST CSF, FAIR, ISO 27005, CMMI, COSO, COBIT, BSSIM, OpenSAMM iii)Cloud Tech - AWS, Azure, GCP, Kubernetes, Hyper-Converged Infrastructure, CI/CD, Multi Cloud, Containers/Microservices Architecture, Cloud identity management iv)Sec Ops/Eng - Web application security, cloud security, penetration testing, vulnerability scanning, threat hunting, Red/Blue/Purple teaming, enterprise security, Incident response/SOC, SOAR, Trust & Safety, shifting left security, EDR, email security, CSPM, encryption, authentication, authorization, access management, security architecture, disaster recovery, supply chain risk management etc.