Dive into the critical intersection of cybersecurity and M&A activities, where the stakes are high and the risks are significant. Arvin Bansal explores the unique challenges and complexities of integrating cybersecurity strategies during mergers, acquisitions, and divestitures. Gain insights into effective risk assessment methodologies, due diligence practices, and post-transaction integration strategies to safeguard sensitive data and mitigate potential threats. Join Arvin as he navigates the evolving landscape of cybersecurity in M&A transactions and explores best practices for ensuring security and compliance throughout the deal lifecycle.
The Future of Cybersecurity
CISO Think Tank
February 22, 2024 - New York, NY
Visionaries
Leo Cunningham
CISO
Owkin Inc
Think Tank Speaker
Leo has a successful track record working within different blue-chip companies and industries ranging from Start-ups/Scale-ups, Banking, FinTech, SaaS and eCommerce, providing insight, consultancy and strategy across global remits covering Information Security, Cyber Security, GRC, Auditing, Cloud and a multitude of compliance remits including PCI DSS, SOX and GDPR. At Flo Health, the number one health and wellbeing app. His team protects the data of 250 million users, equating to 300 billion data points. He is currently an advisor to multiple start-ups from the Palta Group. He has been instrumental in leading security efforts within HealthTech and FemTech. In June 2022, Flo Security delivered the industry’s first ISO 27001 certification. Leo is a multi-award winner. A Snyk influencer. A Keynote speaker worldwide and was added to the CISO Platform Top 100
Ania Kowalczuk
VP of Information Security Risk and Compliance
MongoDB
Think Tank Speaker
Ania Kowalczuk, Vice President of Information Security Risk and Compliance at MongoDB, brings a wealth of experience in steering comprehensive security strategies in the tech industry. Her expertise lies in harmonizing rigorous compliance standards with operational efficiency, ensuring MongoDB's products not only adhere to, but set benchmarks in data security and risk management. Ania’s leadership extends to shaping advanced cybersecurity initiatives, notably in developing teams focused on evolving risk and security regulations. Her insight and foresight in these areas have made her a key player in addressing the nuanced security needs of MongoDB’s diverse clientele, earning her a reputation as a forward-thinking leader in information security.
Melissa Ouari
InfoSec Risk and Business Continuity Officer
Money Management International
Think Tank Speaker
Melissa Ouari is the Information Security and Business Continuity Officer for Money Management International. She has been I the world of technology and accounting for more than 25 years and has served in leadership positions while in her role at public accounting firms in New York City and Boston. Melissa has an array of cyber risk experience and worked across virtually all industry sectors. In her role at Money Management International, she is establishing collaborative relationships with key business and IT stakeholders to strengthen security protocols across the enterprise and finding balanced solutions to achieve productivity, efficiency and internal controls.
Henry Weingarten
Managing Director
The Astrologers Fund
Israel Bryski
Head of Information Security
MIO Partners
Sara Aby
CTO
Think Tank Speaker
Starcom, founded in 2000 and headquartered in Chicago, Illinois, is a media agency that specializes in advertising and marketing.
Harry Halikias
Sr. Director, Global Information Security
Sony Music Publishing
Todd Gordon
Director of Information Security & Privacy
Eisner Amper
Think Tank Speaker
EisnerAmper clients are based in the U.S., or comprised of U.S. business interests of foreign entities. To serve domestically-based clients with interests in financial services opportunities overseas, Eisner Amper offers the resources of offices in the UK, Israel, India and EisnerAmper Global, with offices in the Cayman Islands, Singapore, and Ireland; as well as the services of Allinial Global. Todd, leads the information security team and is an experienced, detail-oriented, and innovative professional with proven performance in information security, enterprise-level systems administration, and project management.
Yabing Wang
CISO
Justworks
Think Tank Speaker
Yabing Wang is the VP and Chief Information Security Officer at Justworks. She has been in the technology world for 25 years, and has more than 20 years of extensive leadership experience in cybersecurity across different industries. Yabing thrives in transforming security into a business enabler through executive leadership, program delivery, and partnership with all stakeholders. She has built global security practices and strengthened cyber resilience at multiple fortune 100 companies and tech-forward companies.
Matthew Martin
Founder
Two Candlesticks
Mark Jankiewicz
Commercial Chief Risk Officer
Conduent
Arvin Bansal
CISO
Edmond Mack
Deputy CISO
Haleon
Alex Shulman
Managing Director, Cloud Security
Ernst & Young
Think Tank Speaker
Alex Shulman-Peleg, PhD, is a Managing Director and cybersecurity consulting leader at Ernst & Young in the Americas. She is supporting hundreds of clients with modernization and cost reduction via secure enablement of Clouds and AI, addressing the involved risk, cybersecurity and regulatory requirements. In her previous role, she was the Director and Head of Cloud Security at Citibank, where she established and led a global CISO cloud security program, as well as cloud-native security engineering enabling massive modernization and faster application development. Being a pioneer in Cloud security, she led IBM’s early products and groundbreaking R&D initiatives including multi-national European consortiums consisting of industry and research leaders. She has 14 patents and more than 30 scientific publications having thousands of citations. She has decades of technological leadership and holds PhD, MSc and BSc degrees in computer science in the areas of ML, AI and computer vision.
JIM RUTT
CIO/CISO
The Dana Foundation
Amit Basu
VP, CIO & CISO
International Seaways
Think Tank Speaker
Amit Basu is the head of IT and IT Security at International Seaways (INSW). INSW, headquartered in New York City, is one of the largest tanker companies providing energy transportation services worldwide. Amit is a proven IT leader with over 25 years of experience in maritime IT and has pioneered several technology innovations in maritime. Over the last decade, Amit has led a digital transformation in INSW with a Cloud-Only IT strategy and is instrumental in designing a multi-layered cybersecurity framework promoting a cyber resilience culture. Amit holds an MBA as well as a Master of Science degree in Information Management from the Stevens Institute of Technology, New Jersey. He is also a Certified Information Security Manager from ISACA, certified in Cybersecurity Risk Management by HarvardX, Cybersecurity Oversight by Carnegie Mellon University, Maritime Cybersecurity by Lloyds Maritime, and Artificial Intelligence by MIT Sloan School of Management. Amit is an advisory board member for the Cybersecurity program at Pace University and Ithaca College, on the advisory board of Exium, and a member of the Governing Body of New York CIO Executive Summit.
Chris Hickman
Chief Security Officer
Keyfactor
Think Tank Speaker
Chris Hickman is the Chief Security Officer at Keyfactor. As a member of the senior management team, Chris is responsible for establishing & maintaining Keyfactor’s leadership position as a world-class, technical organization with deep security industry expertise. He leads client success initiatives and helps integrate the voice of the customer directly into Keyfactor’s platform and capability set. Chris previously held the position of Director of Technical Services at Alacris, an Ottawa based smartcard and certificate management company, which was sold to Microsoft and is now part of the Microsoft Identity Manager product suite. Chris has worked on PKI projects for organizations and firms including NATO, both the U.S. and Canadian Departments of Defense, Fortune 100 banks and financial institutions, manufacturers, insurance companies, telecommunication providers and retailers. He continues to be a trusted resource for enterprises looking to leverage digital certificates within existing portfolios and new product development. Chris lives in Ottawa, Canada and enjoys traveling with his family, working on classic cars, and photography.
Cedric Curry
CISO
NYC Citywide Administrative Services
Sateesh Challa Kumar
Head of Digital Transformation Office
Societe Generale
Rahul Bhardwaj
CISO - Cyber and Data Privacy | Head Information Security
EXL
Anthony Gonzalez
Principal, Strategic Advisor
Innervision Services LLC
Think Tank Speaker
Visionary, results and solutions-driven professional with 20+ years of experience in progressively responsible Cyber Security and IT leadership roles in the financial services, insurance, pharmaceutical, biotechnology, consumer goods,and chemical manufacturing industries. Adept in building and leading global Cyber Security, IT technical and support functions. Creative, resourceful problem solver with a track record of success in delivering cost-effective and value-added services to his customers. Additional experience in industrial engineering and process improvement. Specialties: Areas of expertise include: Cyber Security, Network Security,Application Security, Infrastructure Management and Security Incident Management, Disaster Recovery, Forensic Investigations, Operations Management, Financial Management, Project/Portfolio Management, Policy/Procedure Development, Budget Preparation, Strategic Planning, Process Design/Implementation, Risk Mitigation, Enterprise Architecture, IT Governance, Manufacturing/Laboratory Automation, Organizational Design, Vendor Audits, System, Start-Up Operations, Sarbanes-Oxley (SOX), Talent Development/Mentoring, International Team Management, and Regulatory Compliance
Matt Goldberg
Chief of Staff (Office of the CISO)
Clear
Think Tank Speaker
Matt Goldberg is the Chief of Staff to the CISO at CLEAR. He partnered with the CISO to establish CLEAR’s Enterprise Risk program and also owns the board of directors reporting content. Prior to CLEAR, he worked in risk at Bridgewater Associates, where he helped generate client facing insight coverage for COVID-19. He began his career as a cyber threat intelligence analyst at Citigroup, where he assisted in the establishment and operation of the financial sector's first Cyber Security Fusion Center. He holds a Bachelor’s degree in Statistics and Ethics, History & Public Policy from Carnegie Mellon University. Matt lives in New York City with his fiancé and is as excited as anything for his UConn Huskies.
Melody Balcet
CEO, WGI Corporation / Former Head of Digital, Resilience.
Global Financial Institution
Danny Brickman
Co-Founder & CEO
Oasis Security
Ofer Klein
Co-Founder & CEO
Reco
Jacob Thampi
VP Head of Cybersecurity
QBE North America
Samrah Kazmi
Chief Innovation Officer
RESRG
Think Tank Speaker
Samrah Kazmi serves as the Chief Innovation Officer at RESRG, an innovation advisory firm. She also serves as adjunct professor at New York University and The Pratt Institute. Samrah's extensive experience in leadership roles in Financial Services and Technology, as well as her deep domain expertise make her a trusted advisor to a wide range of clients, including complex financial institutions, government agencies, higher education, startups, and corporate boards. She covers a broad spectrum of topics, including Artificial Intelligence, Digital Ethics, Cybersecurity, Privacy, GRC, Regtech and Regulation. Notably, Samrah led the merger of the New York Stock Exchange with InterContinental Exchange as part of an elite Risk team and the $200bn Risk Transformation of General Electric. As an entrepreneur, she was the co-founder of Maiden Century, an alternative data platform. She has been ranked as a Top 100 Global Regtech influencer and received the Inspiring Fintech Female award from NYC Fintech Women and serves on the boards of multiple startups. In addition to degrees in Economics, Journalism, and Business, Samrah also holds certifications in Disruptive Strategy from Harvard, Digital Transformation from UC Berkeley, and Corporate Innovation and Fintech from MIT.
Upcoming events
Agenda
All times Eastern Time
8:30 AM-9:00 AM
Registration
9:00 AM-9:30 AM
Morning Networking
9:35 AM-9:45 AM
Opening Remarks
9:45 AM-10:10 AM
Vision Voices Keynote
Securing Growth: Cybersecurity Considerations in Mergers and Acquisitions
Arvin Bansal
CISO
10:15 AM-10:50 AM
Fireside Chat
Navigating AI Security in the Cloud: CISO Insights for 2024
"Navigating the Cloud" panel will focus on CISOs and InfoSec leaders exploring how to secure AI data in the evolving cloud landscape. Focused on AI security best practices, encryption, and threat intelligence, the session offers actionable insights from real-world experiences. The discussion extends to specialized topics like Zero Trust Architecture, regulatory compliance, AI-centric incident response, and vendor risk management. Engage with industry leaders for collaborative discussions, empowering CISOs with practical strategies to navigate the complexities of AI security in the cloud. Don't miss this session for essential insights into securing AI data in the dynamic cloud environment of 2024.
Chair
Rahul Bhardwaj
CISO - Cyber and Data Privacy | Head Information Security
EXL
10:50 AM-11:15 AM
Coffee Break
11:15 AM-11:30 AM
Vision Voices
Enterprise Risk and Probability Theory
In today's complicated cyber environment, the significance of a risk-centric approach is paramount. Explore the importance of adopting a risk mindset as a core in building your security strategy and ensuring buy-in from senior leaders.
Cyber Security is fundamentally a risk management function. We must know and understand our risks to effectively drive prioritization, but your picture is only as strong as your assumptions. There’s no magic crystal ball, but you can increase the confidence in your risk picture and generate buy-in from stakeholders using simple probability models. Join me as I outline these methods and show what you need to get started.
11:35 AM-11:50 AM
Disruptor
Navigating Post-Quantum Cryptography: Communicating Cyber Risk at Board-Level
12:00 PM-1:00 PM
Lunch & Disruptor Showcase
12:40 PM-12:55 PM
Disruptor
Leveraging Artificial Intelligence for SaaS Discovery
In today's interconnected business world, companies rely on SaaS applications as the operating system of business, which can pose significant cybersecurity risks. This makes it critical for companies to have effective security measures in place to properly secure their entire SaaS environment. Failure to do so can result in data breaches, financial losses, and reputational damage. To mitigate this risk, companies must ensure they are monitoring not only the SaaS applications that are managed and known to the IT team, but their entire SaaS environment. Application discovery provides a comprehensive view into the entire SaaS ecosystem, including what managed applications have access to data, connected third-party apps, and even shadow apps, as well as who has enabled them, and the level of access they’ve been granted. Using a combination of graph algorithms, anomaly detection, NLP, and GenAI tools, solutions leveraging AI can provide a complete picture of interactions and activities across users. This insight can be used to pinpoint common causes of a breach such as misconfigurations, overly permissioned users, and compromised accounts. In this session, we’ll explore the importance of investing in SaaS discovery, how AI can add the context needed to protect against common causes of breaches, and how organizations can secure their SaaS from the most common risks that can lead to a breach in 2023 and beyond.
Ofer Klein
Co-Founder & CEO
Reco
1:00 PM-1:55 PM
Keynote Panel
Building Cyber Fortitude: Digital and Risk Strategies for Resilient Cybersecurity
In the realm of building cyber resilience, organizations confront increased risk exposure amidst bold moves and evolving external challenges. Despite investments in technology and data, risk and digital leaders, including CISOs, express difficulty in keeping pace with the persistent threat of cyber crises. However, in today's business landscape, discussions of digital transformation or reinvention are inseparable from considerations of cybersecurity. Looking ahead, stakeholders, from the board to frontline cybersecurity operations, pose critical questions about resiliency. This includes inquiries about the adequacy of efforts to safeguard the company and its customers in the face of cyber attacks. The focus shifts to identifying opportunities to minimize the impact on business and shareholder value through effective threat response. Embracing cybersecurity as a whole-of-business endeavor, organizations are urged to align themselves with business owners, adapting to changes in the cyber landscape and fortifying resilience against disruptions. Building confidence in the cybersecurity program becomes paramount in navigating the dynamic and challenging cyber landscape effectively.
Panelists
Sateesh Challa Kumar
Head of Digital Transformation Office
Societe Generale
Jacob Thampi
VP Head of Cybersecurity
QBE North America
Cedric Curry
CISO
NYC Citywide Administrative Services
Samrah Kazmi
Chief Innovation Officer
RESRG
Melody Balcet
CEO, WGI Corporation / Former Head of Digital, Resilience.
Global Financial Institution
2:00 PM-2:20 PM
Networking Break
2:20 PM-3:05 PM
Panel
Ransomware and Cyber Readiness
Ransomware attacks are in the headlines, affecting businesses and individuals in all sectors. Through 2024, these attacks have continued to grow, resulting in significant financial losses, data theft, and reputational damage. Even businesses that have achieved a level of cybersecurity compliance remain at risk unless they have understood what impact a ransomware attack really means in the context of their business.
The good news? When you have identified how to protect your business from a ransomware attack you have already defined what needs to be done to reduce your total cyber risk exposure across all levels of attack. Ransomware might be the most reported attack, but is nowhere near the most expensive or damaging cyber attack you might face.
Chair
JIM RUTT
CIO/CISO
The Dana Foundation
Panelists
Melissa Ouari
InfoSec Risk and Business Continuity Officer
Money Management International
Edmond Mack
Deputy CISO
Haleon
Amit Basu
VP, CIO & CISO
International Seaways
3:10 PM-3:25 PM
Disruptor
Safeguarding Non-Human Identities: Insights from Recent Breaches
Recent security breaches, exemplified by incidents such as Cloudflare's, serve as a poignant reminder of the vulnerabilities inherent in unattended Non-Human Identities (NHIs). These breaches underscore the intricate operational hurdles even the most seasoned security teams encounter in managing NHIs effectively. While modern enterprises have diligently crafted strategies to fortify human identities and have deployed tailored solutions accordingly, the same rigor is often lacking in the realm of NHIs. In this exclusive session, esteemed Oasis Security CEO, Danny Brickman, will expound upon how organizations can significantly curtail their susceptibility to breaches by implementing robust NHI management practices, thereby diminishing their attack surface and fortifying their cyber defenses.
Danny Brickman
Co-Founder & CEO
Oasis Security
3:30 PM-4:05 PM
Fireside Chat
Third-Party Exposure
In today's interconnected business world, companies rely on vendors and suppliers for various services, which can pose significant cybersecurity risks. Third-party exposure is a major concern, as companies can be held liable for any data breaches or security incidents that occur due to the actions of their third-party providers. In 2024, this risk is expected to increase as companies continue to outsource work to third-party providers. This makes it more critical for companies to have effective security measures in place to properly secure third-party access. Failure to do so can result in data breaches, financial losses, and reputational damage. To mitigate this risk, companies must prioritize implementing comprehensive security measures that include vendor risk assessments, due diligence, contractual requirements, and ongoing monitoring. Additionally, companies must ensure that their third-party providers adhere to cybersecurity best practices and standards. By taking these proactive steps, companies can better protect themselves from the risks associated with third-party exposure in 2024 and beyond.
Chair
JIM RUTT
CIO/CISO
The Dana Foundation