CISO Chicago schedule

•    Insights into the unfiltered realities CISOs face as cyber risk, AI adoption, and regulatory scrutiny converge.
•    Exploring how security leaders are balancing innovation demands with shrinking tolerance for failure.
•    What CISOs wish boards understood about operational risk, talent constraints, and security debt.
George Coleman, Vice President, Chief Information Security Officer, ARIEL INVESTMENTS

•    Insights into how generative AI is simultaneously strengthening security operations while expanding the attack surface.
•    Exploring the emerging threat landscape driven by AI-enabled phishing, fraud, and automation.
•    How to establish governance, oversight, and accountability for enterprise AI adoption.

•    What CISOs need to know about evolving AI regulation and executive accountability.
•    How to manage uncertainty when laws, standards, and expectations are still forming.
•    Insights from peers on engaging legal, risk, and compliance teams early.
Bruce Phillips, Senior Vice President, & Chief Information Security Officer, WILLISTON FINANCIAL GROUP 

•    Exploring accountability models when AI systems cause financial, legal, or reputational damage.
•    What boards and regulators will expect CISOs to answer after an AI-driven incident.
•    How to define ownership across security, data, legal, and product teams.

•    Insights into which security investments are driving measurable risk reduction versus noise.
•    How to justify spend using business-aligned metrics instead of technical outputs.
•    What CISOs are deprioritizing to reduce tool sprawl and operational friction.
Allah Rakha Sheikh, Chief Information Officer, MADISON MUTUAL

•    Exploring why Zero Trust remains difficult to operationalize at scale.
•    How to align identity, access, and network controls without disrupting the business.
•    Insights from real implementations, successes, failures, and lessons learned.

•    How to translate cyber threats into financial, operational, and reputational impact.
•    Insights into metrics and dashboards that resonate with boards and executives.
•    What separates high-trust CISOs from those stuck in technical reporting.
Pal Vankayalapati, Chief Information Security Officer, PLZ CORP

•    Insights into the cultural and operational barriers slowing DevSecOps maturity.
•    How to embed security into pipelines without overwhelming development teams.
•    What can be done to reduce friction and improve adoption across engineering.

•    What tools are delivering real visibility and risk reduction in cloud environments.
•    How to evaluate vendors against outcomes rather than feature sets.
•    Insights into simplifying cloud security stacks without increasing exposure.

•    Exploring how organizations are proving security and compliance across hybrid estates.
•    How to maintain resilience when visibility, controls, and ownership are fragmented.
•    What regulators and auditors increasingly expect to see.

•    Insights into how public cyber incidents are reshaping board expectations.
•    How to proactively address reputational risk before an incident occurs.
•    What boards now expect CISOs to explain in the first 48 hours after a breach.

•    Insights into why foundational TPRM controls are often undervalued and how reframing them drives stronger adoption.
•    How to design onboarding and ongoing monitoring practices that reduce third-party cyber risk before incidents occur.
•    Exploring peer collaboration as a catalyst for improving TPRM maturity and prevention strategies.
Josh Aubery, Chief Compliance & Privacy Officer, WELLBE SENIOR MEDICAL

In cybersecurity, every decision comes with trade-offs, and not all risks are created equal. In this high-energy, live debate, top security leaders face off to tackle some of the toughest “what-if” scenarios CISOs encounter daily, from ransomware vs. silent data breaches, to strict access controls vs. business agility, and everything in between.

Audiences will witness real-time arguments, expert insights, and a clash of perspectives as panelists defend their stance on difficult security dilemmas. Attendees will gain insights into:
•    A deeper understanding of the trade-offs behind major security decisions
•    Actionable frameworks for prioritizing risk in their own organizations
•    Fresh insights into how leading CISOs think under pressure

Expect surprises, audience polling, and lively debate, because in cybersecurity, sometimes there is no right answer… only what’s worse.

Arpine Long, Deputy Chief Information Security Officer, COLLECTIVE HEALTH 

•    Insights into moving beyond just recovering from attacks to strengthening systems.
•    How to learn from incidents and continuously adapt your defenses.
•    Exploring ways to build security that evolves with threats and turns challenges into growth.
Bruce Phillips, Senior Vice President, & Chief Information Security Officer, WILLISTON FINANCIAL GROUP 

•    Exploring how accountability is assigned after a major incident.
•    What boards get right, and wrong, in the aftermath of breaches.
•    Insights into how you can protect credibility under scrutiny.