CISO Chicago schedule

•    Insights into the unfiltered realities CISOs face as cyber risk, AI adoption, and regulatory scrutiny converge.
•    Exploring how security leaders are balancing innovation demands with shrinking tolerance for failure.
•    What CISOs wish boards understood about operational risk, talent constraints, and security debt.
George Coleman, Vice President, Chief Information Security Officer, ARIEL INVESTMENTS
Isaac Tseng, Chief Information Security Officer, HARRIS|OAKMARK
Oscar J Giraldo, Assistant Vice President of Data Security, WATERTON

•    Learn how leading CISOs translate cyber investments into measurable impact on revenue protection, operational uptime, and customer trust.
•    Discover how to move from tool sprawl to integrated security ecosystems that deliver better visibility, faster response, and lower total cost of ownership.
•    Understand how to strengthen supply chains, third-party relationships, and incident readiness to keep the business running in the face of evolving threats.
Reserved

•    What CISOs need to know about evolving AI regulation and executive accountability.
•    How to manage uncertainty when laws, standards, and expectations are still forming.
•    Insights from peers on engaging legal, risk, and compliance teams early.
Bruce Phillips, Senior Vice President, & Chief Information Security Officer, WILLISTON FINANCIAL GROUP 
Oscar J Giraldo, Assistant Vice President of Data Security, WATERTON
Mel Fenner, Chief Digital Innovation Officer, LINCOLN UNIVERSITY

•    Insights into how generative AI is simultaneously strengthening security operations while expanding the attack surface.
•    Exploring the emerging threat landscape driven by AI-enabled phishing, fraud, and automation.
•    How to establish governance, oversight, and accountability for enterprise AI adoption.

•    Exploring accountability models when AI systems cause financial, legal, or reputational damage.
•    What boards and regulators will expect CISOs to answer after an AI-driven incident.
•    How to define ownership across security, data, legal, and product teams.
Mel Fenner, Chief Digital Innovation Officer, LINCOLN UNIVERSITY

•    Insights into which security investments are driving measurable risk reduction versus noise.
•    How to justify spend using business-aligned metrics instead of technical outputs.
•    What CISOs are deprioritizing to reduce tool sprawl and operational friction.
Allah Rakha Sheikh, Chief Information Officer, MADISON MUTUAL
Mike Koleno, Chief Technology Officer, BETTER TRUCKS

•    How to translate cyber threats into financial, operational, and reputational impact.
•    Insights into metrics and dashboards that resonate with boards and executives.
•    What separates high-trust CISOs from those stuck in technical reporting.
Pal Vankayalapati, Chief Information Security Officer, PLZ CORP

•    Insights into the cultural and operational barriers slowing DevSecOps maturity.
•    How to embed security into pipelines without overwhelming development teams.
•    What can be done to reduce friction and improve adoption across engineering.

•    What tools are delivering real visibility and risk reduction in cloud environments.
•    How to evaluate vendors against outcomes rather than feature sets.
•    Insights into simplifying cloud security stacks without increasing exposure.

•    Exploring how organizations are proving security and compliance across hybrid estates.
•    How to maintain resilience when visibility, controls, and ownership are fragmented.
•    What regulators and auditors increasingly expect to see.
•    How to inventory cryptographic dependencies and prepare for post-quantum migration across multi-cloud environments.
Abiola Olamoyegun, Vice President, Information Technology IA, PHEAA

•    Insights into how public cyber incidents are reshaping board expectations.
•    How to proactively address reputational risk before an incident occurs.
•    What boards now expect CISOs to explain in the first 48 hours after a breach.
Anamika Roy, Director, IT Audit & Data Analytics, OLD REPUBLIC GENERAL INSURANCE 

•    Insights into why foundational TPRM controls are often undervalued and how reframing them drives stronger adoption.
•    How to design onboarding and ongoing monitoring practices that reduce third-party cyber risk before incidents occur.
•    Exploring peer collaboration as a catalyst for improving TPRM maturity and prevention strategies.
Josh Aubery, Chief Compliance & Privacy Officer, WELLBE SENIOR MEDICAL

In cybersecurity, every decision comes with trade-offs, and not all risks are created equal. In this high-energy, live debate, top security leaders face off to tackle some of the toughest “what-if” scenarios CISOs encounter daily, from ransomware vs. silent data breaches, to strict access controls vs. business agility, and everything in between.

Audiences will witness real-time arguments, expert insights, and a clash of perspectives as panelists defend their stance on difficult security dilemmas. Attendees will gain insights into:
•    A deeper understanding of the trade-offs behind major security decisions
•    Actionable frameworks for prioritizing risk in their own organizations
•    Fresh insights into how leading CISOs think under pressure

Expect surprises, audience polling, and lively debate, because in cybersecurity, sometimes there is no right answer… only what’s worse.


Arpine Long, Deputy Chief Information Security Officer, COLLECTIVE HEALTH 
Tammy Klotz, Chief Information Security Officer, TRINSEO

In today’s threat landscape, security teams operate under relentless pressure—and yet pressure itself can become a strategic advantage. In this keynote, Bruce Phillips explores how cybersecurity organizations can move beyond traditional resilience and embrace antifragility, a model in which systems, teams, and processes improve through the stress they encounter.

Drawing on the philosophy of Kintsugi, where broken pottery is repaired with gold to create something stronger than the original, Phillips illustrates how transparency and thoughtful remediation can transform weaknesses into durable strengths. He connects this mindset to the principles of continuous process improvement, demonstrating how disciplined learning loops and architectural evolution can create security programs that adapt faster than adversaries.

This session provides senior leaders with a clear, actionable framework for building cybersecurity capabilities that not only withstand disruption but also grow stronger from it. Attendees will walk away with a new perspective on incident response, organizational learning, and the role of leadership in shaping adaptive, high-trust security cultures. 

Bruce Phillips, Senior Vice President, & Chief Information Security Officer, WILLISTON FINANCIAL GROUP 

•    Exploring how accountability is assigned after a major incident.
•    What boards get right, and wrong, in the aftermath of breaches.
•    Insights into how you can protect credibility under scrutiny.
Tammy Klotz, Chief Information Security Officer, TRINSEO