Track 1: Introductory

Connecting Cyber Risk Assessment to Integrated Decision Management

—Speakers

• Douglas Hubbard, President, Hubbard Decision Research

11:15AM - 12:00PM EDT

Track 2: Advanced

Presentation: Improving Cyber Visibility and Decision-Making at Maersk

—Speakers

• Neil Davis, Head of Cyber Risk Management, Maersk 

11:15AM - 12:00PM EDT

Track 3: CISC/C-Level Only

Roundtable: The Evolving Role of the CISO as a Business Leader

—Moderator

• Christopher Porter, CISO, Fannie Mae

—Speakers

• Mark Tomallo, CISO, Victoria's Secret
• Mary Elizabeth Faulkner, CISO, Thrivent
• Vikrant Arora, Fmr. CISO, HSS

11:15AM - 12:00PM EDT

Track 1: Introductory

Winning Over The Doubters - Cutting Through Complexity to Exceed Stakeholder Expectations

—Speakers

• Robert Moore, Vice President, Technology Risk, Mastercard
• Tom Callaghan, Co-Founder, C-Risk

01:00pm - 01:45PM EDT

Track 2: Advanced

Is It Raining Risk? What Data Says About Cyber Risk in the Cloud

—Speakers

• Wade Baker, Partner, Cyentia Institute

01:00pm - 01:45PM EDT

Track 3: CISC/C-Level Only

Managing Generative AI Risk—Workshop

—Facilitator

• Omar Khawaja, Field CISO Databricks, Board Member, Faculty Carnegie Mellon University

01:00pm - 01:45PM EDT

Track 1: Introductory

The Annual Cyber Risk Report

—Speakers

• Carolyn Schreiber, Principal, Advisory, Risk, Cyber Security, EY
• Benjamin Gowan, Sr. Data Scientist | AI, Safe Security
  

02:15PM - 03:00pm EDT

Track 2: Advanced

How to Re-think Third-Party Risk with FAIR-TAM™?—Panel

—Moderator

• Pankaj Goyal, Director, Standards & Research, FAIR Institute

—Speakers

• Sarah Sullivan, Director IS&T Security Performance, Thomas Jefferson University Hospitals
• Adam Wells, Senior Manager, Cyber Risk Services, Yum! Brands

02:15PM - 03:00pm EDT

Track 3: CISC/C-Level Only

Managing Generative AI Risk—Workshop

—Facilitator

• Omar Khawaja, Field CISO Databricks, Board Member, Faculty Carnegie Mellon University

02:15pm - 03:00PM EDT

Track 1: Introductory

The CRQ Program Development Lifecycle

—Speakers

• Zach Cossairt, Integrated Risk Program Senior Manager, Equinix
• Jon Oppenhuis, Director, Risk Strategy and Success, Safe Security

03:30PM - 04:15PM EDT

Track 2: Advanced

Using Cyber Risk Intelligence to Scale FAIR Assessments

—Speakers

• John Feezell, Director, Risk Advisory Services, Kyndryl
• Bob Maley, Chief Security Officer, Black Kite

03:30PM - 04:15PM EDT

Track 3: CISC/C-Level Only

Managing Generative AI Risk (cont.)—Workshop

—Facilitator

• Omar Khawaja, Field CISO Databricks, Board Member, Faculty Carnegie Mellon University

03:30PM - 04:15PM EDT

Track 1: Introductory

Case Study: Scenario Planning for Effect

—Speakers

• Aaron McKay, Cybersecurity Engineer, SCRAM Systems
• Jack Whitsitt, Director of CRQ, Ostrich Cyber-Risk

04:15PM - 05:00PM EDT

Track 2: Advanced

Case Study: Leveraging Risk Quantification to Build An Integrated Risk Management Program

—Speakers

• Damian Apone, Global Director, Governance, Risk & Compliance, Genuine Parts Company
• Chris Correia, Associate Partner, IBM

04:15PM - 05:00PM EDT

Fireside Chat: Incident Response and Materiality

—Speakers

• Kevin Mandia, CEO, Mandiant
• Saket Modi, CEO, Safe Security

04:15PM - 05:00PM EDT

Track 1: AI

How is the Discussion About Cyber Risk Changing at the Board Level?

—Moderator

• Larry Clinton, President, Internet Security Alliance (ISA)

—Speakers

• Elias Oxendine IV, CISO, Yum! Brands
• Kevin McCarty, CISO - US Healthcare, Cigna
• Kris Lovejoy, Board Member, Dominion Energy; SVP, Global Practice Leader, Security & Resilience, Kyndryl
• David Burg, Americas Cybersecurity Leader, EY

11:15AM - 12:00PM EDT

Track 2: FAIR Model Extensions

Connecting Threat Intel to risk with MITRE ATT&CK and FAIR™—Case Study

—Speakers

• Jon Baker, Co-founder and Director, Center for Threat-Informed Defense
• Vidit Baxi, CISO, Safe Security

11:15AM - 12:00PM EDT

Track 1: Introductory

Quantifying Multi-Product Security and Privacy AI Risk with FAIR and NIST AI RMF

—Speakers

• Tyler Britton, Security Engineer, Dropbox
• Taylor Maze, Risk & Governance Manager, Dropbox

01:00 - 01:45pm EDT

Track 2: FAIR Model Extensions

Introducing FAIR-MAM™ - A Comprehensive Approach to Loss Modeling in FAIR™

—Moderator

• Nick Sanna, Founder, FAIR Institute

—Speakers

• Tom Macphee, Cyber Risk Senior Manager, Cigna
• Filippo Curti, Financial Economist, Federal Reserve Board of Richmond
• Erica Eager, Senior Director, Risk Quantification, Safe Security

01:00 - 01:45pm EDT

Track 3: C-Level

Challenges and Opportunities of Moving to Quantitative Risk Management in ERM—Panel

—Moderator

• Evan Wheeler, Senior Director, Technology Risk Management, Capital One

—Speakers

• Ted Webster, Chief Security and Privacy Officer, Centene
• Ramesh Sepehrrad, Head of Cyber and Technology Risk, Navy Federal Credit Union
• Evan Sekeris, Head of Non-Financial Risk - Americas, MUFG
• Tanweer Surve, CTO, Cloud Control Management, Wells Fargo

01:00 - 01:45pm EDT

Track 1: Introductory

Quantifying Multi-Product Security and Privacy AI Risk with FAIR and NIST AI RMF

—Speakers

• Brandon Sloane, AI Governance, Meta
• Pankaj Goyal, Director, Standards & Research, FAIR Institute

01:45PM - 02:30PM EDT

Track 2: FAIR Model Extensions

Patch Prioritization with FAIR-CAM™—Case Study

—Speakers

• Denny Wan, Chair, Sydney Chapter, FAIR-CAM Workgroup, FAIR Institute
• John Linford, Forum Director, The Open Group
• Sasha Romanosky, Senior Policy Researcher, RAND

01:45PM - 02:30PM EDT

Track 3: C-Level

To Cyber Insure or Self Insure? That is the Question—Panel

—Moderator

• Arturo Perez-Reyes, Strategist, SVP, Cyber and Technology, Newfront

—Speakers

• Tom Srail, EVP Cyber Risk, Willis Tower Watson
• Brandon Pinzon, SVP, Chief Security Officer, Argo Group Insurance
• Mayur Patel, VP, Senior Cyber Underwriter, Munich Re

01:45PM - 02:30PM EDT

Track 1: Introductory

Using the FAIR Model for AI Risk-Based Accountability

—Speakers

• Luis Enriquez, Professor at Université de Lille—France, and Universidad Andina Simón Bolivar—Ecuador

03:00pm - 03:45pm EDT

Track 2: FAIR Model Extensions

Measuring Controls Effectiveness and Risk with FAIR-CAM™

—Speakers

• Tyler Britton, Security Engineer, Dropbox
• Bryan Smith, VP Product Management, Safe Security

03:00pm - 03:45pm EDT

Track 3: C-Level

The State of the CRQ Market Planning for Effect—Case Study

—Speakers

• Cody Scott, Sr. Analyst, Security & Risk, Forrester Research

03:00pm - 03:45pm EDT

Track 1: Introductory

Deriving Probability Distributions with Pairwise Relative Comparisons—Case Study

—Speakers

• Ernest Forman, Professor, George Washington University

03:45pm - 04:30PM EDT

Track 2: FAIR Model Extensions

Measuring Real Life Cyberattacks on Enterprise Networks—Case Study

—Speakers

• Christian Ellerhold, Lead Principle Engineer, Cyber Risk Management, Infineon Technologies

03:45pm - 04:30PM EDT

Track 3: C-Level

The Rising Ambition of Cyber Risk Management Programs

—Moderator

• Indraneel Shah, Managing Partner & Chief Strategy Officer, Intuitive.Cloud

—Speakers

• Meena Martin, VP, Cyber Risk and Assurance, GSK
• Daniel Phillips, Security Risk Management Lead, Meta
• Robert Immella, Global Leader, CRQ, Caterpillar
• Valmiki Mukherjee, Chairman, Cyber Future Foundation

03:45pm - 04:30PM EDT