Register Now
August 3-8, 2024
Mandalay Bay / Las Vegas

CISO Summit at Black Hat USA

Tuesday, August 6, 2024

Four Seasons, Las Vegas, NV

Four Seasons Ballroom, Level 2

Overview

The Black Hat CISO Summit is an approval-only event during Black Hat USA which brings together top security executives from global corporations and government agencies for a full day of unique discussions. Offered the day before the main Black Hat USA Briefings sessions, the CISO Summit is intended to give CISOs and other InfoSec executives leading-edge insight into the latest security trends, technologies, and enterprise best practices.

Next Round of Applications will be Reviewed on July 1

Price
$1,199
Apply to attend

The cost to attend includes Business Hall Access during Black Hat USA on Aug 7 and 8.

Due to limited space, Black Hat Management will review all applications. Notification of application status will be sent within 30 days of application.

*Please note: In order to create an open and candid environment that promotes the sharing of ideas and discussion, the CISO Summit will follow Chatham House Rule; neither media nor event coverage is permitted. This program was designed for executive security practitioners; solution providers and vendor attendees are limited to event sponsors.

Agenda

Monday, August 5

5:00 - 7:00 PM CISO Summit Welcome Reception

Tuesday, August 6

8:00 - 9:00 AM Networking Breakfast
9:00 – 9:20 AM Welcome and Introductions
  • Jeff Moss, Founder, Black Hat + DEF CON

    Mr. Moss advises companies on security issues, both, electronic and physical, as well as speaking globally on the topic. He sits on several advisory boards helping enterprises make informed decisions on cyber risks.

    In April 2011 Mr. Moss was appointed as the Chief Security Officer for the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit whose responsibilities include coordinating and ensuring the security, stability and resiliency of the Internet's unique global identifiers as well as maintaining the root zone of the Internet. This position involved managing the IT security of the ICANN networks and information systems, the physical security of ICANN facilities and meetings, and ensuring that ICANN meets its security and resiliency commitments to the multi stake holder community that oversees ICANN. This position involved extensive international travel and coordination with governments, law enforcement, and operational security communities in support of discussions around Internet Governance and security. Mr. Moss left this position at the end of 2013.

    Moss is the founder and creator of both the Black Hat Briefings and DEF CON, two of the most influential information security conferences in the world, attracting over ten thousand people from around the world to learn the latest in security technology from those researchers who create it. DEF CON just had its 21st anniversary.

    Prior to creating Black Hat Briefings, Jeff was a director at Secure Computing Corporation where he helped establish their Professional Services Department in the United States, Asia, and Australia. His primary work was security assessments of large multi-national corporations. Jeff has also worked for Ernst & Young, LLP in their Information System Security division. Because of this unique background Jeff is uniquely qualified with his ability to bridge the gap between the underground researcher community and law enforcement, between the worlds of pure research and the responsible application of disclosure.

    Jeff is currently a member of the U.S. Department of Homeland Security Advisory Council (HSAC), providing advice and recommendations to the Secretary of the Department of Homeland Security on matters related to homeland security. Jeff is a life member of the Council on Foreign Relations, which is an independent, nonpartisan membership organization, think tank, and publisher.

    In 2013, Jeff was appointed as a Nonresident Senior Fellow at the Atlantic Council, associated with the Cyber Statecraft Initiative, within the Brent Scowcroft Center on International Security.

    In 2014, Jeff joined the Georgetown University School of Law School Cybersecurity Advisory Committee.

    Jeff is active in the World Economic Forum, and recently became a member of the Cyber Security Global Agenda Council for 2014-2016.

    ICSA President's Award for Public Service, 2011.

  • Steve Wylie, General Manager, Black Hat
9:20 – 9:50 AM Quantifying the Cost of Cyber Risk
  • Scott Stransky

    Scott Stransky is Managing Director and Head of the Marsh McLennan Cyber Risk Intelligence Center. The Center launched in 2021 to provide cyber modeling, thought leadership, and cyber analytics guidance across Marsh McLennan. Previously, he led the Cyber Modeling group at extreme event modeling firm AIR Worldwide (part of Verisk Analytics). Under his leadership and guidance, the team sourced and cleansed detailed cyber security, incident, and claims data, and combined it with advanced machine learning algorithms, stochastic modeling techniques, and Monte Carlo simulations, providing the insurance industry with a robust suite of models to manage their cyber insurance portfolios. He is a recognized speaker across North America and Europe on the topics of cyber insurance risk and catastrophe modeling, having been invited to speak at numerous conferences sponsored by Advisen, NetDiligence, IUA of London, RAA, CPCU Society, AM Best, Lloyd's, and others, in addition to engaging directly with clients. He was voted by his industry peers to be the 2023 Cyber Risk Industry Person of the Year in the Actuary/Modeler category. Mr. Stransky earned a bachelor’s degree in Mathematics with Computer Science from MIT and a master’s degree in Atmospheric Science from MIT.
9:50 – 10:20 AM Engineering and Security Working Together
10:20 - 10:40 AM Break
10:40 – 11:10 AM Lightning Talks: Briefings Session Summaries
11:10 – 11:40 AM Optimizing Supply Chain Management
  • Beth-Anne Bygum, Chief Information Security Officer, Q2

    Cybersecurity issues and the potential to disrupt resilient operations and brand trust is top priority for publicly traded companies and corporate boards. Risks, particularly cyber risks are accelerating and if not prepared, can undermine regulatory compliance, strategic growth and worse, weaken consumer loyalty. Navigating this environment, proactively responding to changes in regulatory expectations and managing fluctuating residual concerns requires knowledge and an understanding of proactive planning.

    At Q2, Beth-Anne is responsible for the company’s global information protection, product & application security (SSDLC), enterprise IT security, cyber defense, and data protection strategy and services. Our security program is designed to scale with changes across the digital and development landscape while enabling the organization to achieve growth and revenue targets. Beth-Anne is a member of Q2’s senior leadership team reporting to the president.

    With more than 30 years of experience directing disparate teams across application and product security, cyber security, risk management, information governance, IT compliance, IT training and sales, Beth-Anne has a proven expertise in connecting teams, people and leaders across the organization in solving operational challenges that require large scale transformation.

    Beth-Anne holds a Master of Science degree in management and leadership (MSLM) from the University of La Verne and a bachelor’s degree in business administration from Rutgers University. She has worked with leading companies in data science, technology, consumer packaged goods, biotechnology, pharmaceutical and consulting sectors. Beth-Anne holds a Certified Business Continuity Professional (CBCP) designation and is a member of NTSC, National Technology Security Coalition, a non-profit, non-partisan organization that serves as the preeminent advocacy voice for CISOs working with public and private sector stakeholders. Her work there is to help advance policies that improve national cybersecurity standards and awareness.

    Beth-Anne is a board advisor to non-profit, the Forge Institute, she and her husband volunteer their time to assist resources in underserved communities as well as transitioning military members into the civilian workforce.

  • Peter Naumovski, CISO, Abbie
11:40 AM – 12:20 PM AI Unleashed: Managing the Risks, Reaping the Rewards

Panel

  • Russ Bodnyk, Principal Scientist, NuLabs.ai
  • Kristy Hornland, Director, KPMG

    Kristy Hornland is a Director at KPMG US specializing in AI security. She has delivered responsible and secure AI governance programs for leading life sciences, financial services, and government clients aligned to industry leading frameworks and practices, deployed AI security platforms to support these program objectives, and also has held the position of Global Resilience Federation AI Security Working Group facilitator for the last two years. She has been deeply integrated in emerging technologies throughout her ten year career with KPMG, and was part of the core team incubating KPMG’s first start up, Cranium, an AI Security platform. She is also the Women in Cyber deputy lead for KPMG US, defining the annual strategy and supporting overall governance to enable the entry, ongoing success, and long term retention of women at KPMG.

  • Jason Clinton
  • Matt Knight
  • Google
12:20 - 1:40 PM Lunch
1:40 – 2:10 PM Deepfakes
  • John Whaley
2:10 – 2:40 PM Surviving and Thriving After the Breach: A Resilience Roadmap
  • Christopher Hoff, Chief Secure Technology Officer, LastPass

    Christofer Hoff joined LastPass as Chief Secure Technology Officer in 2022, leading software and platform engineering as well as enterprise and platform security teams. Hoff brings 30 years of experience in high-profile global roles in network, application and information security architecture, software development, engineering, operations, and management.

    Before joining LastPass, Christofer had multiple cyber security engineering and operations leadership roles at Bank of America. His previous roles include Chief Information Security Officer at Citadel, Vice President and Security CTO at Juniper Networks, and Director of Cloud & Virtualization Solutions at Cisco Systems, among other security-focused roles.

    In addition to his professional leadership responsibilities, Chris takes an active role in engaging youth in the impact of technology, privacy and security on society and culture as founder of HacKid, an interactive STEAM conference for parents and kids from diverse backgrounds. Chris was a founding member of and technical advisor to the Cloud Security Alliance and serves as an advisor to numerous companies and organizations.

  • TBA
2:40 – 3:00 PM Break
3:00 – 3:40 PM Navigating the Regulatory Landscape: A Fireside Chat on SEC Actions and Corporate Responses
  • Jennifer Lee, Partner, Jenner & Block

    Jennifer Lee is a former Assistant Director in the US Securities and Exchange Commission’s (SEC) Division of Enforcement, Jen represents public and pre-IPO companies, corporate officers, financial institutions, and asset management firms in high-stakes regulatory investigations, internal investigations, and litigation. During her twelve year-career at the SEC, Jennifer supervised attorneys and accountants in a broad range of complex investigations and enforcement actions, and has specialized expertise in cybersecurity, financial reporting and internal controls, and ESG. Jen brings nearly twenty years of experience as a litigator in the government and the private sector to help clients navigate government scrutiny. As a highly regarded expert on the SEC’s enforcement program and federal securities laws, Jen is a frequent speaker at industry events, including Securities Enforcement Forum West and the Bar Association of San Francisco.

  • Chenxi Wang, Managing General Partner, Rain Capital

    Chenxi Wang is an experienced technology executive with deep cybersecurity expertise. Board of Director for MDU Resources, a Fortune 500 company, serving on Audit and ESG Committee. Founder and General Partner of Rain Capital, a Cyber-focused venture fund. Chenxi has held senior tech strategy roles in large companies (Intel Security). She has led Go-to-market operations and product strategy in booming Silicon Valley startups (Twistlock, Ciphercloud). Chenxi is also an advocate for diversity & inclusion, and founder of the Forte Group, a 5013(C) organization to advance women's careers in Cyber. Previously Chenxi was a computer engineering professor at Carnegie Mellon University. She holds a Ph.D. in Computer Science.
3:40 – 4:10 PM From the Server Room to the Boardroom: Insights from a Journey Beyond the CISO Role
  • Joanna Burkey, Founder, Flat Rock Strategic Advisors

    Joanna Burkey is a corporate director, former cybersecurity executive and the founder of Flat Rock Strategic Advisors. She serves on the boards of Beyond Inc (NYSE: BYON) and ReliabilityFirst Corporation and also provides advisory and consulting services to multiple enterprises. Her three-decade career in cybersecurity and technology spanned engineering, strategy, and digital transformation, most recently as the CISO for HP Inc. She holds NACD Directorship Certification from the National Association of Corporate Directors, is a certified Qualified Technology Expert with the Digital Directors Network, and was previously a fellow with the Center for Strategic and International Studies in Washington DC. She is based in Austin, Texas.
4:10 – 4:45 PM Government Update
  • Jen Easterly, Director, Cybersecurity and Infrastructure Security Agency (CISA)

    Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. Before coming to CISA, Jen was Head of Firm Resilience at Morgan Stanley. A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than 20 years, including deployments in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the creation of United States Cyber Command. A graduate of West Point, Jen holds a master’s degree from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors, including the George C. Marshall Award in Ethical Leadership and the National Defense University Admiral Grace Hopper Award. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.
4:45 - 5:00 PM Closing Remarks

Advisory Board

Justine Bone

Justine Bone

×

CEO

MedSec

Justine Bone is an experienced leader and board advisor serving the healthcare, defense, and financial sectors. Her areas of expertise include hacking, risk management, cybersecurity communications, and strategy development for technology companies. She serves as a member of HP Inc.’s Security Advisory Board, the Review Board of Blackhat, as a faculty member of IANS and is the co-founder of several cybersecurity companies. Justine also previously led as CISO of Bloomberg and Dow Jones. Her training was as a computer hacker and security analyst for the USA’s NSA and New Zealand’s GCSB. In addition to technology, Justine credits her creative interests to her international background and early career as a classical ballet dancer.

Trey Ford

Trey Ford

×

Deputy CISO

Vista Consulting Group

Trey Ford is a strategic advisor to enterprise leaders and corporate directors. Today Trey serves as Executive Director of Cyber Security in Vista Equity Partners’ Consulting Group. With twenty years focused on the offensive, defensive, and programmatic leadership aspects of security, he is well grounded in public cloud, abuse, application, network, and platform security.

Previously Trey was CISO of the Heroku platform at Salesforce, General Manager of Black Hat, held strategic advisory and global consulting roles, and still apologizes for time served as an auditor.

Jeremiah Grossman

Jeremiah Grossman

×

Black Hat Review Board; Founder & CEO of Bit Discovery, Chief of Security Strategy (SentinelOne), Professional Hacker, Black Belt in Brazilian Jiu-Jitsu, and Founder of WhiteHat Security

Jeremiah Grossman brings 20+ years of experience in Computer Security and has become one of the most recognizable and world-renowned cybersecurity experts in the industry, coining several of the original hacking terms commonly used around the world today. Early in his career, Jeremiah was known as “The Hacker Yahoo” which led to his role as the company’s Information Security Officer. Jeremiah founded WhiteHat Security (now Synopsis), and served as Chief of Security Strategy for SentinelOne which was the highest-valued cybersecurity IPO in history. Most recently, Jeremiah was the founder & CEO of Bit Discovery, which was acquired by Tenable in 2022. He also serves as a company advisor and board member to several tech startups. In his spare time, Jeremiah does Brazilian Jiu-Jitsu and is passionate about classic cars. He recently opened Toybox, a luxury car club in Boise, Idaho.

Robert Hansen

Robert Hansen

×

Managing Director

Grossman Ventures

Robert "RSnake" Hansen was the co-founder and CTO of Bit Discovery which was acquired by Tenable. Previously he was the Vice President of Labs at WhiteHat Security. As founder and CEO of SecTheory, his security research and penetration testing work led him to finding numerous exploits and new exploit classes and lead him to explore web application security for many of the world’s largest organizations, including over 2,100 banks, credit card processors, flight control systems and supervisory control and data acquisitions (SCADA) systems. Robert started his career at eBay, Cable & Wireless Plc America/Exodus/Digital Island, ValueClick, and Silicon Alchemy. Robert is a frequent keynote speaker, a Managing Director of Grossman Ventures, host of the podcast “The RSnake Show" and the author of "AI's Best Friend."

Allison Miller

Allison Miller

×

CISO and VP of Trust

Reddit

Allison Miller is the CISO (Chief Information Security Officer) and VP of Trust at Reddit, where she leads teams tasked with protecting Reddit's customers and systems. Miller is an industry expert and innovator, having spent the past 20 years scaling teams and technology that protect people and platforms, and pioneering the development of real-time risk prevention and detection systems running at internet-scale. She has also led major initiatives to engineer the defenses for core payment and e-commerce systems and technologies that protect consumers from online threats, having held technical and leadership roles at Bank of America, Google, Electronic Arts, Tagged/MeetMe, PayPal/eBay, and Visa International. Miller speaks internationally on security, fraud and risk and has held board roles with the Center for Cyber Safety and Education, ISC2, SIRA, and Keypoint Credit Union.

Wendy Nather

Wendy Nather

×

Advisory CISO team lead, Cisco

Wendy Nather leads the Advisory CISO team at Cisco. She was previously the Research Director at the Retail ISAC, and Research Director of the Information Security Practice at 451 Research. Wendy led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS) and served as CISO of the Texas Education Agency. She was inducted into the Infosecurity Europe Hall of Fame in 2021. Wendy serves on the advisory board for Sightline Security. She is a Senior Fellow at the Atlantic Council’s Cyber Statecraft Initiative, as well as a Senior Cybersecurity Fellow at the Robert Strauss Center for International Security and Law at the University of Texas at Austin.

Caleb Sima

Caleb Sima

×

CSO | CEO | Founder

Caleb Sima served as the Chief Security Officer at Robinhood where he built the team thru IPO and served as a public company executive. Prior to Robinhood he was VP of Information Security at Databricks a leading data analytics and machine learning company where he has built the security team from the ground up. Previously he was a Managing VP at CapitalOne, where he spearheaded many of their security initiatives. Prior to CapitalOne, Caleb founded SPI Dynamics and BlueBox security, which were acquired by HP and Lookout. He is attributed as one of the pioneers of application security and holds multiple patents in the space and is also the author of Web Hacking Exposed. He serves as an advisor, investor, and board member for security companies.

Alex Stamos

Alex Stamos

×

Black Hat Review Board; Adjunct Professor, CISAC Fellow, and Hoover Visiting Scholar, Stanford University

Alex Stamos is an Adjunct Professor, CISAC Fellow, and Hoover Visiting Scholar at Stanford University. Alex is the former Chief Security Officer at Facebook, where he led a team of people around the world focused on ensuring the safety of the billions of people who use Facebook and its family of services. Before joining Facebook, Alex served as the CISO of Yahoo and is widely recognized for revitalizing Yahoo's security program with innovative technology and products. Prior to Yahoo, he was the co-founder of iSEC Partners and founder of Artemis Internet. Alex is a noted expert in global scale infrastructure, designing trustworthy systems, and mobile security. Alex holds a bachelor's degree in Electrical Engineering and Computer Science from the University of California, Berkeley.

Saša Zdjelar

Saša Zdjelar

×

Chief Trust Officer (CTrO), ReversingLabs

Operating Partner, Crosspoint Capital

Saša Zdjelaris is the Chief Trust Officer (CTrO) at ReversingLabs and Operating Partner at Crosspoint Capital with ~20 years of Fortune 10 global executive leadership experience. His CTrO scope includes leadership, oversight and governance of the CISO/CSO function, including product security, as well as partnering with other leaders on corporate and product strategy, strategic partnerships and research, and customer and technology advisory boards, including sponsoring the ReversingLabs CISO Council. Prior to ReversingLabs and Crosspoint Capital, Saša served as the Senior Vice President of Security at Salesforce, where he led a global organization encompassing enterprise security, product security, offensive security, security engineering/automation, bug bounty programs, technical product/program/project management, and mergers & acquisitions. He also played a crucial role as the executive sponsor for strategic corporate security initiatives, such as Zero Trust.

Prior to his tenure at Salesforce, Saša spent nearly two decades at ExxonMobil, holding various positions focusing on strategy, enterprise security & architecture, software engineering, ERP systems design/integration, program and product management, planning & stewardship, compute and hosting platforms, and digital/cyber resilience.

Saša is an active participant and founding member of several CISO leadership communities. He is also a member of the Forbes Technology Council, Member of the Board at the National Technology Security Coalition, a Fellow at the Cyber Readiness Institute (CRI), a member of the Black Hat CISO Summit Advisory Board and Black Hat Content Review Board, and engages in organizations such as Infragard, ISACA, and ISSA. His insights have been published in various industry publications, and he has spoken at numerous industry conferences and universities.

Saša holds a Bachelor's degree in Management and a Master's degree in Decision Science from the University of Florida.

Sponsors

Welcome Reception Sponsor

Customers trust the Absolute Cyber Resilience Platform to ensure their security solutions work as intended, mobile and hybrid workforces can connect securely from anywhere, and to quickly restore business continuity following cyber disruptions and attacks. Absolute is partnered with 28 of the world’s leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by 21,000 global enterprises, and licensed across 16 million PC users. Our patented solution is recognized for extending cyber resilience across multiple security categories, including Endpoint Security, Zero Trust Network Access (ZTNA), Security Services Edge (SSE), Automated Security Control Assessment (ASCA), and Zero Trust Platforms.

Premium Sponsors

Armis, the asset intelligence cybersecurity company, secures Fortune 100, 200 and 500 companies as well as national governments, state and local entities to help keep critical infrastructure, economies and society stay safe and secure 24/7. Armis is a privately held company headquartered in California.

Yevgeny Dibrov

Yevgeny Dibrov

×

CEO and Co-Founder

Armis

Yevgeny Dibrov is the CEO and Co-Founder of Armis, the asset intelligence cybersecurity company. Yevgeny co-founded Armis with Nadir Izrael in 2015 to address a critical challenge businesses were facing and still are today — helping organizations continuously see, protect and manage all critical assets.

Yevgeny started his career in IT security in the Israeli Intelligence Corps’ renowned Unit 8200. Prior to founding Armis, Yevgeny held senior product management and business development roles at the cloud security startup Adallom, where he was also the first employee hired; Microsoft acquired Adallom in 2015 for $320 million.

Yevgeny is an active investor in security startups, including Epsagon, which was acquired by Cisco, and Trustdome, which was acquired by Zscaler. He holds a bachelor’s of science degree in computer engineering from Israel Institute of Technology.

In addition to being dedicated to protecting society and companies from cyberattacks, Yevgeny is passionate about social justice and equality. He is based in Tel Aviv, Israel, where he is actively involved in finding ways to improve lives and create opportunities in local communities.

Nadir Izrael

Nadir Izrael

×

CTO and Co-Founder

Armis

Nadir Izrael guides the technology vision for Armis. Drawing from his deep programming and software engineering expertise, he has overseen the rapid evolution of the Armis platform to provide complete asset visibility and security for every enterprise asset.

Nadir co-founded Armis in 2015 with his friend and army colleague, Yevgeny Dibrov, after the two started looking for new and interesting problems to solve in technology. Prior to founding Armis, Nadir spent four years as a senior software manager at Google, working on Google Maps and Google Autocomplete. He began his career in the Israel Defense Forces in the elite Unit 8200 intelligence corps where he served first as a software developer and then as a team leader, ultimately achieving the rank of captain.

Beyond helping to solve visibility and security challenges for connected assets, he is adept at creating simulations of particle systems and cosmological models, and is very experienced with machine learning algorithms and statistical models. Nadir holds Bachelor of Science degrees in computer science and physics from the Technion, the Israel Institute of Technology, finishing summa cum laude.

Curtis Simpson

Curtis Simpson

×

CISO and Chief Advocacy Officer

Armis

As CISO and Chief Advocacy Officer, Curtis guides and advances the Armis enterprise vision, ensures the protection of the company’s information assets, and serves as a vital resource to his counterparts at Armis customers and throughout the technology sector.

Curtis brings more than 15 years of diversified information technology experience, with direct information security and management experience in positions of increasing responsibility at Sysco, a Fortune 50 corporation. As vice president and global CISO at Sysco, Curtis directed a portfolio of cost effective, business-focused security programs responsible for reducing security risks faced by a global organization. Curtis is an award winner of the Cyber Influencer Top 10 list by Enterprise Security Tech.

Gurucul is a security analytics company founded in data science that delivers radical clarity about cyber risk. Our platform analyzes enterprise data at scale using machine learning and artificial intelligence. Instead of alerts, you get real-time, actionable information about true threats and their associated risk. The platform is open, flexible and cloud native. It conforms to your business requirements, so you don't have to compromise. Our solutions are used by Global 1000 enterprises and government agencies to minimize their cybersecurity risk. To learn more, visit gurucul.com and follow us on LinkedIn and Twitter.

Saryu Nayyar

Saryu Nayyar

×

CEO & Founder

Gurucul

Saryu Nayyar is an internationally recognized cybersecurity expert, author, speaker and member of the Forbes Technology Council. She has more than 15 years of experience in the information security, identity and access management, IT risk and compliance, and security risk management sectors. She was named EY Entrepreneurial Winning Women in 2017. She has held leadership roles in security products and services strategy at Oracle, Simeio, Sun Microsystems, Vaau (acquired by Sun) and Disney. Saryu also spent several years in senior positions at the technology security and risk management practice of Ernst & Young. She is passionate about building disruptive technologies and has several patents pending for behavior analytics, anomaly detection and dynamic risk scoring inventions.

Craig Cooper

Craig Cooper

×

Executive Vice President Customer Success and CISO

Gurucul

Craig is an established security practitioner, with over 30 years of experience in the industry. Craig has been with Gurucul for over 13 years, leading Customer Success as well as acting as CISO. Prior to Gurucul, Craig has held numerous security leadership positions for Thrivent Financial, Lutheran Brotherhood, Stanton Group and Pohlad Financial Group. Craig went to the University of Minnesota and has a degree in Computer Technology.

Qualys is a pioneer and leading provider of cloud-based security and compliance solutions that help organizations streamline and consolidate their security and compliance solutions and build security into digital transformation. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously across global IT assets.

Sumedh Thakar

Sumedh Thakar

×

President and CEO

Qualys

As CEO, Sumedh leads the company’s vision and strategic direction. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. Since 2014, he has served as Chief Product Officer at Qualys, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24x7 follow-the-sun product team.

Pinkesh Shah

Pinkesh Shah

×

Chief Product Officer

Qualys

As Chief Product Officer of Qualys, Pinkesh has global responsibility for all Product Management, Product & UX Design, Product Marketing, Demand Generation, Branding, Analyst Relations, and other Marketing functions. An entrepreneurial product leader, Pinkesh brings more than 18 years of experience in building and launching category-defining technology products designed to deliver delight. Pinkesh has deep cybersecurity expertise and has led product, engineering, and marketing teams at companies including McAfee, BeyondTrust, Exabeam, netIQ, IBM, among others.

Jonathan Trull

Jonathan Trull

×

CISO

Qualys

Jonathan is the Chief Information Security Officer and Senior Vice President for Security Solution Architecture at Qualys. He has more than 20 years of experience in the cybersecurity industry, and his career spans operational CISO and infosec roles with the State of Colorado, Qualys, Optiv, and Microsoft. At Microsoft, Jonathan led the Detection and Response Team (DART), whose members responded to cyber security incidents around the globe ranging from cyber espionage initiated by nation-state actors to ransomware attacks.

Jonathan also serves as an advisor to several security startups and venture capital firms and supports the broader security community through his work with IANS. He is also an adjunct faculty member at Carnegie Mellon University, where he mentors and coaches those attending the CISO Executive Education Program. Jonathan is a frequent speaker at industry conferences such as Black Hat, RSA, and SANS and holds several industry certifications including the CISSP, OSCP, CCSP, and GCFA.

Foundation Sponsors

Discover the transformative power of ultra-fast, dependable fiber and 5G connectivity, all safeguarded by robust, integrated security measures. At AT&T Business we offer an unparalleled boost to your network's potential through the Next Level Network and Dynamic Defense - our new network embedded security product. Our team of experts are ready to collaborate with you to tackle your unique challenges and fast-track your success. Experience the distinct advantage of AT&T Business’s converged network with LevelBlue's managed security services to learn how organizations can seamlessly blend security with innovation.

Bitdefender provides cybersecurity solutions with leading security efficacy, performance, & ease of use to enterprise organizations & consumers. The company is committed to defending organizations & individuals around the globe against cyberattacks.

For more information, visit www.bitdefender.com.

CrowdStrike, a global cybersecurity leader, has redefined modern security with the world's most advanced cloud-native platform for protecting critical areas of enterprise. The CrowdStrike Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to value. CrowdStrike: We stop breaches.

George Kurtz

George Kurtz

×

President, CEO and co-founder

CrowdStrike

George Kurtz is the CEO and founder of CrowdStrike, a leading provider of next-generation endpoint protection, threat intelligence, and services. Mr. Kurtz is an internationally recognized security expert, author, entrepreneur, and speaker. He has more than 30 years of experience in the security space, including extensive experience driving revenue growth and scaling organizations across the globe. His entrepreneurial background and ability to commercialize nascent technologies have enabled him to drive innovation to market throughout his career. His prior roles at McAfee, a $2.5 billion security company, include Worldwide Chief Technology Officer and GM as well as EVP of Enterprise.

Prior to joining McAfee, Mr. Kurtz started Foundstone in October 1999 as the founder and CEO responsible for recruiting the other founding team members. Foundstone, a worldwide security products and services company, had one of the leading incident response practices in the industry, and was acquired by McAfee in October of 2004. Mr. Kurtz has been quoted or featured in many major publications, media outlets, and television programs including CNN, Fox News, ABC World News, Bloomberg, CNBC, New York Times, USA Today, Wall Street Journal, The Washington Post, Associated Press, Network World, and many others. He also authored the best-selling security book of all time, Hacking Exposed: Network Security Secrets & Solutions.

Michael Sentonas

Michael Sentonas

×

President

CrowdStrike

Michael Sentonas serves as President and is responsible for CrowdStrike’s product and go-to-market functions, including its sales, marketing, product & engineering, threat intelligence, privacy & policy, corporate development, corporate strategy and CTO teams. A 20-plus year cybersecurity veteran, Mr. Sentonas is an active public authority on security issues and the evolving threat landscape, and is regularly featured as a speaker at key industry events, an expert source in the media, and a trusted advisor to governments and company boards, alike.

Having joined CrowdStrike in 2016, Mr. Sentonas has served in multiple leadership roles, including Vice President, Technology Strategy from May 2016 to February 2020 and Chief Technology Officer from February 2020 until his promotion to President in March 2023. Prior to CrowdStrike, Mr. Sentonas held multiple leadership roles at McAfee, serving as Chief Technology Officer – Security Connected, and Chief Technology and Strategy Officer Asia-Pacific.

ReliaQuest is the force multiplier of security operations. Our security operations platform, GreyMatter, automates detection, investigation and response across cloud, endpoint, and on-premises tools and applications. GreyMatter is cloud native, built on an open XDR architecture and delivered as a service any time of the day, anywhere in the world. With over 800 customers worldwide and 1,200+ teammates working across six global operating centers, ReliaQuest is driving outcomes for the most trusted enterprise brands in the world. We exist to make security possible. For more information visit www.reliaquest.com.

Col. John Burger (Ret.)

Col. John Burger (Ret.)

×

Chief Information Security Officer

ReliaQuest

COL (retired) John Burger serves ReliaQuest as the Chief Information Security Officer (CISO) overall responsible for the security of a global enterprise. In addition, he leads the Office of the CISO, a consultative group that provides peer-to-peer guidance to customers on risk, strategy, and best practice thought leadership. Prior to joining ReliaQuest, he served 27 years in multiple assignments including the CISO at the United States Central Command from 2010-2012. As the CISO, he directed the efforts of a 250-man internal staff and supporting units to protect and defend a warfighting network of over 1+ million devices in the Middle East. In 2012, he was selected as the Chief of Cyber Warfare (Joint Cyber Center) where he directed the cyber-attacks in Afghanistan, Iraq, and Iran.

Rick Holland

Rick Holland

×

ReliaQuest

Rick is an experienced cybersecurity leader with a background as a practitioner, CISO, and Forrester Research analyst. Rick runs the Threat Research team, ReliaQuest’s threat intelligence team. He also supports ReliaQuest's Office of the CISO. Rick is also a US Army Intelligence veteran and co-chairs the SANS Cyber Threat Intelligence Summit. Rick is a graduate of the University of Texas at Dallas.

Securonix revolutionizes cyber operations with precise, rapid and efficient threat detection, investigation and response. Its unified platform streamlines operations, employs advanced AI and analytics for accuracy, supports multi-cloud environments and seamlessly enhances existing detection systems. Securonix significantly reduces cyber risks and improves operational efficiency with a frictionless experience for the security team.

Nayaki Nayyar

Nayaki Nayyar

×

CEO

Securonix

Nayaki Nayyar is the CEO of Securonix. Prior to Securonix, she served as the President and Chief Product Officer at Ivanti. She was responsible for Ivanti’s strategy, innovation, and growth in cybersecurity, automation, edge and endpoint device management, and service management. Nayaki was instrumental in Ivanti’s significant growth through acquisitions, the launch of Ivanti’s Neurons Platform, and doubling its total addressable market from $30B to $60B in the last two years. Nayaki is a seasoned executive with over 25 years of deep industry experience in driving transformation, innovation, and growth in large enterprise software companies. Prior to joining Ivanti, Nayaki was President of the Digital Service and Operations Management Business Unit running at BMC Software, where she led BMC’s evolution into the cognitive era and cloud growth with BMC Helix suite. Nayaki also served as General Manager of SAP’s Internet of Things division and held senior leadership positions in corporate strategy and SAP’s Cloud unit. She was Senior Vice President of SAP’s Cloud for customer experience business unit, where she drove significant growth in the company’s Cloud and mobile business units. Nayaki gained tremendous industry experience during her tenures at Shell and Valero and was instrumental in Valero’s rapid growth into the largest independent refining company in North America. Nayaki currently serves on the boards of TD Synnex, a leading distributor and solutions aggregator for IT ecosystem; Veritone, Inc., a leading provider of artificial intelligence technology solutions; and Corteva Agriscience, a publicly traded agri-science company. She holds a BE in Mechanical Engineering from Osmania University (India), an MS in Computer Science from the University of Houston, and is a graduate of the Stanford Executive Program.

Haggai Polak

Haggai Polak

×

Chief Product Officer

Securonix

Haggai Polak is a seasoned product executive who brings over 25 years of experience building and leading product management and cross-functional teams, primarily in the security space. Haggai is extremely passionate about delivering results for both customers and shareholders through world-class products and services that are secure. He most recently served as Chief Product Officer at Skybox Security, a leader in cyber security exposure management, where he was responsible for the product portfolio, successfully helping some of the largest organizations in the world manage their security posture and vulnerability programs. Prior to joining Skybox, Haggai was F5 Networks’s Vice President, Product Management of their Security Business Unit, where his products contributed revenues in excess of $500M. He has also held product leadership roles at Zscaler and Blue Coat Systems.

Sophos delivers superior cybersecurity outcomes by providing cybersecurity as a service to protect companies of all sizes from the most advanced cyberthreats. Our cybersecurity products and services include managed detection and response (MDR), firewall, email, endpoint (XDR), and cloud native security protection. Sophos products and services defend against ransomware, phishing, malware, and more. They connect through the cloud-based Sophos Central management console and are powered by Sophos X-Ops, our cross-domain threat intelligence unit. We provide fully managed security solutions so you can manage your cybersecurity directly with our security operations platform. Or, you can supplement your in-house team with Sophos' products and services.

www.sophos.com

Joe Levy

Joe Levy

×

President and Acting CEO

Joe Levy joined Sophos as CTO in February 2015, was promoted to President, Sophos Technology Group, in 2023, and is now the Acting CEO of Sophos, responsible for all aspects of Sophos’ strategic direction and business operations.

Joe brings more than 25 years of leadership and development expertise, focusing on cybersecurity. Prior to Sophos, Joe was CTO for Blue Coat Systems following the company’s May 2013 acquisition of security analytics pioneer Solera Networks, where he had served as CTO since 2008. Prior to Solera, Joe was CTO of SonicWALL where he led research and development teams with concentrations in the areas of next-generation firewalls, deep packet inspection, cryptography, and secure remote access.

Joe has participated in various industry certification and design consortiums, he is active with the venture community, he participates in cybersecurity industry boards, and he is the inventor of numerous security, networking, database, analytics, virtualization, and AI patents.

Ross McKerchar

Ross McKerchar

×

CISO

Ross McKerchar joined Sophos in 2007. Responsible for protecting Sophos, Ross is passionate about combining top-talent with innovative and cutting-edge products, tools & techniques to build a world-class cybersecurity program. Ross has led the internal cybersecurity at Sophos for several years, and has a BSc in Computer Science from Edinburgh University. Living and breathing security, Ross combines hands-on experience as an experienced practitioner with a top-down view.

Breakfast Sponsors

Check Point is a leading provider of cyber security solutions globally, protecting customers from 5th generation attacks with an industry leading catch rate of malware, ransomware and other types of attacks. We offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. www.checkpoint.com

HackerOne is the global leader in human-powered security. We leverage human ingenuity to pinpoint the most critical security flaws across your attack surface to outmatch cybercriminals. The HackerOne’s Platform combines creative human intelligence with the latest artificial intelligence to help organizations reduce risk and transform their businesses with confidence..

Strengthen digital resilience by modernizing your SOC with unified threat detection, investigation and response. Splunk delivers a scalable security analytics platform with out-of-the-box detections, risk-based alerting, automation and machine learning to help you reduce business risk, empower security innovation and establish efficient and effective SecOps at scale.

Networking Break Sponsors

Devo replaces traditional SIEMs with a real-time security data platform.
Devo’s integrated platform serves as the foundation of your security operations and includes data-powered SIEM, SOAR, and UEBA. AI and intelligent automation help your SOC work faster and smarter so you can make the right decisions in real-time.

ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealX network detection and response platform uniquely delivers the unparalleled visibility and decryption capabilities that organizations need to investigate smarter, stop threats faster, and move at the speed of risk.

Sponsored Executive Dinner - Monday, Aug. 5

ServiceNow makes the world work better for everyone. Our cloud-based platform, risk, ESG, and security solutions help digitize and unify organizations so that they can find smarter, faster, better ways to address evolving risks, vulnerabilities, and compliance challenges. Bring risk, security, and IT together through a common data model to drive risk-informed decisions, unlock productivity, and build trust with customers, employees, and third parties. The world works with ServiceNowTM.

www.servicenow.com/securityandrisk

Sponsored Executive Dinner - Tuesday, Aug. 6

Discover the transformative power of ultra-fast, dependable fiber and 5G connectivity, all safeguarded by robust, integrated security measures. At AT&T Business we offer an unparalleled boost to your network's potential through the Next Level Network and Dynamic Defense - our new network embedded security product. Our team of experts are ready to collaborate with you to tackle your unique challenges and fast-track your success. Experience the distinct advantage of AT&T Business’s converged network with LevelBlue's managed security services to learn how organizations can seamlessly blend security with innovation.

Become a Sponsor

Continuing Professional Education (CPEs)

ISC2

Those who are certified through ISC2 can earn 5.5 Continuing Professional Education (CPE) credits for attending the CISO Summit.

Black Hat does not maintain records of earned CPE credits. However, we will report your credits to ISC2 on your behalf after the event. Please provide your ISC2 member number when registering for the event.

For questions about credits for CISO attendees, e-mail cisosummit@blackhat.com.