RSAC CISO Boot Camp Agenda

Welcome to RSAC CISO Boot Camp, brought to you by RSA Conference and SANS Institute. We’ve planned an amazing, packed experience for you designed to help you learn, engage, and ultimately apply what you’ve learned through interactive simulation exercises.

Don’t forget to pick up your badge for RSA Conference before breakfast kicks off Sunday morning. You can pick up your badge at Moscone North or South which is about a 5-minute walk from the Marriott. Registration is open 12-7 PM on Saturday and again at 7 AM on Sunday.


Sunday, 4/23 – 9 AM Breakfast   
9 – 9:10 AM Opening/Welcome Frank Kim, Fellow and CISO-in-Residence, SANS Institute and YL Ventures Welcome to RSAC CISO Boot Camp!  
9:10 – 10:30 AM Inside the Mind of a CISO

Moderator: Frank Kim, Fellow and CISO-in-Residence, SANS Institute and YL Ventures

Panelist: Jerich Beason, CISO, Capital One Commercial Bank

Panelist: Michael Palmer, Chief Information Officer, Hearst

Panelist: Jenny Menna, Vice President, Humana 

Panelist: Deneen DeFiore, Vice President & Chief Information Security Officer, United Airlines

Regardless of industry, organization size, or geography, similar concerns and priorities occupy the minds of CISOs. Our panelists will kick off CISO Boot Camp, giving you a peek into their thought processes and strategies for tackling the biggest challenges, like building a sustainable security culture, structuring the security organization, and finding and nurturing talented team members. The panel will wrap up with a live Q&A, giving attendees the rare opportunity to solicit the opinions of top CISOs on their own most pressing questions. 
10:30 – 10:45 AM Networking Break    
10:45 – 11:30 AM Strategies for Success Throughout the Workforce Lifecycle Jaya Baloo, Former CISO, Avast Let's delve together into the complexities of building and maintaining a diverse and strong cybersecurity workforce. This session will cover the full workforce lifecycle, including strategies for recruiting the right talent, retaining top performers, and fostering diversity and inclusion within your team, including at the leadership level. We will also discuss the motivations behind a diverse and inclusive workforce and its impact on an organization's security posture. Additionally, attendees will gain insights on organizational structures for cybersecurity teams, including the pros and cons of different models and reporting paths. We will also explore the debate on which security operations models are better for an organization. This talk is essential for anyone looking to build and maintain a top-performing cybersecurity team in today's rapidly evolving threat landscape. 
11:30 AM – 12:15 PM Metrics Revisited - Selecting and Reporting Meaningful Metrics in Meaningful Ways to Your Organization Kim Jones, Director, Performance Acceleration (CyberCRAFT), Intuit Metrics represent the first (if not only) window into the security organization for many members of the business. Unfortunately, metrics are still a source of struggle for many security leaders. In this session, we will cover how to select proper metrics for your audience; ensure your metrics answer the right business questions; express your metrics in order to avoid confusion; and how to develop reasonable metrics for seemingly unmeasurable items. 
12:15 – 2:00 PM  Lunch & Networking     
2:00 – 2:45 PM Alignment and Strategies for Success
Omar Khawaja, VP Security, Field CISO, Databricks
Some of our most frustrating experiences in cybersecurity are when we are unable to align with our partners in either IT or the business. This session explores practical ways of improving engagement with the technology teams and the business to help drive greater success by getting internal stakeholders just as excited about security controls as the security team. Omar will share some metaphors that he has used successfully to readily communicate complex concepts to IT/business leaders. Effective alignment is an antidote to the common misperception that the business doesn’t care about security, there isn’t enough funding for security, and that security slows us down. 
2:45 – 3:30 PM  Storytelling for CISOs  Maarten Van Horenbeeck, Senior Vice President and Chief Security Officer, Adobe Whether it's the language of Shakespeare, the sagas of the Icelanders, or political rhetoric, stories have been used to give people comfort, empathize with others, make decisions come to life, and even, in some cases, to send societies into battle. As CISOs, we rarely control all the decisions that we'd like to see made to protect our organizations. As a result, influencing decisions of others through careful education and storytelling is a critical skill.

In this session, learn how storytelling is a unique tool in cybersecurity's tool chest – for evil, used as "ruses" to convince victims into getting phished, and for good, for CISOs who aim to make security a team sport. 
3:30 – 5:30 PM  Cyber42: Transformational Cybersecurity Leader Kevin Garvey, IT Security Manager, CLS Bank

Frank Kim, Fellow and CISO-in-Residence, SANS Institute and YL Ventures  

Put today’s new skills and learnings to the test in an engaging, team-based environment that will help you improve your cyber security executive decision-making proficiency. Cyber42 is a realistic leadership simulation game that puts you in the driver’s seat of making tough executive calls on behalf of a fictitious organization that needs your expertise. Each outcome will be followed by thoughtfully crafted group discussion. The winning team will be decided by who makes the strongest security cultural impact to the fictitious organization. Leave with a confidence boast in a key skill senior leaders seek from their CISOs: nimble decision making. NOTE: be sure to bring your fully charged computer for this exercise 
5:30 – 6 PM Cocktail Networking Reception   Marriott SoMa Room (Level Two) 
6 – 7:30 PM  Dinner     
Monday, 4/24  8 – 9 AM  Breakfast     
9 – 9:15 AM  Welcome  Frank Kim, Fellow and CISO-in-Residence, SANS Institute and YL Ventures   Welcome back to Day Two of RSAC CISO Boot Camp! 
9:15 – 10 AM  Cyber Risk and the Board: Relationship Building that Stands the Test of Time Emma Smith, Chief information Security Officer, Vodafone   CISOs say that one of the most important and challenging aspects of their role is Cyber Security at the company Board. Cyber risk is volatile and we don’t want the Board relationship to be the same. Emma has 13 years’ experience working with Boards as the CISO in Financial Services and Telecommunication companies. She will talk about how to build relationships that stand the test of time, share research about what CISOs typically report to their Boards and work through some practical approaches you can apply. 
10 – 10:15 AM Networking Break     
10:15 AM – 1 PM  Executive Cyber Simulation Exercise

Mike Barcomb, Director of Executive Cyber Exercises, SANS Institute

Chris Wilkes, Senior Lead, Executive Cyber Exercises, SANS Institute 
You’ve learned a lot and made great connections. Now let’s put it all to the test. The Executive Cyber Simulation Exercise drops you inside a simulated cyber event, helping you understand in a very real way what it takes to respond to a cyber incident from a strategic perspective. The simulated exercise will emphasize the importance of a well-practiced cyber crisis plan and the leadership skills required to deal with today's threats. Our facilitators will use real-world experience and industry best practices to expose areas for improvement in your crisis response plans within a safe environment. 
1 – 2:30 PM  Lunch & Networking     


Designed in Collaboration with SANS Institute