CISO Financial Services schedule

During this 5-minute networking session, the aim of the game is to go and meet two people you don't already know.  

• How can sleepless nights, board politics, and regulator heat be managed without burnout? 

• Which AI-driven threats and hybrid risks are keeping CISOs awake in 2026? 

• When speed clashes with security and compliance with agility, how can the trade-offs be survived? 

• What do CISOs wish had been known before stepping into the role? 

Moderator: Mo Jamous, EX Chief Information Officer, Consumer & Business Banking – U.S. Bank

Matthew Presson, CISO for the Americas – Bullish

Paul Pak, Chief Information Security Officer, Head of Information Governance - Jennison Associates

Scot Miller, SVP, Information Security - Rocket (Advisory board member)

Christopher Russell, CISO & Head of Tokenization – TZERO GROUP

From ramp and dump schemes (pig butchering) to executive assassinations/executive cyber stalking, why you need to have a Brand and Executive Protection Program in the world of AI and why you need one now. 

An informal, interactive session where the audience will ask questions live, on the spot.

Speakers respond in real time to questions on AI risk and security, regulatory challenges (SEC, NYDFS, DORA), board-level communication, and building resilient cyber teams.

Moderator:  Troy Leach, Chief Strategy Officer - Cloud Security Alliance  

Mo Jamous, EX Chief Information Officer, Consumer & Business Banking – U.S. Bank

Robert LaRosa, Information Security Engineer – GELLER

Jonathan Sander, Field CTO- Astrix Security

Kelly Shortridge, Chief Product Officer -Fastly

In this interactive session, live polling and anonymous audience input will shape a practical discussion on where compliance effort is truly going, and how leaders are working to reduce duplication, demonstrate value, and move compliance from obligation to advantage.

Key themes include:

• Cutting overlap across compliance frameworks
• Making compliance spend credible as resilience investment
• Turning audit readiness into organisational trust and confidence

Experts go head-to-head, using real incidents and risks from the field. We’ll start with a live poll to see where the room stands, then run it again at the end to track if minds have shifted.

The debate centers on one tough question: should we ever let technology act on its own during a live cyber incident in financial services?

The audience is part of it too so ask your questions, share your views, and see how your take stacks up against your peers.

 Moderator: Troy Leach, Chief Strategy Officer - Cloud Security Alliance

John Decker, Chief Technology Officer -Trian Partners

Mo Jamous, EX Chief Information Officer, Consumer & Business Banking – U.S. Bank

What risks come with AI-on-AI escalation between defenders and adversaries?

• How can effective oversight frameworks be built for AI-augmented SOCs?
• What early wins, and early fails are showing up in adopting agentic AI for security?
• How can human analysts stay in the loop when machines move first?
  

Moderated by Valery Milman - Sr. Manager, Systems Engineering - ForeScout

Scot Miller, SVP, Chief Information Security Officer– Mr. Cooper (Advisory board member)

Mahesh Addanki, Cyber Security Engineer - Saragossa

Companies that have developed world-class information security programs have achieved their goals by focusing on security within a risk-mitigation framework.

This session will reveal the five main habits shared by the most secure organizations. By focusing on these habits, organizations can spend much less on security while gaining a significant level of security.

 The U.S. Department of State’s Diplomatic Security Service (DSS) protects more than 77,000 personnel across 270+ locations worldwide, often operating inside environments where nation-state cyber actors are active. This places DSS on the front line of advanced threat activity, frequently seeing tactics before they are deployed at scale against financial institutions. Drawing on real-world incidents, including the response to Storm-0558, this session shares how DSS detects and responds to sophisticated attacks in real time, operates under the assumption of breach, and maintains operations during active compromise. Attendees will gain practical insight into reducing response times, managing vendor risk, strengthening human-layer defenses, and applying government-grade intelligence to financial services environments facing the same adversaries.  

• Who owns AI risk when models impact lending, underwriting, or fraud detection? 

• How do organisations embed AI monitoring into existing cyber and risk management frameworks? 

• What guardrails help prevent AI misuse without stifling innovation? 
• How should firms prepare for AI-specific incidents such as data leakage or model poisoning? 

Moderator: Neil Cohen, Head of Marketing - Portal26

Robert LaRosa, Information Security Engineer – GELLER

Scot Miller, SVP, Chief Information Security Officer – Mr. Cooper

Gharun Lacy, Deputy Assistant Secretary of State for Cyber and Technology Security Bureau of Diplomatic Security -U.S. Department of State

AI agents are rapidly becoming the next digital actors - researching, deciding, and transacting on behalf of customers. In fact, your next multi-million-dollar customer could be an AI agent.
In this forward-looking session, Ping Identity explores how the rise of the Agentic Channel is reshaping commerce and customer experience and what organizations must do to stay ahead. Learn how to securely enable AI agents with modern identity, governance, and authorization controls while protecting against emerging risks.
Discover how to:

• · Embrace AI agents as a new digital channel for growth
• · Deliver seamless, trusted agent-driven experiences
• · Prevent disintermediation and maintain customer relationships
• · Secure Agentic Identities with strong authentication, authorization, and governance

Join us to understand how identity is the foundation of trust in the age of AI - and how your organization can confidently engage the agentic future.

• Where cloud security breaks in real operating environments
• Where DevSecOps enables delivery, and where it introduces friction
• Which signals drive action versus noise during cloud incidents
• What leaders would simplify or remove from today’s cloud security stack

Moderator: Julia Cherashore, Senior Fellow - Data Foundation / Adjunct Professor - Fordham University

Mahesh Addanki, Cyber Security Engineer - Saragossa

Aaron Katz, Chief Information Security Officer-THE TCW GROUP

• What SAB 122 changes for CISO accountability and audit scrutiny
• How “probable loss” is being interpreted, measured, and defended in practice
• The evolving institutional threat landscape once banks hold the keys
• How existing security, identity, and governance models must adapt conceptually