Event Agenda

● Are we overemphasizing human behavior in cybersecurity at the expense of technical and systemic controls?
● How can Californian organizations measure the real impact of awareness and training programs? How can we ensure value through these programs?
● Should IT systems be designed to be resilient to human error rather than relying on users as the first line of defense?
● What lessons can sectors across California offer on balancing human and technical security? How can we ensure we are getting the basics; right?
..
– Moderator: Nick Padron, Director of Information Security, Fairfield Residential
– Robert Rees, Director of Cybersecurity and Technology Operations, Rexford Industrial
– Everardo Trujillo, Global Senior Director, Cybersecurity, Encore Capital Group
– Rouman Ebrahim, Head Deputy, Cyber Crime Division, Los Angeles County District Attorney’s Office
– Jeanette Lind, CISO, Unison

Sensitive data movement across borders can be risky but restricting it outright can create operational and security challenges. As agentic AI, generative AI, and quantum computing reshape global organizations, CISOs must modernize security platforms to protect data amid increasingly sophisticated attacks and evolving global data regulations.
.
● Planning migration strategies to protect critical data and infrastructure while complying with international data protection laws
● Ensuring security platforms adapt to risk, user behavior and AI-driven interactions
● Preparing for the future including the post-quantum encryption shift
.
– Ari Giguere, Vice President – Security and Intelligence Operations, Netskope
.

OT cybersecurity has moved beyond risk mitigation to become a measurable driver of business value. As cyber compromise is now expected across critical infrastructure, organizations must protect uptime, safety, and revenue while operating in highly constrained environments. This session shows how a framework-driven OT security strategy—anchored in IEC 62443, operational visibility, and platform consolidation—reduces response times, simplifies operations, and delivers real financial and operational outcomes.
.
– Matt Britter, Senior OT SME, Fortinet
.

● Our lessons learned in identifying systemic capability gaps and informing executive-level risk prioritization
● How we utilized active monitoring across our enterprises to improve situational awareness
● How we learned to embed risk-informed decision-making into our business and operational processes for sustainable security outcomes
● How we shifted from reactive response to anticipatory defense, with focus on recovery, segmentation, and attack-surface reduction
.
– Brandon Wilson, CISO, Dunham
.

Learn how simplifying access can transform operations by:
.
● Boosting efficiency and lowering Total Cost of Ownership (TCO)
● Cutting delays, manual approvals, and fragmented workflows.
● Reducing incidents and accelerating response with streamlined access
● Driving ROI through lower costs, faster onboarding, and reduced downtime
● Tracking impact with KPIs such as governance accuracy, schedule loss, and availability loss
.
– Drata
.

● Embed security-by-design across the product lifecycle, aligning with business risk and resilience goals
● Establish clear ownership and governance between CISO, engineering, and product teams
● Strengthen supply chain assurance, including SBOMs and third-party risk management
● Build rapid detection, response, and recovery capabilities for product-related incidents
.
– David Scott, Sr. Director, Product Security, Intuitive
.

T1: Managing Cloud-Based Cybersecurity – Challe nges & Strategies
.
T2: Rethinking Cybersecurity for the Era of Quantum Computing
– Zscaler
.
T3: Shaping the Future of Cyber Leadership – Developing Tomorrow’s Leaders Today
– Fred Chang, , VP of Product & Operations, Dispel

● How we integrated cyber risk to account for increasing geopolitical challenges
● Where we implemented threat intelligence and scenario planning to anticipate ransomware, supply-chain, and state-sponsored attacks while aligning with new California regulations
● How we safeguarded our systems through targeted awareness campaigns and realistic simulations of credential theft
● How we applied zero-trust principles, segmentation, MFA, and contingency planning to minimize operational disruption and ensure business-critical functions continue
.
– Jacob Combs, VP of Cybersecurity, CISO, Tandem Diabetes Care, Inc.
.

● What are the key issues facing Top California firm’s cybersecurity? How can we overcome them?
● How do new cybersecurity rules under Article 9 of amended California Consumer Privacy Act (CCPA) regulations help strengthen our cyber resilience? Do they?
● Where will new rules surrounding ADMT (Automated Decision-Making Technology) play a role in securing and strengthening cybersecurity in California?
● To what extent have shifts in the geopolitical landscape affected Californian cybersecurity? How can we ensure our strategies remain resilient against such changes?
.
– Moderator: Timothy Dzierzek, Director, Security and Compliance, Atomic
– Nick Padron, Director of Information Security, Fairfield Residential
– Robert Cantrell, Director Engineering and Information Security, San Ysidro Health
– Rouman Ebrahim, Head Deputy, Cyber Crime Division, Los Angeles County District Attorney’s Office
– Dario Loeb, IT Director, Young Community Developers
.

● How we are effectively identifying and quantifying third-party risk, including operational, safety, and regulatory impacts in light of new Californian regulations
● How we are strengthening supply chain security through effective vendor due diligence, contracts, and SLAs
● What we have done to secure vendor access with robust remote access controls, monitoring, and response planning
● How we have developed organisational resilience through workforce training and cross-industry collaboration
.
– Al Arboleda, CISO, CalPERS
.

● Is AI driving more cybersecurity innovation, or creating new exposure we aren’t ready to manage?
● How can governance frameworks ensure AI delivers innovation without multiplying risk?
● How do new cybersecurity rules under Article 9 of amended California Consumer Privacy Act (CCPA) regulations help strengthen our cyber resilience with the increasing use of AI? Do they?
● How should we balance the push for AI-driven innovation with the need to limit potential cyber threats?
.
– Moderator: Brandon Wilson CISO, Dunham
– Jacob Combs, VP of Cybersecurity, CISO, Tandem Diabetes Care, Inc.
– Tim Jee, Director, Cybersecurity Services, New American Funding
– Jason Christopher, Cyber Security Director, University of California, Berkeley
– David Scott, Sr. Director, Product Security, Intuitive
.