ISSA-LA Security Summit XII – CISO Forum

This is a Special Collaborative Event for CISOs, Directors of Information Security, and their Deputies

Join your Peers at the Beach on September 21, 2022! Annenberg Beach House in Santa Monica, CA.
Free Admission for qualified InfoSec and IT Leaders


Mark Weatherford

CSO at AlertEnterprise; Chief Strategy Officer and Board Member, National Cybersecurity Center; Former Deputy Under Secretary for Cybersecurity at DHS; California’s first CISO

M.K. Palmore

Director – Office of the CISO at Google Cloud; former Field CSO (Americas) at Palo Alto Networks; former Cyber Security Branch Head for FBI San Francisco; US Marine Corps Veteran

The CISO Forum brings together leaders in Information Security within government and private industry for a day of collaboration, networking, and presentations by leading Information Security professionals. Hear the success stories, pitfalls, project planning approaches, and other experiences of your fellow CISOs. You will be better prepared to move forward on your initiatives after attending this Forum

There will be breakout round-table discussions on a variety of important topics with a special dynamic panel of CISOs and experts. A full description of all the talks is here:

The lineup of distinguished speakers includes:

There Will Be Four RoundTable Discussion Groups

Select one of the four (4) discussion groups to join. We will reconvene and share all the major points from all the groups.

Thanks to our RoundTable Leaders

Nikolay Chernavsky


What could be more exciting in Cyber Security than Zero Trust?

The discussion will take participants into the world of Zero Trust full of excitement along with perils and conundrums. There is no shortage of vendors trying to sell Zero Trust. Can we really buy Zero Trust? Is there more to the story? The path to Zero Trust is a lot more complex than just buying a product. Join the discussion to unravel the mystery of Zero Trust!

Dan Meacham

Truth or Dare – Cyber Insurance Misunderstandings

What is and is not included in policies, what needs to be monetized beyond records, and why am I having to pay a premium for someone else’s failures; where is my safe driver discount?

Karen Worstell

Senior Cybersecurity Strategist at VMWare; Former CISO at Microsoft

Did Mudge Do the Right Thing?

Recent events have brought professional ethics in the spotlight for cybersecurity leadership.  They also highlight a significant contributor to distress and mental health issues among cybersecurity practitioners – moral injury.  Moral injury occurs in one of three ways: acts of omission, acts of commission, or acts of betrayal from someone in a higher position of authority.  It affects front line health care providers, military personnel, and  teachers among others.  Today we’ll focus on the phenomenon of moral injury in cybersecurity leadership – the reality of having to navigate between a growing threat landscape and business leader’s reluctance to address risks in the way the cyber team feels is appropriate. We have a number of case studies: Solarwinds,  T-Mobile, Equifax, and Twitter.  We’ll examine the equations involved in determining a path forward – whether it be whistleblower, resignation, being a team player or some combination of the two and tee up the discussion, “Did Mudge Do the Right Thing?”

David Son

Security Strategy on Technology – Technology Transformation, Innovation, Adoption and Governance

Evolution of technology and availability of abundant technology options have enabled business and consumers to have more options for smart decision, better usage of resources, ease of communication and interaction, moving faster with more offerings and choices, and flexibility. Many companies have embraced technology transformation in cloud, data lake, mobile, AI, machine learning, IoT, robust APIs, and 3rd party services. Business leaders will continue to demand business to move faster, cheaper and smarter. However, transformation brings risks from unforeseen channels and more exposure points from a security point of view. Join us as we discuss topics and share strategy, ideas, challenges and lessons learned from other security leaders.

What Is Your Company’s Strategy on Technology Transformation, Innovation, Adoption, and Implementation?

What is your security program’s role in technology decisions?

Do you have adequate security resources, tools and expertise to manage technology decisions and security reviews?

Examples: public cloud and security tools in cloud, IoT testing, vulnerability mgt, SaaS, mobile apps and devices, data lakes and scanning of data, registration of all technology, 3rd party technology in usage, onboarding new technology, 3rd Party APIs, SSO and MFA enablement, rogue SaaS usage, etc.

What are your current challenges and pain points related to technology transformation and adoption?

What are your viewpoints on ideal technology maturity stage in your company and how security should be partnering during the technology transformation phases?

What are your top security concerns related to technology?

The ISSA-LA Information Security Summit CISO Forum is scheduled for September 21. You are also invited to attend Summit XII (the following day) on Thursday, September 22.

Meet the Summit XII Keynote Speakers:

  • Adriana Sanford, Founder of; Award-Winning Global Privacy Expert; Chilean-American International TV Commentator; CNN Analyst; Former Fortune 10 Regional Counsel
  • Cleve Adams, 5 Time Tech CEO, M&A Advisor, Cyber Investor, Board Member, Member of Forbes CEO Council
  • Deviant Ollam, Physical Penetration Specialist with The CORE Group and the Director of Education for Red Team Alliance

The lineup of other notable Summit speakers:

  • Stevan J. Bernard, Chief Executive at Bernard Global LLC; Former EVP of Global Protection Services at Sony Pictures
  • Louis Bladel, Managing Director of Assurance Services at EY; Former Chief of the FBI’s Counterespionage Section
  • Carol Alexis Chen, Partner & Trial Lawyer, Winston & Strawn LLP; Award-Winning Former Career Prosecutor, U.S. Department of Justice
  • Kimberly A. Klinsport, Partner at Foley & Lardner LLP
  • Marci McCarthy, CEO and President at T.E.N.: Inaugural Advisory Council Chair for the National Technology Security Coalition (NTSC); Chairman at ISE® Talent
  • James McQuiggan, Security Awareness Advocate at KnowBe4
  • Kris Rides, Founder and CEO at Tiro Security
  • Trina Ford, Senior VP & Chief Information Security Officer at AEG
  • Jennifer L. Urban, Partner at Foley & Lardner LLP
  • Karen F. Worstell, Senior Cybersecurity Strategist at VMware; Former CISO at Microsoft and AT&T Wireless/Cingular
  • Michael Wylie, Senior Manager Threat Response at Crowdstrike; Former Information Security Trainer at

Stay for the Private Reception under the stars and ignore the 405 traffic!

ISSA-LA, the founding Chapter of the Information Systems Security Association in 1982, is the premier catalyst and information source in Southern California for improving the practice of information security. The Chapter provides various training classes for information Security and IT professionals throughout the year and at the Summit. ISSA-LA has a CISO Forum that meets quarterly at various companies throughout Southern California. The chapter meets monthly and regularly collaborates with other IT and InfoSec organizations, having joint meetings with ISACA, OWASP, the Cloud Security Alliance, HTCIA, and the Association of IT Professionals.