CISO Washington DC Summit | May 4, 2023 | Washington, DC, USA


Registration & Networking Breakfast

8:30 AM - 9:00 AM

Welcome Address

9:00 AM - 9:10 AM
Sharing the latest trends and technologies in public sector IT & cyber and their potential impact on government services.

Opening Keynote: Genuine Cybersecurity For Artificial Intelligence

9:10 AM - 9:40 AM

Artificial intelligence is changing the world, bringing more context to business and scientific data. It’s being used for everything from curing cancer to predicting your perfect travel destination. Our discussion focuses on securing enterprise artificial intelligence, machine learning and neural networks that are driving data innovation. Genuine cyber strategy for corporate AI will be contrasted with the deliciously perilous Open AI models that are all the rage in 2023.

Key Takeaways: 

  • Identify the AI Risk Management      Framework (AI RMF) components required to build secure, trustworthy, and resilient AI eco-systems.
  • Understand the security controls that protect AI data lakes and training sets.
  • Define Privacy Enhanced      Technologies (PETs) and data minimizing methods for reducing privacy related AI risks.

Melina Scotto

Vice President and Chief Information Security Officer


Passwordless Authentication: Beyond Phishing Resistance to Zero Trust with the Best User Experience

9:45 AM - 10:10 AM
The US government’s memorandum M-22-09 on zero-trust security mandates agencies to “discontinue support for authentication methods that fail to resist phishing.” This memorandum also edicts the "continual verification of each user, device, application, and transaction." But, can any solution achieve this level of verification — ideally without burdening the user? How can you reach continuous verification without having the user reauthenticate at each transaction? While this level of verification seems impossible, MagicEndpoint successfully delivers it — and more. What happens when no transactions are taking place? Shouldn’t the user and device continue to be verified? WinMagic has developed the ideal solution by further innovating the industry’s best ideas regarding FIDO public-key-cryptography-based authentication, federated IdP and IAM authentication and zero-trust security. Find out for yourself how incredible the results are, generating the most secure solution and the best possible user experience — with no user action required. Join Thi Nguyen-Huu, Founder and CEO of WinMagic, as he sheds some light on the latest innovation that will revolutionize user authentication.

Thi Nguyen-Huu

President and CEO



10:10 AM - 10:20 AM

Executive Boardroom: Using Biometrics to Fight Fraud

10:20 AM - 10:45 AM
More than 42 million American adults were affected by identity theft in 2021. As new digital channels and cybersecurity measures emerge criminals continue to find new ways to circumvent these systems and commit fraud. With this comes the challenge of deep fakes and identity fraud. Learn more about the threat of this growing attack vector and how biometrics in the form of facial verification provides CIOs, CISOs, and Chief IT Architects with the most secure and convenient way to verify unknown customer identities at onboarding, grant returning users to accounts, and authenticate transactions.

Ajay Amlani

SVP Americas


Hard pill to swallow: How your compliance program may be hurting you and what you can do about it

10:50 AM - 11:15 AM

For a long time, cybersecurity compliance has been ineffective. Compliance management has become its own function, separate from managing risk. Enterprises now face increasingly complex compliance obligations, using significant resources to achieve, maintain, and demonstrate adherence to continuously emerging standards, frameworks, and mandates. Despite this effort, compliant organizations still suffer breaches, with cyber-attacks continuing to grow in impact despite increased spending on cybersecurity. The convergence of compliance, security, and risk management, powered by end-to-end automation, offers organizations the opportunity to extract additional ROI from existing investments while overcoming organizational barriers. In this session, we will discuss how leaders can implement this strategy in their organizations.



  • Traditional cybersecurity compliance approaches have been ineffective, leading to breaches despite increased spending.
  • The misalignment between compliance, security, and risk management impacts not only individual enterprises but also the larger interconnected digital economy.
  • Legacy compliance workflows focus on past states and reports, while security demands real-time and future-oriented solutions.
  • The convergence of compliance, security, and risk management through end-to-end compliance automation is essential to address these challenges.
  • Adopting a data-centric, mission-driven, and risk-focused model can help organizations better manage risk and enhance business resilience.

Igor Volovich

Vice President, Compliance Strategy


Think Tank: Virginia Alcoholic Beverage Control Authority - Becoming Hybrid, Facing And Resolving

11:20 AM - 11:45 PM

Virginia Alcoholic Beverage Control Authority: Becoming Hybrid: Facing and resolving for technical debt and stagnation.

VirginiaABC's journey from ‘All on Premise’ to a fully hybrid enterprise. ABC runs some 130 systems, but this focuses on the 14 of those that are Enterprise class systems as the measure of our progression. This presentation covers moving IT Systems and the business from those obsolete and on premise solutions to a new paradigm.

Paul Williams



Executive Boardroom: You got 15 minutes – what's your story?

11:50 AM - 12:15 PM

Simple and effective communication with other executives and the board is vital in communicating your story. 

Attend this session to learn how to connect the dots between your metrics, industry standards, and dollars to tell your story in 15 minutes or less with value cards.  Nick Curcuru will show real-world examples of how CISOs have connected the dots for their crypto and PKI teams using value cards.  These cards told the story of the team's current efforts, laid out their future projects, built funding cases, and even minimized a reduction in force in their areas.

When you leave the session, you can return to your desk, shape your value card, and outline the story you must tell your fellow executives and the board. 

Nick Curcuru

Head of Solutions Marketing


Roundtable: Zero Trust: 2023 & Beyond

12:20 PM - 12:45 PM

Roundtable: The Future Of AI-ML In A ChatGPT World

12:20 PM - 12:45 PM

Networking Lunch

12:45 PM - 1:30 PM

Innovation: Zero Trust Security with HashiCorp

1:30 PM - 1:40 PM
A resilient and secure multi-cloud solution for your organization.

Danil Fedick

Sr Solutions Engineer, DoD/ US Air Force


Innovation: Full Stack Observability, Simple Not Simplistic

1:45 PM - 1:55 PM

Join Datadog as they dive deeper into 

Brian Mikkelsen

VP/GM Public Sector


Think Tank: The Role Of Innovation In Public Sector IT

2:00 PM - 2:35 PM
An industry leader shares their perspective on the importance of innovation in public sector IT and discusses some of the latest emerging technologies and trends.

Andre Mendes


US Department of Commerce

Think Tank: Building a Human-Centered Cybersecurity Culture

2:30 PM - 2:55 PM

Centers for Medicare & Medicaid Services' journey and best practise on building a human-centered cybersecurity culture.

Robert Wood


Centers for Medicare & Medicaid Services

Executive Boardroom: How to Manage Your Exposure

3:00 PM - 3:25 PM

The Integration of Threat Intelligence, Attack Surface and Vulnerability Management into Threat Management Programs Threat management programs aiming to establish visibility, detection, investigation and response are becoming more complex as infrastructure and workforces expand and adapt. This not only makes threat management more challenging, but can also dramatically increase our exposure to attack. So how can we do a better job of proactively understanding and reducing the risks and exposures associated with this disparate environment, while simultaneously significantly reducing the stress on our threat management systems and teams? Join us to hear what we have learned from thousands of engagements in this developing field, which we are referring to as Exposure Management. This approach has the goal helping organizations reduce risk and inefficiencies and get the most out of the tools, processes and people that they have. All while enabling the business to evolve and thrive.

Sanara Marsh

Security Evangelist


Think Tank: Overcoming Legacy System Challenges

3:30 PM - 3:55 PM
A CIO discusses their experiences modernizing legacy systems and share tips for minimizing disruption while upgrading to newer technologies.

Garrett Smiley

CISO & VP of Information Security


PM Break

3:55 PM - 4:05 PM

CDM Media Trivia - with prizes!

3:55 PM - 4:25 PM

Closing Remarks

4:25 PM - 4:30 PM

Summit Happy Hour

4:30 PM - 5:30 PM