NYC CxO Security Forum

Quarterly Executive Briefing

Wednesday 25 February 2026

Days

Hours

Minutes

Seconds

A Private, Peer-Led Forum for Cybersecurity Leaders

CxO Security Forum brings together senior executives in cybersecurity, risk, and compliance to engage in peer-driven dialogue — not one-way presentations or vendor pitches. Our curated discussions are designed to elevate strategic decision-making, sharpen leadership perspective, and support both professional growth and personal mastery in today’s complex threat landscape.

Each Executive Briefing has a unique agenda, which follows our engaging format with Discussion Leaders and thoughtful “TED Talk” presentations followed by moderated conversations that where the assembled executives from the Community share their best practices, experiences, lessons learned, etc.

Participants gain:

Trusted peer insight: candid discussion with leaders facing the same strategic challenges
Personal & professional growth: sharpen leadership and strategic judgment through real executive exchange
Actionable dialogue: moderated, high-impact conversations focused on what matters now
No noise, no pitches: gatherings where peers drive the agenda and learning
Stronger decision confidence: discussions that help you avoid costly missteps and evaluate solutions with clarity

Next Forum Agenda

As with past NYC CxO Security Forum briefings, the February gathering will feature a tightly curated agenda built around real-world insight, peer experience, and practical guidance — not theory or sales pitches.

Planned discussions and briefings will include:

Agentic AI in the Enterprise
A practitioner-focused discussion on where agentic AI is already being deployed, where it’s creating new risk, and how leading organizations are thinking about governance, controls, and accountability.

Learning from High-Profile Breaches (TBC)
Candid perspectives from nationally recognized CISO peers, examining recent, well-publicized breaches — what actually happened, what was missed, and what leaders would do differently with the benefit of hindsight.

Workforce, Talent, and the Security Organization
Insight from one of the world’s largest staffing firms on how cybersecurity, risk, and compliance teams are evolving — including hiring trends, organizational design, and where leaders are struggling to find (and retain) critical skills.

New Thinking from Leading Authors
Select authors will share ideas from their latest work, offering fresh perspectives on leadership, risk, security, and the changing role of the CxO — with time reserved for discussion and audience engagement.

Legal, Regulatory, and Liability Realities
A partner from a major law firm will share insights drawn from real client cases and advisory work, covering today’s most pressing issues around regulation, security, privacy, liability, and the use of AI in business applications — with a focus on practical guidance leaders can apply immediately.

As always, each session will be succinct, moderated, and discussion-driven, building toward a cohesive set of takeaways rather than disconnected presentations.

Thank You to Our Partners

Past Agenda

Here is the detail from our most recent Executive Briefing… to give your a flavor for the high quality conversations you can expect at the NYC CxO Security Forum. Our community-led gatherings ALWAYS have an amazing agenda filled with thoughtful Discussion Leaders and security, risk & compliance influencers – including nationally-recognized authors and cyber-celebrities!

Registration & Networking

3:00 PM

Welcome/Introductions

3:30 PM

From Breach to Boardroom: Legal Lessons in Cybersecurity Strategy
[Discussion Pod #1]

Morgan Jones, Partner at Brown Rudnick, distills key lessons from high-profile cases and confidential client engagements, showing how companies have navigated ransomware demands, disclosure dilemmas, and cross-border data incidents. In today’s high-stakes cyber environment, technical defenses are only part of the story — the real test comes when legal, regulatory, and business pressures collide. In this fast-paced talk, he’ll share what works, what fails, and what every executive should know before the next crisis hits — from structuring contracts to withstand supply chain attacks, to leveraging breach response as a catalyst for lasting governance improvements.

3:45 PM

Zero Trust for Leaders: Building Antifragile Security in the Age of AI
[Discussion Pod #2]

John Kindervag — creator of the Zero Trust model — will share how CxOs can combine Zero Trust with AI and machine learning to create “antifragile” security environments. Zero Trust isn’t just a cybersecurity framework — in 2025, it’s a business strategy that gets stronger under pressure.

Drawing from 25+ years advising global enterprises, and the 15th anniversary since he created Zero Trust, John will challenge traditional “risk management” thinking, expand on the practicalities of the commonly known 5-step Zero Trust methodology, explain his focus on protect surfaces (not perimeters), and debunk some of the many myths about Zero Trust!

You’ll walk away with:

A leadership-level view of Zero Trust strategy in the AI era
How progressive CISOs are using it to reduce danger, not just “manage risk”
Practical steps to align initiatives with business priorities and regulatory demands

This talk and the subsequent discussion will equip participants with immediately actionable insights to strengthen security, reduce attack surfaces, and future-proof their organizations.

4:20 PM

Start-Up Showcase - Quantro Security

Quantro Security is an AI-powered cybersecurity startup aiming to transform how enterprises and MSSPs manage vulnerabilities. Their core platform deploys autonomous agents that reason like security experts, triaging alerts, prioritizing risks, eliminating false positives, prescribing remediation, and generating compliance and executive-level reports.

Led by founders with deep domain experience (including prior roles at Tenable and Qualys), Quantro is backed by Google’s AI Fund. Their vision is to augment human analysts, not replace them—boosting productivity, enabling junior talent, and reducing operational bottlenecks.

4:45 PM

Networking & Organized Interaction Break

4:50 PM

Think Like an Attacker: Security Graphs and the Future of Cyber Defense
[Discussion Pod #3]

Dr. Chase Cunningham—“Dr. Zero Trust” and author of Think Like an Attacker—posits “What if the key to stopping tomorrow’s cyberattacks lies in how we connect the dots?” He will lead a discussion that explores why security graphs are redefining threat detection and response. Graph theory, once used to map bridges, terror cells, and financial fraud, is now exposing the hidden relationships between users, devices, and data that attackers exploit.

From attack-path mapping and insider threat detection to Zero Trust enforcement and AI-driven defenses, Chase will show how graph-based security shifts the advantage back to defenders. Executives will walk away with a clear vision of how graphs turn overwhelming complexity into actionable intelligence—helping organizations of any size outsmart adversaries in real time.

5:15 PM

Reception & Networking

Cyber author book signing!

Refreshments, food, cocktails & discussions till 8pm

6:30 PM

Forum Discussion Leaders

(Past, Present & Future)

John Kindervag

Creator of Zero Trust
Chief Evangelist at Illumio

John Kindervag is considered one of the world’s foremost cybersecurity experts. With over 25 years of experience as a practitioner and industry analyst, he is best known for creating the revolutionary Zero Trust Model of Cybersecurity. As Chief Evangelist at Illumio, John Kindervag is responsible for accelerating awareness and adoption of Zero Trust Segmentation.

Most recently, John led cybersecurity strategy as a Senior Vice President at On2IT. He previously served as Field CTO at Palo Alto Networks and, before that, spent over eight years as a Vice President and Principal Analyst on the security and risk team at Forrester Research.

In 2021, John was named to the President’s National Security Telecommunications Advisory Committee (NSTAC) Zero Trust Sub-Committee and was a primary author of the NSATC Zero Trust report that was delivered to the President. That same year, he was also named CISO Magazine’s Cybersecurity Person of the Year. John serves as an advisor to several organizations, including the Cloud Security Alliance and venture capital firm NightDragon.

Richard Stiennon

Chief Research Analyst - IT Harvest
frmr. VP of Research - Gartner

Richard founded IT-Harvest in 2005 to cover the 4,550+ vendors that make up the IT security industry. He has presented on the topic of cybersecurity in 32 countries on six continents. He was a lecturer at Charles Sturt University in Australia. He is the author of Surviving Cyberwar (Government Institutes, 2010) and Washington Post Best Seller, There Will Be Cyberwar, as well as the annual Security Yearbook, published by Wiley for 2025. He was the VP of Research at Gartner. He has a B.S. in Aerospace Engineering from the University of Michigan, and his MA in War in the Modern World from King’s College, London.

Kurtis Minder

CEO & Co-Founder, GroupSense
Author, Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation

Kurtis Minder is one of the world’s foremost experts in ransomware response and cyber threat intelligence. As CEO and co-founder of GroupSense, he has led negotiations in some of the largest ransomware and data extortion cases globally, engaging directly with threat actors and nation-state affiliates. With over 25 years in cybersecurity—including roles at Fortinet, AT&T, and Citrix-acquired Caymus Systems—Kurtis has combined operational security, cyber reconnaissance, and real-world intelligence tradecraft into a uniquely effective digital risk strategy. His pioneering work and insights have been featured in The New Yorker, BBC, The Wall Street Journal, and Fortune.

At ACCSFF 2025, Kurtis will deliver a TED-style keynote and participate in a moderated discussion on themes from his acclaimed new book, Cyber Recon, offering a rare behind-the-scenes look at the people, tools, and tactics behind today’s cyber espionage and ransomware ecosystem.

Tim Rohrbaugh

Founder - RadicalNotion.AI, 3x Public Co. CISO

Tim Rohrbaugh brings 20+ years of C-level cybersecurity leadership to the frontier of AI for security and applied engineering. As founder of RadicalNotion.AI and former CISO of JetBlue Airways, he has built and operated enterprise programs that protect high-value, regulated data— including responsibility for safeguarding more than 40 million consumer records at a public financial services company.

A career security architect and systems engineer, Tim advances a practical view of GenAI as “augmented intelligence”: trustworthy, domain-tuned reasoning agents that reduce noise, challenge bias, and accelerate evidence-backed decisions without exposing IP. He has served as Vice Chair of the Airlines for America Cyber Security Council and as a board member of the Online Trust Alliance, where he contributed to national privacy and security policy. His work has been recognized with multiple awards, including Top Global CISO by Cyber Defense Magazine. Tim holds two joint patents in identity verification and authentication and is a frequent speaker and advisor to boards and engineering teams alike.

Dr. Chase Cunningham, PhD.

“Dr. Zero Trust” - Author, Speaker and Industry Thought-Leader

Dr. Chase Cunningham is a globally recognized cybersecurity strategist, bestselling author, and trusted advisor to both the public and private sectors. Widely known as “Dr. Zero Trust,” Chase pioneered the Zero Trust security framework during his time as a Senior Analyst at Forrester Research—an approach now adopted as a standard across government and Fortune 500 enterprises alike.

Over a 20+ year career that spans the U.S. Navy, Department of Defense, and senior industry roles, Chase has led initiatives in cryptographic systems, threat intelligence, cyber forensics, and national cyber defense strategy. He holds a PhD in Computer Science and Cybersecurity, with research centered on insider threats and advanced detection algorithms. He also maintains CISSP and CEH certifications.

An engaging keynote speaker and regular contributor to leading cybersecurity forums, Chase is the author of several acclaimed books including Cyber Warfare: Truth, Tactics, and Strategies and his latest, Buy the Breach: Hacking Failure for Market Success. In Buy the Breach, he unveils a contrarian but data-backed strategy for turning corporate cyber failures into personal financial gains—arming cyber professionals with the tools to outperform hedge funds by investing in the inevitable post-breach market rebound.

Chase is a rare voice who blends deep technical expertise with sharp financial insight. Whether briefing the Executive Branch or advising the boardroom, his mission is clear: empower defenders, demystify complexity, and challenge the status quo.

Morgan Jones

Partner, Cybersecurity/Data Privacy Practice Group, Brown Rudnick LLP

On tech evolution and regulatory/legal trends, business planning amid rapid tech evolution, and managing risk/liability profiles. Brown Rudnick frequently guides clients on how to navigate emerging issues with an eye to helping them to avoid having to start over again down the road. Expect a candid conversation about the current regulatory landscapes for AI and privacy, and data breach best practices.

Mark Sangster

Cybersecurity Author, Strategic Advisor, and Storyteller of the Unseen

Mark Sangster (mbsangster.com/) is a recognized authority on cybersecurity risk and a compelling voice in the fight against digital crime. A celebrated author and award-winning speaker, Mark brings a unique ability to distill complex cyber threats into practical, boardroom-ready insights. His books, No Safe Harbor and Cyber-Conscious Leadership, challenge conventional thinking by exposing the stories that don’t make headlines—highlighting the human and systemic failures behind major breaches.

Mark’s thought leadership spans industries and continents, with appearances on major stages including Harvard Law School and RSAConference, and contributions to The Wall Street Journal, CSO Magazine, and other leading media. He’s an advocate for shifting the cybersecurity conversation away from technical jargon and toward real business risk—translating the language of threat intelligence into the language of leadership.

With deep insight into emerging threats, geopolitical risks, and the psychology of cybercrime, Mark arms executives with the frameworks they need to lead resilient organizations. Whether drawing parallels between cyberattacks and aviation disasters or unraveling the hidden mechanics of “grey crime,” Mark’s work is as thought-provoking as it is actionable.

At the Forum, expect a conversation that’s more than informative—it’s transformative.

Dr. Frederick Scholl

Quinnipiac University - Program Director Cyber & Associate Teaching Professor

Frederick Scholl is a highly accomplished Global Senior Information Security Risk Manager. Dr. Scholl earned a BS and Ph.D. in Electrical Engineering from Cornell University. He is currently at Quinnipiac University, where he is MS Cybersecurity Program Director and Associate Teaching Professor. Previously, Fred founded Monarch Information Networks, LLC to enable trusted clients to protect their information. He also served as Senior Manager of Information Security and Control for Nissan Americas. His business experience also includes co-founding Codenoll Technology Corporation (NASDAQ: CODN) where he was Senior Vice President and Board Member. Career accomplishments also include 13 US Patents related to network technology and fiber optics. He chaired the IEEE committee that wrote the first standard for Ethernet communication over fiber optic links, now used world-wide.

Hazel Cerra

Resident Agent in Charge – U.S. Secret Service, Atlantic City Resident Office

Resident Agent in Charge – U.S. Secret Service, Atlantic City Resident Office Hazel Cerra is a seasoned federal law enforcement leader with 20+ years of experience in cyber-enabled financial crime prevention, national security investigations, and executive protection. As the Resident Agent in Charge (RAIC) for the U.S. Secret Service’s Atlantic City Resident Office, she leads the region’s Cyber Fraud Task Force (CFTF), coordinating complex investigations into cryptocurrency fraud, business email compromise, identity theft, and network intrusions.

Earlier in her career, RAIC Cerra served on former President Bill Clinton’s detail and traveled globally in support of the Clinton Global Initiative. She later became a supervisory special agent in the Philadelphia Field Office’s Financial Crimes Squad, where she oversaw a team of agents working on emerging cyber fraud threats.

RAIC Cerra holds an MBA in Finance from Johns Hopkins University and a Bachelor of Science in Criminal Justice from New Jersey City University. She recently completed the prestigious CISO Certificate Program at Carnegie Mellon University and is a Certified Information Security Manager (CISM).

A bilingual (English/Spanish) advocate for the next generation of cybersecurity talent, she volunteers as an adjunct professor and mentors Civil Air Patrol cadets in the national CyberPatriot competition. She brings a mission-driven, cross-disciplinary approach to protecting financial infrastructure—and continues to build bridges between law enforcement, the private sector, and the broader cybersecurity community.

Dr. Robert C. Riegle, J.D.

CEO, TripleID | Former Director, U.S. Department of Homeland Security

Dr. Robert Riegle is a nationally recognized authority on intelligence sharing, critical infrastructure protection, and national security policy. He currently serves as CEO of TripleID, a company pioneering next-generation identity and authenticity solutions for operational technology, edge devices, and autonomous systems.

Previously, Dr. Riegle served as Director of the State and Local Program Office within the Office of Intelligence & Analysis at the U.S. Department of Homeland Security (DHS), where he was instrumental in shaping the national intelligence-sharing framework between federal agencies and state and local Fusion Centers. As a senior executive and intelligence officer, he co-led DHS-wide efforts to formalize policy for interagency collaboration and helped align intelligence coordination across multiple domains, including counterterrorism, cyber, and counterintelligence.

His earlier roles include serving with the Defense Intelligence Agency in support of Operations Iraqi Freedom and Enduring Freedom, and in leadership positions at Booz Allen Hamilton, Chevy Chase Bank, and Indeck Power. A veteran with multiple commendations, Dr. Riegle holds a J.D. from The Catholic University of America and a B.S. in Government from the University of Maryland.

Dr. Riegle brings a unique lens to today’s challenges at the intersection of national security, technology, and trust—championing the need for verifiable authenticity in the systems we rely on most.

Amanda Draeger

Principal Cyber Risk Engineer, Liberty Mutual Insurance

Amanda Draeger is an accomplished cybersecurity leader, with a distinguished career rooted in leadership, education, and technological excellence. As a Sergeant Major in the U.S. Army, Amanda exemplified these traits by not only educating and leading fellow soldiers, but by becoming one of the first four women to ever achieve the GIAC Security Expert (GSE) designation from SANS.

Now retired from the armed forces, she utilizes her expertise, knowledge, and passion for educating others in her role at Liberty Mutual as a Principal Cyber Risk Engineer. In this role she provides subject matter expertise to underwriters and insureds on critical cybersecurity topics, as well as presenting at major infosec conferences around the country. Outside of work, Amanda is a fiber arts enthusiast.

Michael Hiskey

[Moderator] Founder, CxO Security Forum | Author | Speaker | Executive Strategist

Michael Hiskey is an author, blogger, and speaker with more than 20 years of experience in enterprise B2B strategy across cybersecurity, fintech, data, and AI. His work has appeared in Forbes, InformationWeek, WSJ.com, ITProPortal, and he has been featured on CNBC and C|Net.

A seasoned executive, Michael has held Chief Marketing Officer and Chief Strategy Officer roles at companies including Avanan, Socure, Semarchy, Trifacta, and Data Connectors, as well as leadership positions at IBM and MicroStrategy. He has lived and worked on three continents, managing global teams and driving measurable ROI for complex organizations.

Michael is the founder of the CxO Security Forum, a community-led network reinventing how executives connect for education, mentoring, and peer exchange. Having moderated and organized hundreds of cybersecurity conferences, roundtables, and executive forums, he is dedicated to creating practitioner-first environments that foster collaboration between industry, government, and academia.

He holds an MBA from Columbia Business School, and lives on Long Island with his wife and two daughters. More at linkedin.com/in/mphnyc.

About CxO Forum

CxO Security Forum began as a response to a common frustration among senior cybersecurity leaders: the way enterprise solutions are marketed, sold, and evaluated is fundamentally broken. What started as a call for change has grown into a trusted community that puts executive practitioners at the center of the conversation.

We bring together CISOs, CIOs, and senior decision-makers who are responsible for protecting their organizations, guiding strategic risk, and navigating the evolving role of AI in security. Every forum, gathering, and conversation is designed to foster education, mentoring, and authentic peer connection.

What makes us different is our focus on relationships. Our events are intentionally small, curated, and built for real dialogue. Sponsors are carefully selected, and there are no product pitches. Participants come for thoughtful, actionable conversations that support both professional development and practical decision-making.

At CxO Security Forum, the goal is simple. Give experienced leaders a space to learn from one another, to share insight, and to build meaningful connections that last beyond the event itself.

Participation is free for qualified senior executives

Location

Brown Rudnick

7 Times Square, New York City

Registration

Registration is open only to qualified senior executives. (Sorry, this excludes Sales/Marketing/Business Development!)