ismg summit logo

june 10, 2025

Data Security Summit: Seattle

Seattle, WA

On Demand August 16, 2024

Event Overview

Seattle’s 2025 Data Security Summit focuses on safeguarding sensitive data in an increasingly complex digital environment. With AI rapidly becoming an integral part of enterprise systems, this event will explore securing machine learning models, detecting AI-generated threats, and managing the risks of non-human identities in cloud infrastructures. In light of growing ransomware attacks on critical infrastructure, attendees will gain insights into how AI can be leveraged to strengthen data security and prepare for the next wave of sophisticated cyber threats.

View our ISMG Event Experience video to see what your peers are saying about their participation. 

Venue

Meydenbauer Center

11100 NE 6th Street, Bellevue WA 98004

Highlight Topics

  • Securing Machine Learning Models
  • Detecting AI-Generated Threats
  • Managing Non-Human Identities
  •  AI-Enhanced Data Security 

Chuck Markarian

CISO, PAACAR

Eric Sanchez

CISO, Orrick

Courtney Hans

VP, Cyber Services, AmTrust Financial Services Inc.

Lana DeMaria

Head of Data Governance, Alaska Airlines

Ginger Armbruster

Chief Privacy Officer and IT Division Director, City of Seattle ,Washington

Brian Shea

Business Information Security Officer, Senior Director of Security, Salesforce

Aravind Swaminathan

Partner. Global Co-Chair Cybersecurity and Data Privacy, Orrick

Enzhou Wang

Chief Data Officer, City of Tacoma

Lana DeMaria

Head of Data Governance and Privacy, Alaska Airlines

Billy Martin

Chief Technology and Security Officer, Vigor, LLC

Ralph Johnson

State Chief Information Security Officer, Washington Technology Solutions

Ivan Avilla

Director of Cyber Incident Response, GoDaddy

Speakers

Thought Leaders on Stage Leading Deep-Dive Discussions

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, interactive workshops and networking events. Learn from the “who’s who” in cybersecurity passionate about the latest tools and technology to defend against threats.

Agenda

Given the ever-evolving nature of cybersecurity, the agenda will be continually updated to feature the most timely and relevant sessions.

Ralph Johnson

CISO, CyberEdBoard Member, Washington Technology Solutions (WaTech)

The CISO's Critical Role in Nurturing Data Security

This session provides practical insights into the strategies, frameworks, and technologies essential for building resilient data security programs.
In today’s environment, CISOs must address emerging challenges, such as securing vast amounts of data generated by IoT devices and ensuring compliance with regional data sovereignty laws. For example, the rise in ransomware attacks targeting healthcare and financial sectors highlights the urgent need for real-time threat detection and robust incident response strategies.
 
This session equips CISOs with actionable approaches to tackle these pressing issues while safeguarding organizational assets.
 
Our Keynote Panelists Will Discuss:
  • Orchestrating Comprehensive Data Protection Measures: Implement robust approaches like end-to-end encryption and role-based access control to maintain the confidentiality and integrity of critical information assets.
  • Crafting and Implementing Incident Response and Data Loss Prevention (DLP) Strategies: Utilize advanced threat intelligence and behavior analytics to proactively thwart data breaches and unauthorized disclosures.
  • Evaluating and Integrating Emerging Technologies: Leverage innovations such as AI-powered security analytics and blockchain-based data protection to enhance defenses and stay at the forefront of data security advancements.
 

Ralph Johnson, CISO, CyberEdBoard Member, Washington Technology Solutions (WaTech)

Cybersecurity Summit Dallas: Data Security

Cybersecurity Summit Dallas: Data Security

Managing the Expanding Attack Surface in a Hyper-Connected World

Attack Surface Management (ASM) has become a critical tool for maintaining visibility over this expanding digital ecosystem. Recent high-profile breaches—like the April 2024 Sisense breach, where attackers exploited compromised GitLab credentials to infiltrate cloud storage—underscore the importance of managing the attack surface to prevent exploitation.
 
This session will focus on how CISOs can implement ASM strategies to secure digital assets, drawing on recent case studies like the Sisense incident and the SolarWinds breach. We’ll cover how attackers identified and exploited weak points in external-facing assets and how ASM tools can help preempt similar threats.
 
We Will Discuss:
 
  • Comprehensive Asset Discovery: How ASM tools provide continuous mapping of external-facing assets, including cloud services and shadow IT, to prevent blind spots, as illustrated in the Sisense and SolarWinds breaches.
  • Real-Time Vulnerability Detection: Learn from recent incidents how misconfigurations and unpatched vulnerabilities became entry points for attackers, and how ASM can detect these issues in real-time.
  • Risk Prioritization and Response Automation: Using machine learning to identify the most critical vulnerabilities and reduce response times, based on insights from breaches where faster detection could have minimized damage.
  • Integration with SIEM and SOAR: Explore how ASM tools can seamlessly integrate with broader security systems to enhance real-time threat detection, drawing on lessons learned from recent breaches.
 

Billy Martin, Chief Technology and Security Officer, Vigor LLC

Courtney Hans, VP, Cyber Services, AmTrust Financial Services Inc. 

Chuck Markarian

CISO, CyberEdBoard Member, PACCAR

Enzhou Wang

Chief Data Officer, City of Tacoma

Building a Resilient Data Security Strategy

CISOs face the challenge of securing information across diverse environments while meeting stringent compliance requirements and maintaining operational continuity.
 
This session will explore how to construct a robust data security framework using advanced detection capabilities, adaptive access controls, and scalable defenses for cloud-native, hybrid, and legacy systems. Attendees will gain insights into the latest innovations in threat detection, data protection, and compliance strategies that reinforce organizational resilience against insider and external risks.
 
Key Takeaways:
  • Layered Defenses for Complex Systems: Designing multi-faceted protection strategies that secure the data lifecycle across distributed infrastructures.
  • AI-Powered Anomaly Detection: Applying advanced algorithms to identify unusual activity, prevent breaches, and mitigate evolving threats.
  • Next-Generation Access Controls: Enforcing least-privilege policies with dynamic authentication tailored to hybrid and cloud-native environments.
  • Proactive Compliance Strategies: Meeting evolving mandates like GDPR and HIPAA while building trust with stakeholders and customers.
 

Chuck Markarian, CISO, CyberEdBoard Member, PACCAR

Enzhou Wang, Chief Data Officer, City of Tacoma

Lana DeMaria

Head of Data Governance and Privacy, Alaska Airlines

Aravind Swaminathan

Partner, CyberEdBoard Member, Partner, Orrick, Herrington & Sutcliffe LLP

Data Privacy and Decoupling: Ensuring Compliance and Data Integrity

Decoupling data—separating sensitive data from less critical information—has emerged as a vital approach to maintaining data privacy while meeting the challenges of modern business operations. This session will focus on how CISOs can implement data decoupling and adjust their data architecture to protect sensitive information, ensure compliance with privacy regulations, and reduce the risk of data breaches.
 
Attendees will gain insights into best practices for safeguarding data while maintaining the flexibility to scale operations and adapt to changing regulatory requirements. The session will also explore real-world case studies where organizations have successfully decoupled data, ensuring data privacy and minimizing exposure.
 
Key Discussion Points:
  • Decoupling Data for Privacy: Strategies to separate sensitive data for improved security and regulatory compliance.
  • Adapting to New Privacy Regulations: How businesses can adjust data architecture to stay compliant with global data privacy laws.
  • Minimizing Data Breach Risks: Best practices for protecting sensitive information and reducing data breach impacts.
  • Case Studies on Data Decoupling: Real-world examples of how companies have implemented data decoupling to protect data privacy.
 

Lana DeMaria, Head of Data Governance and Privacy, Alaska Airlines

Aravind Swaminathan, Partner, CyberEdBoard Member, Orrick, Herrington

& Sutcliffe LLP

Networking Break

Cybersecurity Summit Dallas: Data Security

Cybersecurity Summit Dallas: Data Security

Agentic AI and the Future of Autonomy in Security

Agentic AI introduces autonomous systems capable of executing complex tasks, making decisions, and collaborating with other AI agents—all without human intervention. These systems go beyond prediction and content generation, offering organizations the ability to automate workflows, improve efficiency, and adapt to dynamic challenges with unprecedented agility.
 
While the potential benefits of agentic AI are vast, its rise also introduces new risks. As autonomous agents take on critical roles across industries, questions around security, accountability, and ethical governance come to the forefront. How can organizations ensure these systems operate safely within established parameters? What vulnerabilities might emerge as agentic AI becomes a target for exploitation? This session will examine the dual impact of agentic AI on business innovation and security resilience, offering practical insights for leveraging its power while safeguarding against misuse.
 
Key Takeaways:
  • Understand how agentic AI differs from previous waves of AI and its implications for business operations and security.
  • Explore strategies for securely integrating autonomous agents into critical workflows.
  • Identify emerging vulnerabilities posed by agentic AI and how to mitigate them effectively.
  • Discuss ethical and regulatory considerations essential for the responsible deployment of agentic AI.
 

Augie D’Agostino, CISO, UW Medicine

Cybersecurity Summit Dallas: Data Security

Inside the Ransomware Battlefield: Former CISO on Defending Critical Infrastructure and Leading Through Crisis

Discover how to strengthen your organization’s resilience by learning directly from those who have navigated these intense challenges, offering you practical strategies and invaluable lessons for future preparedness. 

This session will:

  • Explore the speaker’s firsthand experience in managing a significant ransomware attack compared to prior training.
  • Highlight the importance of communication and showing empathy in incident response.
  • Discuss the personal and financial implications of a cyber incident for CISOs, their organizations and customers.
  • Emphasize the need for collaboration among legal, compliance and communication stakeholders.

Robert Costello, Chief Information Officer, CISA

Cybersecurity Summit Dallas: Data Security

Cybersecurity Summit Dallas: Data Security

Uncovering Insider Threats with Behavioral Analytics

Behavioral analytics offers a powerful tool for identifying subtle activity changes that could indicate malicious actions or unintentional risks before they evolve into serious breaches.This session will dive into advanced methods for applying behavioral analytics to insider threat detection, including leveraging machine learning, anomaly detection algorithms, and seamless integration with existing security tools.
 
Through real-world examples, CISOs will explore how this technology can uncover suspicious access patterns and unusual data transfers, delivering proactive defenses against insider threats.
 
Key Technical Takeaways:
  • Machine Learning for Behavioral Insights: How to train models that pinpoint deviations in user activity across diverse systems.
  • Real-Time Detection: Implementing anomaly detection techniques to identify irregularities as they occur.
  • Integration with SIEM and SOAR: Using behavioral data to enhance automation and incident response workflows.
  • Case Studies: Technical analysis of successful behavioral analytics implementations, emphasizing reduced false positives and operational gains.
 

Ivan Avilla, Director of Cyber Incident Response, GoDaddy

Varsha Agarwal, CyberEdBoard Member, Head of Information Security,

Prosper Marketplace

Cybersecurity Summit Dallas: Data Security

Trust Undermined: An Immersive Simulation of AI-Augmented Insider Threats

This expertly designed session challenges participants to respond to cascading disruptions across IT and operational systems, unraveling the role of AI-augmented tactics in exploiting insider vulnerabilities. With a multi-phase simulation highlighting the cross-industry impact of AI-augmented insider threats on IT and operational systems, attendees will collaborate to develop actionable strategies for containment, detection, and long-term defense.
 
What You Will Gain From This Experience:
 
  • Precision Threat Response: Master techniques for isolating compromised systems, analyzing hybrid network activity, and mitigating cascading disruptions caused by insider-enabled AI attacks.
  • Real-World Scenario Insights: Understand how AI-driven insider threats exploit IT-OT vulnerabilities, with lessons applicable to sectors reliant on interconnected systems.
  • Actionable Defense Playbook: Design advanced countermeasures, including micro-segmentation, AI-based anomaly detection, and evidence preservation for incident response and regulatory requirements.

Jason Cook, AVP Worldwide Partner Sales Engineering, Rubrik

Networking Break

Cybersecurity Summit Dallas: Data Security

Cybersecurity Summit Dallas: Data Security

Building Intelligent Data Infrastructure: Unlocking Cross-Industry Potential

From healthcare to financial services, companies must rethink their data management strategies to drive efficiency, security, and innovation. A modern data infrastructure can transform raw data into a powerful resource, optimizing performance and enabling smarter decision-making while safeguarding sensitive information. Whether you’re looking to modernize your data strategy or protect critical assets, this session offers practical insights to help you build a data infrastructure designed to meet the challenges and opportunities ahead.
This session will explore the components of a resilient, secure, and scalable data infrastructure, highlighting how intelligent systems can deliver actionable insights, automate workflows, and meet the growing needs of diverse sectors.
 
Key Topics Include: 
 
  • Leveraging AI for Efficiency: How intelligent systems can streamline operations and generate insights that lead to better business outcomes.
  • Enhancing Security: Approaches for embedding strong security measures directly into your data infrastructure to protect against emerging threats.
  • Scalability for the Future: Developing a flexible and adaptable infrastructure capable of evolving with your business needs and handling increasingly complex workloads.
 

Eric Sanchez, CyberEdBoard Member, CISO, Orrick, Herrington & Sutcliffe

LLP

George Williams, CIO, Washington Liquor and Cannabis Board 

Closing Comments

Don’t miss your chance to attend this dynamic impactful event

#ISMGSummit

@ISMG_News

Past Summit Sponsors

expel

CPE Credits

ISMG Summits offer Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.

The Summit Experience

Future Events

February 11-12, 2025

Virtual Summit: Cybersecurity Implications of AI

February 12, 2025

Have We Shifted Too Far Left? Engineering, InfoSec, and Customer Identity Ownership

February 20, 2025

MLOPs and the Role of Gen AI in Securing the Software Supply Chain

February 20, 2025

Managing Your Expanded Attack Surface Using Automation: The Security Promise

February 20, 2025

Securing the Modern Payment Rails

Future Events

February 11-12, 2025

Virtual Summit: Cybersecurity Implications of AI

February 12, 2025

Have We Shifted Too Far Left? Engineering, InfoSec, and Customer Identity Ownership

February 20, 2025

MLOPs and the Role of Gen AI in Securing the Software Supply Chain

Katie Jenkins

EVP & CISO , Liberty Mutual Insurance

Threat Intelligence and the Dark Web

In this session, a banking security leader and an FBI agent detail:

  • What the dark web is – and is not;
  • How to gain useful and complete information and apply it;
  • The pros and cons of going solo vs. hiring a service.