The CISO Summit at InfoSec World 2025 begins with a powerful welcome from two seasoned leaders who have dedicated their careers to advancing cybersecurity strategy, innovation, and developing strong communities. Parham Eftekhari and Chris Ancharski will set the tone for the day by highlighting the importance of community and how the CyberRisk Alliance can help CISOs with their most pressing issues.

As artificial intelligence rapidly reshapes both the attack surface and defensive capabilities, CISOs are under mounting pressure to harness AI responsibly while ensuring resilience across their organizations. This interactive benchmarking session brings security leaders together to compare strategies, lessons learned, and best practices for integrating AI into enterprise security programs. Through guided discussion, participants will examine real-world use cases, organizational readiness challenges, and the balance between innovation and risk management.

During this session you will:

• Gain a better understanding of how your AI adoption and integration strategies compare with peer organizations across industries.
• Identify practical approaches for leveraging AI to enhance detection, response, and automation while mitigating new vulnerabilities.
• Explore frameworks for aligning AI initiatives with enterprise risk management, board expectations, and long-term business resilience.

Supply chain SaaS risks are hitting Fortune 500s and startups alike in ways that most security teams never see coming. From the ShinyHunters’ Salesforce campaigns to the SalesLoft Drift supply chain breach, attackers are proving one thing: the weakest link isn’t inside your company, it’s in the SaaS supply chain you don’t control.

During this Vorlon lightening talk you will learn:

• How to overcome the challenges in getting control over the third-party apps, services, and AI tools that house and move your most sensitive data.
• Lessons from ShinyHunters’ Salesforce exploits and the SalesLoft Drift incident, what really happened, why it spread, and how enterprises responded.
• How to harden your SaaS and AI ecosystem, detect and responsd to active threats, and get your teams to act fast and together.

Recharge with a coffee and take advantage of this dedicated time to meet fellow CISOs, exchange insights, and build new connections before heading into the next round of sessions.

Today’s CISOs can no longer stay behind the scenes. As stewards of trust in an era of relentless cyber risk, they must also be visible leaders—capable of shaping narratives in the boardroom and in the public sphere. Those who learn to speak for themselves don’t just protect their organizations; they elevate their own credibility, expand their influence, and help define the future of cybersecurity leadership.

In this thirty-minute session led by LaunchTech, you’ll discover why now is the moment for CISOs to step forward as thought leaders—and how doing so pays dividends both internally and externally.

Attendees will gain insight into how thought leadership can:

• Strengthen board and executive relationships through clear, confident communication.
• Bolster organizational resilience by shaping public trust during both crises and calm.
• Enhance personal brand and visibility as an industry authority.
• Create long-term career opportunities by owning the conversation rather than reacting to it.

You’ll leave with a compelling case for making thought leadership a priority—and concrete direction on how to begin shaping your own presence as a trusted and influential CISO.

• Discover how fellow CISOs are tackling today’s biggest security challenges and where they see the industry headed.
• Engage with bold, even contrarian, ideas that push you to re-examine assumptions about risk, technology, and leadership.
• Compare your own strategies with those of peers and walk away with actionable insights to strengthen your organization’s security posture.

Connect over lunch with fellow CISOs and industry leaders—turning meaningful conversations into stronger professional relationships.

The SANS Executive Cyber Exercise will put you inside a simulated cyber event to help your organization understand what it takes to respond to a cyber incident from a strategic perspective. The simulated exercise will emphasize the importance of a well-practiced cyber crisis plan and the leadership skills required to deal with today’s threats. Our facilitators will use real-world experience and industry best practices to expose areas for improvement in an organization’s crisis response plans within a safe environment.

A SANS Executive Cyber Exercise (ECE) is a training activity designed to simulate a cybersecurity crisis. Exercises are conducted in a safe, open, and no-fault environment. Participants assess the severity of the attack and determine an effective strategic response.

Learning Objectives:

• Ability to better assess organizational readiness for a business response to a cyber crisis.
• Apply industry best practices in cybersecurity, organizational structure, and crisis communications.
• Understand and plan for emerging trends in cybercrime.

AI is reshaping the security landscape, but are your defenses keeping up? Many organizations with strong security controls are already 90% prepared—the challenge is addressing the final 10% of AI-specific risks across applications, infrastructure, and development pipelines.

Join Andrew Obadiaru, Cobalt’s CISO, for an exclusive briefing where he’ll dive into:

• Practical strategies for securing LLMs and their ecosystems
• A breakdown of risks and benefits for homegrown, open-source, and LLM-as-a-Service models
• Emerging AI threats and critical edge cases security teams must prepare for

• Discuss what CISOs should learn from federal cyber modernization efforts, including wins, gaps, and governance trade-offs.
• Explore how to operationalize public-private collaboration models in complex, risk-averse organizations.
• Learn more about the accelerating role of AI and automation in threat modeling, policy enforcement, and incident response.
• Review strategic frameworks to help CISOs lead amid regulatory scrutiny, business innovation, and constrained timelines

The CISO Summit at InfoSec World 2025 concludes with reflections from Parham Eftekhari and Chris Ancharski, who will close the day by reinforcing the value of shared insights, as well as highlighting key themes from the summit. Attendees will leave inspired, connected, and better equipped to lead with confidence in the evolving cybersecurity landscape.

Celebrate the voices, vision, and leadership shaping the future of cybersecurity. This gathering offers a unique opportunity to connect with peers, mentors, and change-makers in a relaxed and empowering atmosphere.

Don’t miss this opportunity to form new friendships and expand your cyber community connections!