Anti-Summit: Atlanta — The CISO Society

Date & Time:
Tuesday, June 17
09:30 - 17:00

Venue:
Ambient + Studio
585 Wells St SW
Atlanta, GA 30312

Agenda

Registration & Breakfast

09:30 - 10:20

Opening Remarks

10:20 - 10:25

Tabletop Exercise

10:25 - 11:25

Omni-channel threat response: A Tabletop Exercise for Business Resilience
Organizations are global engines with many disparate systems and critical moving parts. The threat landscape is vast and the attack surface is growing in complexity. Your customers look to you, to lead in times of disruption and crisis. This exercise will challenge traditional thinking and disrupt the approach to incident and crisis management.

Workshops

11:30 - 12:00

Session #1: Unlocking AI Security: A Leader's Toolkit for Action
Equip yourself with the insights, frameworks, and practical tools:

The emerging threat vectors and vulnerabilities unique to AI technologies
Governance and policy imperatives for responsible AI deployment
Best practices for securing machine learning models, data pipelines, and AI-driven decision systems
Risk management strategies tailored for AI innovation in the enterprise
How to align AI security with board-level expectations and regulatory mandates

By the end of the session, you will leave with a tailored action plan—a “Leader’s Toolkit”—to confidently lead secure and ethical AI adoption across their organizations. This is not just a technical deep dive—it’s a strategic imperative.

Session #2: Beyond Detection…Or Not: The New Frontier in Social Engineering & Deepfakes
Imagine a scenario where your client’s CEO joins a call—and it turns out to be a deepfake. With GenAI making fakes nearly undetectable, social engineering attacks are escalating, as seen in multimillion-dollar losses across industries. The quality, frequency and complexity of these attacks are growing exponentially—leaving traditional content-based defenses struggling to keep pace.

You are probably all familiar with some of the recent high-profile incidents: the MGM attack that cost about $30 million and up, a video-based deepfake assault on Arup's Hong Kong finance team, resulting in a $25 million loss, and impersonation schemes posing as candidates or new hires to compromise critical systems. As GenAI evolves, the challenge is clear: how do we effectively block these advanced threats from the get-go?

Session #3: Before the Breach: What Hackers Learn in Reconnaissance
Long before an exploit is launched, attackers are actively profiling your organization—identifying exposed assets, gathering intelligence, and building context for future attacks. Reconnaissance now happens at machine speed, often invisibly, and with startling precision.
In this session, we’ll unpack:

How modern adversaries conduct stealthy, scalable reconnaissance
What makes your organization an attractive target
Strategies to expose what attackers already know about you

You’ll walk away with a clearer understanding of how you’re seen through an attacker’s eyes—and what can be done to disrupt them before the breach occurs.

Networking Lunch

12:00 - 12:55

Roundtable Exercise

13:00 - 14:00

What are the most significant challenges we're facing with non-human identities, and how can we make this a strategic priority?
Non-Human Identities (NHIs) are growing exponentially faster than human identities as organizations create ever more API keys, access tokens, traditional service accounts, and vaulted secrets. Do you know how many times people in your organization have clicked “authorize” to let an app access your systems and data? Do you know how your suppliers are using the access you’ve granted to deliver their promised value? As AI agents increasingly leverage NHIs to interact with your data, is this trend a passing fad, or is NHI here to stay—powering AI and shaping the future of your organization?

Workshops

14:05 - 14:35

Session #1: How do we create cross-team collaboration to reduce SaaS security risk?
You just discovered that your business is leveraging critical SaaS applications like NetSuite and Salesforce—but security has no governance over them. Business teams have adopted these tools outside of IT oversight, integrating third-party applications and sharing sensitive data with external partners—all without security monitoring. How do you regain control without disrupting business operations?Join Valence Security for an interactive, scenario-based workshop on bridging the gap between security, IT, and business teams. We’ll explore the operational challenges of distributed SaaS administration and showcase how real customers leverage Valence to foster collaboration and streamline risk remediation. Learn how to gain visibility, operationalize security findings, and empower business teams to take an active role in securing SaaS—without slowing them down.

Session #2: Blueprinting a Cloud Security Strategy
In this technical workshop, we’ll define what a real cloud security blueprint should look like. One that helps teams protect not only the infrastructure that powers the cloud, but also the workloads, applications, and services running inside it. We'll dive into practical questions that security leaders and practitioners ask every day:

What does a complete cloud security strategy actually include? Is it shift-left, runtime, API protection, or all of the above?
What capabilities deliver real value, and which ones just add noise?
How can teams rationalize their toolsets and prove ROI to leadership?
What does “good enough” actually look like against modern attack techniques?

Session #3: Is data hoarding the path for better security?
The future of cybersecurity is drowning in its own data. As organizations rush to ingest petabytes of telemetry from endpoints, networks, and cloud assets, SIEM systems buckle under the weight of irrelevant signals and missed threats. Data lakes, once hailed as the answer to fragmented security data, have morphed into ungovernable swamps. Ingesting more data has not meant better security — only bigger bills and slower detection. Meanwhile, adversaries exploit our overload, moving faster and smarter. To survive, cybersecurity must rethink its addiction to raw data, embrace intelligent ingestion, and architect leaner, real-time ecosystems that prioritize actionable insight over blind accumulation.

Roundtable Exercise

14:40 - 15:40

Purple Team: Musical Chairs Needed on Your Security Team
About a decade ago, a well-known voice in offensive spaces, David Kennedy, introduced the Purple approach. As a pentester, David sat down with a SOC Analyst and the two realized how much they had to gain from one another's day-to-day perspectives. David was able to learn the artifacts the defensive team identified his attacks with and the SOC Analyst was able to learn more about David's approach and new gaps they can work around in their environment.

In this roundtable, we will explore the benefits of purple teaming and what success has been found with the approach as well as what it can do beyond fleshing out the security posture.

Refreshment Break

15:40 - 15:50

Workshops

15:55 - 16:25

Session #1: Buying Down Risk Through Strategic Technology Investments
Today’s CISOs are increasingly called upon to communicate in terms of business risk, bridging the gap between cybersecurity and executive decision-making.But what if you could extend that clarity to your technology purchasing decisions as well? Let’s explore a fresh perspective that empowers you to achieve exactly that.

Session #2: Building Your Own Business as an Independent Security Advisor
Understand the pros and cons of starting your own business from members who have made the transition successfully. Learn what obstacles to expect and how to overcome them and how to partner successfully for mutual benefit.

16:30 - 17:00

Anti-Keynote

16:30 - 17:00

Access Granted
A raw account of breaking into an industry that didn’t want to be broken into. A new view on hiring, talent retention, and the cultures to create in order that new cybersecurity professionals can thrive and contribute to the mission of your organizations.