Skip to main content

Perspectives Home / EXECUTIVE STRATEGY

The Room Where It Happens: .conf+ Brings Together Executive Movers, Shakers, and Change Makers

CXOs from the public and private sectors discuss today’s biggest technology trends and most pressing challenges.

Executive Orders: What Happens When CIOs, CTOs and CISOs Join Forces

What happens when a CISO, a CTO, and a CIO walk into a room? They talk about the rise of new AI deepfakes and other threats — but they also explore generative AI’s potential to add a lot of value to their businesses. They share war stories about navigating a more rigorous regulatory environment. They offer tips and strategies for understanding and managing data overwhelm. And, most importantly, they actually listen to each other. 

As the dust settles on.conf24, we are also celebrating the success of .conf+, our second annual executive conference-within-a-conference. We invited a cross-section of  CXOs from the public and private sectors to discuss today’s biggest technology trends and most pressing challenges. This year, we nearly doubled our attendance from 2023: executives from 12 countries in AMER, EMEA and APAC who were eager to share best practices and gain new insights.

For the second year in a row, I had the honor of hosting .conf+ as emcee, and was both humbled and grateful to learn from thought leaders, customers and Splunk executives. Here are a few of the most significant highlights from our signature event.

AI is the future — and holds both peril and potential

It’s impossible to talk about innovation without talking about AI. And we talked about it.  A lot. It permeated every aspect of our programming, from keynotes and panels to executive roundtable discussions — largely because AI touches on all aspects of innovation.

In her .conf+ keynote, “The Future of AI,” Founder and Chief AI Officer of the AI Leadership Institute Noelle Russell discussed how AI models can optimize business processes, create game-changing solutions, and power growth that augments — rather than replaces — security, engineering and ITOps teams. Organizations that invest in AI the right way (i.e., with appropriate policies and strategies in place) will scale the business and likely realize significant returns on productivity and profitability. However, at the end of the day, AI is just a tool. organizations that create a responsible playground for generative AI will not only speed innovation but also close ethics gaps and ensure information transparency and integrity.

While there was a ton of optimism in the room, executives are also realists, so we spent significant time talking about AI’s potential downside — stealthier and distributed attacks, data privacy mishaps and other business risks. Splunk Senior Vice President of Products and Technology, Tom Casey, Chief AI Officer Hao Yang, and customer panelists dug into this topic, debating whether AI gives cyber adversaries — or defenders — the upper hand. While more nimble cyber adversaries without policy constraints may leverage AI to create waves of authentic-looking deepfakes and bots, cyber defenders ultimately have access to more data, more resources and support. Both sides can benefit and be at a disadvantage.

I also had the privilege of further exploring this topic with my good friend and longtime colleague Richard A. (Dick) Clarke, chairman and CEO of Good Harbor Security Risk Management. Among his many insights, he highlighted the importance of establishing a single set of rationalized and simplified cyber regulations. One option we posited was a governance system to manage AI risk in enterprises, as well as the importance of workforce education and monitoring AI activities — all of which put necessary guardrails around this technology so we can safely realize its enormous benefits.

Compliance regulations require more attention — and collaboration

Compliance regulation is taking center stage these days. So Splunk CISO Jason Lee kicked off a panel on incident response by taking a hard look at one of the toughest recent laws, the SEC cybersecurity ruling, which imposes new materiality requirements while severely narrowing incident reporting windows.

During the discussion, panelists — which included Melina CISO and Cyber Advisor to Fortune 500 Companies, Lane Sullivan, CISO of Magellan Health, and Sean Mason, Managing Director of the Cyber Fusion Center for United Airlines — emphasized the need for robust incident response plans, comprehensive training and preparation, and leadership awareness.

Some of the biggest takeaways? For one, security teams are often mighty but they can’t go it alone. Maintaining relationships across the organization, including legal counsel, HR, the C-Suite, board members and other departmental leads, is crucial for successfully navigating a slew of more rigorous mandates.

Cyber professionals also need support. During the discussion, Lane Sullivan, CISO of Magellan Health, underscored the need for organizations to provide mental health resources for security professionals responding to a critical or public incident to mitigate the devastating effects of anxiety and burnout that often accompany the job. Because, as the airline industry suggests, we need to make sure our own seat belts are securely fastened before we can protect those around us.

Robust data management key for building digital resilience

How you approach data, and manage it, will often signal the success of your digital resilience posture. During the panel “Tackling Data Overwhelm,” moderator Splunk Vice President of Platform and Product Management Faya Peng, and panelists Leonard Wall, Deputy CISO of Clayton Homes, and Chuck Rees, Head of Cyber Engineering and Architecture of GE Electrification Software, affirmed the importance of a unified data management strategy. Included in that strategy, the panelists recommended democratizing data to elevate security and risk management practices while also achieving a strong understanding of regulatory requirements — and then mapping those regulations to a control framework.

So how do you get a handle on data overwhelm and noise? Consolidating your tools goes a long way to reducing the complexity that masks security gaps, slows availability and makes it more challenging to respond to alerts. And while updating and optimizing your existing tools and processes helps a lot too, communication and collaboration are still crucial ingredients for digital resilience.

Few experiences can replace in-person connection. As before, I came away from this year’s .conf+ with a trove of takeaways. Our conversations were not only informative and impactful, they also laid the groundwork for transforming our organizations and industries, and bringing us into the future. And as we continue to build out our executive community, I look forward to what we can accomplish together. 

And for more perspective from CXO thought leaders delivered straight to your inbox, sign up for our monthly newsletter.

Read more Perspectives by Splunk

MAY 21, 2024 • 22 MINUTE LISTEN

Is Your Organization in Step with AI? Check on Your Data Tenancy.

Forget the lone-wolf mentality of a single SOC. Today, it’s all about cross-sector collaboration and information sharing

April 18, 2024   •  5 Minute Read

It Takes a Village: Why Security Teams Won’t Achieve Resilience Without Collaboration

CISOs in 2024 may face rigid security incident disclosure mandates, but they also have opportunities to align priorities and become stronger cyber champions for their boards.


Data Privacy in the Era of AI

What impacts will new generative AI advancements have on data privacy regulation in 2024? And how should companies prepare?

Get more perspectives from security, IT and engineering leaders delivered straight to your inbox.