Executive Orders: What Happens When CIOs, CTOs and CISOs Join Forces

Communication: the key to CxO resilience

The program’s first panel tackled one of the most challenging facets about being a security or technology leader: communicating better with the board of directors. I led the discussion with an illustrious blend of board members and executives alike: Splunk board members Elisa Steele and General Dennis L. Via, Carnival Global CIO Devon Bryan and ManpowerGroup CISO Randy Herold.

The panelists agreed that communication is key for CxOs engaging with their board. As a CISO, CIO or CTO, it’s simply not enough to just be a great technologist, you also have to be a great communicator. It’s imperative to get to know your board members, speak their language and understand the business value and risk you’re impacting.

Transparency is equally important. With an escalating frequency of cyberattacks, today we are seeing security take center stage at board meetings, with many organizations elevating it to its own subcommittee. Consequently, CxOs must be transparent with the board about material risks and the capabilities of proposed solutions. As a CTO, CIO or CISO, it’s your responsibility to not only lead your organization’s cybersecurity strategy, you must also reassure the board that you have the right tools in place to operate through a potential disaster.

Harnessing AI: for better or for worse

What are the biggest implications of generative AI? The second .conf+ session delved into how executive leaders view the latest opportunities and threats from this emerging technology. Moderated by Splunk SVP & GM, Products & Technology, Tom Casey, our panelists included Splunk CISO Jason Lee, Forrester Senior Analyst Allie Mellen, Accenture Enterprise IT CTO Merim Becirovic, and DOE-NNSA Deputy CIO Steven McAndrews.

AI isn’t just a buzzword. When it comes to incident reporting for threat hunters and responders, the panelists agreed that AI will ultimately save SecOps an invaluable amount of time and effort. But with it comes an added layer of complexity around protecting new types of critical data (e.g., proprietary training data sets), which means that CISOs, CIOs and CTOs must maintain a close relationship with their organization’s legal teams.

The panelists also shared their biggest AI concerns. All panelists expected the attack surface area to evolve at the speed of AI’s meteoric rise and it’s the pace and speed of the innovation that is naturally sounding the alarm. How can technology leaders ensure that they are keeping up with innovation? The expansion of generative AI will inevitably put even more pressure on detection and response teams as it also adds velocity and economies of scale to attacker operations, and it’s up to CxOs to put the right tools and governance in place.

Mapping the cyber war battlefield

For the final session, I spoke with award-winning senior writer for WIRED and bestselling author Andy Greenberg. During our fireside chat, we discussed his most recent book, “Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers,” the story of the world’s most catastrophic cyberattack. Our conversation ranged from his thoughts on Russia’s current cyber tactics against Ukraine, China’s focus on espionage, and the chaotic world of teen hackers.