DOMINO 24: Solving the Digital and Cybersecurity Governance Puzzle

AGENDA

DOMINO 24 is being held live in-person only. Sessions are not recorded and Chatham House Rules will be in effect. No press will be in attendance. 

DDN Faculty will be teaching the QTE 501 Boardroom Masterclass for IT and Cybersecurity Executives the day before DOMINO 24 begins on Tuesday May 14. Participants in the QTE Masterclass can then attend DOMINO 24 if registered. 

Our learning agenda includes deep-dive learning events, peer leaders sharing their insights, and speakers who are working to transform the role of the board in shaping and securing the digital future.

The agenda is as follows and the speakers listed have each confirmed to participate. All times are CST, i.e., Chicago local time. 

Tuesday, May 14, 2024 | 13 CPD Hours

QTE 501 BOARDROOM READINESS MASTERCLASS FOR TECHNOLOGY EXECUTIVES (Optional)

7:00 AM Continental Breakfast Available

8:00 AM The QTE 501 BOARDROOM MASTERCLASS FOR IT AND CYBER EXECUTIVES

3:30 PM The QTE 501 Certification Exam

5:00 PM Graduation Cocktails and Snacks — Hosted by Michael Piacente HITCH PARTNERS (Dinner is Free Range in Chicago)

Wednesday, May 15, 2024 | 7 CPD Hours

DAY 1 - DOMINO 24

FROM POLICY TO LEADING PRACTICE 

7:00 AM Breakfast Available

8:30 AM WELCOME and KICKOFF: Bob Zukis, QTE, DDN Founder & CEO

9:00 AM OPENING KEYNOTE INTERVIEW: THE LEADING EDGE OF CYBER GOVERNANCE AND SEC REGULATIONS

Keynote Speaker: SolarWinds C-suite TBD
Keynote Interviewer: JC Vega, QTE and Director Sorenson Communications, Former CISO

10:00 AM BREAK AND MOVE TO CLASSROOMS

10:30 AM DEEP DIVE LEARNING CLASSES (Participants Split Into 2 Cohorts) 

• A: CYBER DISCLOSURES, THE GOOD, BAD AND UGLY (Maia Gez, Partner and Head of US Public Company Advisory @ White & Case)
• B: CASE STUDY: REPORTING THE ECONOMIC IMPACT OF CYBER RISK TO THE BOARD (Kevin Richards, QTE and President, Cyber Risk Solutions @ X-Analytics)

11:45 AM DEEP DIVE LEARNING CLASSES

• A: THE CROSSROADS OF genAI AND APPLICATION SECURITY (Sohail Iqbal, VP & CISO @ Veracode)
• B: INCIDENT TO MATERIALITY: A TABLETOP (Michael Barnes, US Advisory Service Leader @ Kudelski Security)

1:00 PM SIT-DOWN NETWORKING LUNCH and DDN PROFESSOR JOE TALK

• :30 Professor Joe Talk: HEALING IN COMPLEX SYSTEMS, Professor Joe Tranquillo, Professor of Biomedical Engineering @ Bucknell University, DDN Faculty, Author An Introduction to Complex Systems (Springer, 2019). 

2:30 PM DEEP DIVE LEARNING CLASSES  

• A: CASE STUDY: REPORTING THE ECONOMIC IMPACT OF CYBER RISK TO THE BOARD (Kevin Richards, QTE and President, Cyber Risk Solutions @ X-Analytics)
• B: CYBER DISCLOSURES, THE GOOD, BAD AND UGLY (Maia Gez, Partner and Head of US Public Company Advisory @ White & Case)

3:45 PM DEEP DIVE LEARNING CLASSES

• A: INCIDENT TO MATERIALITY: A TABLETOP (Michael Barnes, US Advisory Service Leader @ Kudelski Security)
• B: THE CROSSROADS OF genAI AND APPLICATION SECURITY (Sohail Iqbal, VP & CISO @ Veracode)

5:00 PM WELCOME RECEPTION AND SIT-DOWN DINNER PROGRAM

The networking, education, and thought leadership will continue throughout drinks, dinner and entertainment at DOMINO 24.  

6:15 PM DOMINO 24 DINNER PROGRAM BEGINS

Regulatory Update: EU's Digital Operational Resilience Act (DORA),  Erwin Rezelman, QTE and SVP, Head of Technology Europe @ SOMPO

CALL FOR PAPERS — PRESENTER SPRINTS

This unique peer knowledge creation and sharing session will bring the attendees whose papers were selected by the DDN Advisory Board to life in short knowledge sharing sprints.

SYSTEMIC ENTERTAINMENT

Dinner will be capped off with an entertaining display of complex systems of a different type and their challenges.  

9:00 PM Day 1 Closes

Thursday, May 16, 2024 | 5 CPD Hours

DAY 2 - DOMINO 24

DIGITAL AND CYBERSECURITY GOVERNANCE PROBLEM SOLVING

7:00 AM Continental Breakfast Available

• NETWORKING BREAKFAST A: WOMEN'S LEADERSHIP COHORT
  • CoHosts: Ana Dutra, Director @ Carparts and Pempina Pipeline (NYSE: PBA)
  • Carol Nolan Drake, Senior Policy Manager @ ICGN
• NETWORKING BREAKFAST B: VETERAN'S LEADERSHIP COHORT
  • Co-Hosts: Brig. General USAF (Ret.) Linda Medler, QTE and Director @ PNC Bank (NYSE:PNC),  Target Hospitality (NASDAQ:TH), TransAmerica
  • Brian Arellanes, QTE, Board Member CYVERSITY, Lynx Technology Partners, North Bay

8:30 AM CISA EXECUTIVE KEYNOTE AND Q&A: SECURING COMPLEX DIGITAL SYSTEMS FROM CRITICAL INFRASTRUCTURE TO PRIVATE COMPANIES

Speaker:  Dr. David Mussington (Invited), Executive Assistant Director for Infrastructure Security

Facilitator: Tony Cole, QTE and DDN Advisory Board

9:30 AM AI LESSONS, RISKS, AND REWARDS: THE BOARDROOM IMPLICATIONS FOR CIOS, CISOs AND DIRECTORS 

Speakers: Kris Pederson, Leader EY Center for Board Matters
Teri Shaffer, Director @ Compass Diversified Holdings (NYSE: CODI)
Bart Edgerton, EY Center for Board Matters

SHORT BREAK

11:00 AM CISO’s PERSPECTIVE: STRATEGIES TO ADDRESS SYSTEMIC RISK WEAKNESSES AND RISK IN PROTECTING DIGITAL BUSINESS SYSTEMS

This instructive panel will discuss strategies and tactics necessary to both understand and reduce systemic risk inherent in how organizations design, deploy, manage and protect digital business systems, and what directors need to know to govern this dynamic challenge.  

Panelists: Brad Skibitzki, QTE, CISO @ Zebra Technologies (NASDAQ: ZBRA)
Deborah Wheeler, QTE, CISO @ Delta (NYSE: DAL)
Lucia Milică Stacy, QTE, CISO @ Stanley Black & Decker (NYSE: SWK)

Facilitator: Patrick Joyce, QTE, Former/Retired Global CSO/CISO @ Medtronic (NYSE: MDT) and current Global Resident CISO @ Proofpoint

12:00 PM CLOSING KEYNOTE: DIRECTOR'S LEADING INTO THE DIGITAL FUTURE ON DIGITAL AND CYBERSECURITY GOVERNANCE

in this captivating session, one of America's leading CIOs will talk with corporate directors who are leading the charge to transform their boardrooms on digital and cyber governance to reshape the role of the board in their company's journey into the digital future.  

Panelists: Ed Magee, Director @ WD-40 (NYSE:WDFC)
Daphne Jones, QTE and Director @ Masonite (NYSE: DOOR); AMN Healthcare (NYSE:AMN); Barnes Group (B: NYSE)
Kris Lovejoy, Director @ Dominion Energy (NYSE:D) and Kyndryl Global Security and Resilience Leaders

Facilitator:  John Repko, QTE and Former Global CIO @ AIG

1:00 PM WRAP-UP Bob Zukis, QTE and DDN CEO

1:30 PM PROGRAM CLOSES: BOX LUNCHES AND CHICAGO HOT DOGS AVAILABLE

2:00 PM Buses to O'Hare Airport Available 

The speakers listed have accepted an invitation to speak at DOMINO 24 but remain subject to change due to unavoidable time of event business conflicts. 

GET QTE 5O1 CERTIFIED AND THEN ATTEND DOMINO 24

If you are a DDN Executive Member or new to DDN and want to join over 500 peers who have already earned their QTE by taking the DDN QTE 501 Boardroom Readiness Masterclass for IT and Cybersecurity Executives, now is your chance.

Taking QTE 501 before DOMINO 24 guarantees your place at DOMINO 24. Attendance at DOMINO 24 is limited to 200 and will be open to DDN QTE 501's and 502's before general enrollment opens. Taking the QTE 501 Masterclass ensures you will have a seat at the DOMINO 24 table.  

The offline Masterclass is the same renowned program taught by the same group of DDN Faculty delivered in one day. An intense and rewarding in-person executive learning experience, the QTE Certification exam is administered after class.  

QTE 501 is CPD Certified and May 14 participants will earn an additional 13 hours of continuing professional development hours. 

Freshly minted QTE's will then join DOMINO 24 for the full event starting Wednesday, May 15 and ending Thursday, May 16. 

Michael Piacente of HITCH PARTNERS will be hosting everyone for drinks and snacks after the exam.  

Earn your QTE and join us on May 14!

THE LEADERS ADVANCING DIGITAL AND CYBERSECURITY GOVERNANCE

DOMINO 24 is taught by the world's leaders in advancing the practice and profession of digital and cybersecurity risk oversight. These boardroom leaders join DDN Faculty and other policy and thought leaders to teach different parts of the DOMINO 24 curriculum. DOMINO is not a typical industry event, it is an executive learning experience—so come to learn and stay for the Chicago Dogs!

I was so impressed with the quality of the content at the event and the expertise of the attendees as well.

—F100 IT Executive

Our Content Partners will join us to deliver a leading executive education experience for DOMINO attendees. Focused on the application of solutions to various aspects of these challenges, they will instruct and share their deep insights, perspectives, and views to solve the biggest issues in digital and cybersecurity oversight. 

www.x-analytics.com

X-Analytics is a patented and validated cyber risk-decisioning platform developed by Secure Systems Innovation Corporation (SSIC). SSIC is a cyber risk analytics firm whose mission is to improve how businesses manage cyber risk through the power of data analytics. X-Analytics helps leading firms and insurers: 

• Utilize data analytics to inform cyber risk decisions that align with business objectives to drive effective cyber risk management programs.
• Gives digital and cyber leaders the ability to understand how technical cyber security implementation tactics impact enterprise risk management strategies.
• Use financial analytics to understand the potential adverse impacts of vendor and supplier relationships as a critical part of systemic cyber risk management.

X-Analytics will be teaching a Deep Dive Learning Class at DOMINO on how to quantify the economic impacts of cyber risk. X-Analytics thought leadership and work with cyber insurers and companies in many industries will help attendees understand the issues of cyber risk materiality and their self-insured cyber risk exposure levels and how to align mitigations to where they have the biggest economic impacts.

www.proofpoint.com

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including 75 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at www.proofpoint.com. 

Proofpoint will be facilitating a learning panel at DOMINO 24 on how to understand, monitor and secure the unique systemic risks that people present to the digital business system. Lessons learned here from your peers can immediately be applied in the boardroom and cybersecurity risk management. 

www.whitecase.com

White & Case is a global law firm with longstanding offices in the markets that matter today. Based in New York City and founded in 1901, the firm has 46 offices in 31 countries worldwide and has been ranked among the top ten firms worldwide by revenue.

Their on-the-ground experience, cross-border integration, and depth of local, US, and English-qualified lawyers help their clients work with confidence in any one market or across many.

White & Case helps their clients through difficult issues, bringing deep insight and judgment to each situation. Their innovative approaches create original solutions to their clients' most complex domestic and multi-jurisdictional issues.

White & Case attorneys will be teaching a Deep Dive Learning Class at DOMINO 24 on the good, bad and ugly of the new SEC cybersecurity disclosure rules and new practices that address litigation risk, and business risk to help attendees learn how to respond to incidents under the final SEC rules. 

www.ey.com

In a world that’s changing faster than ever, our purpose acts as our ‘North Star’ guiding our more than 300,000 people — providing the context and meaning for the work we do every day. We help digital pioneers fight data piracy; guide governments through cash-flow crises; unlock new medical treatments with data analytics; and pursue high quality audits to build trust in financial markets and business. In other words, working with entrepreneurs, companies, and entire countries to solve their most pressing challenges.

Through our four integrated service lines — Assurance, Consulting, Strategy and Transactions, and Tax — and our deep sector knowledge, we help our clients to capitalize on new opportunities and assess and manage risk to deliver responsible growth. Our high-performing, multidisciplinary teams help them fulfill regulatory requirements, keep investors informed and meet stakeholder needs.

www.kudelskisecurity.com

Kudelski Security is a world leader in cybersecurity solutions and services. We help organizations navigate an increasingly complex cyber environment to reduce business risk and become resilient against threats. We enable clients to identify and adopt the right security strategies, accelerate secure digital transformation, and innovate securely in everything they do.

Kudelski Security will be teaching a Deep Dive Learning Class focused on a table-top exercise to go from cybersecurity incident to materiality that covers cybersecurity risk and systemic cyber risk based upon their first-hand experience with some of the most challenging incidents in history. 

www.veracode.com

A pioneer in viewing software systemically, Veracode envisions a world where software Is developed secure from the start

Securing software is no small task. That’s why Veracode was created. Software hacks like the one experienced by SolarWinds are increasingly complex and difficult to identify. 

In 1998, a hacker group called L0pht testified before Congress to expose the lack of software and network security, a whole new world out there open for abuse. 

One member, Chris Wysopal (Weld Pond), set out to invent a way to prevent malicious actors from exploiting vulnerabilities by co-founding Veracode in 2006 where he is CTO to this day.

The endeavor turned out to be much bigger than we initially thought. What started as a code scanning tool has evolved into an intelligent software security platform that prevents, detects, and responds to vulnerabilities and manages risk and compliance for thousands of leading organizations around the world.

Veracode will be teaching a Deep Dive Learning Class focused on the details of governing and managing this difficult systemic threat. Directors, IT and cybersecurity leaders will learn from the experts to improve how the govern and manage these challenging issues.

CONTRIBUTE TO THE PRACTICE

We're all teachers and students on the digital, cyber, and systemic risk oversight. And DOMINO is the leading edge where knowledge is created and shared. 

Our desire to facilitate and enable a rich peer learning environment helps us all as the practice and profession of digital and cybersecurity oversight develops.

As such, we invite all DOMINO attendees to submit original papers that contribute to the advancement and implementation of practical solutions to these challenges. 

The DDN Advisory Board will select four papers and the authors will be invited to present them on stage during Day 2 of DOMINO. All papers will be distributed to DOMINO attendees and select submissions may also be published in The DOMINO 24 Guide. 

SUBMISSION GUIDELINES

Submissions must be original works and should reflect the theme of DOMINO 24 and the overall DDN mandate to advance the practice and profession of digital, cybersecurity, and systemic risk governance. 

DOMINO 24 Theme: Solving the Digital and Cybersecurity Governance Puzzle

Submission length: No more than 1500 words (not including abstract)

Abstract: No more than 300 words

Paper submission deadline: April 30, 2024

Format: Standard letter size, word file. Graphics and images are acceptable if supportive of content. Use professional fonts, Open Sans preferred, 11 pt. 

Submit to: info@digitaldirectors.network

Content: DOMINO is a peer learning event. Your original submission should address practical guidance and insights related to the core issues we are advancing on digital, cyber, and systemic risk governance. 

For example, case studies, analysis of emerging issues and how they integrate with the DiRECTOR framework, leading practices identification and implementation, relevant data or metrics, emerging technology issues and their implications, along with other practical guidance or thought leadership are welcome.

The greater the integration of your thought leadership with the core DDN concepts and frameworks, e.g., DiRECTOR, the better. 

What to Avoid: Marketing, sales pitches, and generalities.

Review Process: The DOMINO Review Committee will evaluate submissions starting on April 30 and evaluate them for:

-Relevance to the DDN and DOMINO 24 agenda

-Usefulness of your insights to the DDN membership

-Contribution to the practice and profession

-Practicality of your thought leadership

Authors will be notified by May 6 if they have been selected to present at DOMINO 24. Presenters will be given 10 minutes on the main stage to present their insights to all DOMINO attendees during Day 2.  

All submissions will be made available on the DOMINO website after the conference and select submissions may be published in The DOMINO 24 Guide. 

Copyright: You retain rights to your work and by submitting you grant DDN a license to share and distribute your submission to all DDN attendees and members and to republish your submission (with full attribution to you) in The DOMINO 24 Guide or on the DDN website. 

I look forward to learning from your insights. 

Bob Zukis
DDN Founder, CEO and Lead Professor

Being a QTE and attending DOMINO 24 are SEC-disclosable accomplishments and activities for both corporate directors and CISO's. 

The SEC disclosure rules now require registrants to disclose certain aspects of both management and the board’s oversight of cybersecurity risk including descriptions of the board’s oversight of risk from cybersecurity threats, identification of any board committee or subcommittee responsible for such oversight, and description of the processes by which the board or such committee is informed about such risks. 

Management teams need to disclose management's role in assessing and managing the registrant's material risks from cybersecurity threats including committees responsible for assessing and managing such risks and the relevant expertise of such persons or members with this responsibility. 

Leading boardroom disclosure practices also include director digital and cybersecurity experience and expertise. Leading companies also disclose director development on these issues. DOMINO 24 is a Certified Continuing Professional Development (CPD) event. As such, we recommend the following disclosure for directors and CISO's who attend DOMINO 24. 

*****

DIRECTOR DISCLOSURE

[Named director DOMINO 24 attendees] received 12 hours of in-person Certified Continuing Professional Development (CPD) during the year on issues and leading practices in digital, cybersecurity and systemic risk oversight. 

This CPD included classes and cases on the financial and economic quantification of cyber risk, the new SEC cybersecurity disclosure rules, leading practices in the process of cybersecurity incident to materiality determination, insights and solutions on various systemic risk threat vectors, trends in cyber risk, adversary attack tactics and the controls required to mitigate cybersecurity and systemic cyber risk.  

CISO DISCLOSURE

Our CISO leads our corporate information security organization. This role is responsible for our overall information security strategy including design and implementation of cybersecurity policies and procedures, security engineering, cyber operations including enterprise-wide awareness and training, third-party cybersecurity risk management,  cyber threat detection and response, and the initial assessment of cybersecurity incidents for materiality. 

The current CISO has deep applied experience and expertise in information technology, cybersecurity and program management. Our CISO has obtained certification as a boardroom-certified Qualified Technology Expert (QTE) and is trained on digital, cybersecurity governance and systemic risk management and the application of the DiRECTOR framework for identifying systemic risk in complex digital systems and the BRFO process for incident materiality determination.

*****

Attendees at DOMINO 24 will not only learn how to fulfill these new SEC disclosure requirements, but they will also learn how to strengthen the boardroom as a control in the overall digital and cybersecurity system to drive and protect business value.  

Your general counsel and attorneys should review all disclosures. 

RECOMMENDED HOTELS FOR DOMINO ATTENDEES

Chicago has some amazing hotels. The DOMINO 24 venue is at The University of Chicago Booth School of Business Gleacher Center. Gleacher is in the heart of the city steps from Michigan Avenue, the river, and many fantastic restaurants.

There are NO hotel blocks given the hotel choices available and corporate travel preferences, but we recommend these hotels which are within a short walking distance to Gleacher Center. 

LOEWS CHICAGO DOWNTOWN

SHERATON GRAND CHICAGO RIVERWALK

INTERCONTINENTAL CHICAGO MAGNIFICENT MILE

HYATT REGENCY CHICAGO

We look forward to seeing you and enjoy your stay in Chicago. Buses to O'Hare will be available from Gleacher Center after the event. 

WHY BECOME A DOMINO 24 CONTENT PARTNER?

Many of our content partners for DOMINO 23 will be back at DOMINO 24. But we will always find room for other leaders who recognize the importance of shaping the boardroom as a strong control in digital and cybersecurity risk oversight. Please contact us if you are interested in participating in DOMINO 24. 

DOMINO 24 is a unique opportunity to teach and build trusted relationships with the IT, cyber, and boardroom leaders who are at the forefront of shaping and securing the digital future. Technology, cyber, legal, insurance, corporate governance, and risk management-focused organizations are invited to become Content Partners on DOMINO 24.

Our Content Partners will not only have a leadership position on one of the most disruptive issues shaping business and the boardroom, but they will be able to show their leadership, instruct, exhibit, network, shape, and support how boardrooms are playing an active role in leading their companies forward in shaping and securing their digital futures. 

Please join us to help lead the world's boardrooms and companies into the digital future. 
 

CONTENT PARTNER BENEFITS INCLUDE:

• Being recognized as a leader advancing the critical issues of digital and cybersecurity governance by influential IT, cyber and corporate directors. 
• Networking and building relationships with the foremost digital and cyber executives advancing these issues and this next cohort of influential corporate directors.
• Becoming a leading advocate, influencer, and beneficiary on a strategic issue growing the IT and cyber industries.
• Being in front of the room as a trusted advisor during this unique learning event on issues critical to event attendees, their companies, and their personal boardroom ambitions.

Multiple levels of partnership are available for DOMINO 24. Contact us for details. 

Contact Us To Become A Content Partner On DOMINO 24

Digital and cyber leadership starts in the boardroom. 

Bob Zukis
DDN Founder and CEO 

Thank you to our attendees, content partners and speakers for making the DOMINO inaugural event such a success. Strengthening the boardroom as a critical control in the digital and cybersecurity system starts with your leadership.

Here is some feedback from the boardroom, IT and cybersecurity leaders who attended DOMINO 23.

This was the most valuable event I have attended in a long time. The presenters, panelists, content and participants were even better than advertised.

Overall it was a very informative and collaborative event with fantastic networking.

This class inspired the most vibrant discussion of the whole conference. The format allowed for that, and the speaker let the dynamics of the room drive the session which worked well.

The inaugural DOMINO conference was a phenomenal event and I look forward to attending next years! I really enjoyed the diverse point of views from leaders in the board room and technical experts in their field whether it is IT or cybersecurity. It was a memorable event and I met some amazing people that I will stay connected with throughout my career. 

Learning from the cadre of corporate directors, IT leaders and cybersecurity executives at Domino23 has given me the insights I need to implement successful corporate technology governance programs. I will return every year to sharpen the saw and look forward to continuous engagement in the Digital Directors Network.

I thought the SEC Commissioner's speech was good. He had a couple bits of information outside what I already knew or read about. 

The content and attendees at DOMINO were refreshing, as they are all "like-minded" and working to bridge the differing language between technical leaders and the board.

Great conference and I think you have a unique opportunity to impact our industry. I rarely find the time to attend in-person seminars. I took a chance on this one and I came away feeling it was a unique perspective and a valuable investment of my time. Thanks!

Nothing replaces real-world experience. Compelling story.

The DDN Domino conference benefits were twofold: creating quality board candidates and allowing those candidates to network with seasoned board directors to build a tight-knit mentoring community.

I thoroughly enjoyed attending the event focused on opportunist, cyber, and systemic risk. The gathering brought together professionals from diverse industries and backgrounds, creating a rich and engaging atmosphere for learning and collaboration. The discussions surrounding boardroom readiness and effective communication strategies were particularly enlightening.Overall, the event was a fantastic experience that fostered a dynamic exchange of ideas and expertise. I left feeling inspired and armed with practical insights that I can apply in my professional endeavors.