The modern CISO operates in a paradox: unlimited accountability when breaches occur, but constrained authority to enforce controls, override business decisions or secure the budget needed to close capability gaps. As cyber risk becomes board-level conversation and regulatory penalties escalate, CISOs are expected to deliver resilience without slowing innovation, guarantee outcomes in an environment of determined adversaries, and accept personal liability for systemic failures they cannot unilaterally prevent.

In this session, the panel of experts will cover:

• How CISOs must evolve beyond traditional security skills to engage with AI-generated code, vibe coding practices and shadow infrastructure that fall outside conventional visibility;
• Why quantifying risk in business terms - financial, reputational and operational - is the most effective lever for securing executive buy-in when security and business priorities collide;
• How to build stakeholder partnerships rather than adversarial dynamics, ensuring security controls are funded by the business units that own the risk.