The CISO’s Dilemma: Managing Risk, Burnout, and Politics

Wednesday, April 29, 2026 | 11:30AM–12:15PM PT | California Ballroom D, Second Floor
Session Type: Breakout Session
Delivery Format: Presentation/Panel
We all know the "standard view" of the CISO role: a clean battle against hackers, phishers, and regulators. But the reality can often feel like a zero-sum economy of resource allocation where "best practice" is often impossible. In this session, CISOs from Yale, Harvard, Brown, Stanford, and the University of Chicago will unmask the three true dimensions of risk: Technical (the hack), Operational (the burnout), and Organizational (the politics). Moving beyond standard frameworks, this panel will debate the hard, often unspoken trade-offs of leadership. How much technical risk do you accept to prevent team burnout? When do you spend political capital to fight "cultural apathy" in IT? Join us for a candid, structured debate on the opportunity costs of security leadership in complex research environments.

Presenters

  • Mark Dieterich

    CISO, Brown University

  • Matt Morton

    Assistant Vice President & Chief Information Security Officer, University of Chicago

  • Jeremy Rosenberg

    Assistant Vice President IT and CISO, Yale University

  • Amy Steagall

    CISO, Stanford University

  • Michael Tran Duff

    Chief Information Security and Data Privacy Officer (CISDPO), Harvard University

Resources & Downloads

  • Presentation Slides

    Updated on 6/14/2026