Cybersecurity's Dirty Secret: Why Most Budgets Go to Waste

What if you could save your company thousands to millions in wasted cybersecurity spending? That’s not hype, it’s the reality when you stop treating spending dollars like a bottomless pit and start treating it like a business strategy.
Most executives assume the more money they throw at cybersecurity, the safer they’ll be. Wrong. In fact, the bigger your budget, the more likely you’re bleeding cash on shelfware, pointless meetings, and “solutions” that solve nothing. This talk flips the script: it shows you how to slash costs, cut risk, and still move faster than your competition.

You Will Learn:

How to finally answer the question, “How much should we spend on cybersecurity?”
Why your ROI math is broken and the simple fixes that make sense in the boardroom.
Which budget cuts backfire, and how to cover yourself with smart risk approvals.
When to switch tools, when to double down, and when to pull the plug.

From CIA officer to enterprise CISO, Ross Young has spent two decades at the forefront of cybersecurity. He’s the co-host of CISO Tradecraft, creator of the OWASP Threat and Safeguard Matrix (TaSM), and a recognized leader who has served as CISO in Residence at Team8, CISO of Caterpillar Financial, instructor at Johns Hopkins University, and divisional CISO at Capital One. Ross also brings over a decade of frontline experience from the CIA, NSA, and the Federal Reserve Board.
Ross holds master’s and bachelor’s degrees from Johns Hopkins University, Idaho State University, and Utah State University. He is Boardroom Certified as a Qualified Technology Expert (QTE) and a CISSP.

Explore how AI is transforming the cyber threat landscape, highlighting adversarial use cases and 2026 trends. Discover how defenders and security teams leverage AI, the types of AI in security, and their strengths and weaknesses. Learn evaluation methods and delve into Darktrace's unique AI approach and platform. This presentation offers insights into the evolving role of AI in cybersecurity and its future implications.

Collin Chapleau is the Senior Director of Security & AI Strategy and Field CISO at Darktrace, where he helps the world’s largest and most complex organizations harness AI-driven cybersecurity to defend against an evolving threat landscape. With a foundation in computer engineering, advanced mathematics, and cybersecurity, Collin specializes in translating AI research into real-world security strategies for customers and key partners.

‍He has architected AI-powered security deployments across complex global enterprises and led technical solution teams across North and South America. Collin has engineered integrations and novel solutions across customers’ full security stacks to enhance AI modeling and improve cyber resilience. He has implemented agentic security solutions that actively detect, investigate, and stop threats in real time.

‍A frequent speaker at industry conferences and partner events, Collin shares insights on adversarial AI, cutting-edge strategies for AI in security operations, and the future of AI in cybersecurity. He holds a Master’s in Information Technology from Virginia Tech.

Please Park in Lot 77, right next door to the Community Center.

CPEs: There will be 2 CPE credits for the meeting.

Disclaimer: ISSA-LA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISSA-LA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISSA-LA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices.

All materials used in the preparation and delivery of presentations on behalf of ISSA-LA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISSA-LA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers. Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.

Permission to be Photographed: By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISSA-LA for future promotion of ISSA-LA’s educational events on ISSA-LA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.

Know what’s Happening Next — before everyone else does.

Get App

Host or Publisher Information Systems Security Association Los Angeles | ISSA-LA