Phoenix Security is excited to host a sharp and honest conversation with Rick Doten, VP of Information Security and CISO at Centene Corporation’s North Carolina health plan. With over 27 years in cybersecurity and deep experience as both a Fractional CISO and strategist, Rick brings a grounded, risk-based lens to today’s most pressing AppSec challenges. This session is about cutting through the noise, prioritizing what matters, and reshaping how we think about risk, remediation, and resilience in modern security.
đź“… Event Details
• Date: 23 April 2025
• Time: 10 AM PST / 12 AM CT / 1 PM ET/ 5 PM GMT
• Location: Online (Live Stream) – Registration required
🎯 Who Should Attend
• CISOs and security leaders
• Application/Product Security professionals
• Vulnerability Management teams
• Cybersecurity pros navigating AI, metrics, and risk
🔑 Key Topics with Rick Doten
1. The State of Vulnerabilities Today
• A look at the evolving vulnerability landscape and what really deserves your attention.
2. A CISO’s View: Risk-Based Remediation in the Real World
• You can’t fix everything—so what should you fix?
• Practical strategies for reducing risk in application and deployment pipelines.
3. MythBusters: Reachability Analysis & Root Cause Truths
• Breaking down buzzwords: What “root cause” really means in a modern security program.
• How reachability and exploitability differ—and why that matters.
4. AI in Cybersecurity: Hype vs. Help
• How AI is being used today in security tools and programs.
• Opportunities and limitations—plus Rick’s take on where this is going.
🎙 Special Guest: Rick Doten
VP, Information Security, Centene Corporation & CISO, North Carolina Medicaid Healthplan
Rick is VP, Information Security at Centene Corporation and CISO of their North Carolina Medicaid health plan in Charlotte.
Previously, Rick served as a Fractional CISO for global organizations, advising on board-level cybersecurity strategy, building and maturing programs, and developing a cybersecurity Master’s degree curriculum for an international university.
He’s a regular speaker at RSA, SecureWorld, Bsides, and FutureCon, and a frequent podcast guest (CyberWire, CISO Series, The Rsnake Show, and more), discussing everything from cybersecurity and risk to neurodiversity and leadership.
Rick serves on the Cloud Security Alliance (CSA) CXO Trust Advisory Council, the boards of ISC2 and CSA Charlotte Chapters, and advises multiple startups and VCs on emerging security tech.
He was a contributor to both the CIS Critical Security Controls v8 and CSA CCSK v5, and runs a YouTube channel with practical cybersecurity content for professionals.
🚀 Why You Should Attend
• Hear firsthand how a seasoned CISO cuts through noise to focus on measurable risk reduction.
• Get insights into aligning product and security teams with real-world metrics.
• Understand how AI is reshaping cybersecurity—without the buzzwords.
• Walk away with clarity on what not to fix, and why that’s just as important.
🌟 Bridge the Gap Between Risk and Reality
Join us to hear how modern CISOs like Rick Doten are transforming vulnerability management, application security, and resilience—without falling into the trap of trying to fix everything.
Derek Fisher – Head of product security at a global fintech. Speaker, instructor, and author in application security.
Derek is an award winning author of a children’s book series in cybersecurity as well as the author of “The Application Security Handbook.” He is a university instructor at Temple University where he teaches software development security to undergraduate and graduate students. He is a speaker on topics in the cybersecurity space and has led teams, large and small, at organizations in the healthcare and financial industries. He has built and matured information security teams as well as implemented organizational information security strategies to reduce the organizations risk.
Derek got his start in the hardware engineering space where he learned about designing circuits and building assemblies for commercial and military applications. He later pursued a computer science degree in order to advance a career in software development. This is where Derek was introduced to cybersecurity and soon caught the bug. He found a mentor to help him grow in cybersecurity and then pursued a graduate degree in the subject.
Since then Derek has worked in the product security space as an architect and leader. He has led teams to deliver more secure software in organizations from multiple industries. His focus has been to raise the security awareness of the engineering organization while maintaining a practice of secure code development, delivery, and operations.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.
Jeevan Singh is the Director of Security Engineering at Rippling, with a background spanning various Engineering and Security leadership roles over the course of his career. He’s dedicated to the integration of security practices into software development, working to create a security-aware culture within organizations and imparting security best practices to the team.
In his role, Jeevan handles a range of tasks, from architecting security solutions to collaborating with Engineering Leadership to address security vulnerabilities at scale and embed security into the fabric of the organization.
James Berthoty has over ten years of experience across product and security domains. He founded Latio Tech to help companies find the right security tools for their needs without vendor bias.
Chris Romeo is a leading voice and thinker in application security, threat modeling, and security champions and the CEO of Devici and General Partner at Kerr Ventures. Chris hosts the award-winning “Application Security Podcast,” “The Security Table,” and “The Threat Modeling Podcast” and is a highly rated industry speaker and trainer, featured at the RSA Conference, the AppSec Village @ DefCon, OWASP Global AppSec, ISC2 Security Congress, InfoSec World and All Day DevOps. Chris founded Security Journey, a security education company, leading to an exit in 2022. Chris was the Chief Security Advocate at Cisco, spreading security knowledge through education and champion programs. Chris has twenty-six years of security experience, holding positions across the gamut, including application security, security engineering, incident response, and various Executive roles. Chris holds the CISSP and CSSLP certifications.
Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. Jim is also the founder of Brakeman Security, Inc. and an investor/advisor for Signal Sciences. He is the author of Iron-Clad Java: Building Secure Web Applications (McGraw-Hill), a frequent speaker on secure software practices, and a member of the JavaOne Rockstar speaker community. Jim is also a volunteer for and former board member of the OWASP foundation.
Get all the latest news, exclusive deals, and feature updates.
