- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, March 30, 20228:30 amExhibitor Hall openRegistration Level:
- Open Sessions
8:30 am - 3:00 pmLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
9:00 am[Opening Keynote] BEC Attacks, Crypto, and the Investigative Powers of the Secret ServiceFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret ServiceRegistration Level:- Open Sessions
9:00 am - 9:45 am9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amHow Can We Be More Secure in a World of Distractions?CISO, New Jersey CourtsRegistration Level:- Open Sessions
10:00 am - 10:30 amWe are living in a world of distractions—smartphones, alerting devices at home, metaverse—and we have a job to secure ourselves, our loved ones, and we get paid for doing it at work. How is this supposed to happen when families and staff are texting, exchanging information until they sleep? Control everything or do nothing? What is the appropriate balance? How do I keep sane? Come to this presentation on lessons of leadership and operating in a more secure way within this world of distractions.
10:00 amLeveraging a Single Identity Tool as a Foundation for a Unified Identity Security FrameworkVice President, Global IAM Strategy and Customer Advocacy, One IdentityRegistration Level:- Open Sessions
10:00 am - 10:30 amIdentity sprawl is on the rise. Humans, devices, bots, and other forms of identities have more than doubled in 85% of organizations surveyed. Most of these identities have elevated access and are a target breach point for one of the most common forms of attack today, ransomware. Stand-alone Identity tools are unable to address this current threat surface, and must be integrated with other identity security tools to attain 360-visibility across all identities and address this growing problem in a holistic manner. Learn how to leverage any identity tool as a foundational component of a complete, identity-based ecosystem to ultimately improve your overall cybersecurity posture.
10:30 amNetworking BreakRegistration Level:- Open Sessions
10:30 am - 10:45 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:45 amShifting Sands: Exploring the Dynamic Domestic Privacy Legal LandscapeCo-Founder & Managing Partner, XPAN Law PartnersRegistration Level:- Open Sessions
10:45 am - 11:15 amLocation / Room: 103Unlike Europe that has an overarching data privacy law (the General Data Protection Regulation) the US federal government has been seemingly mired in a sectoral approach to data privacy, i.e., HIPAA, GLBA, COPPA, and so forth. As a result, we have seen a patchwork-like approach to data privacy legal requirements. States like California, Virginia, and Colorado have already moved to the forefront and passed data privacy laws, and states like Utah, New York, Pennsylvania, and New Jersey, along with several others, are attempting to pass their own version of data privacy laws with Utah widely expected to sign into law the Consumer Privacy Act sometime this month. This creates a substantial challenge for any business trying to create a comprehensive privacy and security program that complies with the various, and at times conflicting, legal requirements.
This Session will explore the changing domestic legal data privacy obligations for businesses and compare those laws so attendees will get an overview of the consequential differences. We will also provide a roadmap on how organizations can “meet the moment” as data privacy moves into the forefront of corporate concern and potential liability.
10:45 amTop 10 Challenges Preventing Security Analysts from Doing Their Best WorkFounder, TinesRegistration Level:- Open Sessions
10:45 am - 11:15 amSecurity teams are being prevented from doing their best work. While understaffing and low budgets have always been challenges for any type of team, security teams are uniquely affected by repetitive, manual tasks, which in turn keep them from working on higher-impact projects that contribute to their organization’s overall security posture. It’s no surprise to learn that 71% of analysts are experiencing some level of burnout and 64% say they’re likely to switch jobs in the next year. Our research goes further to breakdown causes of burnout and how to alleviate it to improve employee retention. This presentation will share the data from an in-depth survey of the day-to-day struggles of security analysts, as well as greater context on groups surveyed and the methodology used.
We’ll cover the top five tasks consuming the most time, the top three tasks analytics enjoy the least, manual work and automation, and actionable takeaways for security teams. Our goal with this presentation is to help security leaders recognize what they can do to streamline their processes, decrease burnout, increase retention, and create better overall work environments for their analysts.
Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)
10:45 amRipples Across the Risk Surface: New Waves in 2022Vice President, Strategy & Risk, RiskRecon, a Mastercard companyRegistration Level:- Open Sessions
10:45 am - 11:15 amJoin the head of strategy from RiskRecon for a presentation based on exclusive research with Cyentia on multi-party breaches and the effect it can have on your firm and its supply chain, including:
- how multi-party incidents have hurt organizations financially since 2008
- the differences in impact between multi-party and single-party security incidents
- the number of days for a typical ripple event to reach 75% of its downstream victims
11:15 amNetworking BreakRegistration Level:- Open Sessions
11:15 am - 11:30 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:30 am[Lunch Keynote] Secure Your Network by Thinking Like an AttackerChief Technology & Security Strategist, TenableRegistration Level:- Open Sessions
11:30 am - 12:00 pmAttackers don’t think in lists and spreadsheets. Attackers function by looking at paths, AKA attack paths. “How can I get to where I am going from where I am?” Let 17X Microsoft MVP Derek Melber describe how attackers compromise, enumerate, move laterally, and elevate privileges with such ease. Then, he will flip the script and discuss how you can secure your network by looking at attack paths and blast radiuses. By the end of this session you will see how you can beat the attackers at their own game.
12:00 pmNetworking BreakRegistration Level:- Open Sessions
12:00 pm - 12:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:15 pm[Panel] Prioritizing the Current ThreatscapeSenior Solutions Engineer, OktaSales Engineer, Major Accounts, NetskopeChief Technology & Security Strategist, TenableRegistration Level:- Open Sessions
12:15 pm - 1:00 pmRansomware, business email compromise, cloud misconfigurations, social engineering, insider threats, third-party coding… the list goes on and on. The threats are everywhere. Some are new, but the old ones work just as well. How do you decide which threats are of the most concern to your organization? Do you report all of these to the Board? How do you provide the resources necessary to minimize the risks and still enable the business? Join our experts as they tackle how to identify and prioritize the current threats.
12:15 pmDiversity Is the Result of Inclusive CulturesFounder and CEO, CyberSN and Secure DiversityRegistration Level:- Open Sessions
12:15 pm - 1:00 pmThis talk centers on a 9-piece framework to help you create inclusive cultures that will result in diverse workplaces, called the Standards of Inclusive Behavior. We will explore how each of the nine standards for interactions impacts our professional environments and how to use this framework to create equality and diversity of thought. When we establish a baseline of standards for human interactions that are framed through the window of cybersecurity, our teams and organizations can excel because expectations are clear and fair.
Our security, privacy, economic well-being, and mental health depend on the ability to engage others positively and this is a skill that employers rarely teach.
1:00 pmNetworking BreakRegistration Level:- Open Sessions
1:00 pm - 1:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pm[Closing Keynote] Detection and Response with Google Chronicle, and Preview of Threat PerceptionGlobal Security Strategist, Google Cloud SecuritySr. Security Specialist, Google CloudRegistration Level:- Open Sessions
1:15 pm - 2:00 pmLearn how Google Chronicle enables customers to accelerate their threat detection, investigation and response program, and drive towards achieving critical security outcomes.
Dive into how our customers are using Threat Perception, our latest capability, to enhance their security posture and act on prioritization of alerts with risk scoring.
- Cloud Security Alliance Delaware Valley Chapter (CSA-DV)Booth:
Cloud Security Alliance Delaware Valley Chapter (CSA-DV) is a not-for-profit organization for people interested in education, training and possible certification in cloud security. We seek to improve the understanding of cloud security and to promote the interaction of both professionals and students in order to discuss current trends and topics within the industry.
OUR PURPOSE:To promote cloud security best practices within the Greater Philadelphia region, to educate about cloud computing, identify its risks, methods to secure it, and to continually provide opportunities for the development of cloud security professionals.
- Cybercrime Support NetworkBooth:
Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.
- Google CloudBooth:
Google Cloud Security provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.
- NetskopeBooth:
The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.
- OktaBooth:
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- One IdentityBooth:
One Identity, a Quest Software business, helps organizations achieve an identity-centric security strategy with a uniquely broad and integrated portfolio of identity management offerings developed with a cloud-first strategy including AD account lifecycle management, identity governance and administration, and privileged access management. One Identity empowers organizations to reach their full potential, unimpeded by security, yet safeguarded against threats without compromise regardless of how they choose to consume the services. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data—on-prem, cloud, or hybrid.
- RiskReconBooth:
RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
enabling organizations to efficiently operate scalable, third-party risk management programs for
dramatically better risk outcomes. Request a demo to learn more about our solution. - TechTargetBooth:
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- TenableBooth:
Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.
- TinesBooth:
Founded in 2018 in Dublin by experienced security engineers, Tines makes enterprise automation simple.
Security and operations teams are too often stuck doing manual, repetitive tasks, and we want to change that. Tines is an automation platform designed to allow anyone to automate any manual task, regardless of complexity. No apps, plugins, or custom code required.
With 1,000+ template options for common security actions, Tines is power and simplicity through direct integration with your existing tools.
- Stephen DoughertyFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.
- Sajed NaseemCISO, New Jersey Courts
Sajed Naseem ("Saj") is the Chief Information Security Officer (CISO) of New Jersey Courts. He has over 20 years of experience with information security and IT across many industries. As the CISO of the New Jersey Courts, he has focused on Cybersecurity Readiness & Performance, Information Governance, and Network Security. Sajed holds Masters degrees from St. John's University and Columbia University. He routinely speaks at cybersecurity conferences nationally, in Europe, and with the New Jersey Bar Association. Sajed is also an Adjunct Professor at St. John's University in Information Security since 2010 and a native of New York City.
- Larry ChinskiVice President, Global IAM Strategy and Customer Advocacy, One Identity
Larry Chinski has over 20 years in the Identity and Access Management industry and travels globally to help complex organizations understand emerging trends, the current threat landscape, and how to leverage technology platforms to resolve issues related to cybersecurity as well as operational efficiency.
- Rebecca RakoskiCo-Founder & Managing Partner, XPAN Law Partners
Rebecca L. Rakoski is the managing partner at XPAN Law Partners, LLC. Rebecca advises her clients on a proactive, multi jurisdictional approach to identify and address data privacy and cybersecurity compliance gaps and potential liabilities. She uses her extensive experience to work with her clients to create and tailor a security and privacy governance program that fits their specific needs in order to limit their regulatory exposure.
Rebecca counsels and aggressively defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. As an experienced litigator, Rebecca has handled hundreds of matters in state and federal courts. Rebecca skillfully manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to minimize her client's litigation risks.
Rebecca regularly negotiates complex contractual provisions that are impacted by domestic and international data privacy regulations including the California Consumer Privacy Act of 2018, and the European Union's General Data Protection Regulation. She understands how the nature of the data can affect the role her client plays in the data transaction and uses that knowledge to mitigate corporate liability.
As a thought leader in the area of data privacy and cybersecurity, Rebecca serves on the New Jersey State Bar Association's Cyber Task Force. Rebecca is Vice-Chair Elect for the New Jersey State Bar Association's Bankruptcy Law Section.Rebecca has been appointed and served in multiple highly complex litigation matters by the New Jersey Superior Court as a Special Master in the areas of technology and eDiscovery. She also served on the Complex Business Litigation Committee that drafted and revised the New Jersey Court Rules involving electronic discovery. Rebecca was on the eDiscovery committee of her prior law firm and created its eDiscovery subgroup.
Rebecca is on the Board of Governors for Temple University Health Systems and is also the Acting Dean of Online Learning and an adjunct professor at Drexel University’s Thomas R. Kline School of Law.
- Eoin HinchyFounder, Tines
Before founding Tines in early-2018, Eoin worked in various enterprise security teams. He was a senior engineer in eBay Inc.’s Global Threat Management team, and most recently as DocuSign’s senior director of security operations, he led the company’s incident response, security tooling, threat intel/hunting, and forensics programs. Eoin has two engineering degrees: a masters in security and forensics from Dublin City University, and an MBA from Imperial College London.
- Jonathan EhretVice President, Strategy & Risk, RiskRecon, a Mastercard company
Jonathan has been a third-party risk practitioner since 2004. He is co-founder and former president of the Third-Party Risk Association. He has deep experience building and running third-party risk programs in finance and healthcare. He started with RiskRecon in April, 2020.
- Derek MelberChief Technology & Security Strategist, Tenable
Derek Melber is an accomplished Chief Technology and Security Strategist, Advisor, and Professional Speaker with more than 25 years of success across the computer & network security industries. As a 17X Microsoft MVP, leveraging extensive experience in unifying products, marketing, sales, and content, he is a valuable advisor for any organization trying to achieve success and exceed company goals around identity security and management. His broad areas of expertise include Active Directory, Group Policy, identity security, network security, and information technology management.
- David BarrishSenior Solutions Engineer, Okta
David is an Information Technology professional with over 20 years of experience in pre-sales engineering and software deployment in the Identity Access Management space. He has worked for many of the top IAM companies over his career and enjoys sharing his deep knowledge and experience to make customers successful.
- Derek MelberChief Technology & Security Strategist, Tenable
Derek Melber is an accomplished Chief Technology and Security Strategist, Advisor, and Professional Speaker with more than 25 years of success across the computer & network security industries. As a 17X Microsoft MVP, leveraging extensive experience in unifying products, marketing, sales, and content, he is a valuable advisor for any organization trying to achieve success and exceed company goals around identity security and management. His broad areas of expertise include Active Directory, Group Policy, identity security, network security, and information technology management.
- Deidre DiamondFounder and CEO, CyberSN and Secure Diversity
Deidre Diamond is the founder and CEO of CyberSN, the largest cybersecurity talent acquisition technology and services firm in the U.S., transforming job searching and hiring for the cybersecurity industry. Standardizing all cybersecurity job functions into a common taxonomy of 45 roles, the CyberSN platform allows professionals to make anonymous, public profiles that match with employer-posted job descriptions using the same taxonomy. This innovation is disruptive and solves a serious national security issue. Deidre’s leadership style combines 25 years of experience working in technology and staffing, her love of the cybersecurity community, and a genuine enthusiasm for people. She has led large-scale sales and operations and built high-performance teams at Rapid7 and Motion Recruitment prior to founding her own organizations. She believes a company-culture established on ‘anything is possible’ attitudes and open communication frameworks, along with positive energy, career advancement, and kindness, enables her teams to have fun at work and reach beyond peak performance. She also encourages the use of EQ (Emotional Intelligence) skills: self-awareness, self-regulation, motivation, social skills, and empathy. Deidre has also founded SecureDiversity.org, a non-profit organization working to raise awareness for, and increase the hiring of, women and underrepresented humans in the cybersecurity workforce. She has also spoken at some of the biggest tech summits, conferences, and podcasts in the world including ISC2 Congress, RSA, ISSA International, and Hacker Halted.
- Trevor WelshGlobal Security Strategist, Google Cloud Security
Trevor is a Global Security Strategist with Google Cloud Security. Trevor leverages extensive experience in public sector, financials, retail / logistics, manufacturing, healthcare, and high tech to solve complex security analytics challenges. A former leader with Anomali, and companies like Splunk, ArcSight, and Fortinet, Trevor brings insight, coaching, and a knack for building bridges. Trevor’s security passions include the SOC-Cloud gap, the efficacy of threat intelligence, Hybrid cloud security automation, data visualization, the blending of ITOps and IT Security, petascale analytics, and threat detection.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Join your InfoSec peers for high-quality training and collaboration. Sign up today!