Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, May 29, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    8:00 am
    SecureWorld PLUS Part 1 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value
    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop
    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    8:00 am
    SecureWorld PLUS Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:00 am
    SecureWorld PLUS Part 1 - Insider Threat: A White Hat Hacking Methodology Approach to Insider Threats
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Sr. Information Security Manager, Comporium
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    There are several courses which teach insider threat program development.  While the methods and controls taught are very comprehensive and effective, often-times they can also be bypassed.

    Learn how the controls of your current security program can be bypassed by utilizing routine IT procedures.   Will also show how to identify business processes which can contribute to insider threats. Learn how to enhance procedures required to identify insider threat exposures.

    This program is designed to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology.

    A series of live demonstrations will be performed to show the white hat hacking techniques used to bypass various controls.

    Learning Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity.
    • How to identify system based behavioral indicators.
    • Learn which existing or enhanced security layer can provide insider threat profile data.
    • Learn how areas of the organization i.e. Legal, Procurement & HR are key stakeholders in assisting to identify insider threat activity.

    Take-Aways From the Course:

    • Establishing or enhancing an existing cyber security program to include insider threat.
    • Define self-assessments of insider threat segment of the cyber security program.
    • Enhance awareness training to include additional methods of insider threat.
    • Enhance existing security layers to better identify specific insider threat activity.
    8:30 am
    The Art and Science of Herding Cats (How to Keep Users from Clicking Stuff)
    • session level icon
    speaker photo
    Security Operations Center Manager, Discovery, Inc. (Formerly Scripps Networks)
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    As a recent “Cat Daddy” of two kittens, I have noticed some interesting parallels in dealing with the challenges of user behavior and security training. While it may seem as impossible as herding cats, there is hope. Laugh as we explore these similarities and learn how to use them to advantage.

     

    8:30 am
    Present the Security Strategy to the Board for a Budget
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    We will share the strategy of how the VP of IT at APi Group presented the Security Strategy to the Board for budget approval.

    8:30 am
    What’s in Your Enterprise Risk Program – Are Your Assets and Information Safe?
    • session level icon
    Must Have Programs for Your Organization
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Cyber-threats such as DDoS, destructive malware, and ransomware are only a few of the tactics malicious actors use to attack US organizations. Learn how part of your enterprise risk management program should include plans that can limit the damage to your information assets and systems.

    8:30 am
    IoT Defense: A Holistic Approach
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Reviewing the current state of IoT devices, their cloud endpoints and the connection between them to understand the threat landscape and where our focus needs to be in the years ahead.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE — Going Digital: Building Your Strategic Roadmap for the Next Wave of Digital Transformation
    • session level icon
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    The next major wave of digital transformation will integrate the physical parts of your business even more intimately with the digital world, using sensors, analytics, artificial intelligence, robotics, augmented reality, 5G networking, and blockchain technology. In this talk, former Intel futurist Steve Brown presents a fast-paced, fun exploration of what it will mean to “go digital” in the next decade, and reviews the business and security strategies we will need to navigate the road ahead.

    Hear from Steve as he gives a preview of what he will cover in his keynote: https://youtu.be/Er1spVCyzS8

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:15 am
    Account Compromise and MFA
    • session level icon
    Use cases and strategy for engineering, architecting, and solutioning MFA
    speaker photo
    VP, IT Security & Compliance, American Cancer Society
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    It’s easy to think of users as lazy, stupid, or just apathetic to our wonderfully-designed security controls and awareness programs. Users, it seems, will click on anything and gleefully enter their user credentials upon request of “The Help Desk”. What’s a good security person to do? Don’t Give Them The Option To Do The Wrong Thing. Enter Multifactor Authentication. Sure the idea is good, but what makes sense for us and how do we establish a strategy for MFA in the workplace?
    11:15 am
    Vetting Your Vendors: Understanding the “Chain of Control” of Data, Security Pitfalls in Third-Party Contracts, and Service Agreements
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    One of the most important considerations in cybersecurity does not involve your own direct network security; it involves your partners and vendors. In the world of cybersecurity, you are only as strong as the weakest link in your vendor chain. The ease, convenience, and cost effectiveness of outsourcing certain business functions frequently overshadows the potential pitfalls lurking in using outside third-parties and vendors. This presentation will discuss the steps your organization needs to take to ensure that any partners or vendors with access to your network systems or company data are meeting (at least) a minimum level of security requirements.

    An organization needs to adequately assess its partners’ and vendors’ cybersecurity “maturity” and create a dialogue of security with each of them. Further, a full understanding of the contractual liabilities regarding the security of the vendor will allow the company and the vendor to fully understand the vulnerabilities in their business agreement. Cybersecurity is a growing problem; the only way to truly understand the threats and vulnerabilities is to to understand your systems and those of your vendors.

    11:15 am
    Motivating Internal Teams for Security
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Pursuit of security compliance certifications can be challenging. Actively engaging engineering teams
    and enthusiastic participation by all stakeholders is crucial for the success. This talk will focus on
    actionable ideas to convince all stakeholders about the importance of efforts for security & compliance.

    11:15 am
    Cyber or Insider Threat?
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    What’s the greater threat to businesses, cyber or insider? The reality is both as they are two sides of the same coin and related to one another.

    11:15 am
    The A-Z of Phishing -Defining Phishing and Actions to Take Against It
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    In this presentation we will start with the basics of phishing, defining the types to how to identify them, techniques to validate the phishing and incident responses.

    12:00 pm
    Advisory Council LUNCH Round Table - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    12:15 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: What Will They Think of Next (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

     

     

    1:15 pm
    Panel: Phishing and Social Engineering Scams 2.0
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Finding Your Vulnerabilities - Before Attackers and Auditors Do
    • session level icon
    speaker photo
    Director, Information Security, Fluor
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Do you know where all of your cyber security vulnerabilities are? As enterprise defenders and security leaders, we can take the initiative in looking for these vulnerabilities, both within the organization as well as on our systems exposed directly to the Internet. This presentation provides some considerations and practical tips for organizations in strengthening, or establishing, their own vulnerability management program and ensuring the most benefit from outside vulnerability assessments and penetration tests.
    3:00 pm
    Employer Data Breach Liability: The Employee as a Threat Vector
    • session level icon
    Learn 6 big decisions organizations must make in response to insider threat
    speaker photo
    Founder, Herrin Health Law, P.C.
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    According to a 2014 IBM study, 31.5% of all cybersecurity incidents were perpetrated by malicious insiders, and 23.5% resulted from the activities of non-malicious insider threats. In 2017, statistics reported by the MIT Sloan Interdisciplinary Consortium showed that between 67% and 80% of cybersecurity incidents were linked to persons with legitimate access to the breached data infrastructure. A 2018 Ponemon Institute report confirms that this upward trend is not abating, as 64% of successful cyber attacks resulted from privileged user negligence, with another 23% being perpetrated by malicious insiders – a total of 87% of all incidents. Education having failed in many instances, with criminals becoming ever more sophisticated, and with the return on investment for perimeter defenses becoming slight, perhaps employers should consider their employees threat vectors and not innocent victims in cybercrime.

     

    3:00 pm
    A Survey of U.S. Domestic Security and Privacy Laws: The Evolving Landscape
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    A Survey of U.S. Domestic Security and Privacy Laws: The Evolving Landscape. The US legal framework for cybersecurity and data privacy continues to evolve, trying to stay abreast of the ever evolving and changing technologies. In the past year, State and Federal regulatory changes have altered the legal and compliance oblgiations of many companies across a variety of industries. Additionally, the courts are starting to adopt opinions that are placed more liability on companies for the protection of sensitive personal data. This presentation will provide an overview of key regulatory and legal changes both at the State and Federal level and discuss how companies should prepare to meet these evolving obligations.

    3:00 pm
    Let's Stop Admiring the Human Factor Problem in Cybersecurity
    • session level icon
    speaker photo
    Cybersecurity Policy Fellow, New America Think Tank, New America
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Ninety-five percent of all cyber-attacks are human enabled. Organizations continue to fail at addressing human factors in cybersecurity due to a lack of education and appreciation for human factors as a science. With the increasing spending on technology to safeguard organizations’ critical networks, systems, and data, cybercriminals are circumventing defense-in-depth architectures to target humans, the weakest link. An existing fallacy is that technology will prevent data breaches, ransomware attacks, or cyber-attacks. In fact, integrating new technology creates unintended consequences that increase vulnerabilities. These technologically-induced vulnerabilities are human-enabled highlighting a lack of appreciation for human factors in cybersecurity–let’s reduce human-enable errors
    3:00 pm
    SecureWorld PLUS Part 2 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value

    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop

    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    3:00 pm
    SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    3:00 pm
    SecureWorld PLUS Part 2 - Insider Threat: A White Hat Hacking Methodology Approach to Insider Threats
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Sr. Information Security Manager, Comporium
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    There are several courses which teach insider threat program development.  While the methods and controls taught are very comprehensive and effective, often-times they can also be bypassed.

    Learn how the controls of your current security program can be bypassed by utilizing routine IT procedures.   Will also show how to identify business processes which can contribute to insider threats. Learn how to enhance procedures required to identify insider threat exposures.

    This program is designed to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology.

    A series of live demonstrations will be performed to show the white hat hacking techniques used to bypass various controls.

    Learning Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity.
    • How to identify system based behavioral indicators.
    • Learn which existing or enhanced security layer can provide insider threat profile data.
    • Learn how areas of the organization i.e. Legal, Procurement & HR are key stakeholders in assisting to identify insider threat activity.

    Take-Aways From the Course:

    • Establishing or enhancing an existing cyber security program to include insider threat.
    • Define self-assessments of insider threat segment of the cyber security program.
    • Enhance awareness training to include additional methods of insider threat.
    • Enhance existing security layers to better identify specific insider threat activity.
  • Thursday, May 30, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value

    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop

    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    8:00 am
    SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:00 am
    SecureWorld PLUS Part 3 - Insider Threat: A White Hat Hacking Methodology Approach to Insider Threats
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Sr. Information Security Manager, Comporium
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    There are several courses which teach insider threat program development.  While the methods and controls taught are very comprehensive and effective, often-times they can also be bypassed.

    Learn how the controls of your current security program can be bypassed by utilizing routine IT procedures.   Will also show how to identify business processes which can contribute to insider threats. Learn how to enhance procedures required to identify insider threat exposures.

    This program is designed to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology.

    A series of live demonstrations will be performed to show the white hat hacking techniques used to bypass various controls.

    Learning Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity.
    • How to identify system based behavioral indicators.
    • Learn which existing or enhanced security layer can provide insider threat profile data.
    • Learn how areas of the organization i.e. Legal, Procurement & HR are key stakeholders in assisting to identify insider threat activity.

    Take-Aways From the Course:

    • Establishing or enhancing an existing cyber security program to include insider threat.
    • Define self-assessments of insider threat segment of the cyber security program.
    • Enhance awareness training to include additional methods of insider threat.
    • Enhance existing security layers to better identify specific insider threat activity.
    8:30 am
    Preparing for the Human Factor in Our Cyber Future
    • session level icon
    speaker photo
    Associate Dean, College of Social and Behavioral Sciences, University of Phoenix
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    This presentation will help alleviate the mystery of soft skills. As employers struggle attracting and retaining cybersecurity personnel, it is important that employees feel appreciated and work through the stress associated with this environment. Utilizing this presentation as a springboard to greater understanding from both sides of management, attendees will walk away with: 1) What are the top IT soft skills; 2) How to create an environment of inclusion; 3) Real-world examples of how to implement and use soft skills to land that next promotion or job; and 4) Stress management in today’s cybersecurity field.
    8:30 am
    GDPR – End-to-End Impact
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Review of how GDPR will impact day-to-day operations and the support service. Direct impact to our ability to process in the EU.

    8:30 am
    AI is Your Friend
    • session level icon
    Methods and Practical Applications for AI Implementation to Supplement the InfoSec Labor Shortage
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    The InfoSec needs continue to grow as each day passes. Seemingly the offensive actors grow at an alarming rate, as their focus continues to be on exfiltrating data to sell or leverage, or their 15 minutes of fame. The blue team, or defensive side of the coin, has historically had issue with keeping pace with the attacks. One avenue beginning to be applied to InfoSec in an attempt to alleviate the massive strain on resources is AI. The presentation will elaborate, elucidate, and expound on the methods and practical application of AI to alleviate the massive strain on our field.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE:
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    11:15 am
    Riding Within the Risk Appetite: Being Reasonable in an Unreasonable World
    • session level icon
    speaker photo
    Security & Compliance Professional, Calendly
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Security professionals have the ability every day to Secure a business right out of business. Locking down controls so tightly that nothing can be done is just as bad for business as having no controls at all. The ‘Reasonable Person Test’ is often used in Legal matters, and should also be considered in Security and Data Protection. In a corporation’s risk appetite there is a fine line between ‘risky’ and ‘stupid’ and it is up to Security Professionals to make sure that there is a recovery plan for after ‘risky’ and that ‘stupid’ is avoided.

    11:15 am
    Gaining Better Visibility Into Risk – The Future of GRC
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    In this session we will be discussing the general achievements and failings that clients have experienced utilizing GRC platforms and processes, where the market is headed, and how integration of different data sources and risk correlation techniques are starting to be utilized to get a better picture of risk.

    11:15 am
    Practical Application of the NIST CSF
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    The NIST Cybersecurity Framework is a valuable tool for mapping security posture and maturity in an organization. This presentation strives to take some of the confusion out of how to approach and apply the framework to an organization in an effective manner, including an expanded CSF worksheet template.

    11:15 am
    Privacy Impact Assessments and Emerging Technologies
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Privacy laws and regulations continue to evolve rapidly in the U.S. at the federal and state levels. Combined with the European Union GDPR, these emerging standards underline the need for businesses to manage data as a regulated asset. The risks are heightened when developing or implementing emerging technologies, such as artificial intelligence, blockchain and biometric technologies. A key part of governance, both to reduce risk and to enable new innovations, is to perform impact assessments when implementing new technologies into the business, and as part of any new product development or innovation operations. This presentation will focus on privacy regulatory issues associated with emerging technologies, trends in structuring impact assessments, approaches to and objectives of PIAs, and ways in which to integrate PIA processes into the business.
    12:00 pm
    Advisory Council LUNCH Roundtable - (VIP / Invite ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    12:15 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: Stopping the Attacks (Incident Response)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: Extortion as-a-Service? Ransomware and Beyond
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Data Privacy for Information Security Professionals
    • session level icon
    Changing Our Old Compliance Methods
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Just as we are getting IoT, cloud computing, SOX/HIPAA/FISMA etc. under our belts, Europe changed the rules. The General Data Protection Regulation (GDPR) may just change the way we look at “compliance” once and for all. This isn’t just another regulation. We’re going to need to make a fundamental change in the way we think about data to get past this newest challenge.

    3:00 pm
    "I Know What You Did" - The Future of Security Decision Making
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    The future of IT security processes will be continuous, pervasive monitoring and visibility that is constantly analyzed for indications of compromise. Security Monitoring will encompass as many layers of the IT stack as possible, including network activity, endpoints, system interactions, application transactions, and user activity. This presentation will walk through several security related scenarios where data analytics and adaptive security architecture are used to respond in a dynamic way to enable this next generation security protection.
Exhibitors
  • ACP Atlanta
    Booth: 206

    The Atlanta Chapter was formed in August of 2006. It includes Continuity Professionals from all areas of the Business Community and the Public Sector. As ACP’s local presence in the Atlanta metro region, our chapter embraces and seeks to promote the mission and goals of the parent organization. Being a member of the Atlanta Chapter of ACP brings many benefits:
    • The opportunity to network with experience individuals who often have addressed some of the same challenges you face in your organization.
    • The opportunity to hear real examples of solutions that have been implemented in other organizations.
    • The opportunity to network for career opportunities.

  • ARMA Atlanta
    Booth: TBD

    ARMA International is a not-for-profit organization representing the RIM profession. Its primary purpose is the advancement of the profession and the professional through advocacy, education and professional development.

    ARMA International members include records and information managers, MIS and ADP professionals, imaging specialists, archivists, hospital administrators, legal administrators, librarians, corporate counsel, compliance professionals, and educators. ARMA, its chapters, and its members are dedicated to helping individuals, organizations, and government agencies successfully meet the challenges of the increasingly complex records and information management field.

  • Bitdefender
    Booth: TBD

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures – Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • Colbalt.io
    Booth: TBD

    At Cobalt, we use a combination of data, technology and talent to meet the security challenges of the modern web or mobile application, and ensure we provide the smartest, most efficient services possible. From Cobalt Central, our powerful vulnerability dashboard, to Cobalt Insights, which gives you an intelligent overview of your application security program, we are driven by great technology.

  • Comodo Cybersecurity
    Booth: TBD

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • EC-Council
    Booth: 232

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Global Cyber Alliance
    Booth: TBD

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • InfoSec-Conferences.com
    Booth: TBD

    We’re the InfoSec Community’s #1 ‘Go To’ resource for Cybersecurity Conferences. Since 2012 we’ve provided Cybersecurity Professionals with accurate event listings that are manually checked and updated every day.

  • InfraGard Atlanta
    Booth: 230

    InfraGard Atlanta Members Alliance (IAMA) is a non-profit organization serving as a public-private partnership among U.S. Businesses, individuals involved in the protection and resilience of the U.S. critical Infrastructure and the Federal Bureau of Investigation.

    InfraGard National Members Alliance (INMA), which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together.

    IAMA is the Atlanta chapter of InfraGard. It is a local association of persons who represent businesses, academic institutions, state and local law enforcement agencies, non-profit organizations and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States.

  • ISACA
    Booth: 202

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

  • (ISC)2 Atlanta
    Booth: 330

    (ISC)² Atlanta chapter encompasses the Atlanta Metro area. Our chapter program provides members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resource and educational programs to keep our members informed of the latest advances in technology and techniques.

    Our mission is to advance information security in local communities throughout Atlanta, Georgia, by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects. ​

  • ISSA Metro Atlanta Chapter
    Booth: 208

    The ISSA Metro Atlanta chapter has developed over the years into one of the largest ISSA chapters worldwide and the largest IT Security organization in the Metro Atlanta area. The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • Lockpath
    Booth: TBD

    Lockpath is a software company bringing order to the chaos of managing risk. From SMB to enterprise, our risk management platforms flex and scale to existing processes enabling customers a straightforward approach to identify, understand, manage and report on risk.

  • Mimecast
    Booth: TBD

    Mimecast Is Making Email Safer For Business.
    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service.
    Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • Pulse Secure
    Booth: TBD

    Put simply, we are the company that is 100% focused on delivering secure access solutions for people, devices, things and services. For years, enterprises of every size and industry have been trusting our integrated virtual private network, network access control and mobile security solutions to enable secure access seamlessly in their organizations.

  • RedSeal
    Booth: TBD

    At RedSeal, our vision is to become the essential analytics and decision-making platform for building digitally resilient organizations people can trust. We do this by becoming the measure by which every organization can quantify its digital resilience. As thought leaders on resilience, we envision every organization starting the security discussion with the question “What’s our Digital Resilience Score?” Founded in 2004, RedSeal is headquartered in Sunnyvale, California.

  • Sonatype
    Booth: TBD

    We are laser focused on helping organizations continuously harness all of the good that open source has to offer, without any of the risk.  In order to do this, we have invested in knowing more about the quality of open source than anyone else in the world. This investment takes the form of machine learning, artificial intelligence, and human expertise, which in aggregate produces highly curated intelligence that is infused into every Nexus product.  Organizations equipped with Nexus products make better decisions, innovate faster at scale, and rest comfortably knowing that their applications always consist of the highest quality open source components.

  • Synopsys
    Booth: TBD

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TAG
    Booth: 204

    It’s a new world for tech, and the Technology Association of Georgia (TAG) has emerged as a world-class membership organization and an engine for economic development for the state of Georgia. TAG’s mission is to educate, promote, influence and unite Georgia’s technology community to foster an innovative and connected marketplace that stimulates and enhances Georgia’s tech-based economy.

    TAG TODAY:
    35,000+ Members
    2,000+ Member Companies
    200+ Events per year
    33 Societies

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Veristor
    Booth: TBD

    At VeriStor, we design, implement and manage IT solutions that fuel business productivity. As an end-to-end solutions provider, VeriStor specializes in enterprise data storage, virtual infrastructure, public, private and hybrid cloud services, migration, and technology financing. Headquartered in Atlanta, VeriStor delivers solutions nationwide to enterprise and mid-market companies in all industries including financial services, manufacturing, healthcare, education and federal, state and local government. To learn how VeriStor can help you achieve an IT infrastructure that accelerates business growth, improves efficiencies and reduces costs, visit: http://www.veristor.com

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Mike Muscatell
    Sr. Information Security Manager, Comporium

    Mike Muscatell is a seasoned IT veteran with more than twenty years in the Information Security field. He is a certified ethical hacker. Was honored as top 100 professionals in the Information Security Field by Strathmore's for 2014. Member of a number of security organizations including Infragard, US Chamber of Commerce Cyber Committee.

  • speaker photo
    John Helt
    Security Operations Center Manager, Discovery, Inc. (Formerly Scripps Networks)

    I have considered myself a "hacker" from the moment I turned on my TI-99/4a. My insatiable curiosity has driven me through a career in IT Operations and InfoSec with both Hewlett Packard (10 years) and Discovery (Scripps Networks Interactive, 18 year). I hold a MS in Information Systems Management and current CISSP-ISSAP, CEH, and CCENT certs.

  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    James Baird
    VP, IT Security & Compliance, American Cancer Society

    James serves as the Vice President of IT Security & Compliance at the American Cancer Society. As the CISO, his role oversees all the programs and processes involved with Information Security and technology risk management across the Society. His team works diligently to ensure that sensitive constituent information used for Society business is protected from accidental or intentional misuse. He has designed and implemented security programs using the ISO 27001, NIST RMF, NIST ICTSCRM, NIST CSF, and ITIL. James holds a Master of Science degree in Information Assurance (MSIA) and maintains the CISSP, CISM, CIPM, and several other Security-related certifications.

  • speaker photo
    Rebecca Rakoski
    Managing Partner, XPAN Law Group, LLC

    Rebecca Rakoski is co-founder and managing partner at XPAN Law Group, a certified Women Owned boutique law firm. Rebecca focuses her practice exclusively on cybersecurity and data privacy. She has extensive experience in all aspects of cybersecurity, data privacy and cross border data transfer issues. Rebecca performs in-depth cybersecurity assessments and audits in accordance with regulatory requirements. Rebecca counsels clients through a breach by navigating the complexities of different state and federal regulations. Rebecca also performs cybersecurity and data privacy due diligence in M&A transactions, protecting intellectual property, and even transition and succession planning.

  • speaker photo
    Michael Holcomb
    Director, Information Security, Fluor

    Michael Holcomb is the Director of Information Security for Fluor, one of the world's largest construction, engineering and project services companies with 60,000 employees around the world. In his role at Fluor, Michael is responsible for vulnerability management, incident detection/response, penetration testing and industrial controls for the global organization. He also teaches cyber security as an adjunct instructor at Greenville Technical College and helps students, career transitioners and others that are new to cyber security at becomeacybersecuritypro.com.

  • speaker photo
    Barry Herrin
    Founder, Herrin Health Law, P.C.

    Barry Herrin is the Founder of Herrin Health Law, P.C., a boutique law practice located in Atlanta, Georgia. He regularly assists health care providers in all segments of the industry on health care operations and compliance, medical information privacy and confidentiality, cybersecurity, and data breach response. He is admitted to the bars of the District of Columbia, Florida, Georgia, and North Carolina. Mr. Herrin is a Fellow of the American College of Healthcare Executives, a Fellow of the American Health Information Management Association, and a Fellow of the Healthcare Information and Management Systems Society. He also holds a certificate in cybersecurity from Georgia Tech and has been recognized as a subject matter expert in health care by the Infragard National Member Alliance.

  • speaker photo
    Rebecca Rakoski
    Managing Partner, XPAN Law Group, LLC

    Rebecca Rakoski is co-founder and managing partner at XPAN Law Group, a certified Women Owned boutique law firm. Rebecca focuses her practice exclusively on cybersecurity and data privacy. She has extensive experience in all aspects of cybersecurity, data privacy and cross border data transfer issues. Rebecca performs in-depth cybersecurity assessments and audits in accordance with regulatory requirements. Rebecca counsels clients through a breach by navigating the complexities of different state and federal regulations. Rebecca also performs cybersecurity and data privacy due diligence in M&A transactions, protecting intellectual property, and even transition and succession planning.

  • speaker photo
    Calvin Nobles
    Cybersecurity Policy Fellow, New America Think Tank, New America

    Dr. Nobles is a Cybersecurity Scientist and practitioner with more than 25 years of experience. He teaches cybersecurity at several universities. He recently retired from the Navy and is currently employed in the Financial and Services Industry. Dr. Nobles is a Cybersecurity Policy Fellow with the New America Think Tank. He authored a book on the integration of technologically advanced aircraft in general aviation. His personal story is featured in the book, Black Men Changing the Narrative Through Education. Dr. Nobles serves as Chairman, of a Cybersecurity Technology Advisory Board and on the Intelligence and National Security Alliance Cyber Council. He has fulfilled various executive-level positions as a cybersecurity professional.

  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Mike Muscatell
    Sr. Information Security Manager, Comporium

    Mike Muscatell is a seasoned IT veteran with more than twenty years in the Information Security field. He is a certified ethical hacker. Was honored as top 100 professionals in the Information Security Field by Strathmore's for 2014. Member of a number of security organizations including Infragard, US Chamber of Commerce Cyber Committee.

  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Mike Muscatell
    Sr. Information Security Manager, Comporium

    Mike Muscatell is a seasoned IT veteran with more than twenty years in the Information Security field. He is a certified ethical hacker. Was honored as top 100 professionals in the Information Security Field by Strathmore's for 2014. Member of a number of security organizations including Infragard, US Chamber of Commerce Cyber Committee.

  • speaker photo
    Samantha Dutton
    Associate Dean, College of Social and Behavioral Sciences, University of Phoenix

    Dr. Samantha Dutton is currently an Associate Dean and the Director of the Social Work Program in the College of Social and Behavioral Sciences at the University of Phoenix. She holds a Master of Social Work degree as well as a PhD in Social Work and Social Research. She has also held a full-time faculty position with Walden University where her area of expertise was military social work. Previous to these positions she held positions of Deputy Commander of Medical Operations at Mike O’Callaghan Military Medical Center as well as the Medical Squadron at Joint Base Lewis-McChord. She also commanded the Mental Health Clinic at Nellis Air Force Base. Her military experience spans 27 years with increasing levels of leadership. She has been the recipient of numerous Air Force level awards and was deployed in support of Operation Iraqi Freedom and Operation Enduring Freedom where she was the lone mental health practitioner for 2500 personnel.

  • speaker photo
    Phillip Mahan
    Security & Compliance Professional, Calendly

    Phillip loves to tell stories. He is currently in Security and Compliance with Calendly, LLC in Atlanta. With enough letters to fill a full serving of Alphabet soup (although mostly ‘C’s, ‘I’s, ‘P's and ’S’s) he walks through data protection and privacy with an eye to making the world a better place for data to live. Phillip has more than 25 years in Technology, most of which having been in the Security and Privacy field.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!