Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, May 27, 2020
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am

    This session is for Advisory Council Members only.

    8:00 am
    [SecureWorld PLUS] Part 1 - Understanding and Using the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Professor & Sr. Research Scientist, University of Detroit Mercy
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    This course provides in depth awareness of the knowledge, skill, ability (KSA), and competency requirements, of the NIST NICE Cybersecurity Workforce Framework. The student will be given a broad, understanding of the architecture and intent of the NICE model, as well as the purpose and intent of each of the component knowledge, and specialty areas. Students will learn how to design and implement a practical cybersecurity infrastructure solution, that directly applies the job role recommendations, which are specified in the NICE Workforce Model, to the real-world cybersecurity policy guidance requirements of the NIST Cybersecurity Framework.

    Who should attend:
    Any type of C-Level (including CFO and COO)
    Strategic Planners
    Cybersecurity Architects
    Cybersecurity Analysts
    Human Resources Planners

    What will be the audience “take-away”?:
    The student will be able to produce a cybersecurity solution that is tailored to their specific organizational application, which is based on the two most commonly accepted models for cybersecurity best practice.

    8:00 am
    [SecureWorld PLUS] Part 1 - The Evolution of Privacy and Cybersecurity Legal Trends: Strategies and Operational Tools to Help You Protect Your Organization
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    This SecureWorld PLUS course will provide an administrative, legal, and technical overview of the Privacy and Cybersecurity Legal Landscape with operational tools to address the changing regulatory and legal landscape. Hands-on exercises to demonstrate the best approach to the dynamic legal requirements in the cyber and privacy space will be included. The sessions will involve the California Consumer Privacy Act (CCPA), the New York SHIELD Act, the Nevada’s Internet Privacy Law, and the European Union’s General Data Protection Regulation.
    Part 1: Trends in the Law: An Overview of the Domestic Regulatory and Legal Landscape.

    The US legal framework for cybersecurity and data privacy continues to evolve. Trying to stay abreast of the ever evolving and changing technologies and legal requirements can be overwhelming. In the past year, State and Federal regulatory changes have altered the legal and compliance obligations of many companies across a variety of industries. Additionally, the courts are starting to issue opinions that have placed heightened liability on companies to protect sensitive personal data.

    This Session will provide an overview of key regulatory and legal changes both at the State and Federal level and discuss how companies should prepare to meet these evolving obligations. We will break down the requirements of the CCPA and the NY SHIELD Act, providing insight into key aspects of the laws. Additionally, this Session will discuss the impact of recent court decisions on privacy and security liability.

    8:00 am
    [SecureWorld PLUS] Part 1 - Building a Successful Hybrid Cloud Security Strategy With the Agility of DevOps
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Sr. Cloud Security Consultant, EY, Instructor, Georgia Institute of Technology
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    As enterprises increasingly seek the innovation & business growth opportunities cloud adoption can provide, many are discovering it comes with numerous new security challenges that stagnate, block or even reverse strategic digital transformation initiatives. This workshop is aimed at answering the question of how security and IT teams can sufficiently prepare and monitor their environments to ensure the shift to a hybrid cloud be as clean and efficient as possible with the agility of DevOps.
    Some key takeaways:

    • Understanding the major challenges of adopting hybrid cloud.
    • Breaking down and understanding what is DevOps/DevSecOps.
    • How to leverage the agility of DevOps.
    • Building a Hybrid Cloud Strategy.

      Presentation Level: MANAGERIAL (security and business leaders)

     

    8:30 am
    The Hunt for Cybersecurity Talent: It's Time to Rethink Your Organization's Recruitment Strategy
    • session level icon
    speaker photo
    Co-Founder & Managing Partner, HuntSource
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Thousands of organizations across the globe are experiencing “hunt fatigue” when it comes to finding cyber talent. Most don’t even know where to start. In this session, Cybersecurity and Technology recruiting industry expert, Matt Donato, will discuss the various challenges organizations are facing when it comes to hiring top cyber talent and how you may need to rethink your recruitment strategy.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
    8:30 am
    RED TEAM: Active Hacker Drills
    • session level icon
    Learn how to safely simulate malicious activity to effectively measure cyber readiness & defense capabilities.
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Join us in a presentation that will demonstrate attack scenarios to effectively measure your cyber defense position. The presenter will demonstrate Red Team cyber readiness & defense capability testing techniques. The audience will discover new Red Team tools that are safe to use for your active simulations. Additionally, the presenter will share a unique approach to effectively producing metrics and measurements for active hacker drills.

    8:30 am
    Engaging the Board on Cybersecurity
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Boards of directors are increasingly interested more than ever in the organization’s cybersecurity posture and strategy. It’s important to engage them early and often with the right level of detail to maintain their confidence. This session will provide practical guidance on approaches that could be used to be successful when communicating with the Board.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    [OPENING KEYNOTE] Public Health Informatics and Pandemic Response
    • session level icon
    speaker photo
    Chief Informatics Officer, Centers for Disease Control & Prevention
    speaker photo
    Founder and Managing Director, CLASS, LLC
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:30 am
    Location / Room: Keynote Theater

    In this presentation, Melvin Crum and Keyaan Williams will combine forces to discuss public health informatics and the critical role this practice plays in public health and pandemic response.

     

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm

    This session is for Advisory Council Members only.

    11:15 am
    VIPR Report – The Verizon Incident Preparedness and Response Report – Taming the Data Breach
    • session level icon
    speaker photo
    Head | Research, Development, Innovation, Verizon Threat Research Advisory Center
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Preparing for and responding to data breaches and cybersecurity incidents is never easy. It takes knowledge of your environment and its unique threats, effective teamwork, and just as importantly, a rigorous Incident Response (IR) Plan. The VIPR Report is a data and scenario-driven approach to incident preparedness and response; it’s based on three years of Verizon’s IR Plan readiness assessments, and our data breach simulation recommendations. John will present findings with the six phases of incident and in doing so, cover five data breach scenarios illustrating the need for that phase of an IR Plan and its underlying components.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    11:15 am
    Vetting Your Vendors
    • session level icon
    Understanding the “Chain of Control” of Data, Security Pitfalls in Third-Party Contracts and Service Agreements
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    One of the most important considerations in cybersecurity does not involve your own direct network security; it involves your partners and vendors. In the world of cybersecurity, you are only as strong as the weakest link in your vendor chain. The ease, convenience and cost effectiveness of outsourcing certain business functions frequently overshadows the potential pitfalls lurking in using outside third-parties and vendors. This presentation will discuss the steps your organization needs to take to ensure that any partners or vendors with access to your network systems or company data are meeting (at least) a minimum level of security requirements.

    11:15 am
    Are You Ready for the Convergence of IIoT, OT, and IT Security?
    • session level icon
    speaker photo
    VP, IT Security, McCormick
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Business transformation and drive for smart factory initiatives has placed demands on business leaders to leverage relevant technologies to achieve the desire end goal of operational excellence. The technologies such as industrial internet of things (IIoT) are being layered on top of manufacturing floor machinery to provide that needed insight into business operations and productivity. These improvement and perceived operational excellence have come with cyber security risks which were not a common place in manufacturing space previously. It for this reason that there is now a convergence between operation technology (OT), Industrial internet of things (IIoT) and IT. This intersection is becoming very evident in manufactural, supply chain and traditional production organization or companies.

    Most of these manufacturing machineries were never directly connected to the ethernet networks and as such the risk was very minimal. In some cases, these organizations had organized security based on perimeter controls such as data center firewalls, site firewalls, floor firewalls that provide segmentation or microsegment between corporate IT and manufacturing operation technology (OT space). However, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network — even if there is a secure communication link. There are many ways to run into problems on the OT/IoT front if companies are not careful in their network design security implementation. These increase the risk and a re-thinking of how to architect security appropriately to meet the ever-evolving threat landscape with relevant implications to OT/IIoT and larger enterprise network.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    11:15 am
    Vetting Your Vendors: Understanding the “Chain of Control” of Data, Security Pitfalls in Third-Party Contracts, and Service Agreements
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    One of the most important considerations in cybersecurity does not involve your own direct network security; it involves your partners and vendors. In the world of cybersecurity, you are only as strong as the weakest link in your vendor chain. The ease, convenience and cost effectiveness of outsourcing certain business functions frequently overshadows the potential pitfalls lurking in using outside third-parties and vendors. This presentation will discuss the steps your organization needs to take to ensure that any partners or vendors with access to your network systems or company data are meeting (at least) a minimum level of security requirements.
    You are only as secure as your weakest link: a holistic approach to cybersecurity requires an organization to take into account the security of your partners in order to decrease vulnerabilities and threats to an organization’s network infrastructure.

    12:15 pm
    [LUNCH KEYNOTE] We Really Do Need Each Other - Effective Interdepartmental Communication
    • session level icon
    speaker photo
    CISO, Georgia Department of Revenue
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    It is now more important than ever for security professionals to communicate effectively with team members and business stakeholders at all levels. Interdepartmental communication and collaboration can increase compliance and maintaining a safe and secure organization. This session focuses on fostering effective communication and collaboration across various departments in the organization.
    Presentation Level: MANAGERIAL (security and business leaders)

    1:15 pm
    [Panel] Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    1:15 pm
    [Panel] Cloudy With a Chance of Breach
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    1:15 pm
    Data Privacy for Information Security Professionals
    • session level icon
    Changing Our Old Compliance Methods
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm

    Just as we are getting IoT, cloud computing, SOX/HIPAA/FISMA etc. under our belts, Europe changed the rules. The General Data Protection Regulation (GDPR) may just change the way we look at “compliance” once and for all. This isn’t just another regulation. We’re going to need to make a fundamental change in the way we think about data to get past this newest challenge.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Rethinking AppSec Programs in Brave New DevSecOps World!
    • session level icon
    speaker photo
    Sr. Application Security Architect , Metro Atlanta Chapter of ISSA
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    As the landscape of development is changing, so are the skills required to effectively secure it in such a way as to not hinder business. New methods, skills, and processes will be introduced, as well as a rework of some tried and true practices. This presentation will leave the audience with an understanding of some of the challenges and changes that application security engineers and leaders are facing in the brave new world of cloud development.
    Presentation Level: MANAGERIAL (security and business leaders)

    3:00 pm
    Another Brick in the Wall
    • session level icon
    speaker photo
    Americas Lead for Secure Culture Activation , Ernst & Young LLP
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Security awareness and training. The Human Element. Change Management. All of these have resulted in extraneous mandatory learning for employees, often without regard to a role- or risk-based education profile. Employees are experiencing learning fatigue at a rapid pace, without significant results on an organization’s overall risk profile. It’s time to stop educating and start engaging, for significant, measurable information security behavior change in your organization. This session will cover learning trends, opportunities for engagement, and examples you can implement immediately.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
    3:00 pm
    Vendor Fraud Within IT Organizations
    • session level icon
    speaker photo
    Operational Risk Consultant, Wells Fargo
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    The focus of this presentation will include a look at how fraud can be perpetrated within IT organizations, and some insights on how to detect and deter such frauds from occurring.
    Presentation Level: MANAGERIAL (security and business leaders)

    3:00 pm
    [SecureWorld PLUS] Part 2 - Understanding and Using the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Professor & Sr. Research Scientist, University of Detroit Mercy
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    This course provides in depth awareness of the knowledge, skill, ability (KSA), and competency requirements, of the NIST NICE Cybersecurity Workforce Framework. The student will be given a broad, understanding of the architecture and intent of the NICE model, as well as the purpose and intent of each of the component knowledge, and specialty areas. Students will learn how to design and implement a practical cybersecurity infrastructure solution, that directly applies the job role recommendations, which are specified in the NICE Workforce Model, to the real-world cybersecurity policy guidance requirements of the NIST Cybersecurity Framework.

    Who should attend:
    Any type of C-Level (including CFO and COO)
    Strategic Planners
    Cybersecurity Architects
    Cybersecurity Analysts
    Human Resources Planners

    What will be the audience “take-away”?:
    The student will be able to produce a cybersecurity solution that is tailored to their specific organizational application, which is based on the two most commonly accepted models for cybersecurity best practice.

    3:00 pm
    [SecureWorld PLUS] Part 2 - The Evolution of Privacy and Cybersecurity Legal Trends: Strategies and Operational Tools to Help You Protect Your Organization
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    This SecureWorld PLUS course will provide an administrative, legal, and technical overview of the Privacy and Cybersecurity Legal Landscape with operational tools to address the changing regulatory and legal landscape. Hands-on exercises to demonstrate the best approach to the dynamic legal requirements in the cyber and privacy space will be included. The sessions will involve the California Consumer Privacy Act (CCPA), the New York SHIELD Act, the Nevada’s Internet Privacy Law, and the European Union’s General Data Protection Regulation.

    Part 2: Risk Transference: Developing a Security and Privacy Program to Address Compliance Requirements

    In the current patchwork approach to cybersecurity and data privacy legal requirements, it can be challenging for a business to create a comprehensive privacy and security program that complies with the various (and sometimes conflicting) legal requirements while also fitting organically within the business. Building solutions that can be easily shifted to meet new and evolving legal requirements is key. This Session will provide a detailed explanation of core components of a security and privacy program, methods to ensure that the program can be altered to fit new requirements as they come into place, and how to transfer risk whenever possible. The Session will include a discussion on Written Information Security Policies, Departmental and Employee Policies, Risk Management Programs, Client Contract Management Programs, Incident/Breach Response Programs, and training.

    3:00 pm
    [SecureWorld PLUS] Part 2 -Building a Successful Hybrid Cloud Security Strategy With the Agility of DevOps
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Sr. Cloud Security Consultant, EY, Instructor, Georgia Institute of Technology
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    As enterprises increasingly seek the innovation & business growth opportunities cloud adoption can provide, many are discovering it comes with numerous new security challenges that stagnate, block or even reverse strategic digital transformation initiatives. This workshop is aimed at answering the question of how security and IT teams can sufficiently prepare and monitor their environments to ensure the shift to a hybrid cloud be as clean and efficient as possible with the agility of DevOps.
    Some key takeaways:

    • Understanding the major challenges of adopting hybrid cloud.
    • Breaking down and understanding what is DevOps/DevSecOps.
    • How to leverage the agility of DevOps.
    • Building a Hybrid Cloud Strategy.Presentation Level: MANAGERIAL (security and business leaders)

     

  • Thursday, May 28, 2020
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    InfraGard Meeting: Light Breakfast and Guest Presentation - Open to all Attendees
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:15 am

    Interested in your local associations? Join InfraGard for a chapter meeting, light breakfast and guest presentation. This session is open to all attendees.
    8:00-8:30am – Networking
    8:30-9:15am – Speaker: TBD

    Guest Presentation
    : TBD

     

    8:00 am
    [SecureWorld PLUS] Part 3 - Understanding and Using the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Professor & Sr. Research Scientist, University of Detroit Mercy
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    This course provides in depth awareness of the knowledge, skill, ability (KSA), and competency requirements, of the NIST NICE Cybersecurity Workforce Framework. The student will be given a broad, understanding of the architecture and intent of the NICE model, as well as the purpose and intent of each of the component knowledge, and specialty areas. Students will learn how to design and implement a practical cybersecurity infrastructure solution, that directly applies the job role recommendations, which are specified in the NICE Workforce Model, to the real-world cybersecurity policy guidance requirements of the NIST Cybersecurity Framework.

    Who should attend:
    Any type of C-Level (including CFO and COO)
    Strategic Planners
    Cybersecurity Architects
    Cybersecurity Analysts
    Human Resources Planners

    What will be the audience “take-away”?:
    The student will be able to produce a cybersecurity solution that is tailored to their specific organizational application, which is based on the two most commonly accepted models for cybersecurity best practice.

    8:00 am
    [SecureWorld PLUS] Part 3 - The Evolution of Privacy and Cybersecurity Legal Trends: Strategies and Operational Tools to Help You Protect Your Organization
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    This SecureWorld PLUS course will provide an administrative, legal, and technical overview of the Privacy and Cybersecurity Legal Landscape with operational tools to address the changing regulatory and legal landscape. Hands-on exercises to demonstrate the best approach to the dynamic legal requirements in the cyber and privacy space will be included. The sessions will involve the California Consumer Privacy Act (CCPA), the New York SHIELD Act, the Nevada’s Internet Privacy Law, and the European Union’s General Data Protection Regulation.

    Part 3: Data Subject Rights: Complying Across Regulatory Frameworks

    Data Subjects have numerous rights under both the GDPR and the CCPA. Being able to address those rights in the appropriate time frame and manner is a key element to compliance with those regulations. We will show how an organization can integrate administrative and technological requirements to address Data Subject requests. The third Session will take a hands-on approach. We will walk through several data subject requests and work through the administrative and technological mechanisms to address the requests.

    8:00 am
    [SecureWorld PLUS] Part 3 -Building a Successful Hybrid Cloud Security Strategy With the Agility of DevOps
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Sr. Cloud Security Consultant, EY, Instructor, Georgia Institute of Technology
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    As enterprises increasingly seek the innovation & business growth opportunities cloud adoption can provide, many are discovering it comes with numerous new security challenges that stagnate, block or even reverse strategic digital transformation initiatives. This workshop is aimed at answering the question of how security and IT teams can sufficiently prepare and monitor their environments to ensure the shift to a hybrid cloud be as clean and efficient as possible with the agility of DevOps.
    Some key takeaways:

    • Understanding the major challenges of adopting hybrid cloud.
    • Breaking down and understanding what is DevOps/DevSecOps.
    • How to leverage the agility of DevOps.
    • Building a Hybrid Cloud Strategy.
      Presentation Level: MANAGERIAL (security and business leaders)

     

    8:30 am
    Third-Party Risk: Creating and Managing a Program that Works!
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Every organization is concerned with third-party risk. No one wants to be the next Target breach. This session will examine the components of third-party risk management and give you some leading practices on how to develop a workable and sustainable process.

     

    8:30 am
    Hackers Are Doing Things the Easy Way
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Companies are buying sophisticated new tools but are often overlooking the little things that are enabling hackers to live off the land and execute the same attacks they’ve been doing for years. We will discuss real examples of attacks and what can be done to prevent or mitigate.

    8:30 am
    7 Ways to Boost InfoSec’s Influence (and Yours) by Communicating Differently
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Grow your personal influence, your leadership possibilities and move your InfoSec objectives forward (faster) by thinking differently about how you communicate. Whether your audience is the board, your team, or any part of the business, this session will help you and your communication stand out. Lead by a long-time TV reporter turned cybersecurity journalist who shares a framework for powerful communication you can implement immediately.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    [OPENING KEYNOTE] Criminal Minds 401: A Glimpse into the Darkness
    • session level icon
    speaker photo
    Supervisory Special Agent / Cyber (Prior), FBI
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    How do our cyber adversaries think? Easy: like the rest of us. Well, with a slightly different optic. In this interactive presentation, Michael exposes the audience to some real-life FBI subject interviews and his observations of each. Michael will hone in on four critical elements (exhibited by all of his subjects) used to explain criminality. One key factor that the audience will learn is context. Understanding the context of one’s decision-making process is critical to explain their rationale and motivation.
    “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” — Sun Tzu
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    A New Rubric for IT Recruiting and Retention
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:00 am - 12:00 pm

    From lengthy vacancies in unfilled positions to a choice of strong candidates within weeks of job listings. Hear how Harvard Information Security and Harvard WIT (Women in Technology) are leading a culture shift in our IT community that extends from recruiting through promotion. Participants will explore useful resources and techniques to remove inadvertent biases in your processes, so you can better attract, retain, and develop strong talent and inclusive teams in your organizations. We explore job postings, marketing, interview processes, selection criteria, apprenticeship opportunities, and mentoring programs.

    11:15 am
    Being Risk Aware in Cloud Adoption
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    In spite of the benefits to be realized in Cloud, organizations are uneasy about the risks. It is important for organizations to be risk-aware since the impact could easily pass on to the existing /future clients. How can organizations exploit the risk in order to successfully adopt cloud?

    11:15 am
    Don't WannaDie: Using a Zero Trust Approach to Secure Healthcare
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    A hospital falling victim to ransomware has become an all too frequent occurrence and one that everyone should be worried about. The WannaCry attack not only took out computer systems at many hospitals worldwide, but also demonstrated that ransomware had the ability to compromise medical devices, proving that ransomware and other cyber threats not only pose a risk to patient information but also to patient safety. These attacks gave a new and wholly unacceptable meaning to the term Denial of Service, and healthcare organizations need to take measures to protect their information systems and medical device deployments against such attacks.

    This session will demonstrate the need for zero trust by walking attendees through how to simulate a mass malware outbreak and will then discuss taking network segmentation to the next level and implementing a zero trust approach to security whereby every device on the network is restricted to just essential communications. The session will also provide an in depth description of the approach used to achieve zero trust in a multi-site medical center.

    11:15 am
    Communicating Risk: Translating Insight Into Action
    • session level icon
    speaker photo
    Director, Information and Technology Services, Gift of Hope Organ and Tissue Donor Network
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Security leaders today need to tell a story of risk assessment via metrics that is transparent, defendable and speaks the language of the business.

    This session will include:
    >Board level reporting techniques to drive your organization’s security program
    > Tools to assess your current state and define your target state of security
    > Frameworks for risk assessment that you can implement in your business

    Presentation Level:
    MANAGERIAL (security and business leaders)

    11:15 am
    Delivering Sustainable Talent Pipelines Through Innovation
    • session level icon
    speaker photo
    Sr. Director,Global Security, Equifax
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    The demand for security talent continues to outpace the growing supply. Faced with this challenge, on team defied traditional approaches and tackled the problem head-on through innovation. Join this session to learn how a partnership between academia, industry, and business partners delivered meaningful results, and learn how you can apply the same template to solve your talent challenge.
    Presentation Level: MANAGERIAL (security and business leaders)

    11:15 am
    Cybersecurity & GRC Metrics That Tell a Story!
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    The success and failure of modern enterprises is dependent on the ability to quantify cyber risk, understand cyber risk appetite and conduct fact-based decision making. Between complicated data outputs and information overload, many businesses either don’t have visibility into their information security systems or aren’t using data to its highest potential. Learn how you can revolutionize your cyber security reporting capabilities and produce robust action oriented reports and visualizations. In this session you will:
    o Understand the challenges that many customers face with cyber security reporting and metrics
    o Discuss critical success factors for reporting for improved risk based decision making
    o Learn how you can enable advanced metrics and visualization with leading edge technology solutions and the latest in industry trends.

    12:15 pm
    [LUNCH KEYNOTE] All-Volunteer Civilian Cyber Corps: Is It Possible in Today's Environment?
    • session level icon
    speaker photo
    CIO, Georgia State Defense Force, Former CIO, The White House
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    People volunteer their time in support of good causes all the time. Is it time to create and field an all-volunteer Civilian Cyber Corps in the state of Georgia? Currently the State of Georgia has the State Defense Force – an all-volunteer organization that helps the Georgia National Guard and the Governor during times of cruises and emergencies. Do you think that it is time to get together a group of all volunteer Cyber professionals to be involved in supporting our State and Country during a cyber attack? Colonel Mark Gelhardt has been the Chief Information Officer and Chief Information Security Officer for the Georgia State Defense Force for over six years and has been working on this very issue for years. Col. Gelhardt comes with some unique insight into the Government and Cyber from this time as the CIO for the Clinton White House. Come listen and see if you would like to help form an all-volunteer Civilian Cyber Corps here in the state of Georgia.

    Presentation Level: GENERAL (InfoSec best practices, trends, solutions)

    1:15 pm
    [Panel] Shifting Landscape of Attack Vectors
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    1:15 pm
    Panel: The Battle for the Endpoint Continues (Endpoint Security)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    What are you doing to keep the network safe for your employees? You’ve got your fancy next-gen firewall and some A/V. Maybe even some biometrics or 2FA thrown in for safekeeping. We also keep hearing the IAM acronym thrown around. And what is Zero Trust? What are you missing? Oh, yeah… remote workers and IoT. Wouldn’t it be cool if you had someone to ask? Now you do. This panel will go through these questions and more. Join the group discussion as we address the challenges in endpoint and network security.
    Panelists:
    Jorge Alago, Veristor
    Tom Callahan, ControlScan
    Dave Vance, Comodo
    Ron Coe, Jazz Networks
    Mark Hubbard, Code42
    Moderator: Kelvin Arcelay

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Re-thinking Our Talent Shortage: Planning for the Future Began Yesterday
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    All too often, breaches or attacks on organizations are the result of an otherwise trustworthy employee’s negligence. Whether it’s using a company device on a public wifi or ignoring password updates to confidential data, it’s human nature to error. So…how do we mitigate that? Can we pre-screen for that? This expert presentation will discuss little-known tactics deployed to avoid potential hiring risks, while also integrating non-security professionals into a highly secure environment.
    3:00 pm
    How to Perform a Data Privacy Impact Assessment
    • session level icon
    Now I know how to do a DPIA!
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    A practical guide to performing a Data Privacy Impact Assessment, including a fully completed DPIA example and a template you can use.

    3:00 pm
    Crime in a Box – Revisited
    • session level icon
    How technology changed the landscape of cyber crime and predicting future attack vectors
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Twenty years ago I read an article titled “Crime in a Box.” It was a futuristic vision of how cyber crime could evolve to be the perfect crime. This session will compare and contrast the scenario described in that article to the data breach, spear-phishing, and ransomware attacks that have become our reality in the 21st century.

Exhibitors
  • ACP Atlanta
    Booth:

    The Atlanta Chapter was formed in August of 2006. It includes Continuity Professionals from all areas of the Business Community and the Public Sector. As ACP’s local presence in the Atlanta metro region, our chapter embraces and seeks to promote the mission and goals of the parent organization. Being a member of the Atlanta Chapter of ACP brings many benefits:
    • The opportunity to network with experience individuals who often have addressed some of the same challenges you face in your organization.
    • The opportunity to hear real examples of solutions that have been implemented in other organizations.
    • The opportunity to network for career opportunities.

  • ARMA Atlanta
    Booth:

    ARMA International is a not-for-profit organization representing the RIM profession. Its primary purpose is the advancement of the profession and the professional through advocacy, education and professional development.

    ARMA International members include records and information managers, MIS and ADP professionals, imaging specialists, archivists, hospital administrators, legal administrators, librarians, corporate counsel, compliance professionals, and educators. ARMA, its chapters, and its members are dedicated to helping individuals, organizations, and government agencies successfully meet the challenges of the increasingly complex records and information management field.

  • Atmosera
    Booth:

    Atmosera is a leading Microsoft Azure solutions provider leveraging both the Microsoft Cloud Platform System and Azure. We engineer and operate highly scalable Azure cloud environments that support business critical (they can never go down) applications. With over 20 years of industry experience and real-world best practices, Atmosera is a trusted and secure (HIPAA/HITECH, HITRUST, PCI DSS V.3, IRS 1075, and SSAE 16) global cloud partner to SaaS providers, financial institutions, healthcare providers, retailers, government agencies, manufacturers, and other industries of commerce. Interested? Visit www.atmosera.com.

  • Checkmarx
    Booth:

    Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive software security platform that unifies with DevOps and provides static and interactive application security testing, SCA and developer AppSec training to reduce and remediate risk from software vulnerabilities. www.checkmarx.com

  • Check Point Security
    Booth:

    Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

  • DHG
    Booth:

    Headquartered in Charlotte, NC, DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 13 states, we combine deep experience with a strong commitment to personal service. We are passionate about helping our clients succeed—and we do so through a resourceful approach to solving problems, providing solutions and helping our clients achieve their goals.

    Dedicated client focus and relationships have been and always will be our touchstone. Here at DHG, you’ll receive personalized service provided by a team of professionals who are eager to share their knowledge and experience with you. We draw on our extensive resources to combine comprehensive assurance, tax and advisory services.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Exabeam
    Booth:

    The Exabeam Security Intelligence Platform provides organizations of all sizes with end-to-end detection, analytics, and response capabilities from a single security management and operations platform. Exabeam SIP includes Exabeam Log Manager, a modern log management system, built on top of ElasticSearch to provide unlimited data ingestion at a predictable, cost effective price. Exabeam SIP detects complex, multi-stage threats using the analytics capabilities of Exabeam Advanced Analytics; the world’s most deployed User and Entity Behavior Analytics (UEBA) solution. Finally, Exabeam SIP improves incident response efficiency with Exabeam Incident Responder, an API based security orchestration and automation solution.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • Gradient Cyber
    Booth:

    We uniquely visualize an organization’s cybersecurity risks, reduce logs and alert noise to actionable insights and establish a cyber health roadmap for immediate value and long term improvements to its security posture.

  • Honeywell
    Booth:

    Honeywell International Inc. is a publicly-traded conglomerate headquartered in Charlotte, North Carolina, United States that produces commercial and consumer products, engineering services and aerospace systems.

  • InfraGard Atlanta
    Booth:

    InfraGard Atlanta Members Alliance (IAMA) is a non-profit organization serving as a public-private partnership among U.S. Businesses, individuals involved in the protection and resilience of the U.S. critical Infrastructure and the Federal Bureau of Investigation.

    InfraGard National Members Alliance (INMA), which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together.

    IAMA is the Atlanta chapter of InfraGard. It is a local association of persons who represent businesses, academic institutions, state and local law enforcement agencies, non-profit organizations and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States.

  • Insight’s Cloud + Data Center
    Booth:

    Insight’s Cloud + Data Center Transformation is a complete IT services and solution provider that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. As a client-focused integrator, we’re free to recommend the most appropriate solutions — across cloud, IT transformation, next-generation technology, and security.

  • ISACA Atlanta
    Booth:

    The aim of the ISACA Atlanta Chapter is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help further promote and elevate the visibility of the IT audit, risk, control and security professions throughout the local area.

    Nearing its 50th year, ISACA is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its half-million engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI Institute, to help advance innovation through technology.

  • (ISC)2 Atlanta
    Booth:

    (ISC)² Atlanta chapter encompasses the Atlanta Metro area. Our chapter program provides members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resource and educational programs to keep our members informed of the latest advances in technology and techniques.

    Our mission is to advance information security in local communities throughout Atlanta, Georgia, by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects. ​

  • ISSA Metro Atlanta Chapter
    Booth:

    The ISSA Metro Atlanta chapter has developed over the years into one of the largest ISSA chapters worldwide and the largest IT Security organization in the Metro Atlanta area. The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • Optiv
    Booth:

    The world’s most trusted and reputable security solutions integrator, Optiv enables its clients to realize stronger, simpler and less costly cyber security programs. The company combines decades of real-world business, security strategy and technical experiences with in-depth security products knowledge to bring order to the cyber security chaos.

  • RedSeal
    Booth:

    At RedSeal, our vision is to become the essential analytics and decision-making platform for building digitally resilient organizations people can trust. We do this by becoming the measure by which every organization can quantify its digital resilience. As thought leaders on resilience, we envision every organization starting the security discussion with the question “What’s our Digital Resilience Score?” Founded in 2004, RedSeal is headquartered in Sunnyvale, California.

  • Synopsys
    Booth:

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TAG
    Booth:

    It’s a new world for tech, and the Technology Association of Georgia (TAG) has emerged as a world-class membership organization and an engine for economic development for the state of Georgia. TAG’s mission is to educate, promote, influence and unite Georgia’s technology community to foster an innovative and connected marketplace that stimulates and enhances Georgia’s tech-based economy.

    TAG TODAY:
    35,000+ Members
    2,000+ Member Companies
    200+ Events per year
    33 Societies

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • ThreatConnect
    Booth:

    Designed by analysts but built for the team, ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. To learn more about our TIP and SOAR solutions, visit www.ThreatConnect.com

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Daniel Shoemaker
    Professor & Sr. Research Scientist, University of Detroit Mercy

    Dan Shoemaker is Professor and Director of the Graduate Program in Cybersecurity at the University of Detroit Mercy. He has written eleven books and hundreds of articles in the field. He has been the Principal Investigator for the National Security Agency Center of Excellence at UDM, as well as the Chair of Workforce Training and Education for the Software Assurance Initiative at the Department of Homeland Security. He was a subject matter expert (SME) for the NIST National Initiative for Cybersecurity Education (NICE) Workforce Framework (NICE v1.0 and v2.0) and also the ACM/IEEE CSEC2017 Standard.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a boutique international cybersecurity and data privacy law firm, and certified Women-Owned. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations, the GDPR, and the CCPA. Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Dominique West
    Sr. Cloud Security Consultant, EY, Instructor, Georgia Institute of Technology

    Dominique West is a senior consultant for Ernst & Young based in Atlanta, GA. She has eight years of experience in Information Technology, five of which are in cybersecurity with her experience spanning over risk assessments, vulnerability assessments, incident and response, and cloud transformation & security across the commercial industries. A Certified Information Systems Security Professional (CISSP), Dominique holds a variety of technical certifications as well as a Master’s Degree in Cybersecurity from the University of Dallas. Dominique is also the chapter lead for various women-focused non-profit and volunteer organizations, notably The Women’s Society of Cyberjutsu and Women in Security, as well as the creator of SecurityinColor.com, a cybersecurity platform that provides weekly industry news and professional guidance to those aiming to begin navigate a career in cybersecurity.

  • speaker photo
    Matt Donato
    Co-Founder & Managing Partner, HuntSource

    Matt Donato is a Co-Founder & Managing Partner of HuntSource- the preeminent Executive Search and Talent Solutions firm with a niche focus in Cyber Security & Data Intelligence. Matt possesses fifteen years of experience in executive recruiting, talent solutions, workforce planning, and talent management. He is a thought leader and recruiting industry expert with in-depth knowledge of working with small to large size organizations across all industries. Over the years his experience has included leading a variety of strategic and tactical functions, organizational training, and talent mapping. Donato continues to help elevate companies by identifying key talent and fostering relationships within the Cybersecurity and Technology industry. Matt received his BS in Economics from Roanoke College and his Executive MBA from Wake Forest School of Business.

  • speaker photo
    Melvin Crum
    Chief Informatics Officer, Centers for Disease Control & Prevention
  • speaker photo
    Keyaan Williams
    Founder and Managing Director, CLASS, LLC
  • speaker photo
    John Grim
    Head | Research, Development, Innovation, Verizon Threat Research Advisory Center

    John has over 17 years of experience investigating, and leading teams investigating, data breaches and cybersecurity incidents within the government and civilian security sectors. Currently, John heads the Verizon Threat Research Advisory Center (VTRAC) research, development, and innovation effort. In this role, he focuses on researching cybersecurity incidents, performing digital forensic examinations, advising on data breach containment and eradication efforts, and creating data breach response preparedness training and breach simulation exercises for customers worldwide. Prior to joining Verizon, John served 12 years with the U.S. Army investigating security-related incidents with eight years specifically focused on network intrusion investigations and forensic examinations.

  • speaker photo
    Dr. John Opala
    VP, IT Security, McCormick

    Cybersecurity thought leader with over 19 years of technical and leadership experience in multiple disciplines.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a boutique international cybersecurity and data privacy law firm, and certified Women-Owned. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations, the GDPR, and the CCPA. Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Tamika Bass
    CISO, Georgia Department of Revenue

    Tamika Bass is an Information Security professional with extensive experience in information security. Her expertise includes assessing and mitigating risk, analyzing impacts, business continuity and disaster recovery planning. Tamika focuses on building cohesive relationships with all levels of staff, management, and suppliers.

  • speaker photo
    Damien Suggs
    Sr. Application Security Architect , Metro Atlanta Chapter of ISSA

    Mr. Suggs is a leader in the IT Security area and is the current president of the Metro-Atlanta ISSA chapter. He served as president for seven years; however, during his eleven-year relationship with the Metro-Atlanta ISSA chapter he assisted the chapter grow in roles such as Director of Membership, Director of Training, Conference Chair and Chapter Secretary. Mr. Suggs holds twenty IT security certifications including the CISSP, SANS GPEN, MSCE, CCNA, CCNA, and CCNE.

  • speaker photo
    Alexandra Panaretos
    Americas Lead for Secure Culture Activation , Ernst & Young LLP

    Alexandra Panaretos, CSAP is the Americas Cyber Practice Lead for Security Awareness and Training for Ernst & Young LLP. She specializes in information security awareness and education, personal and physical security, and the psychology of social engineering. Alex has experience developing and implementing security awareness and education strategies in government, military family services, and global companies. She is Operations Security Program Manager certified by the Joint Information Operations Warfare Center and the U.S. Army. Her primary focus in awareness program design is the individual, which she showcases in materials that are relevant for multiple generational, cultural, and learning styles in an enterprise.

  • speaker photo
    Edward Ettorre
    Operational Risk Consultant, Wells Fargo

    Ed is an Operational Risk Consultant working within the Technology Information Security group. He has been with Toastmasters International (TMI) since 1997 and has multiple certifications from TMI. Ed is a resourceful, creative, and solution-oriented person who was frequently able to come up with new and innovative approaches to his assigned projects. On the interpersonal side, Ed has superior written, verbal, communication, motivation, supervisory, management, and unique technical skills.

  • speaker photo
    Daniel Shoemaker
    Professor & Sr. Research Scientist, University of Detroit Mercy

    Dan Shoemaker is Professor and Director of the Graduate Program in Cybersecurity at the University of Detroit Mercy. He has written eleven books and hundreds of articles in the field. He has been the Principal Investigator for the National Security Agency Center of Excellence at UDM, as well as the Chair of Workforce Training and Education for the Software Assurance Initiative at the Department of Homeland Security. He was a subject matter expert (SME) for the NIST National Initiative for Cybersecurity Education (NICE) Workforce Framework (NICE v1.0 and v2.0) and also the ACM/IEEE CSEC2017 Standard.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a boutique international cybersecurity and data privacy law firm, and certified Women-Owned. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations, the GDPR, and the CCPA. Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Dominique West
    Sr. Cloud Security Consultant, EY, Instructor, Georgia Institute of Technology

    Dominique West is a senior consultant for Ernst & Young based in Atlanta, GA. She has eight years of experience in Information Technology, five of which are in cybersecurity with her experience spanning over risk assessments, vulnerability assessments, incident and response, and cloud transformation & security across the commercial industries. A Certified Information Systems Security Professional (CISSP), Dominique holds a variety of technical certifications as well as a Master’s Degree in Cybersecurity from the University of Dallas. Dominique is also the chapter lead for various women-focused non-profit and volunteer organizations, notably The Women’s Society of Cyberjutsu and Women in Security, as well as the creator of SecurityinColor.com, a cybersecurity platform that provides weekly industry news and professional guidance to those aiming to begin navigate a career in cybersecurity.

  • speaker photo
    Daniel Shoemaker
    Professor & Sr. Research Scientist, University of Detroit Mercy

    Dan Shoemaker is Professor and Director of the Graduate Program in Cybersecurity at the University of Detroit Mercy. He has written eleven books and hundreds of articles in the field. He has been the Principal Investigator for the National Security Agency Center of Excellence at UDM, as well as the Chair of Workforce Training and Education for the Software Assurance Initiative at the Department of Homeland Security. He was a subject matter expert (SME) for the NIST National Initiative for Cybersecurity Education (NICE) Workforce Framework (NICE v1.0 and v2.0) and also the ACM/IEEE CSEC2017 Standard.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a boutique international cybersecurity and data privacy law firm, and certified Women-Owned. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations, the GDPR, and the CCPA. Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Dominique West
    Sr. Cloud Security Consultant, EY, Instructor, Georgia Institute of Technology

    Dominique West is a senior consultant for Ernst & Young based in Atlanta, GA. She has eight years of experience in Information Technology, five of which are in cybersecurity with her experience spanning over risk assessments, vulnerability assessments, incident and response, and cloud transformation & security across the commercial industries. A Certified Information Systems Security Professional (CISSP), Dominique holds a variety of technical certifications as well as a Master’s Degree in Cybersecurity from the University of Dallas. Dominique is also the chapter lead for various women-focused non-profit and volunteer organizations, notably The Women’s Society of Cyberjutsu and Women in Security, as well as the creator of SecurityinColor.com, a cybersecurity platform that provides weekly industry news and professional guidance to those aiming to begin navigate a career in cybersecurity.

  • speaker photo
    Michael Anaya
    Supervisory Special Agent / Cyber (Prior), FBI

    Michael F. D. Anaya is the Head of Global Cyber Investigations for DEVCON. Before DEVCON, he spent approximately 14 years with the FBI. He began his career as a Special Agent in the FBI’s Los Angeles field office, addressing complex cyber matters–he led numerous investigations including one that resulted in the first federal conviction of a US person for the use of a P2P botnet. He then was named a Supervisory Special Agent for the Leadership Development Program, where he brought together disparate divisions of the FBI. Michael went on to lead a cyber squad in the FBI’s Atlanta field office. He helped the program achieve a top-five ranking amongst the 56 FBI field offices.

  • speaker photo
    Edward Marchewka
    Director, Information and Technology Services, Gift of Hope Organ and Tissue Donor Network

    Edward Marchewka is the Director of Information Technology for Gift of Hope Organ & Tissue Donor Network. He is also the creator of CHICAGO Metrics™, a platform to help manage your company's key IT and Information Security risks. Edward has completed, from Northern Illinois University, an MBA and an MS in Mathematics and, from Thomas Edison State College, a BS in Nuclear Engineering Technologies and a BA in Liberal Studies. He also holds a Certificates in Nonprofit Management and Leadership from the Kellogg School of Management at Northwestern University.

  • speaker photo
    Joshua Sorenson
    Sr. Director,Global Security, Equifax

    Joshua is a Global Information Security Leader with 14 years of professional experience. Joshua currently serves as Equifax's Senior Director of Global Mainframe Security where he has responsibility for transforming zSeries platform security around the world. Prior to joining Equifax, Joshua served in security leadership roles, leading transformation initiatives, since 2013 at Delta Air Lines. Prior to joining Delta, Joshua's experiences included roles in IT Audit, Software Development, Database Administration, and Finance at The Coca-Cola Company, Deere & Company (John Deere), & Kimberly-Clark.

  • speaker photo
    Mark Gelhardt
    CIO, Georgia State Defense Force, Former CIO, The White House

    Colonel Gelhardt, at the pinnacle of his military career was selection to work at The White House as the CIO, supporting President Clinton, the VP, the White House Staff, and the U.S. Secret Service managing all the classified automation and telecommunications. Colonel Gelhardt is a combat veteran. Colonel Gelhardt is a well-known speaker and the author of “My time at the Clinton White House”. Since retiring from active service, Colonel Gelhardt has volunteer with many different service organizations. Currently he is the Chief Information Officer for the Georgia State Defense Force and all volunteer force keeping your state safe.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!