Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, August 20, 2019
    9:00 am
    [SecureWorld PLUS] Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
  • Wednesday, August 21, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:30 am
    IoT Defense: A Holistic Approach
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Reviewing the current state of IoT devices, their cloud endpoints and the connection between them to understand the threat landscape and where our focus needs to be in the years ahead.

    8:30 am
    Data Laundering, Exploitation, and Extortion: Time for Ethical AI
    • session level icon
    speaker photo
    Founder & Managing Director, AgeLight Digital Trust Advisory Group
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    We are facing seismic change with the convergence of big data and AI. The oceans of information and computing power is providing endless opportunities while challenging the concept of digital dignity. Rather than look at regulatory frameworks, industry needs to be proactive and look at the ethical issues and their long-term impact to society. This session will review ethical frameworks including the need to respect human autonomy, prevent asymmetries of power and ability to undo unintended harm and address unintended biases. These technologies show great promise, but only if they are applied and used within societal values and norms and developed with an “ethical purpose.” They need to be grounded in and reflective of the ethical principles of beneficence (do good) and non-maleficence (do no harm).

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: Business Email Compromise: Real World Stories and Practical Defense
    • session level icon
    speaker photo
    Cyber-Enabled Financial Fraud Investigator, U.S. Secret Service / Firebird AST
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    Business Email Compromise is a scourge and a severe threat to our national and global economy. With $13.5 billion in losses from 2013, BEC is an exponentially growing threat. The presentation will cover the evolution of BEC, major players, and how to protect your business from this cyber-enabled financial fraud scheme.
    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm

    This session is for Advisory Council members only.

    11:15 am
    Data Protection in the Public Cloud: A Look at the Good, the Bad, and the Ugly
    • session level icon
    speaker photo
    SANS Instructor, The SANS Institute
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Customers want to ensure that they can entrust their sensitive data to public cloud providers. This often leads to discussions with the cloud provider on various aspects of data protection, such as retention, encryption, and key management. If encryption is not implemented properly it will not provide the security assurance customers expect, resulting in misplaced trust. This talk will look at encryption at rest in various layers of the application stack with a focus on the risks each type of encryption mitigates. We will also look at various cloud-related key management schemes, including “bring your own key” (BYOK) and cloud-based Key Management Systems (KMS). Lastly, we will cover potential problems with customer data-retention that should be explored with the cloud service provider.
    11:15 am
    CISO Ventures Panel: Are Cybersecurity Startups Meeting Expectations of Buyers Taking a Risk on Them?
    • session level icon
    speaker photo
    Founder & Managing Director, Whiteboard Venture Partners
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    A panel of CISOs will share their expectations of cybersecurity startups. This will include how they use solutions from startups to meet existing and emerging cybersecurity challenges.

     

    11:15 am
    How to Up-Level Your Skills to Enhance Your Career
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Up-Level Your Hard and Soft Skills to Turbo-Charge Your Career

    11:15 am
    GDPR Compliance 101
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    This presentation outlines the requirements of the EU General Data Protection Regulation and highlights key compliance challenges.

    12:00 pm
    Advisory Council LUNCH Round Table - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm

    This session is for Advisory Council members only.

    12:15 pm
    LUNCH KEYNOTE: The Top Cyber Threats for 2019 and How to Work with the FBI After a Data Breach
    • session level icon
    speaker photo
    Supervisory Special Agent, Squad CY-1, National Cyber Center, FBI San Francisco
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    This presentation will provide the FBI’s perspective on the top cyber threats for 2019, discuss data breach prevention guidelines, and describe what it will look like to work with the FBI after a security breach has occurred at your company.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    1:15 pm
    Panel: The Shifting Landscape of Attack Vectors
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    If one thing holds true in cybersecurity it is the fact that our adversaries are pretty smart. They are. To be fair, they only have to be right once in a while. These cyber thugs are constantly shifting their attack vectors to better infiltrate our networks. There are so many endpoints to cover that the “bad guys” can try something new all the time. They have also discovered that we do not have great cyber hygiene when it comes to training our workforce. End users continue to be the “weakest link” within an organization as we’ve learned from all the ransomware attacks and business email compromises of late. This panel will talk about the shift in attack vectors and make some predictions about what to watch out for in the not too distant future.

    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    Crisis Management: Practical Tips for Preparing, Responding, and Limiting Reputational and Financial Risks Associated with Data Breaches
    • session level icon
    speaker photo
    Managing Partner, Los Angeles Office, Hunton Andrews Kurth LLP
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    A crisis can happen at any moment, potentially interrupting an organization’s business operations, threatening public safety, or leading to reputational and financial loss. Marriott International recently experienced a data breach that affected almost 500 million guests who had made a reservation at a Starwood property, and Yahoo suffered two record-setting breaches affecting as many as 3 billion user account worldwide.

    With practical tips from litigation counsel of what has been reported as the largest breach in history, this program will focus on how to manage the business and reputational fallout after a data breach, including practical remediation and risk management tips.

    3:00 pm
    Security Awareness: How to Truly Create a Complex but Memorable Password
    • session level icon
    speaker photo
    Head of Security, Mojio
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    In this session, we will discuss how to create complex passwords without using password managers or tokens. Steven will also cover how to grab and keep employee attention during security awareness training.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
Exhibitors
  • BizzSecure
    Booth: 111

    BizzSecure provides peace of mind to our clients by working with their InfoSec teams to deploy and maintain a state-of-the-art security infrastructure. We do this with the EAID solution which includes a platform of tools and a team of experts. The EAID platform performs an automated, detailed assessment based on compliance and business needs. The EAID team of experts helps interpret the assessment results and the associated gaps, vulnerabilities and risks. The EAID team then helps prioritize and plan the remediation efforts. Finally best-practices are put in place to maintain the infrastructure. The EAID platform also provides a dashboard of reports ensuring clear visibility into all assessments, remediation efforts and vulnerabilities.

  • Brainbabe
    Booth:

    Brainbabe, a 501(c)3 non-profit, is addressing the lack of inclusion and diversity in the cybersecurity community and the need for soft skills development through strategic partnerships and events that engage and empower. See our website at brainbabe.org for more information.

  • CISO Ventures
    Booth:

    Whiteboard Venture Partners is building this exclusive community to help cybersecurity startups engage/collaborate with security innovation stakeholders.

  • Cobalt.io
    Booth: 409

    At Cobalt, we use a combination of data, technology and talent to meet the security challenges of the modern web or mobile application, and ensure we provide the smartest, most efficient services possible. From Cobalt Central, our powerful vulnerability dashboard, to Cobalt Insights, which gives you an intelligent overview of your application security program, we are driven by great technology.

  • Code42
    Booth: 305

    Code42 is the leader in information security. We secure more than 50,000 organizations worldwide, including the most recognized brands in business and education. Because Code42 can secure every version of every file, we offer security, legal and IT teams total visibility and recovery of data–wherever it lives and moves.

  • Comodo Cybersecurity
    Booth: 101

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • CSO Council
    Booth:

    The CSO Council is a non-profit corporation that supports a community of CSOs enabling the members to leverage experience and expertise of each other for the more effective and timely protection of their organization’s critical information assets. The CSO Council organizes conferences, panel discussions, webinars and special events to facilitate communications among its members and the information security community.

  • BlackBerry Cylance
    Booth: 104

    BlackBerry Cylance develops artificial intelligence to deliver prevention-first, predictive security products and smart, simple, secure solutions that change how organizations approach endpoint security. BlackBerry Cylance provides full spectrum predictive threat prevention and visibility across the enterprise to combat the most notorious and advanced cybersecurity attacks. With AI-based malware prevention, threat hunting, automated detection and response, and expert security services, BlackBerry Cylance protects the endpoint without increasing staff workload or costs. We call it the Science of Safe. Learn more at www.cylance.com.

  • Darktrace
    Booth: 500

    Darktrace is the world’s leading AI company for cyber defense. With over 7,000 deployments worldwide, the Enterprise Immune System is relied on to detect and fight back against cyber-attacks in real time. The self-learning AI takes one hour to install, works across the cloud, SaaS, corporate networks, IoT and industrial systems, and protects against the full range of cyber-threats and vulnerabilities, from insider threats and ransomware, to stealthy and silent attackers. Darktrace has 800 employees and 40 offices worldwide, with headquarters in San Francisco, and Cambridge, UK.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • HackerOne
    Booth: 409

    HackerOne is the #1 hacker-powered security platform. More than 1,400 organizations, including the U.S. Department of Defense, General Motors, Google Play, Twitter, GitHub, Nintendo, Panasonic Avionics, Qualcomm, Starbucks, and Dropbox, trust HackerOne to find critical software vulnerabilities.

  • (ISC)2 Silicon Valley
    Booth:
  • InfraGard San Francisco Bay Area Member Alliance
    Booth:
  • ISSA San Francisco Bay Area
    Booth:

    Whether you are exploring a career in cybersecurity, honing your technical expertise or an established security executive, the ISSA offers you a network of 10,000 colleagues worldwide to support you in managing technology risk and protecting critical information and infrastructure. Enhance your professional stature, expand your peer network and achieve your personal career goals. Your local chapter and ISSA International will provide you with a wealth of resources to keep you current with industry trends and developments in our ever-evolving field.

  • ISSA Silicon Valley
    Booth:

    The Information Systems Security Association (ISSA) is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.

    Our chapter is comprised of over 250 Silicon Valley Information Security Staff, Consultants, Managers, Executives, and other business professionals. Our members come from Small Businesses and Fortune 100 companies. Our demographics are diverse, yet we share the common thread that we understand the criticality of Information Security as an enabler of today’s key business objectives and the improvements that will come tomorrow.

  • ISACA Silicon Valley Chapter
    Booth:

    ISACA-SV is proud to serve our Bay Area constituents. Our mission is to serve those involved with various aspects of information security, assurance, risk management, privacy, audit, and similar topics associated with IT control and governance related activities.

    The Silicon Valley Chapter of ISACA® was started in 1982, and has grown to over 800 members. Our members reside throughout the Bay Area centering in the Silicon Valley. We are a very active chapter, and have won multiple awards over the years, including two worldwide awards.

  • Jazz Networks
    Booth: 107

    Jazz Networks is a cyber analytics platform that simplifies insider threat detection and breach prevention. It works by collecting rich metadata before it’s encrypted from endpoints and servers, with machine learning analyzing to identify behavioral pattern changes. Alarms are raised for events that require attention and response time is swift with native platform actions.

  • Juniper
    Booth: 201

    Our customers don’t set out to build networks. They build on ideas that reinvent, reimagine, and improve the world around them. It makes sense that we should begin there, too.

    Through our passion for creating high-performing networks, Juniper extends knowledge, collaboration, and human advancement in industries around the world—such as energy, healthcare, education, and many others.

    While our innovative product and services portfolio evolves continuously, we need to reach farther to secure our customers’ long-term success. We’re looking beyond the horizons of today’s business challenges, and the technology future we see is built on real-time service integration. That means everything we develop must align with our vision.

  • Kenna
    Booth: 208

    Kenna was built on the premise that cyber risk must be managed as an enterprise-wide effort. We believe cyber risk can only be effectively mitigated when the whole organization works as one, focused in the same direction and on the right target.

  • Malwarebytes
    Booth: 102

    Malwarebytes provides anti-malware and anti-exploit software designed to protect users against zero-day threats that consistently escape detection by traditional endpoint security solutions. Malwarebytes Anti-Malware earned an “Outstanding” rating by CNET editors, is a PCMag.com Editor’s Choice, and was the only security software to earn a perfect malware remediation score from AV-TEST.org. That’s why large Enterprise businesses worldwide, including Disney, Dole, and Samsung, trust Malwarebytes to protect their mission-critical data. For more information visit www.malwarebytes.com/business

  • Meta Networks
    Booth: 301

    The way we work has changed dramatically in the last decade. We’re no longer sitting in an office every day, working with applications in the local data center. It’s not just that the perimeter is dissolving – security paradigms designed around the idea that users on the LAN can be trusted is dangerous.We believe it’s time to update the way we approach network access and security. It’s now possible to leverage the cloud and the internet to build a global, zero-trust private network that is agile and scalable enough for the way we do business today. With the Meta Network-as-a-Service (NaaS), you can rapidly connect user devices to applications in the data center and the cloud and secure them with a software-defined perimeter. Meta NaaS is user-centric rather than site-centric, making it the ideal solution for the network security challenges that businesses face today – from providing user-friendly remote access, to connecting cloud infrastructure, and reducing management costs.Meta Networks was founded in 2016 by a leading team of cloud, networking and security experts from companies including Stratoscale, Intel, Check Point, Oracle, Cisco, Harman, Incapsula, Ericsson, 3M and Elbit. The company is funded by the BRM Group and Vertex Ventures.

  • Mimecast
    Booth: 203

    Mimecast Is Making Email Safer For Business.

    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • OWASP Bay Area
    Booth:

    The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

  • RedSeal
    Booth: 204

    At RedSeal, our vision is to become the essential analytics and decision-making platform for building digitally resilient organizations people can trust. We do this by becoming the measure by which every organization can quantify its digital resilience. As thought leaders on resilience, we envision every organization starting the security discussion with the question “What’s our Digital Resilience Score?” Founded in 2004, RedSeal is headquartered in Sunnyvale, California.

  • SailPoint
    Booth: 105

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Security Innovation
    Booth: 407

    For almost two decades, global clients have trusted Security Innovation to help them learn how to defend software applications and sensitive data from cyber-threats and attacks. We understand the challenges facing today’s enterprise, where reputation and customer trust is on the front lines. That’s why we continually work to discover and overcome the latest security threats with our Centers of Excellence, and integrate this knowledge into every training and assessment solution we deliver.

  • Sonatype
    Booth: 202

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • TACACS
    Booth: 401

    TACACS+ is an Authentication, Authorization, and Accounting (AAA) protocol originally developed for the U.S. Department of Defense for authentication to network devices such as routers, switches, and firewalls. Unlike RADIUS, it separates the Authentication and Authorization functionalities, which makes it more flexible for administrative access. The current version of the protocol standard was developed by Cisco Systems.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tevora
    Booth: 103

    Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats. For more information visit https://www.tevora.com.com/.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Craig Spiezle
    Founder & Managing Director, AgeLight Digital Trust Advisory Group

    Craig Spiezle is the founder and managing partner of AgeLight Advisory Group, a professional services firm focused on online and digital services. Craig is a recognized authority on trust and the convergence of privacy and security promoting ethical privacy practices, end-to-end security and the importance on moving from a compliance mindset to stewardship. Craig is the Charmain emeritus of the Online Trust Alliance, an initiative of the Internet Society. He frequently briefs international policy makers driving awareness of best practices by both the public and private sectors and importance of internet governance. Craig has championed security best practices to help protect consumers while promoting innovation and the role of meaningful self-regulation. Prior to OTA, Craig spent over a decade at Microsoft focused on security and privacy enhancing technologies and standards. Craig chairs the Online Trust & Integrity Council and is on the board of the Identity Theft Council, editorial board of SC Magazine and a member of InfraGard, the IAPP and the APWG.

  • speaker photo
    Stephen Dougherty
    Cyber-Enabled Financial Fraud Investigator, U.S. Secret Service / Firebird AST

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Kenneth Hartman
    SANS Instructor, The SANS Institute

    Kenneth G. Hartman is a security engineering leader in Silicon Valley. Ken's motto is "I help my clients earn and maintain the trust of their customers." Ken is an Instructor for the SEC545 Cloud Security Operations course offered by the SANS Institute. Ken has worked for a variety of Cloud Service Providers in Security Architecture, Engineering, Compliance, and Security Product Management roles. From 2002-2011, Ken helped launch and lead a company called Visonex into a profitable, nation-wide dialysis-specific electronic medical record using a software-as-a-service (SaaS) business model. Ken holds a BS Electrical Engineering from Michigan Technological University and a Masters Degree in Information Security Engineering from SANS Technology Institute. Ken has earned the CISSP, as well as multiple GIAC security certifications, including the GIAC Security Expert.

  • speaker photo
    Moderator: Abhijit Solanki
    Founder & Managing Director, Whiteboard Venture Partners

    Abhijit Solanki is the founder of Whiteboard Venture Partners, an early stage venture capital firm helping entrepreneurs achieve their whiteboard dreams.

  • speaker photo
    Elvis M. Chan
    Supervisory Special Agent, Squad CY-1, National Cyber Center, FBI San Francisco

    Elvis Chan is a Supervisory Special Agent (SSA) assigned to FBI San Francisco. SSA Chan manages a squad responsible for investigating national security cyber matters. With 14 years in the Bureau, he is a decorated agent who is recognized within the Intelligence Community as a cyberterrorism expert. SSA Chan was the lead agent on significant cyber investigations and managed joint counterterrorism operations with domestic and foreign law enforcement agencies. Prior to joining the Bureau, SSA Chan was a process development engineer in the semiconductor industry for 12 years. He holds two U.S. patents, presents at many technical and law enforcement symposiums, and published multiple articles in technical journals.

  • speaker photo
    Ann Marie Mortimer
    Managing Partner, Los Angeles Office, Hunton Andrews Kurth LLP

    Mortimer is the managing partner of Hunton Andrews Kurth LLP’s Los Angeles office and co-head of the firm’s commercial litigation practice. Her practice is cross-disciplinary and includes significant business and class action consumer claims litigation experience and crisis management in relation to data breach, consumer related labeling claims, and multi-party risk situations. Mortimer earned her J.D. from UC Berkeley, Boalt Hall School of Law, her M.Sc. from the London School of Economics and her A.B. from Smith College.

  • speaker photo
    Steven Lentz
    Head of Security, Mojio

    Steven is the Head of Security, CISSP, CIPP/US. He has presented for SC Magazine and in Las Vegas regarding Cybersecuirty and Security Awareness.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Don't miss out!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!