Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, March 14, 2018
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    Location / Room: 109
    8:00 am
    SecureWorld PLUS Part 1 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 107

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    8:00 am
    SecureWorld PLUS Part 1 - Winning the Risk/Security Revolution: A Bootcamp
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    speaker photo
    CIO, Boston Red Sox
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 108

    80%+ of all human existence is now impacted by digital activity. ~100% of all digital activity operates on dated technology platforms NOT designed to be secure. 60%+ of in-place senior executives espouse strongly held [bordering on toxic] misconceptions of risk and security fundamentals. We will dive into strategy development and communication throughout the organization. This workshop is geared toward those who want to be considered a respected source of influence in the industry. Futurist Thornton May and a faculty of local experts will facilitate a highly interactive workshop showcasing the stories, strategies, frameworks, and best practices of leaders who are winning the Risk/Security Revolution.

    8:00 am
    SecureWorld PLUS Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 105

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:30 am
    What Really Works With Cyber Tabletop Exercises
    • session level icon
    speaker photo
    Sr. Principal, Security Risk Management, Verizon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 102

    A good Cyber Tabletop Program can consist of seminars/workshops, tabletop exercises, drills, multi-team functional exercises, a cyber range, and training. Come to this presentation to learn what really works from 12 years of experience designing and running cyber exercises. Bring your questions and your experiences to share with the audience too.

    8:30 am
    Security Breach Notification and Enforcement: A Challenging Landscape Becomes Even More Challenging
    • session level icon
    speaker photo
    Partner, Park Legal LLC
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 111

    As of May 25, 2018, as part of the EU General Data Protection Regulation (GDPR), all EU member states will require breach notification to the relevant supervisory authority (or authorities) within 72 hours. At the same time, the US breach notification laws are being updated to require notification in additional situations, and many new countries around the world are adopting notification laws. Given the short time frames for notification, the varying requirements for notifying individuals as well as a whole host of regulators, the likelihood of adverse media attention, and the potential for lawsuits, well-meaning organizations sometimes create additional risks for themselves when a breach occurs, based upon their lack of preparation, knowledge and training in this area. This presentation will discuss the GDPR breach notification requirements including the expectations of the European Commission and member states, as well as the growing assortment of other notification obligations across the US and world, and will include tips and recommendations for minimizing your organization’s risk.

    8:30 am
    Vendor Risk Management – Understanding and Managing 3rd Party Cyber Risk
    • session level icon
    speaker photo
    CISO, Lahey Health
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 104

    Now more than ever an effective Vendor Risk Management (VRM) Program should be a pillar of any Enterprise Risk Management strategy. The Cybersecurity risks that are inherent to your organization multiply exponentially whenever you introduce external vendors. In this session learn how to effectively audit, measure and continuously monitor your 3rd parties.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    Opening Keynote: Risk & Security’s Bright Future: Mapping the Road Ahead
    • session level icon
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    There has never been a better time to be a risk/security professional. Disruptive technologies fundamentally expand the “Art of the Possible;” reshape the solution provider ecosystem [with a new hierarchy of winners & losers]; and discombobulate expectations of how and by whom risk and security should be managed/led.

    In an entertaining and highly interactive session, Thornton May will share with attendees how leading Risk/Security Cartographers chart the future. Like the movers and shakers of the Renaissance, we stand on the shores of a new world –a Mundus Novus as Americo Vespucci labeled it in 1502.

    10:15 am
    ISACA Chapter Meeting Presenting: Adding Technical Cyber Skills To Your Governance and Audit Teams
    • session level icon
    Open to All Attendees
    speaker photo
    Strategic Account Executive, ISACA
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: 101

    Interested in your local associations? Join ISACA for a social meet & greet and chapter news.

    Chris DeMale, CFA, Executive with ISACA International, will be making a special visit to Ireland for a presentation on the latest technology and thought leadership regarding the CMMI Institute, COBIT 5, and Cybersecurity Platforms. Chris will be demonstrating the CMMI Cybermaturity Platform, offering us an exclusive, pre-release look at a cloud-based tool developed in conjunction with the input of hundreds of top cyber and audit teams around the globe. The tool provides over 3100 objectively-developed practice areas, which can be customized to the needs of your enterprise, and evaluates on a continuous basis compliance with the stated objectives to produce board-ready reports.

    Next Chris will discuss COBIT 5 and our strategies for successful implementation and evaluation from examples around the globe. Finally Chris will provide a demonstration of the CSX Cybersecurity Nexus Platform, a hands-on, cloud-based, performance-based, beginner-to-expert level tool for providing skills and assessment to your audit and cyber teams.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable: (VIP / Invite Only)
    • session level icon
    Topic: Healthcare - Managing Security Risks Associated With Expansion of Cloud-Based Services and Interoperability
    speaker photo
    Founder & Managing Partner, SolutionLab, LLC
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 109
    11:15 am
    baramundi: Innovative Endpoint Management - A Holistic Approach to Vulnerability Management, Patching, OS-Upgrades and Software Distribution
    • session level icon
    speaker photo
    Executive Manager, baramundi software USA, Inc.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 111
    Windows Fall Anniversary Update, Office 365 Migration, Vulnerability and Patch Management: Are any of these 3 topics causing your blood pressure to rise?
    This session will show you how you can automate OS-migrations, software deployment projects, and effective security exploit management all from one easy to use Endpoint Management Suite. No university degree or nerd glasses required – buckle up!

     

    11:15 am
    Mimecast: Top 10 Ways to Improve Your Email Security
    • session level icon
    speaker photo
    Senior Product Marketing Manager, Mimecast
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 110

    It is no secret that email-borne attacks by all types of malicious actors continue to be the preferred method to get in, around, and get data out of organizations. While there is no one technology or security control that can be applied to close this security gap, there are many things – at least 10! – that organizations can do to dramatically lower the risk of an email enabled data breach or security incident. In this session, I will go through what I consider to be the top 10 controls organizations can apply, while providing examples of how these controls work to stop certain types of email-borne attacks.

    11:15 am
    Radware: Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 104

    Throughout 2017 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    GuidePoint: The Path to Strategic Application Security
    • session level icon
    speaker photo
    Vice President Managed Services, GuidePoint Security
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 101

    Application Security is a critical function of any business that develops any of their own software. As we’ve seen in recent reports and studies, attacks against applications are a significant risk and are on the rise. Having a Strategic Application Security program as part of any business’s overall security program is becoming more and more important. We will discuss, how organizations are similar but have different Application Security needs, Application Security trends, Strategic Application Security and what it entails, and Application Security challenges we face. Attendees will leave with an understanding of Strategic Application Security and the steps an organization can take to begin to strategize and implement an Application Security program of their own.

    11:15 am
    View From the Top: The Board’s Role in Cybersecurity Oversight
    • session level icon
    speaker photo
    Director, E*Trade Financial
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    In recent board surveys, cybersecurity has been identified as one of the top concerns for corporate directors. From the vantage point of a public company director and risk committee chair, this presentation will discuss the role of the board in cybersecurity oversight, including:

    Board expectations and industry standards
    Integration with enterprise risk management
    Quantification of cyber risk
    Board-level cyber risk reporting and decision-making

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Topic: Threat and Vulnerability Management in a Real-Time World
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 109
    12:15 pm
    LUNCH KEYNOTE: Arbor Networks: Advanced DDoS – Complex, Targeted, Effective
    • session level icon
    speaker photo
    Vice President, ASERT and Global Pre-Sales, Arbor Networks
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: What Will They Think of Next (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    It would seem the more we “build a better mousetrap” the better the threats become. Will machine learning and AI be used against us in the future? Will these and other innovations be hacked and used for gain? Will the Crime as a Business platform take off where business competitors are utilizing these attacks for the upper hand? Perhaps the cars that are being hacked will evolve into driverless vehicles that are hacking companies from inside there own parking lots. What about drones?

    So many questions, let’s see what our experts say on this panel.


      • Panelists
        • Ron Winward, Radware
        • Tony Todice, Qualys
        • Azi Cohen, WhiteSource Software
        • Frank Murphy, TBG Security
        • Mark Ostrowski, Zensar
        • Paul Schofield, Ensilo

      Moderator: Larry Wilson

    1:15 pm
    Panel: Phishing and Social Engineering Scams 2.0
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 103

    Phishing continues to be the #1 attack vector for the bad guys. Why? Simply put: it works. These attacks keep getting more realistic and sophisticated. In the future we should expect nothing less. Criminals will do more homework on their potential victims and possible pose as business leads or clients to gain our trust. What sales person doesn’t want email from a potential client who wants a new solution? Or they may just lay in wait until they’ve collected enough information to strike. Will they actually come to your business and drop thumb drives like pen testers do? Use drones to do their dirty work?

    Our experts will discuss the current state of affairs and brainstorm possible new scenarios.

    Panelists
    Kurt Wescoe, Wombat Security
    Jonathan Lange, baramundi
    Matthew Gardiner, Mimecast
    Jeffrey Schwartz, Check Point Security
    Justin Buchanan, Rapid7
    Kevin Murphy, GuidePoint Security
    Kevin O’Brien, GreatHorn
    Moderator: Sandy Bacik

    1:15 pm
    Massachusetts Cyber Education and Talent Ecosystem
    • session level icon
    speaker photo
    Vice President for Economic Development, University of Massachusetts President's Office
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm
    Location / Room: 104

    The University of Massachusetts, the Advanced Cyber Security Center, and industry partners in several technology sectors, has launched the Cyber Security Education Training Consortium. This nationally unique Consortium invites the participation of over 40 cyber security training and degree granting programs in the Commonwealth of Massachusetts to collectively address the high demand for talent in the rapidly growing field of cyber security. The goal of the Consortium is to leverage a network of higher education institutions and local security leaders to ensure we are producing top talent at scale and to make security careers more attractive and accessible in Massachusetts.

    1:15 pm
    Rapid7: Practical Strategies for Taking on the Modern Adversary
    • session level icon
    speaker photo
    Technical Product Manager, Rapid7
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm
    Location / Room: 102

    An attacker’s ability to go from vulnerability to exploit is faster than ever. Is your team ready to respond to an incident quickly and efficiently? In this session, we’ll go over methods and tactics for keeping your security program evolving as fast as your adversaries. From attacker behavior analysis to automation and orchestration, we’ll dive into today’s best practices.

    2:15 pm
    (ISC)2 Chapter Meeting Presenting: U.S. Cybersecurity Heat Map - Supply and Demand for Talent
    • session level icon
    Discover Your Local Associations - Open to All Attendees
    speaker photo
    VP of Cybersecurity & Operations, Signature Consultants
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:15 pm
    Location / Room: 101

    Interested in your local associations? Join (ISC)2 for a social meet & greet and chapter news.
    The 1st step in solving Cybersecurity skills and hiring gaps is understanding where they exist. Join us to learn where the gaps exist and solutions to help you find a new job or hire a skilled Cyber-Pro.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Being Risk Aware in Cloud Adoption
    • session level icon
    speaker photo
    Risk Consultant, Cloud Security Alliance working groups contributor
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 102

    In spite of the benefits to be realized in Cloud, organizations are uneasy about the risks. It is important for organizations to be risk-aware since the impact could easily pass on to the existing /future clients. How can organizations exploit the risk in order to successfully adopt cloud?

    3:00 pm
    Automate Security or Die
    • session level icon
    Survival of the Fittest
    speaker photo
    Deputy CISO, Partners HealthCare
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 104

    Cyber-criminals have industrialized their operations, these highly organized professionals seek to shut your business down mere minutes after exploitation and demand ransoms optimized to your industry and size. Join Esmond Kane as he discusses the necessity to build an agile and adaptive next-generation Security Operations Center to disrupt these ruthless entrepreneurs and to leverage three key emerging technologies: workload optimization, mature threat intelligence and management, and infrastructure integration and orchestration.

    3:00 pm
    Common Crypto Pitfalls
    • session level icon
    Doing crypto right is easier than you might think.
    speaker photo
    PhD Candidate / Research Assistant, Northeastern University
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 110

    Today we use cryptography in almost everywhere. From surfing the web over https, to working remotely over ssh. In modern crypto we have all the building block to develop secure application. However, we see instances of insecure code everywhere. Most of these vulnerabilities are not because of theoretic shortcomings, but due to bad implementation or a flawed protocol design. Cryptography is a delicate art where nuances matter, and failure to comprehend the subtleties of these building blocks leads to critical vulnerabilities. To add insult to injury most of the resources available are either outdated or wrong, and inarguably, using bad crypto more dangerous than not using it. In this talk we look at examples from real world applications and the most common cryptographic pitfalls.

    3:00 pm
    Security & Privacy Considerations for System Decommissioning & Hosting Migration
    • session level icon
    speaker photo
    Founder & Managing Partner, SolutionLab, LLC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 111

    With the continued growth and trust in cloud-based infrastructure and software services, many organizations are looking to retire on-premise solutions or migrate them to the cloud. Scott will present the security and privacy oversight, planning, and monitoring required for any system decommissioning or hosting migration effort involving regulated data with a focus on data retention, system sanitization, cloud migration, continuous monitoring, regulatory compliance and leadership accountability practices.

    3:00 pm
    Panel: Identity and Access Management
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: 103

    Access control, tokens, firewalls and biometrics will play a role into how we manage who is on the network or in our offices. VR may be the way of the future for remote employees. Will we be able to determine who is logging in? Did someone spoof the VR hardware and are now a secret insider threat? Is someone piggybacking on the signal and learning more than they should? Can AI be used against us so that perpetrators can infiltrate the network? Sounds like science fiction but is it?

    Join us as we explore the world of IAM and what form that may take in the not too distant future.

    Panelists:
    Sandor Palfy, LogMeIn
    Jon Greene, Aruba
    Bill Malik, Trend Micro
    Todd Smith, Citrix
    Oleg Kolesnikov, Securonix
    Moderator: Thomas Hart

    3:00 pm
    SecureWorld PLUS Part 2 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: 107

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    3:00 pm
    SecureWorld PLUS Part 2 - Winning the Risk/Security Revolution: A Bootcamp
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    speaker photo
    CIO, Mitchell College
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: 108

    80%+ of all human existence is now impacted by digital activity. ~100% of all digital activity operates on dated technology platforms NOT designed to be secure. 60%+ of in-place senior executives espouse strongly held [bordering on toxic] misconceptions of risk and security fundamentals. We will dive into strategy development and communication throughout the organization. This workshop is geared toward those who want to be considered a respected source of influence in the industry. Futurist Thornton May and a faculty of local experts will facilitate a highly interactive workshop showcasing the stories, strategies, frameworks, and best practices of leaders who are winning the Risk/Security Revolution.

    3:00 pm
    SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: 105

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    4:00 pm
    Happy Hour Reception
    • session level icon
    Join GuidePoint and Partners at Kings Boston for post SecureWorld social hour.
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 7:00 pm
    Location / Room: Kings Dining & Entertainment

    Join GuidePoint and Partners at Kings Boston for a post SecureWorld social hour. Come discuss the days events, network with security peers, and enjoy beverages and hors d’oeuvres compliments of GuidePoint and Partners.

    Location: Kings Dining & Entertainment – 50 Dalton Street, Boston

    Please RSVP

    Compliments of GuidePoint Security, A10 Networks, Anomali, Attivo, CA Technologies, Crowdstrike, CyberArk, Cylance, Demisto, Duo, Exabeam, Fortinet, Gemalto, Gemini Data, Insights, Menlo, Netskope, SailPoint, Splunk, Symantec, Varonis, Zerofox and Zscaler.

    6:00 pm
    Happy Hour Reception
    • session level icon
    Join Brainbabe and your fellow security professionals for beverages and appetizers, and support the desexualization of conferences while bridging the cybersecurity talent gap.
    speaker photo
    Founder and CEO, CyberSN and Brainbabe
    Registration Level:
    • session level iconOpen Sessions
    6:00 pm - 9:00 pm
    Location / Room: Foley & Lardner LLP 111 Huntington Avenue #Suite 2500 Boston, MA 02199

    Join your peers for complimentary hors d’oeuvres, beverages, and conversation following Day 1 of SecureWorld. This is a great opportunity to network with other security professionals from the Boston area, and to discuss how we can create diversity and inclusion in the cybersecurity and tech industries.

    Learn more about Brainbabe and how the STEAM-Conference connection is working to desexualize conferences and trade shows while bridging the cybersecurity talent gap by providing jobs for all genders to STEAM students. Deidre Diamond will discuss how you can get involved and help.

    The cybersecurity profession is comprised of only 11% women, less than 6% of top CEOs are women, and 53% of women leave the cybersecurity industry in under 10 years. Together we can change these statistics.

    Register for this event – Space is limited

  • Thursday, March 15, 2017
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 107

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    8:00 am
    SecureWorld PLUS Part 3 - Winning the Risk/Security Revolution: A Bootcamp
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    speaker photo
    CEO, Cedalion Partners
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 108

    80%+ of all human existence is now impacted by digital activity. ~100% of all digital activity operates on dated technology platforms NOT designed to be secure. 60%+ of in-place senior executives espouse strongly held [bordering on toxic] misconceptions of risk and security fundamentals. We will dive into strategy development and communication throughout the organization. This workshop is geared toward those who want to be considered a respected source of influence in the industry. Futurist Thornton May and a faculty of local experts will facilitate a highly interactive workshop showcasing the stories, strategies, frameworks, and best practices of leaders who are winning the Risk/Security Revolution.

    8:00 am
    SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 105

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:30 am
    Increase Your EQ, Grow Your Career, and Enjoy It!
    • session level icon
    speaker photo
    Founder and CEO, CyberSN and Brainbabe
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 104

    Our Intelligence Quotient (IQ) levels are pre-determined at birth, however, our Emotional Quotient (EQ) is capable of evolving over the course of our entire lives. Studies have shown that it is EQ, more than IQ, that determines success. We will study and discuss the components of EQ and explore some of the ways that we can emphasize and encourage the growth of EQ skills to improve the hiring and retention of cybersecurity professionals. Much like our technical hard skills our soft skills can be learned and must be fostered constantly.

    8:30 am
    How Many Documents Do I Need?!?!?!
    • session level icon
    speaker photo
    Sr. Compliance & Cybersecurity Auditor, CipherTechs, Inc.
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 110

    All regulations and standards require policies, but never tell you what is needed for the enterprise. They do not specify the type of documents needed to meet requirements. Building a document architecture that reaches into the future that will bend and support the business into the future is relatively easy.

    8:30 am
    InfraGard Boston Chapter Meeting and Presentation: IoT Security Trends
    • session level icon
    Open to all Attendees
    speaker photo
    CISO, iRobot Corporation
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Discover your local associations – join InfraGard for their chapter meeting and presentation.

    This presentation will provide an overview of the IoT / smart Home trends. Understanding growing number of connected products in home, what it means for consumers to evaluate risks vs. benefits? At the same time, this presentation also educates security industry on how to promote consumerization and reduce the fear factor. Finally, we will also look at the responsibilities of product companies towards the consumers.

    8:30 am
    Measuring Defense With Offense
    • session level icon
    Understand how to make ATT&CK actionable
    speaker photo
    Cybersecurity Engineer, MITRE
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 102

    Measuring Defense with Offense will outline how to effectively assess an organization or security product via a common framework – specifically the ATT&CK knowledge base and adversary emulation.

    8:30 am
    Vetting Your Vendors
    Understanding the “Chain of Control” of Data, Security Pitfalls in Third-Party Contracts and Service Agreements
    speaker photo
    Managing Partner & Co-Founder, XPAN Law Group, LLC
    Registration Level:
    8:30 am - 9:15 am

    One of the most important considerations in cybersecurity does not involve your own direct network security; it involves your partners and vendors. In the world of cybersecurity, you are only as strong as the weakest link in your vendor chain. The ease, convenience and cost effectiveness of outsourcing certain business functions frequently overshadows the potential pitfalls lurking in using outside third-parties and vendors. This presentation will discuss the steps your organization needs to take to ensure that any partners or vendors with access to your network systems or company data are meeting (at least) a minimum level of security requirements.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: The Evolving Role of CISOs and Their Importance to the Business
    • session level icon
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    What is a CISO and what do they do? As the leader of cyber defense for an organization, the CISO is rapidly becoming indispensable for an organization’s survival. This presentation is based on interviews with senior level IT professionals at 184 companies in seven countries. The goal of the research is to better understand how CISOs work, what their concerns are, and how they are improving their effectiveness in managing risks to the enterprise.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Topic: Hiring and Retaining Cybersecurity Staff - Especially Senior People With Board Level Presentation Skills and Management Ability.
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 109
    11:15 am
    The Gosh Darn Privacy Regulation (GDPR)
    • session level icon
    speaker photo
    CISO & VP, Information Security & Risk Management, Bright Horizons
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 103

    What you don’t know can hurt you. If you process any personal information from the European Union, then you need to worry about the Gosh Darn Privacy Regulation (GDPR). If you think you do not? How sure are you about that?

    11:15 am
    Trials and Tribulations of Identity Access Management
    • session level icon
    Lock it down! Making sure access is granted only to those who need it without losing your mind.
    speaker photo
    Director, EisnerAmper LLP
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 102

    Logical security is a key aspect of securing our environments, however it’s also known as the low hanging fruit of issues companies are facing in 2018. This discussion will focus on outlining the various components of a well secured IAM program and where to start and baby steps to lock down your enterprise. We’ll also discuss various industry tools to help automate these processes.

    11:15 am
    Wombat: State of the Phish™ 2018: – What Your Peers Are Doing to Reduce Successful Phishing Attacks
    • session level icon
    speaker photo
    Chief Architect, Wombat Security Technologies
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 110

    Join Wombat Security Technologies’ Vice President of Marketing, Amy Baker, as she discusses key findings from the 2018 State of the Phish™ Report. In this session you will gain insight into current vulnerabilities, industry-specific phishing metrics, and emerging threats. This collection of data is taken from tens of millions of simulated phishing attacks sent through Wombat’s Security Education Platform over a 12-month period, responses from quarterly survey’s, and an international survey of working adults who were queried about social engineering threats and their cybersecurity behaviors.

    11:15 am
    It’s Not You, Job Searching is Broken!
    • session level icon
    Job seeking and hiring processes are broken, let’s solve this problem; it’s a matter of national security.
    speaker photo
    Founder and CEO, CyberSN and Brainbabe
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 104

    Cybersecurity professionals know that most recruiters do not speak cybersecurity and it causes passive cyber job seekers to pass over job postings, exacerbating the problem! Job postings do not accurately reflect responsibilities or jobs functions. Our community continues to posts the same five descriptions when there are at least 35 different job categories.

    In this workshop Deidre Diamond (CyberSN Founder and CEO) will share tactics and advice for hiring and job searching in cybersecurity. Job seekers will be empowered to self-market, evaluate recruiters, ace interviews, and successfully negotiate salary and hiring managers will receive expert cybersecurity hiring advice.

    11:15 am
    IOvations/Check Point: Cloudy with a Chance of Breach
    • session level icon
    speaker photo
    Strategic Engineering Manager, Check Point Software Technologies, Inc.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 111

    Lessons learned and takeaways from our 250 most recent incident response cases related to migration to the cloud.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 109

    Advisory Council – VIP / INVITE ONLY

    12:15 pm
    LUNCH KEYNOTE: Radware – Targeting the Hidden Attack Surface of Automation
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Every day, we hear about Artificial Intelligence (AI) invading more and more of everything around us. Within Information Security, we cannot get around new algorithms, new machine learning techniques, and a rush to automate everything. However, have these new technologies paradoxically ushered in a completely new world of vulnerabilities?

    Radware explores a fascinating topic of how everything from APIs to people are being attacked in a new hidden attack surface which has uniqueness to cloak and anonymize its designers and has incredible speed and efficiency in its attack types. In fact, this presentation will highlight how each step towards deeper and total connectivity comes with consequences of protecting the very automation which is designed to make our world easy. In this session, you will take away the notion of how everything from humans to bots have weak undersides to automation, and even AI interfaces can be duped into attacks.

    1:15 pm
    Panel: The Future Threatscape - Ransomware and Beyond
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Remember when ransomware just seized up your computer and wanted you to send Bitcoin to unlock it? With the advances in cybercrime, the thieves are not only locking and encrypting your files, but they are also finding your dirty little secrets. You may not pay for the run of the mill files you have backed up, but you might be more inclined to pay even more to make sure no one finds out about you and a certain someone in accounting you are messaging. Or, what about all the credit card numbers you aren’t storing correctly? It would be a shame if your boss knew you were sending out resumes… Will these attacks also be available for purchase on the dark web?

    Join the discussion with our experts and come up with a plan to mitigate this problem.

    Panelists:
    Dave Stuart, Tenable
    Ben McGraw, Digital Guardian
    Jimmy Astle, Carbon Black
    Andrew Cook, Delta Risk
    Jon Belanger, Fidelis
    Dan Colwell, Check Point Security
    Mark Ferro, GuidePoint Security
    Grant Moerschel, SentinelOne
    Moderator: Bruce Sussman

    1:15 pm
    Panel: Stopping the Attacks (Incident Response)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 103

    Security teams are struggling to keep up with the myriad of attack vectors that exist. Future InfoSec professionals will take a more adversarial approach to incident response. Will we have artificial intelligence helping threat hunters squash attacks before they can do any significant damage on the network while alerting the authorities in real time? Can a true partnership form between organizations and law enforcement to share information?

    Join our experts as they discuss challenges modern security teams face and how we can build a better plan for tomorrow.

    Panelists:
    Devon Kerr, Endgame
    Gary Southwell, CSPi
    Matt Tarr, CyberArk
    Felderi Santiago, Centrify
    Josh Huston, Netanium
    Jack Danahy, Barkly
    Paul Kunze, IntraSystems
    Moderator: Sandy Bacik

    1:15 pm
    Arbor Networks: Your DDoS Opportunity
    • session level icon
    speaker photo
    Sr. Partner, Consulting Engineer, Arbor Networks
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 104

    The nature of cybersecurity risk is constantly an unknown, or an approximation at best. With the possibility of DDoS as a smoke screen for a more damaging attack, businesses can no longer consider DDoS attacks as isolated or harmless events. DDoS attacks that coincide with network intrusion attempts, false logs, planted malware, and other indicators of compromise are not coincidental or accidental. Instead, businesses must consider a DDoS attack to be a sign of true danger.

    1:15 pm
    Trend Micro: Preparing Your Business for GDPR Compliance
    • session level icon
    speaker photo
    VP, Infrastructure Strategies, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm
    Location / Room: 102

    The EU General Data Protection Regulation will soon be in effect for all businesses with access to the personal data of EU citizens. Join William Malik as he explores the concept of privacy and how its evolution has been spurred by technological disruptions throughout modern history. Examine key highlights in the journey of GDPR preparation – including assessing organizational risks, tackling high-volume data sources, designing a remediation strategy and leveraging your successes to build your brand and reputation. Special attention must be paid to the implications of GDPR on blockchain deployments, as well.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Parenting in the Digital Age: What’s New, What’s Now, What’s Next?
    • session level icon
    speaker photo
    CEO, KL Greer Consulting, Featured on: CNN, The O'Reilly Factor, Inside Edition, The Huffington Post, TIME Magazine, USA Today and more
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 103

    Studies show that kids ages 8-18 are spending an average of 7.5 hours a day in front of some screen. Today, working with and keeping our youth safe means being constantly aware of what they’re doing online. Discover and learn about the latest trends in social media and digital safety, along with how to facilitate a healthy relationship with technology.

    3:00 pm
    Medical Device Cybersecurity
    • session level icon
    Practical information on the evolving medical device cybersecurity ecosystem
    speaker photo
    Sr. Principal Cybersecurity Engineer, MITRE
    speaker photo
    Sr. Principal Scientist, MITRE
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 102

    The recent escalation of cyber-attacks and the potential for combined cyber and physical attacks means the healthcare industry must better secure itself. We’ll describe “whole of community” approaches to medical device vulnerability management and proactively developing regional plans that integrate cyber into overall emergency preparedness and response.

    3:00 pm
    Terrorism – What the Average Citizen Should Know
    • session level icon
    speaker photo
    CIO & CISO, Episerver
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 104

    This presentation will look at understanding terrorist networks and why these individuals are so hard to find.

    3:00 pm
    We Only Have One Job
    • session level icon
    A lighter presentation of the serious issues we encounter every day.
    speaker photo
    CISO, Cyber Guide LLC
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: 110

    Everything is so serious about Information/Cyber Security but there are times we just need to Laugh.
    A lighter presentation of the serious issues we encounter everyday.

Exhibitors
  • A10 Networks
    Booth: 144

    A10 Networks (NYSE: ATEN) is a Secure Application Services™ company, providing a range of high-performance application networking solutions that help organizations ensure that their data center applications and networks remain highly available, accelerated and secure.

  • AccessIT Group Partnering with Check Point
    Booth: 333

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • ARMA Boston
    Booth: 378

    ARMA International is a not-for-profit organization representing the RIM profession. Its primary purpose is the advancement of the profession and the professional through advocacy, education and professional development.

    ARMA International members include records and information managers, MIS and ADP professionals, imaging specialists, archivists, hospital administrators, legal administrators, librarians, corporate counsel, compliance professionals, and educators. ARMA, its chapters, and its members are dedicated to helping individuals, organizations, and government agencies successfully meet the challenges of the increasingly complex records and information management field.

  • ACP – Greater Boston
    Booth: 376

    ACP is a professional organization that provides a forum for the exchange of information and experiences for business continuity leaders. We serve the greater Boston area, including Rhode Island and southern New Hampshire. Meetings are held on the second Wednesday of every month (except July & August). We invite you to attend our next meeting.

  • Alert Logic
    Booth: 450

    Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

  • Anomali
    Booth: 116

    Anomali delivers earlier detection and identification of adversaries in your organizations network by making it possible to correlate tens of millions of threat indicators against your real time network activity logs and up to a year or more of forensic log data. Anomali’s approach enables detection at every point along the kill chain, making it possible to mitigate threats before material damage to your organization has occurred.

  • Arctic Wolf
    Booth: 396

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. AWN CyberSOC is anchored by Concierge Security Engineers and includes 24×7 monitoring, custom alerting and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required.

  • Aruba
    Booth: 322

    Aruba, a Hewlett Packard Enterprise company (NYSE:HPE), introduces Aruba 360 Secure Fabric, an enterprise security framework that gives security and networking teams an integrated, more comprehensive way to gain visibility and control of their networks. It provides a quick way to respond to cyberattacks across multivendor infrastructures, with support for hundreds to thousands of users and devices. It’s the only solution that combines a complete campus, branch, and cloud-connected network infrastructure with built-in security, along with secure network access control and advanced threat detection and response – for any network.

    To learn more, visit Aruba 360 Secure Fabric at http://www.arubanetworks.com/solutions/security/ . For real-time news updates follow Aruba on Twitter and Facebook, and for the latest technical discussions on mobility and Aruba products visit Airheads Social at http://community.arubanetworks.com.

  • ASIS
    Booth:

    ASIS International is the world’s largest membership association for security professionals. With hundreds of chapters across the globe, ASIS is recognized as the premier source for learning, networking, standards, and research. ASIS ensures its members and the security community have access to the intelligence and resources necessary to protect their people, property, and information assets. www.asisonline.org

  • baramundi software USA, Inc.
    Booth: 330

    baramundi software USA, Inc. provides companies and organizations with efficient, secure, and cross-platform management of workstation environments. Around the world, over 2,000 customers of all sizes and from every sector benefit from the independent German manufacturer’s many years of experience and outstanding products. These are compiled into an integrated, future-orientated unified endpoint management approach in the baramundi Management Suite: endpoint management, mobile device management, and endpoint security are provided via a shared interface, using a single database, and according to global standards.

  • Barkly
    Booth: 354

    Barkly is advancing endpoint security with the strongest, smartest protection delivered with simplicity. The Barkly Endpoint Protection Platform provides multi-vector attack blocking for exploits, scripts, executables, ransomware, and more, and has visibility into all levels of the system, including the CPU. Barkly is formed by an elite team of security and SaaS experts from IBM, Cisco, and Intel, backed by investors NEA and Sigma Prime, and independently certified for anti-virus replacement, HIPAA, PCI DSS & NIST. Learn more by visiting us at www.barkly.com, or follow us on Twitter @BarklyProtects.

  • Bay Pay Forum
    Booth: TBD

    The BayPay Forum, a Silicon Valley-based international network composed of over 14,000 payment and commerce executives, entrepreneurs and investors from thousands of different companies, serves as a forum to connect members in identifying and understanding the emerging trends and innovations in the industry.

  • Big Switch Networks
    Booth: 360

    Big Switch Networks is the next-gen networking company. Big Monitoring Fabric is an NPB that enables pervasive visibility and security across all workloads: physical, VM , container or cloud. Big Mon Inline enables pervasive security in the DMZ while offering lower-cost and SDN-centric operational simplicity. Tech partnerships include: A10, Palo Alto Networks, Symantec, FireEye, ExtraHop, Riverbed.

  • Binary Defense Systems
    Booth: 316

    BDS is a company that works with you to understand your environment, what you have and building defenses to combat what we face today and for the attacks of tomorrow. Technology is continuously changing, businesses change every day – in order to keep up with the changes, BDS has created an extensively flexible yet highly accurate way of detecting attackers. We are attackers, and we know the best ways in detecting how attackers breach your network. An added bonus with BDS – continual penetration tests are performed regularly to enhance and develop additional safeguards. We are here to defend, protect and secure your company.

  • BitSight Technologies
    Booth: 119

    BitSight Technologies is transforming how companies manage information security risk with objective, evidence-based security ratings. The company’s Security Rating Platform continuously analyzes vast amounts of external data on security behaviors in order to help organizations manage third party risk, benchmark performance, and assess and negotiate cyber insurance premiums.For more information, please visit www.bitsighttech.com or follow us on Twitter (@BitSight)

  • BOMGAR
    Booth: 510

    Bomgar offers the most secure remote access and support technology on the planet. Each encrypted connection is outbound, so you can connect without VPN or firewall changes. You can leverage Active Directory and LDAPS to manage authentication, require multi-factor authentication, define more than 50 permissions for technicians and privileged users, and capture a detailed audit log of every remote connection.

  • Brainbabe
    Booth: 432

    Brainbabe is directly impacting these statistics: 10% of the cybersecurity workforce is women; 1% of the cyber community is women leaders; and 53% of women end up leaving the industry.
    We do this by:
    1) Offering classroom training for women who want to join the cybersecurity profession
    2) Providing soft skills training to all cybersecurity professionals, enabling effective and harmonious interactions with team members in any environment
    3) Raising awareness about the numerous careers in cybersecurity for girls and women

  • Brinqa
    Booth: 420

    Brinqa is a leading provider of unified risk management – enabling stakeholders, governance organizations, and infrastructure and security teams to effectively manage technology risk at the speed of business. Brinqa software and cloud services leverage an organization’s existing investment in systems, security, and governance programs to identify, measure, manage and monitor risk. With Brinqa, organizations are reducing response time to emerging threats, impact to business, and technology risk and compliance costs by over 50% through real-time risk analytics, automated risk assessments, prioritized remediation, actionable insights and improved communication.

  • Bugcrowd Inc.
    Booth: 452

    By combining the world’s most experienced team of bounty experts and the market’s only enterprise-grade bug bounty platform, Bugcrowd connects organizations to a global crowd of trusted security researchers to identify vulnerabilities—before the  adversaries do.

  • CA Technologies
    Booth: 160

    CA Technologies helps customers succeed in a future where every business— from apparel to energy— is being rewritten by software. With CA software at the center of their IT strategy, organizations can leverage the technology that changes the way we live— from the data center to the mobile device.

    Our business management software and solutions help our customers thrive in the new application economy by delivering the means to deploy, monitor and secure their applications and infrastructure. Our goal is to help organizations develop applications and experiences that excite and engage and, in turn, open up money-making opportunities for their businesses.

  • Carbon Black
    Booth: 320

    Carbon Black is Transforming Security Through Big Data and Analytics in the Cloud Growing trends in mobility and cloud have made the endpoint the new perimeter. New and emerging attacks are beating traditional defenses, and security teams are too reactive and held back by their technologies. Carbon Black is leveraging the power of big data and analytics to solve the challenges surrounding endpoint security. With the Cb Predictive Security Cloud platform, we are transforming cybersecurity to deliver a new generation of cloud-delivered security solutions designed to protect against the most advanced threats.

     

  • Cayden Security
    Booth: 603

    Cayden Security is a cybersecurity, IT risk management and compliance solutions provider with over 13 years of experience and partnerships. We provide cybersecurity products and consulting, as well as turnkey managed security services for third-party risk. We focus on your cybersecurity, IT risk management and compliance needs, so you can focus on your business.

  • Centrify
    Booth: 380

    Centrify provides unified identity management across data center, cloud and mobile environments. Centrify software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and mobile device management.
    Centrify customers can typically reduce their total cost of identity management and compliance by more than 50 percent.

  • Cloud Security Alliance (CSA)
    Booth:

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • CIOReview
    Booth: TBD

    CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIOReview is an excellent platform for the enterprise to showcase their innovative solutions.

  • CrowdStrike
    Booth: 114

    CrowdStrike was founded in 2011 to fix a fundamental problem: The sophisticated attacks that were forcing the world’s leading businesses into the headlines could not be solved with existing malware-based defenses. Co-founders George Kurtz and Dmitri Alperovitch realized that a brand new approach was needed — one that combines the most advanced endpoint protection with expert intelligence to pinpoint the adversaries perpetrating the attacks, not just the malware.

  • CSPi
    Booth: 334

    At CSPi we are committed to helping our customers meet some of computing’s most demanding performance, availability and security challenges.

    Today’s security teams receive a great deal of real-time information and intrusion alerts, generated from their security equipment and tools; yet, the volumes of data make it make it nearly impossible for incident response teams to validate a data breach. With our Myricom nVoy Series solution we offer our customers a new approach to cyber threat identification and investigation – a rapid breach response solution that identifies alerts associated with a specific asset and provides an extraction of the entire set of conversations associated with that breach.This detailed data is crucial in performing timely and accurate analysis needed to comply with data-privacy regulations such as GDPR, PCI DSS, HIPPA, SOX, and 48 different U.S. state laws related to PII.

  • Cyber-Ark Software
    Booth: 324

    Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments.

  • Cybereason
    Booth: 166

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • CyberSaint
    Booth: 119

    CyberSaint’s CyberStrong Platform leverages AI and Machine Learning to revolutionize cybersecurity program management. CyberStrong empowers organizations to be proactive and aware, utilizing natural language, data feeds, and assessments built upon the NIST Framework’s rules engine. Experience rapid ROI, inform IT decisions with bottom-line impact, and streamline the adoption of company-specific frameworks.

  • Cylance
    Booth: 146

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • Darktrace
    Booth: 312

    Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.

  • Delta Risk
    Booth: 130

    Delta Risk was founded in 2007 from a vision of strategic and operational effectiveness to assist private sector and government organizations in understanding their current cyber security posture and building advanced cyber defense and risk management capabilities. We are a global provider of strategic, operational, and advisory solutions, including managed security services and security consulting services. Delta Risk is a Chertoff Group company.

  • Demisto
    Booth: 337

    Demisto is a comprehensive Security Operations Platform that combines security orchestration, incident management and interactive investigation into a seamless experience.
    Powered by its machine learning technology, Demisto helps security teams build future-proof security operations, reduce MTTR, create consistent and audited incident management processes, and increase analyst productivity.

  • Digital Guardian
    Booth: 381

    Digital Guardian provides the industry’s only threat aware data protection platform that is purpose built to stop data theft from insiders and outside adversaries. The Digital Guardian platform performs across the corporate network, traditional endpoints, mobile devices and cloud applications and is buttressed by a big data security analytics cloud service, to make it easier to see and block all threats to sensitive information.

  • Digital Shadows
    Booth: 152

    Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation.

  • Duo
    Booth: 150

    Duo was founded with the belief that security can only be effective if it is easy to use. Through that vision, Duo has built a world-class security platform that is actually enjoyable to use. Duo supports thousands of customers and millions of users in organizations like Accenture, Boston Medical, Emblem Health, Facebook, Toyota, Twitter, Virginia Tech, Yelp and others, and enjoys the highest NPS score in the industry.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Endgame
    Booth: 372

    Organizations spent $75 billon on security last year, yet they still face breaches at an alarming rate. Endgame exists to transform that paradigm and not accept breaches as the status quo.

    To solve these challenges, we can’t apply the same people, processes and technology and expect different results.

    We bring to bear the best across enterprise tech, security domain expertise, data science, user experience, and academia to challenge the industry-standard of what makes a good security product.

    That’s what we’re doing everyday at Endgame.

  • enSilo
    Booth: 374

    enSilo is a cyber-security company that offers a real-time data protection platform against advanced attacks. The company was founded on the recognition that external threat actors cannot be prevented from infiltrating networks, and instead focuses on preventing the theft and tampering of critical data in the event of a cyber-attack. enSilo enables organizations to continue running their business operations securely and without interruption, even during investigation and remediation of attacks, by blocking in real-time any data-related malicious activity. enSilo’s platform requires no prior knowledge or configuration of users or data.

  • Envision Technology Advisors
    Booth: 384

    Envision Technology Advisors were early pioneers in virtualization. The company was Rhode Island’s very first certified VMware partner and one of the first in all of New England. By 2007, the team at Envision had made virtualization core to their business. In fact, the company has not deployed a physical server since.

    At a time when virtualization was still a new technology to many organizations, Envision became a recognized leader in virtualization services. As experts in this important technology, Todd and Envision began to get called in to consult and speak on virtualization. This showed the company the need for educated discussions on this topic and it eventually led to the creation of the company’s VMworld by Proxy event.

  • Exabeam
    Booth: 124

    The Exabeam Security Intelligence Platform provides organizations of all sizes with end-to-end detection, analytics, and response capabilities from a single security management and operations platform. Exabeam SIP includes Exabeam Log Manager, a modern log management system, built on top of ElasticSearch to provide unlimited data ingestion at a predictable, cost effective price. Exabeam SIP detects complex, multi-stage threats using the analytics capabilities of Exabeam Advanced Analytics; the world’s most deployed User and Entity Behavior Analytics (UEBA) solution. Finally, Exabeam SIP improves incident response efficiency with Exabeam Incident Responder, an API based security orchestration and automation solution.

  • Extreme Networks
    Booth: 418

    Extreme Networks delivers software-driven networking solutions that help IT departments everywhere deliver the ultimate business outcome: stronger connections with customers, partners and employees. Wired to wireless, desktop to data center, on premise or through the cloud, we go to extreme measures for our customers, delivering 100% insourced call-in technical support.

  • Fidelis Cybersecurity
    Booth: 339

    Fidelis Cybersecurity protects the world’s most sensitive data by equipping organizations to detect, investigate and stop advanced cyber attacks. Our products, services and proprietary threat intelligence enable customers to proactively face advanced threats and prevent data theft with immediate detection, monitoring and response capabilities. With our Fidelis Network and Fidelis Endpoint, customers can get one step ahead of any attacker before a major breach hits. To learn more about Fidelis Cybersecurity, please visit www.fidelissecurity.com and follow us on Twitter @FidelisCyber

  • FireEye
    Booth: 106

    FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 5,000 customers across 67 countries, including more than 940 of the Forbes Global 2000.

  • Forcepoint
    Booth: 118

    Forcepoint safeguards users, data and networks against the most determined adversaries, from insider threats to outside attackers, across the threat lifecycle – in the cloud, on the road, in the office. It simplifies compliance and enables better decision-making for more efficient remediation, empowering organizations to focus on what’s most important to them.

  • ForeScout Technologies, Inc.
    Booth: 162

    ForeScout Technologies, Inc. offers Global 2000 enterprises and government organizations the unique ability to see networked devices, including non-traditional devices, control them, and orchestrate information sharing and operation among disparate security tools. As of January 2016, more than 2,000 customers in over 60 countries improve their network security and compliance posture with ForeScout solutions.

  • Fortinet
    Booth: 104

    Fortinet secures the largest enterprise, service provider, and government organizations around the world. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 300,000 customers trust Fortinet to protect their businesses.

  • Garland Technology
    Booth: 119

    Garland Technology provides the foundation to network visibility with a range of network TAPs and packet brokers. Our products deliver effective physical layer access for in-line and out-of-band monitoring solutions providing you access and visibility to see every bit, byte, and packetⓇ.Let us design your visibility plane, connecting your network and security tools.

  • Gemalto
    Booth: 148

    SafeNet and Gemalto have joined forces to create the worldwide leader in enterprise and banking security from core data protection to secure access at the edge of the network. Together, we protect more data, transactions, and identities than any other company, delivering security services that are used by more than 30,000 businesses and two billion people in more than 190 countries around the world. We support 3,000 financial institutions and secure more than 80% of the world’s intra-bank fund transfers, and protect the world’s leading software applications.

  • Gemini Data
    Booth: 108

    Gemini provides Continuous Data Analysis. We translate data into knowledge using machine reasoning. With Gemini Enterprise, gain enterprise knowledge and awareness, focus on AI-powered analysis, and simplify management of big data platforms. Designed for modern architectures, Gemini Enterprise reduces complexity in the cloud or on premises. Gemini Data was founded and built by experts from Splunk, ArcSight, and RSA that understand the importance of building awareness across the enterprise. Find more information at geminidata.com or follow us on Twitter @geminidataco.

  • Gigamon
    Booth: 394

    Gigamon (NYSE: GIMO) provides active visibility into physical and virtual network traffic, enabling stronger security and performance. Gigamon’s Visibility Fabric™ and GigaSECURE®, the industry’s first Security Delivery Platform, deliver advanced intelligence so that security, network, and application performance management solutions in enterprises government, and service provider networks operate more efficiently.

  • GreatHorn
    Booth: 356

    GreatHorn is the leading next generation email security platform that protects organizations using Office 365 and G Suite from advanced threats, including targeted phishing attacks, business email compromise, malware and ransomware. Cloud native and built on machine learning and automation, GreatHorn delivers the industry’s most effective email security solution.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • GuidePoint Security LLC
    Booth: 118

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

  • HTCIA
    Booth: 602

    Investigators on the Leading Edge of Technology

    The High Technology Crime Investigation Association (HTCIA) was formed to provide education and collaboration to our global members for the prevention and investigation of high tech crimes. As such, we are an organization that aspires to help all those in the high technology field by providing extensive information, education, collective partnerships, mutual member benefits, astute board leadership and professional management. Association Mission: Provide education and collaboration to our global members for the prevention and investigation of high tech crimes.

  • HUB Tech
    Booth: 126

    HUB Tech partners with its clients becoming part of their support team. We work beside you to ensure you have a strategy that allows you to transform your Information infrastructure to keep up with the needs of your organization and your users. We have developed proprietary tools and strategies that have enabled us to lower cost and increase the quality of service to our client base, especially to state agencies, municipalities and school districts, where cost is a deciding factor in everyday decision making.

    Our mission is simple – to take full ownership for all that we do, to protect those who trust in us, and to make lifelong clients from every customer contact.

  • IBM Resilient
    Booth: 182

    IBM Resilient’s mission is to help organizations thrive in the face of any cyberattack or business crisis. The industry’s leading Incident Response Platform (IRP) empowers security teams to analyze, respond to, and mitigate incidents faster, more intelligently, and more efficiently. The Resilient IRP is the industry’s only complete IR orchestration and automation platform, enabling teams to integrate and align people, processes, and technologies into a single incident response hub. With Resilient, security teams can have best-in-class response capabilities. IBM Resilient has more than 150 global customers, including 50 of the Fortune 500, and hundreds of partners globally. Learn more at www.resilientsystems.com.

  • Institute of Internal Auditors (IIA)
    Booth:

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • InfraGard Boston
    Booth:

    InfraGard is a United States government (FBI) and private sector alliance. InfraGard Boston was developed by the Boston FBI office in 1998 to promote protection of critical information systems. InfraGard provides formal and informal channels for the exchange of information about infrastructure threats and vulnerabilities. The purpose of the synergistic exchange is to allow members to better protect themselves and their corporate interests while enhancing the ability of the United States government to provide national security.

  • Integration Partners
    Booth: 406

    We know and understand you have options when choosing the right partner. Networking technology alone isn’t a differentiator, it’s how we do business with you. We’ve curated the best solutions not just to support IT needs, but to support your business strategy. Our culture is one that influences the customer experience. We never stop improving, and so we will never let you fall behind. From this simple and often overlooked practice, we believe the greatest customer relationships come from our mutual and shared strategies. Now just think… WHAT’S POSSIBLE.

  • IntraSystems
    Booth: 408

    IntraSystems is a highly respected IT consulting company, managed services provider, and systems integrator that specializes in the deployment and delivery of IT infrastructure, virtualization services, security, and cloud solutions. IntraSystems has the proven expertise in solving the many technology challenges that companies face today, such as keeping up with the evolving security landscape, migrating to the cloud, and compliance requirements.

  • Intsights
    Booth: 110

    We are an intelligence driven security provider offering a subscription-based service which delivers rapid, accurate cyberthreat intelligence and incident mitigation in real time.

  • iovation
    Booth: 310

    iovation protects online businesses and their end users against fraud and abuse, and identifies trustworthy customers through a combination of advanced device identification, shared device reputation, device-based authentication and real-time risk evaluation. More than 3,500 fraud managers representing global retail, financial services, insurance, social network, gaming and other companies leverage iovation’s database of billions of Internet devices and the relationships between them to determine the level of risk associated with online transactions. The company’s device reputation database is the world’s largest, used to protect 15 million transactions and stop an average of 300,000 fraudulent activities every day. The world’s foremost fraud experts share intelligence, cybercrime tips and online fraud prevention techniques in iovation’s Fraud Force Community, an exclusive virtual crime-fighting network.

  • IOvations
    Booth: 376

    IOvations provides innovative enterprise Security, Network, and Storage IT solutions and professional services that enable our clients to achieve optimal results. With over 25 years of deep Security, Network, and Storage domain experience, you can count on IOvations for trusted advice, real-time response, and superior service.

  • iRobot
    Booth: 602

    iRobot, the leading global consumer robot company, designs and builds robots that empower people to do more both inside and outside of the home. iRobot’s products, including the award-winning Roomba® Vacuuming Robot and the Braava® family of mopping robots, have been welcomed into millions of homes around the world and are hard at work every day helping people to get more done.

  • ISACA
    Booth: 392

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

  • (ISC)2
    Booth: 390

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA New England
    Booth: 374

    The Information Systems Security Association (ISSA) is an international organization providing educational forums, publications, and peer interaction opportunities that enhance the knowledge, skills, and professional growth of its members’ information security professionals. The primary goal of ISSA is to promote management practices that will ensure availability, integrity, and confidentiality of organizational resources.

    Since its inception in 1982, ISSA’s membership has grown to include more than 100 chapters around the world with members who represent a diverse collection of organizations, including major U.S. and international corporations, leading consulting firms, world-class educational institutions, and government agencies. From EDP audit and corporate security to contingency planning and disaster recovery, ISSA members are committed to protecting their organizations’ assets and resources.

    Visit the National Headquarter’s website at www.issa.org.

  • Ixia, a Keysight Business
    Booth: 404

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Jask
    Booth: 186

    JASK was founded in 2016 and is headed by industry leaders with decades of experience solving real-world SOC issues.

    With a mission to address the security gaps that restrict security modernization efforts, JASK’s world-class engineering and data science teams apply decades of hands-on experience to drive advancements in autonomous SOC technology.

    Backed by Battery Ventures, Dell Technology Ventures, TenEleven and Vertical Venture Partners, JASK is modernizing SOC operations for companies across the financial services, telecommunications, healthcare and government industries.

  • Jazz Networks
    Booth: 412

    Jazz Networks protects against accidental and intentional cybersecurity threats from inside and outside of your organization. Jazz Networks provides end-to-end security from desktop to servers to cloud, enabling network agnostic user, application and container visibility for computers and data centers. Jazz Networks has offices in London, New York and Oslo.

  • Juniper
    Booth: 128

    Our customers don’t set out to build networks. They build on ideas that reinvent, reimagine, and improve the world around them. It makes sense that we should begin there, too.

    Through our passion for creating high-performing networks, Juniper extends knowledge, collaboration, and human advancement in industries around the world—such as energy, healthcare, education, and many others.

    While our innovative product and services portfolio evolves continuously, we need to reach farther to secure our customers’ long-term success. We’re looking beyond the horizons of today’s business challenges, and the technology future we see is built on real-time service integration. That means everything we develop must align with our vision.

  • Kaspersky Lab
    Booth: 421

    In 1999, Kaspersky Lab was the first company to introduce integrated antivirus software for workstations, file servers and application servers running on Linux/FreeBSD operating systems. Today, the company offers a whole range of effective corporate security solutions for the most popular operating systems specifically designed for different types of businesses. The company?s product range covers all of the main information security requirements that businesses and large state organizations have to adhere to, including: excellent protection levels, adaptability to changing circumstances, scalability, compatibility with different platforms, high performance, high fault tolerance, ease of use and high value. One of the primary advantages of Kaspersky Lab’s corporate range is the easy, centralized management provided by Kaspersky Security Center that extends to the entire network regardless of the number and type of platforms used.

  • Lastline
    Booth: 189

    Lastline provides breach protection products that are innovating the way companies defend against advanced malware with fewer resources and at lower cost. We deliver the visibility, context, analysis, and integrations enterprise security teams need to quickly and completely eradicate malware-based threats before damaging and costly data breaches occur. Headquartered in Redwood City, California with offices throughout North America, Europe and Asia, Lastline’s technology is used by Global 5000 enterprises, is offered directly and through resellers and security service providers, and is integrated into leading third-party security technologies worldwide. www.lastline.com

  • LastPass
    Booth: 132

    LastPass is an award-winning password manager helping millions organize and protect their online lives, at home and at work. For businesses of all sizes, LastPass provides secure password storage and centralized admin oversight to reduce the risk of data breaches and remove password obstacles for employees. With customizable policies, secure password sharing, and comprehensive user management, LastPass gives IT the tools to strengthen password hygiene across the organization. Founded in 2008, LastPass is a product of LogMeIn (NASDAQ:LOGM).

  • MCPA
    Booth: 371

    The Military Cyber Professionals Association is dedicated to developing the American military cyber profession and investing in our nation’s future through STEM education. We are working towards an American military cyber profession that is accomplishing what our nation needs, expects, and deserves. Our goal is to secure cyberspace for military, economic, and private individual pursuits.

  • Menlo Security
    Booth: 142

    The Menlo Security approach delivers 100% safety via isolation — stopping the never-ending search for risky content, while delivering a seamless end-user experience. Deployed in a public or private cloud, the Menlo Security Isolation Platform reduces security complexity and increases scale by eliminating end-point software and out-dated appliances.

  • Mimecast
    Booth: 342

    Mimecast Is Making Email Safer For Business.
    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service.
    Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • NEDRIX
    Booth: TBD

    We are professionals in the public and private sector with an interest in emergency response, crisis management, business continuity, or disaster recovery. Experience levels range from novices in the industry to experts with over 35 years experience. NEDRIX itself is a not-for-profit organization staffed entirely by volunteers.
    NEDRIX membership provides you with real time notifications based on the states you subscribe to, as well as with industry news, events, trends, conferences, networking, and more!

  • Netanium
    Booth: 119

    Netanium is a trusted, Information Security consultant and solution provider, focused on helping organizations to overcome resource constraints & streamline their evolving security programs.
    Netanium works with organizations to streamline the technologies and processes that best fits its current infrastructure, resources, and security strategy. Netanium has over 15 years of experience focused on data management and managing cybersecurity risk.

  • NetScout Arbor
    Booth: 368

    For fifteen years, the world’s leading network operators across ISP, cloud and enterprise markets have relied on NETSCOUT Arbor for traffic visibility, advanced threat detection and DDoS mitigation. Through a combination of market-leading technology, elite security research, intuitive workflows and powerful data visualizations, NETSCOUT Arbor allows you to efficiently connect the dots to understand attack activity and to take action with confidence. See the threat, understand the risk and protect your business with NETSCOUT Arbor.

  • NetSkope
    Booth: 122

    Netskope offers the industry’s only all-mode architecture that supports any use case. This starts with the option of being deployed 100 percent in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both. When it comes to traffic steering, Netskope supports every possible out-of-band and inline mode, including forward and reverse proxy, secure TAP, API, and log-based discovery. These modes are often used in parallel to cover customers’ multiple use cases.

  • Nexum
    Booth: 508

    Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio and Wisconsin as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.

  • Optiv
    Booth: 411

    Optiv is the largest holistic pure-play cyber security solutions provider in North America. Our diverse and talented employees are committed to helping businesses, governments and educational institutions plan, build and run successful security programs through the right combination of products, services and solutions related to security program strategy, enterprise risk and consulting, threat and vulnerability management, enterprise incident management, security architecture and implementation, training, identity and access management, and managed security.

    Created in 2015 as a result of the Accuvant and FishNet Security merger, Optiv has served more than 12,000 clients of various sizes across multiple industries, offers an extensive geographic footprint, and has premium partnerships with more than 300 of the leading security product manufacturers.

  • PKWARE
    Booth: 603

    PKWARE protects the world’s data with smart encryption software and solutions. In use by more than 35,000 customers, including government agencies and global corporations, PKWARE’s easy-to-use security armors data itself and eliminates vulnerabilities wherever data is used, shared or stored.

  • Proofpoint
    Booth: 350

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Qualys, Inc.
    Booth: 340

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • Radware
    Booth: 328

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • Rapid7
    Booth: 332

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • Red River
    Booth: 314

    Red River’s Security Practice has nearly 20 years of experience helping federal and enterprise customers strengthen their security stance with strategically-integrated data- and network-centric physical and cyber security solutions designed to protect critical assets, enable situational awareness and simplify security management. We not only hold the coveted Cisco Master Security Specialization, but our highly-certified experts use a balanced approach that blends leading-edge technology, systems, policies and proven processes to deliver secure, effective solutions that offer complete protection and long-term value to our customers.

  • Recorded Future
    Booth: 186

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Resolve Systems
    Booth: 507

    Resolve Systems was founded by individuals with extensive experience in working with IT Operations, Security Operations, Network Operations and Customer Care. We are convinced that these teams need a more holistic and systematic approach for applying automation in a broad way to all incident resolution procedures.

    What makes us different is our ability to enable the automation of select steps in any engineer-driven resolution procedure, as well as embed specific content into any procedure on a step-by-step basis. The Resolve Software also includes real-time incident resolution collaboration, the ability to capture a record of every resolution, and a complete workflow for continuous procedure improvement.

  • Rook
    Booth: 452

    Rook Security provides 24/7 Managed Detection and Response to prevent incidents from impacting business operations. We unite the brightest minds in digital defense with the most advanced, rapid-to-deploy technology to protect your organization. As a managed service, there is no need to worry about configuring, monitoring, or managing technology – our team does the hard part for you.

  • RSA Security
    Booth: 156

    RSA’s business-driven security solutions help customers comprehensively and rapidly link security incidents with business context to respond effectively and protect what matters most. With award-winning solutions for rapid detection and response, identity and access assurance, consumer fraud protection, and business risk management, RSA customers can thrive in an uncertain, high-risk world.

  • SailPoint
    Booth: 102

    In 2005, Mark and Kevin set out to create a new type of company – one that promised to provide innovative solutions to business problems and an exciting, collaborative work environment for identity rock stars. Together, we’re redefining identity’s place in the security ecosystem.

    We love taking on new challenges that seem daunting to others. We hold ourselves to the highest standards, and deliver upon our promises to our customers. We bring out the best in each other, and we’re having a lot of fun along the way.

  • Security Scorecard
    Booth: 158

    SecurityScorecard helps enterprises gain operational command of their security posture and the security posture of their third-parties through continuous, non- intrusive monitoring. The company’s approach to security focuses on identifying vulnerabilities from an outside perspective, the same way a hacker would. Visit us at www.securitysecorecard.com

  • Securonix
    Booth: 502

    Securonix is redefining the next generation of cyber-threat detection using the power of machine learning and big data. Our purpose-built security analytics platform uses machine learning to track and create baselines of user, account, and system behavior and detects the most advanced insider threats, cyber threats, and fraud activities in real time. Built on a Hadoop platform, the Securonix solution provides an open platform with unlimited scalability. Securonix provides incident orchestration capabilities with playbooks that enable automated incident response. Globally, customers use Securonix to address their insider threat, cyber threat, cloud security, fraud, and application security monitoring requirements. Visit www.securonix.com.

  • SentinelOne
    Booth: 338

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • SIM
    Booth: 386

    At the Boston Chapter of SIM, we provide leading information technology executives, consultants, and academics with a place to share ideas. Our collaborative community shares best practices, trends and lessons learned for you: the person that is responsible for shaping and influencing the future of IT and IT management.

    Our goal is to provide you with access to a robust community of the area’s top IT leaders so you can exchange ideas, share best practices, and stimulate your mind. As a senior-level IT profession providing both strategic and tactical direction to your division on a daily basis, you need someplace to turn for advice, answers, and guidance, too.

  • Skybox Security
    Booth: 140

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • Splunk
    Booth: 112

    You see servers and devices, apps and logs, traffic and clouds. We see data—everywhere. Splunk® offers the leading platform for Operational Intelligence. It enables the curious to look closely at what others ignore—machine data—and find what others never see: insights that can help make your company more productive, profitable, competitive and secure. What can you do with Splunk?
    Just ask.

  • SSH Communications Security
    Booth: 410

    As the inventor of the SSH protocol, we have a twenty-year history of leading the market in developing advanced security solutions that enable, monitor, and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki. For more information, visit www.ssh.com

  • Sumo Logic
    Booth: 352

    Sumo Logic was founded in 2010 by experts in log management, scalable systems, big data, and security. Today, our purpose-built, cloud-native service analyzes more than 100 petabytes of data, more than 16 million searches, and delivers 10s of millions of insights daily – positioning Sumo among the most powerful machine data analytics services in the world.

  • Symantec
    Booth: 154

    Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on Facebook, Twitter and LinkedIn.

  • TBG Security
    Booth: 422

    TBG Security is your trusted advisor when it comes to cybersecurity. We have been providing risk management solutions since 2003 to ensure your business is minimizing uncertainty in an increasingly hostile information environment. Whatever the IT security goal, TBG Security’s Information Security Advisors work with you to determine your requirements and tailor a straightforward plan of action to improve your organizations overall security posture. Our continuous commitment to new technologies and decades of threat avoidance experience make us the first choice of Fortunre 1000 companies for cybersecurity consulting services.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: 358

    Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into Tenable.io™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, large government agencies and mid-sized organizations across the private and public sectors. Learn more at tenable.com.

  • Thales e-Security
    Booth: 164

    Thales e-Security is the leader in advanced data security solutions and services that deliver trust wherever information is created, shared or stored. We ensure that the data belonging to companies and government entities is both secure and trusted in any environment – on-premise, in the cloud, in data centers or big data environments – without sacrificing business agility. Security doesn’t just reduce risk, it’s an enabler of the digital initiatives that now permeate our daily lives – digital money, e-identities, healthcare, connected cars and with the internet of things (IoT) even household devices. Thales provides everything an organization needs to protect and manage its data, identities and intellectual property and meet regulatory compliance – through encryption, advanced key management, tokenization, privileged user control and high assurance solutions. Security professionals around the globe rely on Thales to confidently accelerate their organization’s digital transformation. Thales e-Security is part of Thales Group.

  • ThreatConnect
    Booth: 501

    Organizations worldwide leverage the power of ThreatConnect every day to broaden and deepen their intelligence, validate it, prioritize it, and act on it. Leveraging advanced analytics capabilities, ThreatConnect offers a superior understanding of relevant cyber threats to business operations. With ThreatConnect, your team works as a single cohesive unit, reinforced by a global community of peers.

    We believe that intelligence should flow through every aspect of a security program. The entire team and their defensive tools should be connected to the intelligence and each other. To improve intelligence it is necessary to have a constant feedback loop from the team and tools built-in; perpetual intelligence capture and creation. And, to enable constant, sound decision-making, analytics need to be constantly evaluated.

  • Trend Micro
    Booth: 382

    As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With more than 20 years of experience, we’re recognized as the market leader in server security for delivering top-ranked client, server, and cloud-based security solutions that stop threats faster and protect data in physical, virtualized, and cloud environments.

  • TrustedSec
    Booth: 316

    TrustedSec is a leader in attack intelligence and security advisory services. Our team of highly talented, skilled, senior consultants sets us apart from other commodity-service security companies. We form partnerships with our number one goal to help you holistically improve your security program. You’ll find that working with us amounts to more than “just another engagement”—it’s establishing an understanding with your organization, and working to make you more secure, and better as a whole.

     

  • Tufin
    Booth: 360

    As the market leader of award-winning Security Policy Orchestration solutions, Tufin provides enterprises with the ability to streamline the management of security policies across complex, heterogeneous environments. With more than 2,000 customers, Tufin automatically designs, provisions, analyzes and audits network security configuration changes – from the application layer down to the network layer – accurately and securely. It assures business continuity with a tight security posture, rapid service delivery and regulatory compliance across physical, private, public and hybrid cloud environments.

  • University of Massachusetts
    Booth: 120

    The University of Massachusetts System Office (UMSO), which includes the Office of the President and Central Administrative Services, provides overall leadership to the University, coordinates with the campuses on various academic and financial initiatives, and provides shared services in the areas of information technology, treasury, and procurement, among others.

    The System Office represents the University in various ways (including but not limited to) with the Governor, Legislature, executive branch agencies, the federal government and professional organizations. It also coordinates academic affairs across the campuses and management and fiscal affairs including efficiency and effectiveness efforts, budgeting and forecasting, capital planning, information systems, legal matters, and human resources management. Overall planning, policy development and initiation of University-wide programs are carried out through the System Office by several departments that report to the President and his Vice Presidents and that are located in both Boston and Shrewsbury.

  • Varonis
    Booth: 128

    Varonis is the foremost innovator and solution provider of comprehensive, actionable data governance solutions for unstructured and semi-structured data with over 4000 installations spanning leading firms in financial services, government, healthcare, energy, media, education, manufacturing and technology worldwide. Based on patented technology, Varonis’ solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times.

  • WatchGuard
    Booth: 402

    Seattle-based WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises. Recognizing an unmet need for a security solution that addresses the rapidly evolving threat landscape, WatchGuard architected its high-throughput, highly scalable, and flexible Fireware® operating system to form the backbone of its products. This platform yields dramatically higher performance at a much lower cost than competitors in environments where multiple security engines are enabled.

  • WhiteSource
    Booth: 344

    WhiteSource empowers software & security teams to develop better software by harnessing the power of open source. We help you manage open source components used in your products, automatically & continuously.

  • Wombat Security Technologies
    Booth: 378

    Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%.

  • Zensar
    Booth: 405

    Zensar is a leading digital solutions and technology services company that specializes in partnering with global organizations across industries on their Digital Transformation journey. Zensar empowers customers to develop strategies to adhere to comprehensive security frameworks while implementing security solutions to meet industry practices and compliance requirements.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Brian Shield
    CIO, Boston Red Sox

    Brian is responsible for the strategic direction of technology and day-to-day IT operations in support of the Boston Red Sox, their fans, and Fenway Sports Management.

  • speaker photo
    Larry Wilson
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016

    Larry is responsible for developing, implementing and managing the University of Massachusetts Information Security Policy and Written Information Security Program (WISP). The University program is based on industry best practices ISO 27001 / SANS 20 Critical Controls, and is implemented consistently across all University campuses (Amherst, Boston, Dartmouth, Lowell, Medical School and the President’s Office).

    Prior to joining UMASS, Larry was the Vice President, Network Security Manager at State Street. In this role he was responsible for researching, selecting, implementing and overseeing an engineering staff who managed network security technologies / tools including vulnerability scanning, network firewall policy management, intrusion detection, remote access, DNS security, global and local load balancing, etc.

    Larry's industry experience includes IT audit manager for Deloitte Enterprise Risk Services (ERS) consulting practice. In this role he managed a staff responsible for developing and completing a Sarbanes Oxley compliance audit for MasterCard International. Larry's team focused on the application level controls and general computer controls for information technology services implemented and managed from the MasterCard data center in St. Louis.

    Mr. Wilson holds a Master of Science degree in Civil / Structural Engineering from the University of New Hampshire. His industry certifications include CISSP, CISA and ISA (PCI Internal Security Assessor). He serves on the Advisory Board for Middlesex Community College and CISO Advisory Board for Oracle. He co-chairs the Massachusetts State University and Community College Information Security Council, and serves as Certification Director for ISACA New England. His major 2013 accomplishments include Finalist for Information Security Executive® (ISE®) of the Year for both the Northeast Region and North America; and a SANS People who made a difference in Cybersecurity in 2013 award recipient.

    Larry has been teaching CISA certification training for ISACA for 5 years.

  • speaker photo
    David Dumas
    Sr. Principal, Security Risk Management, Verizon

    David Dumas, CISSP, CISM, ISSA Distinguished Fellow. David is a Senior Principal in Security Risk Management for Verizon's Wireline Security Operations group. He has 32 years in the security field, working at Digital Equipment and Verizon. He has been on the ISSA New England Chapter Board since 1998.

  • speaker photo
    Joan Antokol
    Partner, Park Legal LLC

    Joan Antokol is internationally recognized for her work in data protection. She is the founder and managing partner of Park Legal LLC, a data protection law firm with offices in Indianapolis and New Jersey. Joan is a member of the International Working Group on Data Protection in Telecommunications, a data protection regulator group chaired by the Berlin Data Protection Commissioner, and is also a Privacy by Design Ambassador appointed by the former Ontario, Canada Privacy Commissioner. Previously, Joan was a partner at and chaired the privacy and security practice group at an international law firm and also served as Vice President and Global Privacy Officer for a Fortune 100 pharmaceutical company for 7 years.

  • speaker photo
    Tom Stumpek
    CISO, Lahey Health

    Tom Stumpek currently serves as the CISO at Lahey Health. Prior to Lahey Tom spent over 20 years with the General Electric Company in various IT C-level positions (CISO, CTO, CIO) in the financial services, insurance, manufacturing and corporate sectors. Recently Tom has presented at several executive IT events on technology strategy, enterprise risk, innovation and leading a culture of change.

  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Chris DeMale, CFA
    Strategic Account Executive, ISACA

    Chris DeMale, CFA is a Strategic Account Executive for ISACA, where he serves enterprises across the globe on ISACA’s full suite of assessment, training, and cybersecurity products, and as a dedicated technical resource with expertise in the financial services sector. Before joining ISACA, Mr. DeMale served as Senior Vice President at Bluerock Capital Markets, and as a top-performing Regional Director at Morningstar, Inc., consulting on practice management, software, and investment decision-making. He has been recognized for helping hundreds of clients expand and enhance their firms. Mr. DeMale is a CFA Charterholder and a member of the CFA Society of Chicago. He holds degrees in Economics and English from Vanderbilt University and an MBA with Distinction from DePaul University. When not traveling or collaborating on ISACA business, he enjoys a variety of activities with his wife and four daughters, including gardening, biking, and chasing around a baby.

  • speaker photo
    Scott Margolis
    Founder & Managing Partner, SolutionLab, LLC

    Scott Margolis leads the Commonwealth of Massachusetts, Health Exchange Security & Privacy Compliance program comprised of State Agencies and IT Service Providers, established to meet the Centers for Medicare & Medicaid (CMS) and Internal Revenue Service (IRS) mandated Certification & Accreditation requirements necessary to operate a State-Based Health Insurance Exchange under the Patient Protection and Affordable Care Act (ACA) of 2010. Mr. Margolis has more than 25 years of information technology, security governance, and regulatory compliance experience as an entrepreneur, senior leader and consultant. He has worked across the healthcare continuum having worked for payer, consulting and product organizations. He has successfully managed information technology and security organizations, led large consulting initiatives in both the public and private sectors, and developed products for the commercial marketplace.

  • speaker photo
    Jonathan Lange
    Executive Manager, baramundi software USA, Inc.

    Jonathan Lange is sales manager for baramundi software USA, Inc. in the US market. Having advised customers in various countries from small businesses to global enterprises, he is well aware of the challenges IT departments face today in order to keep their infrastructure up-to-date, safe and efficient.

  • speaker photo
    Matthew Gardiner
    Senior Product Marketing Manager, Mimecast

    Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security. With more than 15 years focused in security, Matthew’s expertise in various roles includes threat detection & response, network monitoring, SIEM, endpoint threat detection, threat intelligence, identity & access management, Web access management, identity federation, cloud security, and IT compliance at RSA, Netegrity, and CA Technologies. Previously he was President and a member of the board of trustees of the security industry non-profit, the Kantara Initiative. Matthew has a BS in Electrical Engineering from the University of Pennsylvania and an SM in Management from MIT's Sloan School of Management.

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    Stephen Jones
    Vice President Managed Services, GuidePoint Security

    Stephen is the Vice President of Managed Services at GuidePoint Security and began his career in Information Security, Information Technology Management, Vulnerability Management, and Security Operations Center (SOC) operations. Before joining GuidePoint Security, Stephen worked for ManTech International at a large federal agency managing SOC operations. Stephen’s experience includes the teardown and rebuild of an Intelligence Community SOC to include staffing, process development, documentation, operations management, and inter-organizational coordination. He has managed Enterprise Vulnerability Management to include scanning, vulnerability prioritization, and reporting for an enterprise of over 100,000 assets. Stephen has a B.S. in Information Security from George Mason University.

  • speaker photo
    James Lam
    Director, E*Trade Financial

    James Lam is the president of James Lam & Associates and a director of E*TRADE Financial, where he chairs the risk oversight committee. He previously served as president of ERisk, partner of Oliver Wyman, chief risk officer of Fidelity Investments, and chief risk officer of GE Capital Markets Services. Lam was named to the NACD Directorship 100, Directors & Boards “Directors to Watch,” Treasury & Risk “100 Most Influential People in Finance,” and GARP “Risk Manager of the Year.” He is a best-selling author of three Wiley books. Lam is certified by the Software Engineering Institute of Carnegie Mellon in Cybersecurity Oversight.

  • speaker photo
    Carlos Morales
    Vice President, ASERT and Global Pre-Sales, Arbor Networks

    Carlos is responsible for Arbor’s Security Engineering & Response Team as well as the global pre-sales organization. ASERT is one of the industry’s most respected research organizations, responsible forproviding tactical and strategic threat intelligence to Arbor’s customer base and for curating ATLAS, Arbor’s global threat intelligence infrastructure. ASERT uses this unique network insight to analyze botnets, malware and DDoS threats on a global basis, developing protections that are fed directly into Arbor’s products through the ATLAS Intelligence Feed. Additionally, he will retain responsibility for field operations and implementation of our security and network visibility solutions. He brings more than two decades of experience in deploying security, networking and access solutions for service provider and enterprise networks. Before joining us in 2004, Carlos held management positions at Nortel Networks and Tiburon Networks, where he served as director of sales engineering. He also held salesengineering roles at Shiva Corporation, Crescent Networks and Hayes Microcomputer.

  • speaker photo
    Katie Stebbins
    Vice President for Economic Development, University of Massachusetts President's Office

    Katie Stebbins is the Vice President for Economic Development at the University of Massachusetts. She serves as a liaison to the business community, establishing and growing research and workforce development partnerships to benefit the university and the Commonwealth of Massachusetts. Representing UMass, the state’s second-largest employer and an institution responsible for $6.2 billion in annual economic impact, Katie is focused on business collaboration and increasing the state’s competitiveness in key sectors, including cyber security. Katie was previously Assistant Secretary for Technology, Innovation and Entrepreneurship for Massachusetts, where she led state investment efforts in robotics, advanced manufacturing and cyber security.

  • speaker photo
    Nicholas Davis
    Technical Product Manager, Rapid7

    Nick Davis began his career at Rapid7 in 2013 as a Software Engineer building InsightIDR. In this role, he was focused on building key detections and establishing scalability across the platform to keep up with a growing user base. Now, as the Technical Product Manager for InsightIDR, Nick works closely with engineering, SOC Analysts, and customers. He has a B.S. in Computer Engineering from Tufts University, where he led the Tufts IEEE chapter and contributed to Metasploit. He has published papers on facial recognition systems and hazardous environment detection using UAV systems. When he's not at work, you can find him reading up on large scale distributed systems, taking pictures, or skiing.

  • speaker photo
    Mark Aiello
    VP of Cybersecurity & Operations, Signature Consultants

    VP of Cybersecurity and Operations for Signature Consultants, one of the largest IT Staffing Firms in the U.S. - Former President of Cyber 360, one of the largest Cybersecurity Staffing Firms in the U.S. More than 30 years of IT and Cybersecurity Consulting and Staffing experience. Specific expertise in Cybersecurity/Information Security Labor Market. Specializing in Consulting, Staff Augmentation, and selective Permanent Placement. Consulting with a vast network of Cybersecurity Professionals. Keeping companies safe by providing Cybersecurity Consultants and Employees.

  • speaker photo
    Vani Murthy
    Risk Consultant, Cloud Security Alliance working groups contributor

    Vani Murthy (CISSP, CRISC, PMP and ITIL) is a Risk Consultant with over 17 years of experience in IT. Vani holds a MS and an MBA. She also contributes to the Cloud Security Alliance working groups.

  • speaker photo
    Esmond Kane
    Deputy CISO, Partners HealthCare

    Esmond Kane is the Deputy Chief Information Security Officer in the Partners Healthcare Information Security and Privacy Office. In this role, Esmond is responsible for the operational component of the "Lighthouse" program, a radical transformation in Partners approach to security and privacy risk management. Prior to Partners, Esmond spent 10 years helping to guide improvements in IT delivery and information security in various roles in Harvard University. Before Harvard, Esmond spent 10 years in several roles and industries including KPMG and BIDMC. In his spare time, Esmond likes to fret about spare time and annoy people who read bios…

  • speaker photo
    Amirali Sanatinia
    PhD Candidate / Research Assistant, Northeastern University

    Amirali Sanatinia is a Computer Science PhD candidate at Northeastern and holds a Bachelors degree in Computer Science from St. Andrews University. His research focuses on security and privacy, and has been covered by publications such as MIT Technology Review, Ars Technica, and Threatpost. He is a recipient of RSAC Security Scholar and the CCIS Outstanding Research Award. He has presented at different security conferences such as DEF CON, Crypto Village, Virus Bulletin, BSides Boston, and PyCon.

  • speaker photo
    Scott Margolis
    Founder & Managing Partner, SolutionLab, LLC

    Scott Margolis leads the Commonwealth of Massachusetts, Health Exchange Security & Privacy Compliance program comprised of State Agencies and IT Service Providers, established to meet the Centers for Medicare & Medicaid (CMS) and Internal Revenue Service (IRS) mandated Certification & Accreditation requirements necessary to operate a State-Based Health Insurance Exchange under the Patient Protection and Affordable Care Act (ACA) of 2010. Mr. Margolis has more than 25 years of information technology, security governance, and regulatory compliance experience as an entrepreneur, senior leader and consultant. He has worked across the healthcare continuum having worked for payer, consulting and product organizations. He has successfully managed information technology and security organizations, led large consulting initiatives in both the public and private sectors, and developed products for the commercial marketplace.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Joanne Kossuth
    CIO, Mitchell College

    Currently Joanne acts as the Chief Information Officer for Mitchell College with responsibility for academic, administrative, and enterprise computing and library information services. Joanne also serves as principal in her consulting services company, 1MountainRoad, which specializes in strategic business process re-engineering; aspirant and leadership development; human capital management and team building; and collaboration and services implementations. 1MountainRoad has specific experience in higher education in executing change management.

    As Olin College's Vice President for Operations and CIO, Ms. Kossuth had primary responsibility for the operational and technology areas of the college. These included: conference services, dining services, EH&S, facilities, human resources, information technology, planning and project management, public safety. In addition to her operations duties, she was responsible for building relationships with neighboring institutions, including Babson, Brandeis, and Wellesley Colleges.

    Ms. Kossuth founded and convened the External Technology Advisory Board and the Olin Innovation Lab. Her IT leadership led to her being named one of Computerworld's Premiere 100 CIOs in 2005. She received the EDUCAUSE Community Leadership Award, 2014. Joanne's previous experience includes positions at Fisher College, Wheelock College and the Boston University School of Management. Her publications include: "Attracting Women to Technical Professions," and "Building Relationships Means Better IT Contracts," “The Converged Workplace” and Chapter 32 or “Olin College: Academic and Olin Centers” in the EDUCAUSE E-Book “Learning Spaces.” Ms. Kossuth continues to provide service and leadership to EDUCAUSE and CLIR as the Dean of the Leading Change Institute and to NERCOMP as the co-founder and facilitator of the EDUCAUSE NERCOMP IT Manager Workshop Series. She was selected as a member of Juniper Network's Higher Education Advisory Board, and Plantronics Unified Communications Advisory Board.

  • speaker photo
    Larry Wilson
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016

    Larry is responsible for developing, implementing and managing the University of Massachusetts Information Security Policy and Written Information Security Program (WISP). The University program is based on industry best practices ISO 27001 / SANS 20 Critical Controls, and is implemented consistently across all University campuses (Amherst, Boston, Dartmouth, Lowell, Medical School and the President’s Office).

    Prior to joining UMASS, Larry was the Vice President, Network Security Manager at State Street. In this role he was responsible for researching, selecting, implementing and overseeing an engineering staff who managed network security technologies / tools including vulnerability scanning, network firewall policy management, intrusion detection, remote access, DNS security, global and local load balancing, etc.

    Larry's industry experience includes IT audit manager for Deloitte Enterprise Risk Services (ERS) consulting practice. In this role he managed a staff responsible for developing and completing a Sarbanes Oxley compliance audit for MasterCard International. Larry's team focused on the application level controls and general computer controls for information technology services implemented and managed from the MasterCard data center in St. Louis.

    Mr. Wilson holds a Master of Science degree in Civil / Structural Engineering from the University of New Hampshire. His industry certifications include CISSP, CISA and ISA (PCI Internal Security Assessor). He serves on the Advisory Board for Middlesex Community College and CISO Advisory Board for Oracle. He co-chairs the Massachusetts State University and Community College Information Security Council, and serves as Certification Director for ISACA New England. His major 2013 accomplishments include Finalist for Information Security Executive® (ISE®) of the Year for both the Northeast Region and North America; and a SANS People who made a difference in Cybersecurity in 2013 award recipient.

    Larry has been teaching CISA certification training for ISACA for 5 years.

  • speaker photo
    Happy Hour
  • speaker photo
    Deidre Diamond
    Founder and CEO, CyberSN and Brainbabe

    Deidre Diamond is the Founder of brainbabe.org, a not-for-profit organization focused on desexualizing industry conferences and events while also helping to bridge the cyber talent gap. Deidre’s vision and leadership has resulted in a dramatic decrease in the frustration, time and cost associated with hiring and job searching in the cybersecurity community while also supporting equality for women. Prior Deidre was CEO of Percussion Software, the first VP of Sales at Rapid7 (NYSE:RPD) and VP of Staffing and Recruiting for Motion Recruitment.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Ben Levitan
    CEO, Cedalion Partners

    Ben Levitan serves as CEO of Cedalion Partners, a Management Advisory firm to Investors, Boards, and CEOs. Ben serves as Board Director of OGSystems, a GEOINT solutions company, and Bricata, a cybersecurity company. Ben has more than 25 years of leadership experience, having served as CEO or COO of five companies—in venture, growth equity, and public stages. Ben served as Venture Partner at IQT, the strategic investment arm of the CIA and U.S. Intelligence Community, and made investments in cybersecurity, including Veracode (acquired by CA) and Corestreet (acquired by Assa Abloy). He attended London School of Economics and earned his BA from Union College. Ben is an avid motorcycle rider and bicyclist and is married with three children.

  • speaker photo
    Larry Wilson
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016

    Larry is responsible for developing, implementing and managing the University of Massachusetts Information Security Policy and Written Information Security Program (WISP). The University program is based on industry best practices ISO 27001 / SANS 20 Critical Controls, and is implemented consistently across all University campuses (Amherst, Boston, Dartmouth, Lowell, Medical School and the President’s Office).

    Prior to joining UMASS, Larry was the Vice President, Network Security Manager at State Street. In this role he was responsible for researching, selecting, implementing and overseeing an engineering staff who managed network security technologies / tools including vulnerability scanning, network firewall policy management, intrusion detection, remote access, DNS security, global and local load balancing, etc.

    Larry's industry experience includes IT audit manager for Deloitte Enterprise Risk Services (ERS) consulting practice. In this role he managed a staff responsible for developing and completing a Sarbanes Oxley compliance audit for MasterCard International. Larry's team focused on the application level controls and general computer controls for information technology services implemented and managed from the MasterCard data center in St. Louis.

    Mr. Wilson holds a Master of Science degree in Civil / Structural Engineering from the University of New Hampshire. His industry certifications include CISSP, CISA and ISA (PCI Internal Security Assessor). He serves on the Advisory Board for Middlesex Community College and CISO Advisory Board for Oracle. He co-chairs the Massachusetts State University and Community College Information Security Council, and serves as Certification Director for ISACA New England. His major 2013 accomplishments include Finalist for Information Security Executive® (ISE®) of the Year for both the Northeast Region and North America; and a SANS People who made a difference in Cybersecurity in 2013 award recipient.

    Larry has been teaching CISA certification training for ISACA for 5 years.

  • speaker photo
    Deidre Diamond
    Founder and CEO, CyberSN and Brainbabe

    Deidre Diamond is the Founder of brainbabe.org, a not-for-profit organization focused on desexualizing industry conferences and events while also helping to bridge the cyber talent gap. Deidre’s vision and leadership has resulted in a dramatic decrease in the frustration, time and cost associated with hiring and job searching in the cybersecurity community while also supporting equality for women. Prior Deidre was CEO of Percussion Software, the first VP of Sales at Rapid7 (NYSE:RPD) and VP of Staffing and Recruiting for Motion Recruitment.

  • speaker photo
    Sandy Bacik
    Sr. Compliance & Cybersecurity Auditor, CipherTechs, Inc.

    Sandy Bacik, former ISO / Director of InfoSec and author, has many years of direct development, implementation, and management information security experience in the areas of audit, DR/BCP, incident investigation, physical security, privacy, compliance, policies/procedures, and data center operations. She has developed enterprise-wide security conscious culture through information assurance programs.

  • speaker photo
    Ravi Thatavarthy
    CISO, iRobot Corporation

    Ravi Thatavarthy is Information Security Officer at iRobot heading both IT and Product Security. He brings 20+ years of experience in Information Security to his role with a strong background in Security Architecture and building Security programs from ground up. His approach to Information Security is unique and well-balanced with a focus on ‘Business Value’ and ‘User Delight’. He recently appeared in ‘Profiles in Confidence’ as a Security leader running confident Security program. He spoke and served as a panelist in multiple conferences. Before joining iRobot, he led the Security, Policy & Compliance programs at Haemonetics where he worked as Director of Global Security & Policy.

  • speaker photo
    Frank Duff
    Cybersecurity Engineer, MITRE

    Frank Duff is a principal cyber operations engineer at MITRE. His work has focused in endpoint security and cyber deception. He is the current principle investigator of the Leveraging External Transformational Solutions research and development effort that seeks to assist the integration of innovative commercial cybersecurity solutions into our sponsor base.

  • speaker photo
    Jordan Fischer
    Managing Partner & Co-Founder, XPAN Law Group, LLC

    Jordan is a co-founder and managing partner of XPAN Law Group, LLC, a certified Women-Owned Enterprise law firm. She focuses her practice on international data privacy, cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations and the forthcoming GDPR. She has extensive experience in the intersection of law and technology. With a global perspective, Jordan works with clients to create cost-effective and business oriented approaches to cybersecurity and data privacy compliance. Jordan is also an adjunct law professor at the Thomas R. Kline School of Law, where she teaches a variety of legal courses.

  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    Javed Ikbal
    CISO & VP, Information Security & Risk Management, Bright Horizons

    Javed Ikbal is the CISO at Bright Horizons. Prior to that, he held CISO positions at Upromise Rewards, GTECH, and Omgeo, and brings 20 years of information security experience in financial services, gaming, and scientific research sectors. He specializes in building or re-engineering information security programs, regulatory compliance, application security, and aligning IT and information security programs to business goals. He is the co-author of "The Laidoff Ninja" and is currently working on his next book: "Clicking Up: Building a Great Information Security Program".

  • speaker photo
    Lena Licata
    Director, EisnerAmper LLP

    Lena Licata is a Director in the Consulting Services Group, at EisnerAmper LLP, with over 10 years of experience including public accounting and private industry. She assists clients primarily in the financial services, providing a host of IT audit and risk services including identity and access management remediation, vendor risk and internal audit engagements.

  • speaker photo
    Kurt Wescoe
    Chief Architect, Wombat Security Technologies

    As Chief Architect at Wombat Security, Kurt is responsible for ensuring Wombat's software and systems are built on a sound foundation. He brings over 10 years of experience in engineering, across multiple industries. He also serves as a faculty member in the School of Computer Science’s master’s program in e-Business at Carnegie Mellon University. Kurt earned his M.Sc. in E-Commerce from CMU, and a B.S. in Computer Engineering from the University of Pittsburgh.

  • speaker photo
    Deidre Diamond
    Founder and CEO, CyberSN and Brainbabe

    Deidre Diamond is the Founder of brainbabe.org, a not-for-profit organization focused on desexualizing industry conferences and events while also helping to bridge the cyber talent gap. Deidre’s vision and leadership has resulted in a dramatic decrease in the frustration, time and cost associated with hiring and job searching in the cybersecurity community while also supporting equality for women. Prior Deidre was CEO of Percussion Software, the first VP of Sales at Rapid7 (NYSE:RPD) and VP of Staffing and Recruiting for Motion Recruitment.

  • speaker photo
    Nuno Sousa
    Strategic Engineering Manager, Check Point Software Technologies, Inc.

    Nuno is the Check Point Strategic Engineering Manager in the Northeast. 10+ years of experience in the cybersecurity industry. He has held various positions in the vendor, system integrator and private sector including Security Engineer, Security Architect, Security Consultant and now managing Check Point SE’s responsible for Check Point’s largest customers in the NorthEast.

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    Jim Benanti
    Sr. Partner, Consulting Engineer, Arbor Networks

    Jim comes to Arbor with over 20 years in the security field as a Pre-Sales Engineer, Sales Representative, Competitive Analyst, and Solutions Consultant. He has been with Arbor for the past six years, where he currently is a Sr. Partner Consulting Engineer.
    Jim received his Bachelor’s degree from Clarion University of Pennsylvania and has also earned a Master’s degree from Robert Morris University. He also maintains his CISSP and ITIL certifications. Jim currently resides in the Pittsburgh area with his wife Mary and two daughters, Sarah and Maria.

  • speaker photo
    William J. Malik, CISA
    VP, Infrastructure Strategies, Trend Micro

    Bill helps clients achieve an effective information security posture spanning endpoints, networks, servers, cloud, and the Internet of Things. This involves technology, policy, and procedures, and impacts acquisition/development through deployment, operations, maintenance, and replacement or retirement.

    During his four-decade IT career, Bill has worked as an application programmer with the John Hancock Insurance company; an OS developer, tester, and planner with IBM; a research director and manager at Gartner for the Information Security Strategies service and the Application Integration and Middleware service, and served as CTO of Waveset, an identity management vendor acquired by Sun. He ran his own consulting business providing information security, disaster recovery, identity management, and enterprise solution architecture services for clients including Motorola, AIG, and Silver Lake Partners. Bill has over 160 publications and has spoken at numerous events worldwide.

    Bill attended MIT, majoring in Mathematics. He is a member of Connecticut chapters of InfraGard and ISACA.

  • speaker photo
    Katie Greer
    CEO, KL Greer Consulting, Featured on: CNN, The O'Reilly Factor, Inside Edition, The Huffington Post, TIME Magazine, USA Today and more

    Previously of the Massachusetts Attorney General's Office and MA State Police, Katie Greer travels the country presenting to hundreds of thousands of law enforcement, communities, school staff/administration and students on the trends, safety and best digital safety/social media practices. Katie serves as a media industry expert, and has been featured on CNN, The O'Reilly Factor, The Meredith Vieira Show, Inside Edition, and in media such as The Huffington Post, TIME Magazine, The Boston Globe, USA Today, Proctor & Gamble, Parents Magazine, and more.

  • speaker photo
    Margie Zuk
    Sr. Principal Cybersecurity Engineer, MITRE

    Margie Zuk is in the Cybersecurity Solutions and Information Technology Technical Centers at The MITRE Corporation. She leads MITRE’s support to FDA on medical device cybersecurity and preparedness and response and is developing a Common Vulnerability Scoring System rubric tailored to medical devices. Margie has a Bachelor of Arts in Mathematics from the College of Mt. St. Vincent, and a Master of Science in Computer Science from Stevens Institute of Technology.

  • speaker photo
    Penny Chase
    Sr. Principal Scientist, MITRE

    Penny Chase is in the Cybersecurity Solutions and Information Technology Technical Centers at The MITRE Corporation. She leads MITRE’s support to FDA on medical device cybersecurity and preparedness and response, and is developing a Common Vulnerability Scoring System rubric tailored to medical devices.

  • speaker photo
    Sue Bergamo
    CIO & CISO, Episerver

    Sue is the global CIO & CISO at Episerver. She has held strategic positions at Microsoft, and as CIO at Net Atlantic, BTE Consulting, and Aramark’s Galls & Wearguard. She has an AS in Computer Science, a BS in Business Administration, an Executive Leadership MBA and a Master’s in Security.

  • speaker photo
    Thomas Hart
    CISO, Cyber Guide LLC

    Thomas F Hart - Tom has been in the IT field since 1978(EDP), starting as a programmer trainee (Assembler and COBOL). First computer worked on was an IBM360 system (PCs were a long way off). He has been a Programmer, Systems Analyst, Operating Systems Programmer, Network Systems Programmer, DR / BCS Specialist, IT Auditor, GRC, Sr. Security Analyst, Contractor/Consultant, Security Conference Panelist- Moderator-Organizer-Speaker. Tom has been involved in the InfoSec community via ISC2, ISACA, SANS, HOPE, BSides, Secure World and others. He has worked in the Banking, Defense, Utilities, Gov. and Health Care industries in his career. Most recently he has founded Cyber Guide LLC consulting firm.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store