Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, March 27, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    8:00 am
    SecureWorld PLUS Part 1 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value
    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop
    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    8:00 am
    SecureWorld PLUS Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:00 am
    SecureWorld PLUS Part 1 - Cloud Security Essentials
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Director of Infrastructure and Database Services, The University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    This course will review the different cloud deployment and service models in the industry today and what steps we need to take as security professional to ensure the protection of our data and services in the cloud. We will then take what we have learned and as a team apply some of the principles from this course to a mock digital transformation scenario.

    8:30 am
    Navigating the Uncharted Cybersecurity Career Path
    • session level icon
    speaker photo
    Board Member , (ISC)2
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    With a growing shortage of qualified workforce, it’s a pivotal time for the cybersecurity profession to define its value and claim its space within the corporate landscape. From entry-level to C-suite, do you know what you’re worth and how to maximize your earning potential? What are the KPIs, accomplishments, and degrees or accreditations needed to advance your career?
    8:30 am
    Security Awareness Training: Building Your Brand
    • session level icon
    speaker photo
    Founder & Managing Partner, SolutionLab, LLC
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Security Awareness Training is paramount to the success of any Information Security Program, serving as a front-line defense in countering threats that may significantly impact business operations. A well-informed staff that is trained to avoid actions that may unleash the latest Phishing or Ransomware attack, will lessen the frequency of harmful incidents and may exceed the capabilities of sophisticated detective and preventative controls. This presentation will focus on the process for establishing a Security Awareness program that fosters a cyber-safe culture based on a unified brand and business-centric curriculum supported by adaptive campaigns, personally relatable content, and leverages user behavior as opportunities for teachable moments.
    8:30 am
    All Risks Are Business Risks
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Defining accurate cybersecurity measurements has always been difficult. We need to alter the perception of cybersecurity from a primarily IT concern, to an everyday function of the business. This presentation will provide some ammunition to allow us to make that argument and move us beyond our current limitations.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE — Going Digital: Building Your Strategic Roadmap for the Next Wave of Digital Transformation
    • session level icon
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:30 am
    Location / Room: Keynote Theater

    The next major wave of digital transformation will integrate the physical parts of your business even more intimately with the digital world, using sensors, analytics, artificial intelligence, robotics, augmented reality, 5G networking, and blockchain technology. In this talk, former Intel futurist Steve Brown presents a fast-paced, fun exploration of what it will mean to “go digital” in the next decade, and reviews the business and security strategies we will need to navigate the road ahead.

    Hear from Steve as he gives a preview of what he will cover in his keynote: https://youtu.be/Er1spVCyzS8

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable: (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    11:15 am
    Hearing Voices: The Voice of the Cybersecurity Professional Is Finally Heard!
    • session level icon
    speaker photo
    International President, ISSA
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    For the third year, ISSA and ESG performed research to better understand the challenges faced by cybersecurity professionals. In this presentation, we review the results of the 2018 research, including: cybersecurity careers, key skills development sources, organizational considerations, and new trends. In this session you will learn which actions will benefit the individual professional the most.

     

    11:15 am
    baramundi: Innovative Endpoint Management
    • session level icon
    A Holistic Approach to Vulnerability Management, Patching, OS-Upgrades, and Software Distribution
    speaker photo
    Executive Sales Manager, baramundi Software USA Inc.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Zero Day Vulnerability, Windows Fall Anniversary Update, Office 365 Migration: Are any of these topics causing you to lose sleep? This seminar will show you how you can automate OS-migrations, software deployment projects, and effective security exploit management all from one easy to use Endpoint Management Suite. This solution assists in making you the expert!

    11:15 am
    Radware: Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Throughout 2018 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    (ISC)2 Chapter Meeting and Presentation
    • session level icon
    Discover Your Local Associations - Open to All Attendees
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Interested in your local associations? Join (ISC)2 for a social meet & greet and chapter news.

    11:15 am
    Vulnerability Management in an Academic/Research Environment
    • session level icon
    speaker photo
    Manager, Telecom & Network Ops, University of New Hampshire
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    A discussion of the challenges related to implementing a vulnerability remediation program in an open, academic environment. Touching on both the technical obstacles of delivery and remediation as well as procedural complexities.

     

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    12:15 pm
    LUNCH KEYNOTE: Securing a World of Physically Capable Computers
    • session level icon
    speaker photo
    Security and Cryptography Expert and Author
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Computer security is no longer about data; it’s about life and property. This change makes an enormous difference, and will shake up our industry in many ways. First, data authentication and integrity will become more important than confidentiality. And second, our largely regulation-free internet will become a thing of the past.

    Soon, we will no longer have a choice between government regulation and no government regulation. Our choice is between smart government regulation and stupid government regulation. Given this future, it’s vital that we look back at what we’ve learned from past attempts to secure these systems, and forward at what technologies, laws, regulations, economic incentives, and social norms we need to secure them in the future.

    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.

    1:15 pm
    Panel: You’ve Got Burned! Now What?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    We’ve all heard the adage that it’s not if it happens but when you are inevitably breached… Do you have a plan? Even a framework to go off of? What do you include? Who do you include? How often should you be practicing this plan? Join our experts as they discuss incident response plans, who should be involved, best practices, and pitfalls.

    1:15 pm
    Panel: Knowledge is Power (Encryption)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Encryption: the translation of data into a secret code. Very much like the codes that Elisebeth Friedman had cracked against the rum runners and bootleggers during the Prohibition days. Our heroine was able to smash their codes and determine when the next shipments were scheduled to arrive stateside. Knowledge truly was power as Friedman was able to effectively predict the future through her diligent code breaking. The level of sophistication may have changed but the point of encryption was and still is to safeguard the data from those that are not part of the group. Our experts will discuss the importance of using encryption to keep our information secure as well as address some of the best practices and pitfalls to watch out for.

    1:15 pm
    Privacy Impact Assessments and Emerging Technologies
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm
    Privacy laws and regulations continue to evolve rapidly in the U.S. at the federal and state levels. Combined with the European Union GDPR, these emerging standards underline the need for businesses to manage data as a regulated asset. The risks are heightened when developing or implementing emerging technologies, such as artificial intelligence, blockchain and biometric technologies. A key part of governance, both to reduce risk and to enable new innovations, is to perform impact assessments when implementing new technologies into the business, and as part of any new product development or innovation operations. This presentation will focus on privacy regulatory issues associated with emerging technologies, trends in structuring impact assessments, approaches to and objectives of PIAs, and ways in which to integrate PIA processes into the business.
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Why Can't the Business and IT Get Protection Right?
    • session level icon
    speaker photo
    Sr. Compliance & Cyber Security Auditor, Bacik Enterprises
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Security is a process and never ending, why can’t the business and IT understand that it is not once and done. Security and privacy compliance grows in regulations globally, yet we wait to see if we can run under the radar. We cannot do that anyone and customers, individuals, and organizations are paying in more ways than one. In this session we will talk about

    • Why businesses are cutting everything
    • Why outsourcing may be more important
    • Things we can do to increase protection for the complete security life cycle
    • Building the right controls
    • Presenting the ideas to management

    3:00 pm
    A Survey of U.S. Domestic Security and Privacy Laws: The Evolving Landscape
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    A Survey of U.S. Domestic Security and Privacy Laws: The Evolving Landscape. The US legal framework for cybersecurity and data privacy continues to evolve, trying to stay abreast of the ever evolving and changing technologies. In the past year, State and Federal regulatory changes have altered the legal and compliance oblgiations of many companies across a variety of industries. Additionally, the courts are starting to adopt opinions that are placed more liability on companies for the protection of sensitive personal data. This presentation will provide an overview of key regulatory and legal changes both at the State and Federal level and discuss how companies should prepare to meet these evolving obligations.

    3:00 pm
    Is Information Security Failing Your Firm?
    • session level icon
    speaker photo
    Enterprise Information Security Manager , Road Scholar
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Information security has been focused on risk and technology. When do we start focusing on the business? This presentation will discuss the need for security to shift from risk and technology to a role as a business motivator and a focus around business goals and objectives.

    3:00 pm
    Panel: The Unstoppable Convergence of Physical and Cybersecurity
    • session level icon
    speaker photo
    President & CEO, Edward Davis, LLC
    speaker photo
    Rear Admiral, U.S. Navy (Ret.), President, Spinnaker Security LLC; ACSC Board Clerk
    speaker photo
    CEO & Founder, CYBRIC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    The convergence of physical and cybersecurity has become the gold standard for maximized protection and risk management. The popularity of IoT devices for physical security creates an entirely new set of vulnerabilities that hackers use to exploit systems. These new security devices are a liability but, implemented properly with the combination of physical and cybersecurity, can be a security benefit to an organization.
    Convergence prevents physical and information security teams from seeing vulnerabilities from only one perspective, improving response rates to incidents that straddle real-world and IT-based systems. Convergence strengthens an organization’s defenses against escalating threats.

    Attendees will hear from veterans of the public and private sectors—including the military, law enforcement and technology—how a holistic view of security will better prepare their organizations against tomorrow’s bad actors and threats.

    3:00 pm
    SecureWorld PLUS Part 2 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value

    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop

    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    3:00 pm
    SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    3:00 pm
    SecureWorld PLUS Part 2 - Cloud Security Essentials
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Infrastructure and Database Services, The University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    This course will review the different cloud deployment and service models in the industry today and what steps we need to take as security professional to ensure the protection of our data and services in the cloud. We will then take what we have learned and as a team apply some of the principles from this course to a mock digital transformation scenario.

    4:00 pm
    Happy Hour Reception
    • session level icon
    Join GuidePoint and Partners for post SecureWorld social hour.
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 6:00 pm

    Join GuidePoint and Partners for a post SecureWorld social hour. Come discuss the days events, network with security peers, and enjoy beverages and hors d’oeuvres compliments of GuidePoint and Partners.

    Compliments of GuidePoint Security, Agari, Bitglass, Crowdstrike, Exabeam, Expanse, Forescout, Gemalto, Insights, Okta, OneLogin, SentinelOne, Signal Sciences, Splunk, Symantec, Tenable, Varonis, Cybereason, Venafi, Cylance, Digital Shadows, Kenna, Gigamon, Virtisec, Security Scorecard, PKware, Checkmarx, Skybox, Guardicore, Netskope, Thales, Demisto, Imperva, Spirion

  • Thursday, March 28, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value

    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop

    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    8:00 am
    SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:00 am
    SecureWorld PLUS Part 3 - Cloud Security Essentials
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Infrastructure and Database Services, The University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    This course will review the different cloud deployment and service models in the industry today and what steps we need to take as security professional to ensure the protection of our data and services in the cloud. We will then take what we have learned and as a team apply some of the principles from this course to a mock digital transformation scenario.

    8:30 am
    Information Security and Risk Management: A Decision Support Tool, a Cultural Change Agent, the Answers to the Quiz About Truly Knowing
    • session level icon
    speaker photo
    Sr. Director, Information Security, Blue Cross Blue Shield of MA
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Effective ways to position your Security and Risk programs for relevance and success. Tell your story to demonstrate the value you add and how you align to, support and enhance business objectives. Creating internal business relationships that turn critics into partnerships . The ultimate goal is to create a culture of change, awareness and shared accountability.

    8:30 am
    Blockchain and Data Protection Laws: Can They Co-Exist?
    • session level icon
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconConference Pass
    • session level iconSecureWorld Plus
    8:30 am - 9:15 am
    Blockchain and Data Protection Laws: Can they Co-Exist? With the increasing emphasis on data privacy, and the adoption of data protection regulations, Blockchain faces hurtles in complying with these regulatory obligations while allowing for the continued evolution of the technology. This presentation will discuss the ways in which Blockchain needs to take into account core privacy principles, and discuss the practical implications of various data protection regulations, including the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other regulatory requirements.
    8:30 am
    Hacking Back: What Are the Legalities and Implications?
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Numerous governments are now considering introducing legislation to make hacking back more legal, to open up a new collection of tools for defenders. The issue is in attributing an attack to the right source, understanding the attacker’s intent, and developing the right red team skills.

    8:30 am
    Why Move? Lessons Learned Working Internationally in APAC
    • session level icon
    speaker photo
    Information Security Leader, Healthcare Industry
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    What’s the best way to learn more about another company or department outside of the US that you do business with? Why not embrace, make changes and move yourself there to experience everything? Learn more about the challenges (pros and cons) and lessons learned faced. Bring your questions to this session. This will be a very informative session that talks about the experiences learned and some recommendations of things to do now and be cognizant of.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE:
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    11:15 am
    A New Rubric for IT Recruiting and Retention
    • session level icon
    speaker photo
    Director, Information Security Education & Consulting , Harvard University
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    From lengthy vacancies in unfilled positions to a choice of strong candidates within weeks of job listings. Hear how Harvard Information Security and Harvard WIT (Women in Technology) are leading a culture shift in our IT community that extends from recruiting through promotion. Participants will explore useful resources and techniques to remove inadvertent biases in your processes, so you can better attract, retain, and develop strong talent and inclusive teams in your organizations. We explore job postings, marketing, interview processes, selection criteria, apprenticeship opportunities, and mentoring programs.

    11:15 am
    EU GDPR: Enforcement Landscape, Key Security Risks, and Recommendations
    • session level icon
    speaker photo
    Partner, Park Legal LLC
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    The GDPR has been in effect since May 25, 2018. Hear from a presenter who sits on a team with the EU and other data protection regulators about the number of complaints and security breach reports that various EU member states have received since the GDPR took effect, as well as enforcement under that regulation. The presenter will also discuss key triggers for enforcement, particularly in relation to IT security, and will provide recommendations to help organizations successfully address the complex GDPR and member state requirements for IT security.
    11:15 am
    Lessons From Lighthouse Keepers
    • session level icon
    speaker photo
    Deputy CISO, Partners HealthCare
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    In this session, lets discuss the cyber-security transformation of a large, complex enterprise and identify recommendations for anyone looking to kickstart a similar effort.

    The Partners “Lighthouse” project provides Partners’ employees, physicians, residents, researchers and staff with the requirements and the best practices for securing patient information and critical business systems. The project dates from 2011 and includes periodic checkpoints with trusted third parties to validate the maturity and effectiveness of the program.

    11:15 am
    ACP Chapter Meeting
    • session level icon
    Open to All Attendees
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Interested in your local associations? Join ACP for their chapter meeting and presentation.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    12:15 pm
    LUNCH KEYNOTE: Radware - Game of Threats
    • session level icon
    speaker photo
    Head of Security, Emergency Response Team, Radware
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Do you really know who are the real cyberattackers in today’s landscape?    Every day we hear about names, techniques, hacktivists, and new tools which are ransacking businesses and organizations world-wide. However, do you understand how these relate to each other and which of these vectors are the most heinous?   This presentation reveals a fascinating topic of how everything from hacking tools, patriotic hackers, to cyber cartels to DDoS vectors relate to one another, placing everything into context.   In fact, this presentation will allow for a detailed understanding of 52 different attack types and categories to be aware of and comprehend.  You will take away the notion of how varied each attack vector is and how many categories exist in the world of cyberattacks.

     

    1:15 pm
    Panel: Access Control – the End of the Password?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    “Open Sesame!” Whether you recognize the term coming from Ali Baba or one of the forty thieves, this timeless password ranks up there with “password123” or “admin” on your home wireless router. Passwords were created to keep us safe or keep something safe for us. Back in the day you were able to look the person in the eye when they said the password. You knew (roughly) what you were getting, and you could perform a risk assessment (of sorts) on the speaker. Now, with many ways at getting our information, the password is going the way of the dodo.  Is 2FA good enough? Zero Trust? Pass phrases? Perhaps your own voice is the password? I don’t know the answer, but I’d be willing to bet that some of the experts on this panel will be able to help you decide what to do with the password dilemma.

    1:15 pm
    Panel: The Battle for the Endpoint Continues (Endpoint Security)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    What are you doing to keep the network safe for your employees? You’ve got your fancy next-gen firewall and some A/V, maybe even some biometrics or 2FA thrown in for safekeeping. We also keep hearing the IAM acronym thrown around. And what is Zero Trust? What are you missing? Oh, yeah… remote workers and IoT. Wouldn’t it be cool if you had someone to ask? Now you do. This panel will go through these questions and more. Join the group discussion as we address the challenges in endpoint and network security.

    1:15 pm
    Panel: Shifting Landscape of Attack Vectors
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    If one thing holds true in cybersecurity it is the fact that our adversaries are pretty smart. They are. To be fair, they only have to be right once in a while. These cyber thugs are constantly shifting their attack vectors to better infiltrate our networks. There are so many endpoints to cover that the “bad guys” can try something new all the time. They have also discovered that we do not have great cyber hygiene when it comes to training our workforce. End users continue to be the “weakest link” within an organization as we’ve learned from all the ransomware attacks and business email compromises of late. This panel will talk about the shift in attack vectors and make some predictions about what to watch out for in the not too distant future.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Emergence of the Chief Digital Risk Officer
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Digital technologies will increase organizations competitiveness, agility and reaction time. While increasing the speed of business, these digital technologies and processes will introduce greater security threats and evolution of digital risk management. Join Martin Bally as he discusses the Emergence of the Chief Digital Risk Officer.

    3:00 pm
    Security Challenges: Rollling Out a Cloud Offering Across a Global Organization
    • session level icon
    speaker photo
    VP, Security Engineering Solutions Team, State Street Corporation
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    This Presentation will highlight the challenges that all organizations, local or gloabal, will face when planning and implementing a Cloud Offering Solution. Particular focus will be placed on Securing the Organizations data. We will examine what steps to take to protect data in the cloud when implementing the cloud solution.

     

    3:00 pm
    UNH’s Perfect Storm – Managing the Rapidly Evolving Identity Threat Landscape
    • session level icon
    speaker photo
    Information Security Compliance Program Manager, University of New Hampshire
    speaker photo
    Identity and Access Management Program Manager , University of New Hampshire
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    IAM in higher education can be a challenging landscape with evolving business and technical requirements, limited resources and a rapidly evolving threat landscape and attack surface. We are the size of a fortune 500 company with the complexity and compliance requirements of a small city and the budget and staffing of a large non-profit. Session will cover UNH’s challenges in bringing IAM to industry standards that align with the higher education environment and how they are solving those challenges today and positioning the university for the future.
    3:00 pm
    Workplace Violence-Preparation Is Key
    • session level icon
    speaker photo
    Board Member, SIM Boston
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    In this presentation, we’ll look at the statistics of what has happened and try to make sense of why these types of attacks continue to increase. Then we’ll discuss how companies can prepare themselves for an unthinkable security breach.
Exhibitors
  • ACP – Greater Boston
    Booth:

    ACP is a professional organization that provides a forum for the exchange of information and experiences for business continuity leaders. We serve the greater Boston area, including Rhode Island and southern New Hampshire. Meetings are held on the second Wednesday of every month (except July & August). We invite you to attend our next meeting.

  • AccessIT Group
    Booth: 520

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • Agari
    Booth: Pavilion

    Founded by thought leaders of Cisco’s IronPort solutions, our mission is to build new internet scale data driven security solutions that eliminate email as a channel for cyber attacks and enable businesses and consumers to interact safely.

    Agari is trusted by leading Fortune 1000 companies, including 6 of the top 10 banks and 5 of the world’s leading social media networks, as well as Government Agencies, to protect their organizations, partners, customers and citizens from advanced email phishing attacks.

  • APCON
    Booth: 525

    APCON, an industry leader in network visibility and security solutions, provides an unparalleled level of confidence to enterprise and midsize businesses seeking network insights for enhanced investigation, threat detection and response. Our customers include Fortune 1000 companies to midsize organizations as well as government and defense agencies. Organizations in over 40 countries depend on APCON solutions.

  • AppViewX
    Booth: 702

    AppViewX is a network infrastructure management solution catering to the needs of enterprises that have invested heavily in data centres and require an agile network management solution

  • ARMA Boston
    Booth:

    ARMA International is a not-for-profit organization representing the RIM profession. Its primary purpose is the advancement of the profession and the professional through advocacy, education and professional development.

    ARMA International members include records and information managers, MIS and ADP professionals, imaging specialists, archivists, hospital administrators, legal administrators, librarians, corporate counsel, compliance professionals, and educators. ARMA, its chapters, and its members are dedicated to helping individuals, organizations, and government agencies successfully meet the challenges of the increasingly complex records and information management field.

  • Armis, Inc
    Booth: 523

    Armis eliminates the IoT security blind spot, letting enterprises discover unmanaged devices and networks, analyze behavior in order to identify risks and attacks, and protect their critical information and systems. Fortune 1000 customers trust Armis’ agentless IoT security platform to discover, analyze, and sanction any device or network. Armis is a privately held company and headquartered in Palo Alto, California.

  • ASIS
    Booth:

    ASIS International is the world’s largest membership association for security professionals. With hundreds of chapters across the globe, ASIS is recognized as the premier source for learning, networking, standards, and research. ASIS ensures its members and the security community have access to the intelligence and resources necessary to protect their people, property, and information assets. www.asisonline.org

  • Atlantic Data Security
    Booth: 118

    Since 1993, Atlantic has been representing industry leading security products to help get customers to an acceptable level of IT security risk. Atlantic works extensively with both large enterprises and SMB markets, understanding their business goals before any solution is recommended. Atlantic’s strict focus ensures that customers receive the highest level of both service and support.

  • baramundi software USA, Inc.
    Booth: 521

    baramundi software USA, Inc. provides companies and organizations with efficient, secure, and cross-platform management of workstation environments. Around the world, over 2,000 customers of all sizes and from every sector benefit from the independent German manufacturer’s many years of experience and outstanding products. These are compiled into an integrated, future-orientated unified endpoint management approach in the baramundi Management Suite: endpoint management, mobile device management, and endpoint security are provided via a shared interface, using a single database, and according to global standards.

  • Big Switch Networks
    Booth: 603

    Big Switch Networks is the next-gen networking company. Big Monitoring Fabric is an NPB that enables pervasive visibility and security across all workloads: physical, VM , container or cloud. Big Mon Inline enables pervasive security in the DMZ while offering lower-cost and SDN-centric operational simplicity. Tech partnerships include: A10, Palo Alto Networks, Symantec, FireEye, ExtraHop, Riverbed.

  • Bitdefender
    Booth: 505

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures – Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • Bitglass
    Booth: Pavilion

    Your company’s move to the cloud delivers flexibility and cost savings, but that doesn’t mean you should lose control of your data. Bitglass’ Cloud Access Security Broker (CASB) solution enables your enterprise to adopt cloud apps while ensuring data security and regulatory compliance. Bitglass secures your data in the cloud, at access, on any device.

    Bitglass was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution.

  • Brainbabe
    Booth:

    Brainbabe is directly impacting these statistics: 10% of the cybersecurity workforce is women; 1% of the cyber community is women leaders; and 53% of women end up leaving the industry.
    We do this by:
    1) Offering classroom training for women who want to join the cybersecurity profession
    2) Providing soft skills training to all cybersecurity professionals, enabling effective and harmonious interactions with team members in any environment
    3) Raising awareness about the numerous careers in cybersecurity for girls and women

  • Carbon Black
    Booth: 611

    Carbon Black is Transforming Security Through Big Data and Analytics in the Cloud Growing trends in mobility and cloud have made the endpoint the new perimeter. New and emerging attacks are beating traditional defenses, and security teams are too reactive and held back by their technologies. Carbon Black is leveraging the power of big data and analytics to solve the challenges surrounding endpoint security. With the Cb Predictive Security Cloud platform, we are transforming cybersecurity to deliver a new generation of cloud-delivered security solutions designed to protect against the most advanced threats.

     

  • Checkmarx
    Booth: Pavilion

    Checkmarx is an Application Security software company, whose mission is to provide enterprise organizations with products and services that empower developers to deliver secure applications faster. The combination of Checkmarx technology, methodology and expertise is the most cost effective way to produce high fidelity results, drive developer adoption, streamline remediation, and lead to secure application delivery. Amongst the company’s 1,400+ customers are 5 of the world’s top 10 software vendors and many Fortune 500 and government organizations, including SAP, Samsung, and Salesforce.com.

    For more information about Checkmarx, visit https://www.checkmarx.com

  • Cisco
    Booth: 514

    Cisco builds truly effective security solutions that are simple, open and automated. Drawing on unparalleled network presence as well as the industry’s broadest and deepest technology and talent, Cisco delivers ultimate visibility and responsiveness to detect more threats and remediate them faster. With Cisco, companies are poised to securely take advantage of a new world of digital business opportunities.

  • Cloud Security Alliance (CSA)
    Booth:

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Comodo Cybersecurity
    Booth: 607

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • CrowdStrike
    Booth: Pavilion

    CrowdStrike is the leader in cloud-delivered endpoint protection. Leveraging artificial intelligence (AI), the CrowdStrike Falcon® platform offers instant visibility and protection across the enterprise and prevents attacks on endpoints on or off the network. CrowdStrike Falcon deploys in minutes to deliver actionable intelligence and real-time protection from Day One. It seamlessly unifies next-generation AV with best-in-class endpoint detection and response, backed by 24/7 managed hunting. Its cloud infrastructure and single-agent architecture take away complexity and add scalability, manageability, and speed.

  • CyberArk Software
    Booth: 515

    CyberArk® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments.

  • Cybereason
    Booth: Pavilion

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • Cylance
    Booth: Pavilion

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • Darktrace
    Booth: 712

    Darktrace is the world’s leading AI company for cyber defense. With over 7,000 deployments worldwide, the Enterprise Immune System is relied on to detect and fight back against cyber-attacks in real time. The self-learning AI takes one hour to install, works across the cloud, SaaS, corporate networks, IoT and industrial systems, and protects against the full range of cyber-threats and vulnerabilities, from insider threats and ransomware, to stealthy and silent attackers. Darktrace has 800 employees and 40 offices worldwide, with headquarters in San Francisco, and Cambridge, UK.

  • Delta Risk
    Booth: 706

    Delta Risk was founded in 2007 from a vision of strategic and operational effectiveness to assist private sector and government organizations in understanding their current cyber security posture and building advanced cyber defense and risk management capabilities. We are a global provider of strategic, operational, and advisory solutions, including managed security services and security consulting services. Delta Risk is a Chertoff Group company.

  • Demisto
    Booth: Pavilion

    Demisto is a comprehensive Security Operations Platform that combines security orchestration, incident management and interactive investigation into a seamless experience.
    Powered by its machine learning technology, Demisto helps security teams build future-proof security operations, reduce MTTR, create consistent and audited incident management processes, and increase analyst productivity.

  • Digital Shadows
    Booth: Pavilion

    Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Envision Technology Advisors
    Booth: 503

    Envision Technology Advisors were early pioneers in virtualization. The company was Rhode Island’s very first certified VMware partner and one of the first in all of New England. By 2007, the team at Envision had made virtualization core to their business. In fact, the company has not deployed a physical server since.

    At a time when virtualization was still a new technology to many organizations, Envision became a recognized leader in virtualization services. As experts in this important technology, Todd and Envision began to get called in to consult and speak on virtualization. This showed the company the need for educated discussions on this topic and it eventually led to the creation of the company’s VMworld by Proxy event.

  • Exabeam
    Booth: Pavilion

    The Exabeam Security Intelligence Platform provides organizations of all sizes with end-to-end detection, analytics, and response capabilities from a single security management and operations platform. Exabeam SIP includes Exabeam Log Manager, a modern log management system, built on top of ElasticSearch to provide unlimited data ingestion at a predictable, cost effective price. Exabeam SIP detects complex, multi-stage threats using the analytics capabilities of Exabeam Advanced Analytics; the world’s most deployed User and Entity Behavior Analytics (UEBA) solution. Finally, Exabeam SIP improves incident response efficiency with Exabeam Incident Responder, an API based security orchestration and automation solution.

  • Expanse
    Booth: Pavilion

    Expanse is a SaaS company that continuously discovers, tracks, and monitors the dynamic global Internet Edge for the world’s largest organizations. We surface and help remediate Internet Edge risks to prevent breaches and successful attacks.

  • Fidelis Cybersecurity
    Booth: 602

    Fidelis Cybersecurity is a leading provider of threat detection, hunting and response solutions. Fidelis combats the full spectrum of cyber-crime, data theft and espionage by providing full visibility across hybrid cloud / on-prem environments, automating threat and data theft detection, empowering threat hunting and optimizing incident response with context, speed and accuracy. For more information, go to www.fidelissecurity.com.

  • ForeScout Technologies, Inc.
    Booth: Pavilion

    ForeScout Technologies, Inc. has pioneered an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT). We offer a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of today’s vast array of physical and virtual devices the instant they connect to the network. Our technology continuously assesses, remediates and monitors devices and works with disparate security tools to help accelerate incident response, break down silos, automate workflows and optimize existing investments. As of June 30, 2018, more than 2,900 customers in over 80 countries improve their network security and compliance posture with ForeScout solutions.

  • Fortinet
    Booth: 504

    Fortinet secures the largest enterprise, service provider, and government organizations around the world. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 300,000 customers trust Fortinet to protect their businesses.

  • Gemalto
    Booth: Pavilion

    SafeNet and Gemalto have joined forces to create the worldwide leader in enterprise and banking security from core data protection to secure access at the edge of the network. Together, we protect more data, transactions, and identities than any other company, delivering security services that are used by more than 30,000 businesses and two billion people in more than 190 countries around the world. We support 3,000 financial institutions and secure more than 80% of the world’s intra-bank fund transfers, and protect the world’s leading software applications.

  • Gigamon
    Booth: Pavilion

    Gigamon is leading the convergence of network and security operations to reduce complexity and increase efficiency of security stacks. Our GigaSECURE® Security Delivery Platform is a next generation network packet broker that makes threats more visible – across cloud, hybrid and on-premises environments, deploy resources faster and maximize the performance of security tools.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • GuardiCore
    Booth: Pavilion

    GuardiCore is specially designed for today’s software-defined and virtualized data centers and clouds, providing unparalleled visibility, active breach detection and real-time response. Its lightweight architecture scales easily to support the performance requirements of high traffic data center environments. A unique combination of threat deception, process-level visibility, semantics-based analysis and automated response engages, investigates and then thwarts confirmed attacks with pin-point accuracy.

  • GuidePoint Security LLC
    Booth: 303

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

  • HTCIA
    Booth:

    Investigators on the Leading Edge of Technology

    The High Technology Crime Investigation Association (HTCIA) was formed to provide education and collaboration to our global members for the prevention and investigation of high tech crimes. As such, we are an organization that aspires to help all those in the high technology field by providing extensive information, education, collective partnerships, mutual member benefits, astute board leadership and professional management. Association Mission: Provide education and collaboration to our global members for the prevention and investigation of high tech crimes.

  • HUB Tech
    Booth:

    HUB Tech partners with its clients becoming part of their support team. We work beside you to ensure you have a strategy that allows you to transform your Information infrastructure to keep up with the needs of your organization and your users. We have developed proprietary tools and strategies that have enabled us to lower cost and increase the quality of service to our client base, especially to state agencies, municipalities and school districts, where cost is a deciding factor in everyday decision making.

    Our mission is simple – to take full ownership for all that we do, to protect those who trust in us, and to make lifelong clients from every customer contact.

  • IBM
    Booth: 619

    Digital is the wires, but digital intelligence, or artificial intelligence as some people call it, is about much more than that. This next decade is about how you combine those and become a cognitive business. It’s the dawn of a new era.

  • Imperva
    Booth: Pavilion

    Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.

  • InfoSec-Conferences.com
    Booth: n/a

    We’re the InfoSec Community’s #1 ‘Go To’ resource for Cybersecurity Conferences. Since 2012 we’ve provided Cybersecurity Professionals with accurate event listings that are manually checked and updated every day.

  • InfraGard Boston
    Booth:

    InfraGard is a United States government (FBI) and private sector alliance. InfraGard Boston was developed by the Boston FBI office in 1998 to promote protection of critical information systems. InfraGard provides formal and informal channels for the exchange of information about infrastructure threats and vulnerabilities. The purpose of the synergistic exchange is to allow members to better protect themselves and their corporate interests while enhancing the ability of the United States government to provide national security.

  • IntraSystems
    Booth: 704

    IntraSystems is a highly respected IT consulting company, managed services provider, and systems integrator that specializes in the deployment and delivery of IT infrastructure, virtualization services, security, and cloud solutions. IntraSystems has the proven expertise in solving the many technology challenges that companies face today, such as keeping up with the evolving security landscape, migrating to the cloud, and compliance requirements.

  • Institute of Internal Auditors (IIA)
    Booth:

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • Intsights
    Booth: Pavilion

    We are an intelligence driven security provider offering a subscription-based service which delivers rapid, accurate cyberthreat intelligence and incident mitigation in real time.

  • IOvations
    Booth: 609

    IOvations provides innovative enterprise Security, Network, and Storage IT solutions and professional services that enable our clients to achieve optimal results. With over 25 years of deep Security, Network, and Storage domain experience, you can count on IOvations for trusted advice, real-time response, and superior service.

  • ISACA
    Booth:

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

  • (ISC)2
    Booth:

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA New England
    Booth:

    The Information Systems Security Association (ISSA) is an international organization providing educational forums, publications, and peer interaction opportunities that enhance the knowledge, skills, and professional growth of its members’ information security professionals. The primary goal of ISSA is to promote management practices that will ensure availability, integrity, and confidentiality of organizational resources.

    Since its inception in 1982, ISSA’s membership has grown to include more than 100 chapters around the world with members who represent a diverse collection of organizations, including major U.S. and international corporations, leading consulting firms, world-class educational institutions, and government agencies. From EDP audit and corporate security to contingency planning and disaster recovery, ISSA members are committed to protecting their organizations’ assets and resources.

    Visit the National Headquarter’s website at www.issa.org.

  • Ixia, a Keysight Business
    Booth: 621

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Jazz Networks
    Booth: Pavilion

    Jazz Networks is a cyber analytics platform that simplifies insider threat detection and breach prevention. It works by collecting rich metadata before it’s encrypted from endpoints and servers, with machine learning analyzing to identify behavioral pattern changes. Alarms are raised for events that require attention and response time is swift with native platform actions.

  • Juniper
    Booth: 714

    Our customers don’t set out to build networks. They build on ideas that reinvent, reimagine, and improve the world around them. It makes sense that we should begin there, too.

    Through our passion for creating high-performing networks, Juniper extends knowledge, collaboration, and human advancement in industries around the world—such as energy, healthcare, education, and many others.

    While our innovative product and services portfolio evolves continuously, we need to reach farther to secure our customers’ long-term success. We’re looking beyond the horizons of today’s business challenges, and the technology future we see is built on real-time service integration. That means everything we develop must align with our vision.

  • Kenna
    Booth: Pavilion

    Kenna was built on the premise that cyber risk must be managed as an enterprise-wide effort. We believe cyber risk can only be effectively mitigated when the whole organization works as one, focused in the same direction and on the right target.

  • Lastline
    Booth: 507

    Lastline provides breach protection products that are innovating the way companies defend against advanced malware with fewer resources and at lower cost. We deliver the visibility, context, analysis, and integrations enterprise security teams need to quickly and completely eradicate malware-based threats before damaging and costly data breaches occur. Headquartered in Redwood City, California with offices throughout North America, Europe and Asia, Lastline’s technology is used by Global 5000 enterprises, is offered directly and through resellers and security service providers, and is integrated into leading third-party security technologies worldwide. www.lastline.com

  • MCPA
    Booth:

    The Military Cyber Professionals Association is dedicated to developing the American military cyber profession and investing in our nation’s future through STEM education. We are working towards an American military cyber profession that is accomplishing what our nation needs, expects, and deserves. Our goal is to secure cyberspace for military, economic, and private individual pursuits.

  • Mimecast
    Booth: 620

    Mimecast Is Making Email Safer For Business.
    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service.
    Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • NEDRIX
    Booth: TBD

    We are professionals in the public and private sector with an interest in emergency response, crisis management, business continuity, or disaster recovery. Experience levels range from novices in the industry to experts with over 35 years experience. NEDRIX itself is a not-for-profit organization staffed entirely by volunteers.
    NEDRIX membership provides you with real time notifications based on the states you subscribe to, as well as with industry news, events, trends, conferences, networking, and more!

  • NetSkope
    Booth: TBD

    Netskope offers the industry’s only all-mode architecture that supports any use case. This starts with the option of being deployed 100 percent in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both. When it comes to traffic steering, Netskope supports every possible out-of-band and inline mode, including forward and reverse proxy, secure TAP, API, and log-based discovery. These modes are often used in parallel to cover customers’ multiple use cases.

  • Nexum
    Booth: 622

    Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio and Wisconsin as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.

  • Nyotron
    Booth: 509

    Nyotron provides the industry’s first OS-Centric Positive Security to strengthen laptop, desktop, and server protection. Unlike all other approaches, our patented technology does not care about the type of threat or the attack vector, allowing us to provide ultimate protection by stopping the intended damage.

    Founded in 2012, Nyotron is headquartered in Santa Clara, CA with R&D in Israel. Nyotron has earned a top score of 5 stars from SC Magazine in its review of Endpoint Security Platforms, won GOLD in the 2017 IT World Awards for Endpoint Security and was designated as the 2017 HOT COMPANY in Endpoint Security by Cyber Defense Magazine.

  • OCD
    Booth: TBD

    At OCD Tech, we provide independent and objective assurance of your IT controls. Using industry recognized frameworks and best practices, we assess your company’s technology risks and evaluate existing controls for risk mitigation. Your business processes are constantly evolving. We ask you, are your IT controls keeping up?

  • Okta
    Booth: Pavilion

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • OneLogin
    Booth: Pavilion

    OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on (SSO) and cloud identity and access (IAM) management platform. Our portfolio of solutions secures connections across all users, all devices, and every application, helping enterprises drive new levels of business integrity, operational velocity, and team efficiency across all their cloud and on-premise applications.

  • Optiv
    Booth: 606

    Optiv is the largest holistic pure-play cyber security solutions provider in North America. Our diverse and talented employees are committed to helping businesses, governments and educational institutions plan, build and run successful security programs through the right combination of products, services and solutions related to security program strategy, enterprise risk and consulting, threat and vulnerability management, enterprise incident management, security architecture and implementation, training, identity and access management, and managed security.

    Created in 2015 as a result of the Accuvant and FishNet Security merger, Optiv has served more than 12,000 clients of various sizes across multiple industries, offers an extensive geographic footprint, and has premium partnerships with more than 300 of the leading security product manufacturers.

  • PKWARE
    Booth: Pavilion

    PKWARE protects the world’s data with smart encryption software and solutions. In use by more than 35,000 customers, including government agencies and global corporations, PKWARE’s easy-to-use security armors data itself and eliminates vulnerabilities wherever data is used, shared or stored.

  • Preempt Security
    Booth: 425

    Preempt protects enterprises from security breaches and malicious insiders with an innovative and patented Behavioral Firewall that couples User Behavior Analysis and Adaptive Response to provide the most effective solution for both detecting and automatically responding to security threats. This proactive approach allows organizations to mitigate threats in real-time without engaging already overwhelmed security teams.

  • PreVeil
    Booth: TBD

    PreVeil applies end-to-end encryption in a radically different way. We protect organizations’ email & files from phishing, spoofing, BEC & more. Seamless for users. Easy for admins.

  • Qualys, Inc.
    Booth: 506

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • Radware
    Booth: 614

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • Rapid7
    Booth: 612

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • SailPoint
    Booth: 710

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Security Scorecard
    Booth: Pavilion

    SecurityScorecard helps enterprises gain operational command of their security posture and the security posture of their third-parties through continuous, non-intrusive monitoring. SecurityScorecard’s proprietary SaaS platform offers an unmatched breadth and depth of critical data points including a broad range of risk categories such as Application Security, Malware, Patching Cadence, Network Security, Hacker Chatter, Social Engineering, and Leaked Information.

  • SentinelOne
    Booth: Pavilion

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • Siemplify
    Booth: 606

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • Signal Sciences
    Booth: Pavilion

    Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform. Built by practitioners, for practitioners, it is the only solution that works seamlessly across any cloud and infrastructure.  The company is headquartered in Culver City, CA. For more information, please visit www.signalsciences.com.

  • SIM
    Booth:

    At the Boston Chapter of SIM, we provide leading information technology executives, consultants, and academics with a place to share ideas. Our collaborative community shares best practices, trends and lessons learned for you: the person that is responsible for shaping and influencing the future of IT and IT management.

    Our goal is to provide you with access to a robust community of the area’s top IT leaders so you can exchange ideas, share best practices, and stimulate your mind. As a senior-level IT profession providing both strategic and tactical direction to your division on a daily basis, you need someplace to turn for advice, answers, and guidance, too.

  • Skybox Security
    Booth: Pavilion

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • Sonatype
    Booth: 522

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • Sophos
    Booth: TBD

    Sophos Group plc is a British security software and hardware company. Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management.

  • Spirion
    Booth: Pavilion

    Spirion is a leading enterprise data management software solution that provides high-precision searches and automated classification of unstructured and structured data with unparalleled accuracy.  Spirion helps businesses reduce their sensitive data footprint and proactively minimize risks, costs and reputational damage of cyberattacks by discovering, classifying, monitoring and protecting sensitive data.

  • SSH Communications Security
    Booth: 613

    As the inventor of the SSH protocol, we have a twenty-year history of leading the market in developing advanced security solutions that enable, monitor, and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki. For more information, visit www.ssh.com

  • Symantec
    Booth: Pavilion

    Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on Facebook, Twitter and LinkedIn.

  • TBG Security
    Booth: 502

    TBG Security is your trusted advisor when it comes to cybersecurity. We have been providing risk management solutions since 2003 to ensure your business is minimizing uncertainty in an increasingly hostile information environment. Whatever the IT security goal, TBG Security’s Information Security Advisors work with you to determine your requirements and tailor a straightforward plan of action to improve your organizations overall security posture. Our continuous commitment to new technologies and decades of threat avoidance experience make us the first choice of Fortunre 1000 companies for cybersecurity consulting services.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: Pavilion

    Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into Tenable.io™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, large government agencies and mid-sized organizations across the private and public sectors. Learn more at tenable.com.

  • Trend Micro
    Booth: TBD

    As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With more than 20 years of experience, we’re recognized as the market leader in server security for delivering top-ranked client, server, and cloud-based security solutions that stop threats faster and protect data in physical, virtualized, and cloud environments.

  • Tufin
    Booth: 524

    As the market leader of award-winning Security Policy Orchestration solutions, Tufin provides enterprises with the ability to streamline the management of security policies across complex, heterogeneous environments. With more than 2,000 customers, Tufin automatically designs, provisions, analyzes and audits network security configuration changes – from the application layer down to the network layer – accurately and securely. It assures business continuity with a tight security posture, rapid service delivery and regulatory compliance across physical, private, public and hybrid cloud environments.

  • Varonis
    Booth: Pavilion

    Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.

  • Venafi
    Booth: Pavilion

    Venafi secures and protects keys and certificates so they can’t be used by bad guys in cyber attacks. Criminals want to gain trusted status and go undetected. This makes keys and certificates a prime target. Criminals steal and compromise keys and certificates that are not properly protected, and use them to circumvent security controls. This has become the attack of choice. As a Gartner-recognized Cool Vendor, Venafi delivered the first trust protection platform to secure cryptographic keys and digital certificates that businesses and governments depend on for secure communications, commerce, computing, and mobility. Venafi finds all keys and certificates and puts them under surveillance to detect anomalies. Vulnerable keys and certificates are fixed to prevent attack. Ongoing remediation is performed automatically. Venafi strengthens defenses of today’s critical security controls.

  • WEI
    Booth: 504

    Why WEI?  We go further.

    At WEI, we’re passionate about solving your technology problems and helping you drive your desired business outcomes. We believe in challenging the status quo and thinking differently.  There are a lot of companies that can take today’s technology and create a great IT solution for you. But we do more. We go further. And we have the customer, vendor and industry awards to prove it.  WEI is a premier technology partner, who always puts our customers first while providing the most innovative solutions for over 29 years.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Joseph Fontecchio
    Director of Infrastructure and Database Services, The University of Massachusetts

    Joe is currently the director of infrastructure and database services for The University of Massachusetts Information Technology Services department, leading a team of security professionals who support infrastructure and applications used to host shared services. He holds a master’s degree in Information Technology from Worcester Polytechnic Institute.

  • speaker photo
    Mark Aiello
    Board Member , (ISC)2

    Having more than 30 years of IT and cybersecurity consulting/staffing experience, Mark joined Signature Consultants, one of the largest IT Staffing Firms in the U.S., to lead, build and cultivate the cybersecurity talent and workforce throughout the organization’s 26 locations, serving 100s of clients throughout North America. Former President of Cyber 360, a leader in cybersecurity staffing, he harnesses his expertise in the cybersecurity/information security labor market to deploy and support a vast network of cybersecurity professionals. His passion and purpose – keeping companies safe by providing cybersecurity consultants and employees.

  • speaker photo
    Scott Margolis
    Founder & Managing Partner, SolutionLab, LLC

    Scott Margolis currently leads the Commonwealth of Massachusetts Health Exchange Security & Privacy Compliance program established to support and meet the goals of The Patient Protection and Affordable Care Act (ACA). Working with State Agencies and IT Services organizations, Scott is responsible for ensuring compliance with Centers for Medicare & Medicaid (CMS) and Internal Revenue Service (IRS) guidelines as part of the Commonwealth of Massachusetts implementation of a Health Information Exchange (HIX) and Integrated Eligibility System (IES). Mr. Margolis has more than 30 years of information technology, security governance, and regulatory compliance experience as an entrepreneur, senior leader and consultant. He has worked across the healthcare continuum having worked for payer, consulting and product organizations. He has successfully managed information technology and security organizations, led large consulting initiatives in both the public and private sectors, and developed products for the commercial marketplace. Mr. Margolis holds a Masters of Business Administration degree in Management Information Science and a BA in Computer & Information Sciences from Temple University. He is an active member of the Advanced Cyber Security Center as part of the MITRE Corporation and Mass Insight collaborative.

  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Candy Alexander
    International President, ISSA

    Candy Alexander has 30+ years experience working for various high-tech companies. She has held several positions as CISO and currently is a Virtual CISO and Executive Cyber Security Consultant. As a recognized leader in the profession, Ms Alexander is often invited to speak at many technology events and interviewed for various publications on the topic of Information and Cyber Security. Ms. Alexander has received numerous awards and recognition, including that of Distinguished Fellow of the ISSA, ranking her as one of the top 1% in the association, and was inducted into the ISSA Hall of Fame in 2014. Ms. Alexander now holds the title of International Association President of the ISSA.

  • speaker photo
    Robert Troup
    Executive Sales Manager, baramundi Software USA Inc.

    Bob Troup is Executive Sales Manager for baramundi Software USA Inc., Headquartered in Framingham, MA,. Bob is a 30-year industry veteran in corporate networking and endpoint management sales and consulting with companies including, Ivanti, VMWare, Auria Corp., and Xyplex. He specializes in solutions and deployment consulting for complex networks and cloud-based software environments.

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    Bryan Scovill
    Manager, Telecom & Network Ops, University of New Hampshire

    Lead of the network security team at the University of New Hampshire for 18 years. Areas of focus include development and architicture in the UNH networking enviroment.

  • speaker photo
    Bruce Schneier
    Security and Cryptography Expert and Author

    Bruce Schneier is an internationally-renowned security technologist, called a security guru by the Economist. He is the author of 14 books—including the best-seller "Click Here to Kill Everybody"—as well as hundreds of articles, essays, and academic papers. His influential newsletter Crypto-Gram and blog Schneier on Security are read by over 250,000 people. Schneier is a Fellow at the Berkman Klein Center for Internet and Society at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy School; a board member of the Electronic Frontier Foundation, AccessNow, and the Tor Project; and an advisory board member of EPIC and VerifiedVoting.org. He is also a special advisor to IBM Security.

  • speaker photo
    Sandy Bacik
    Sr. Compliance & Cyber Security Auditor, Bacik Enterprises

    Sandy Bacik, author and former CSO with over 20 years direct development, implementation, and management information security experience in the areas of Audit Management, Disaster Recovery/Business continuity, Incident investigation, Physical security, Privacy, Regulatory compliance, Standard Operating Policies/Procedures, and Data Center Operations and Management. Ms. Bacik has been heavily involved with local, national, and international security industry events. Ms. Bacik is the author of Building an Effective Security Policy Architecture (2008) and a contributing author to the Information Security Management Handbook (2009, 2010, 2011, 2012, 2013) and a member of the SecureWorldExpo Advisory Council.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a Women-Owned boutique law firm. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations and the General Data Protection Regulation (GDPR). Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Ian Burke
    Enterprise Information Security Manager , Road Scholar

    Currently the Enterprise Information Security Manager for Road Scholar in Boston, MA, Ian Burke has been working in information security for over 20 years, completing his master’s degree in Information Assurance in 2013. He has worked for companies such as TJX and IBM in the business sectors and Middlebury College in the education sector. He has also worked for several hospitals, both large and small. He is passionate about aligning information security with the business rather than leveraging technology for technology's sake.

  • speaker photo
    Edward Davis
    President & CEO, Edward Davis, LLC

    Davis has been in law enforcement for 35 years. He served as the Police Commissioner of the City of Boston from December 2006 until October 2013. He administered 6 world championship celebrations and led the highly successful response to the Boston Marathon bombing. Prior to that, Davis was the Superintendent of the Lowell Police Department, a position he held for 12 years and one he rose to after starting out as a patrol officer in 1978. He comes from a police family, which has allowed him to better understand the needs of police officers and the communities they serve. He is a recognized expert in crisis management and community policing. He brings with him a strong record of interagency collaboration and a broad range of local, state, national and international experience in law enforcement and public safety.

  • speaker photo
    Michael Brown
    Rear Admiral, U.S. Navy (Ret.), President, Spinnaker Security LLC; ACSC Board Clerk

    Michael Brown, Rear Admiral, United States Navy (Retired) is the Founder and President, Spinnaker Security LLC, a cybersecurity consulting business focused on understanding, identifying and mitigating business risks associated with cybersecurity. Additionally, Brown brings executive leadership, including crisis management, from both public and private sector experiences. Just prior to this position, he was President, RSA Federal LLC and Vice President/General Manager Global Public Sector of RSA Security LLC. Responsibilities also included RSA Information Technology, Security and Enterprise Risk Management portfolios. RSA is part of Dell Technologies and formerly of EMC.

  • speaker photo
    Ernesto DiGiambattista
    CEO & Founder, CYBRIC

    Ernesto DiGiambattista founded CYBRIC to enable organizations to more easily, confidently and holistically answer the question “How secure are we?” Prior to founding CYBRIC and developing the CYBRIC Continuous Application Security Platform, Ernesto was the Chief Technology & Security Officer for Sentinel Benefits & Financial Group, responsible for transforming a legacy technology organization into a technology innovation service group. As a senior member of Bank of America's Information Security & Resiliency Group and Corporate Audit organization, Ernesto was responsible for assessing and managing the information security risk of global technology vendors. Further, Ernesto has been a trusted advisor on cybersecurity private and public policy to members of the U.S. Senate and House of Representatives. He is a member of the Massachusetts Cybersecurity Strategy Council and currently serves on the board of the Massachusetts Technology Collaborative.

  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Joseph Fontecchio
    Director of Infrastructure and Database Services, The University of Massachusetts

    Joe is currently the director of infrastructure and database services for The University of Massachusetts Information Technology Services department, leading a team of security professionals who support infrastructure and applications used to host shared services. He holds a master’s degree in Information Technology from Worcester Polytechnic Institute.

  • speaker photo
    Happy Hour
  • speaker photo
    Steve Brown
    The Bald Futurist, Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Joseph Fontecchio
    Director of Infrastructure and Database Services, The University of Massachusetts

    Joe is currently the director of infrastructure and database services for The University of Massachusetts Information Technology Services department, leading a team of security professionals who support infrastructure and applications used to host shared services. He holds a master’s degree in Information Technology from Worcester Polytechnic Institute.

  • speaker photo
    Sean Baggett
    Sr. Director, Information Security, Blue Cross Blue Shield of MA

    Sean Baggett is the Senior Director of Information Security at Blue Cross Blue Shield of Massachusetts. After spending 10 years as a United States Naval Officer, Sean has worked exclusively in Information Technology and Cybersecurity. He has held senior leadership positions at Boston Medical Center & Massachusetts Eye and Ear Infirmary before beginning his tenure at BCBSMA. Sean holds a BS from the Massachusetts Maritime Academy and CISSP & CISM certifications.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a Women-Owned boutique law firm. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations and the General Data Protection Regulation (GDPR). Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Roy Wattanasin
    Information Security Leader, Healthcare Industry

    Roy Wattanasin is an information security professional and faculty member of over 10 years. He has experience in many industries, including healthcare. Roy spends most of his time developing information security programs, teaching students, performing incident response, and helping to build the local communities. Roy is a longtime SecureWorld speaker, ISSA member, and OWASP member.

  • speaker photo
    Sandy Silk
    Director, Information Security Education & Consulting , Harvard University

    Sandy Silk is the Director of Information Security Education and Consulting at Harvard University where she leads a team who consult with researchers, faculty, and departments on security risks and controls for the data, technology, and vendors they use within their projects. Her team also manages the annual information security self-assessment across the University, coordinates the annual review process for the Information Security Policy, and produces the awareness campaign and training content. Before Harvard, Sandy worked for Fidelity Investments, Bose Corporation, and Wellington Management. She holds degrees from Brandeis, Harvard, and Suffolk universities, and a CISSP since 2002.

  • speaker photo
    Joan Antokol
    Partner, Park Legal LLC

    Joan is a partner at Park Legal LLC, a law firm with offices in New Jersey and Indianapolis. Since 2002 and continuing, she has been one of the only outside counsel invited to be a member of a regulator team chaired by the Berlin Data Protection Commissioner, which includes members of the Supervisory Authorities from each EU member state, as well as a growing number of other countries around the world. Joan is a frequent speaker at data privacy conferences in the US and EU, and has published a number of articles. She counsels multinationals and other clients on a wide variety of data privacy and security topics, and handles many security breaches.

  • speaker photo
    Esmond Kane
    Deputy CISO, Partners HealthCare

    Esmond Kane is the Deputy Chief Information Security Officer in the Partners HealthCare Information Security and Privacy Office. In his role in Partners, Esmond is responsible for the operational component of the "Lighthouse" program, a radical transformation in Partners approach to security and privacy risk management. Prior to Partners, Esmond spent 10 years helping to guide improvements in IT delivery and information security in Harvard University. Before working in Harvard, Esmond spent 10 years in several roles and industries including KPMG and BIDMC. In his spare time, Esmond likes to fret about spare time and annoy people who read bios…

  • speaker photo
    Daniel Smith
    Head of Security, Emergency Response Team, Radware

    Daniel Smith is the Head of Security Research for Radware's Emergency Response Team and provides executive insight for SC Magazine. Daniel's research mainly focuses on network and application based vulnerabilities. As a white-hat hacker, his expertise in criminal tactics, techniques, and procedures (TTP) helps Radware develop signatures and mitigate attacks proactively for its customers. In his spare time, Daniel studies security and risk analysis while helping others understand the risks involved with modern technology.

  • speaker photo
    Velu Jeganathan
    VP, Security Engineering Solutions Team, State Street Corporation

    Velu Jeganathan has more than 20 years of IT experience, most of which is around Information Security. He has been extensivly involved in various roles in penetration testing, vulnerability management, security project consulting, and developing security processes, with an emphasis on integrating security into the project lifecycle.

  • speaker photo
    Rori Boyce-Werner
    Information Security Compliance Program Manager, University of New Hampshire

    Rori Boyce-Werner is currently the Information Security Compliance Program Manager for the University of New Hampshire, where she was previously the Associate Director of IT Client Services and Identity and Access Management Service Owner. She holds a Bachelor’s of Science in Business Administration and is working towards her Masters of Cybersecurity Policy and Risk Management. She spent the majority of her career in financial services specializing in bridging the gap between the business and IT through business analysis, business process design/redesign, project/program management.

  • speaker photo
    Matt Connors
    Identity and Access Management Program Manager , University of New Hampshire

    Matt Connors is the Identity and Access Management Program Manager for the University of New Hampshire. His role sits at the cross section of enterprise infrastructure, client experience, and security; as well as leading IAM strategy and practice for a Tier 1 Research University. Matt enjoys collaborating and sharing knowledge with technology professional; speaking at VMWorld 2016 through 2018, Identiverse 2018, Boston IAM User Group, and now SecureWorld Boston. Matt holds a Master of Science in Project Management and Project Management Professional Certification.

  • speaker photo
    Sue Bergamo
    Board Member, SIM Boston

    Sue is the CIO & CISO of Episerver, a global digital Commerce company. As an executive, she brings her leadership and broad technology experience to help companies concentrate on growth by promoting innovation and productivity enhancements through application development, infrastructure operations, data analytics, business process optimization and talent management. Previously, she held strategic positions at Microsoft and as the CIO at Net Atlantic, BTE Consulting and for two of Aramark’s apparel companies, Galls and Wearguard-Crest. She has also held high level positions at the Staples Corporation and at CVS/pharmacy. As a certified cloud architect, Sue also has an AS in Computer Science from Tunxis College, a BS in Business Administration from Post University, an Executive Leadership MBA from Boston University and a Master’s in Security from UMASS. Sue is a Board member for SIM (Society for Information Management), co-chairs the SIM Regional Leadership Forum (RLF) Mentorship Program and is a member of the CIO Roundtable. In another professional interest, Sue is a technical and business advisor to several startup companies.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!