Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, July 15, 2020
    8:00 am
    Executive Roundtable [VIP invite only]
    • session level icon
    Topic to be announced
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This session is for Advisory Council members only.

    8:30 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:00 am
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:00 am
    [Opening Keynote] Exposing The Dark Overlord: An Inside Look at the Journey that Led to the Identification of Cyber Terrorists
    • session level icon
    speaker photo
    Security Researcher and Pentester, Author "Hunting Cyber Criminals"
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    The Dark Overlord is considered to be one of the world’s most well-known hacking groups because of its unwillingness to discriminate in the selection of its victims. The group has made millions attacking and extorting hundreds of organizations, ranging from small medical facilities to mega fortune companies like Netflix and Disney. The group’s continued escalation of cyber terrorism and violence eventually led to the closure of over 30 school districts in the U.S. for an entire week, and the publishing of a stolen insurance video of a man’s death in a construction site accident. Based on my book, “Hunting Cyber Criminals,” this talk will present the investigative tools and techniques that led to the identification of the group’s core members.

    9:45 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor
    10:00 am
    [OneTrust] Vendor Risk Management: Overcoming Today’s Most Common Challenges
    • session level icon
    speaker photo
    Global Head of Solutions Engineering, OneTrust
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    Managing vendor risk before, during and after procurement is a continuous challenge that organizations of all sizes face. While outsourcing operations to vendors can alleviate business challenges, managing the associated risk with manual tools like spreadsheets is complex and time consuming. To streamline this process, organizations must put procedures in place to ensure that sufficient vendor security safeguards are in place. In this session, we’ll breakdown a practical approach for automating vendor risk management, as well as offer real-world practical advice to help you on your journey to developing a mature third-party risk management program.

    Presentation Level: GENERAL (InfoSec best practices, trends, solutions)

     

    10:00 am
    [Panel Discussion] What Our Security Team Learned During COVID-19
    • session level icon
    speaker photo
    VP & CISO, BJ's Wholesale Club
    speaker photo
    CISO, Steward Health Care
    speaker photo
    Director of Compliance and Privacy, Boston Medical
    speaker photo
    Enterprise Information Security Program Administration and Governance, Partners Healthcare
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    Location / Room: 103

    This panel features honest dialogue about securing an organization through the pandemic, so far. What changed at an organizational level that required security to pivot? What kind of immediate impacts did the security team face and how were those overcome? How did security maintain adequate communication and controls in the midst of this rapid change? What are the greatest lessons for security coming out of COVID-19? Where do we go from here?

    10:00 am
    Courting the Cloud: It's Time for a Commitment
    • session level icon
    speaker photo
    Director of Cloud Services, AccessIT Group
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    What is your commitment to the Cloud? Find out where you are and where you’re headed, as Mike Lopez walks you through the five stages of your relationship with the Cloud and helps you start/solidify the process towards commitment.

    Director of Cloud Services at AccessIT Group, Mike Lopez has a history of designing cloud architecture with a security focused approach for government and fortune 500 clients. He has worked with private and public cloud environments including AWS, Azure, Oracle and Google Cloud. Because of his mixed background, he bridges the traditional gap between security and development teams, helping them work together in the cloud journey.

    Where are you in your relationship with Cloud? AccessIT can give you a complimentary assessment of your current state against Best Practices, CIS benchmarks, or even compliance (HIPPA, PCI, etc.) with the use of our automated tools and provide you a report on how your environment measures up. To request your free security assessment, email: cloud@accessitgroup.com and mention SecureWorld in your email!

    10:00 am
    New Remote Workforce: Privacy and Security Risks and Mitigations
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    The sudden growth in the remote workforce exposed critical cybersecurity and privacy concerns that should be considered. This presentation will provide an overview of key legal considerations with remote work when it comes to privacy and security, as well as discuss some solutions to help mitigate risk as your employees work from home.

    10:30 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am
    10:45 am
    Changing Cyber Landscapes: The Battle of Algorithms
    • session level icon
    speaker photo
    Cybersecurity Manager, Darktrace
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyberattacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyberattacks leveraged at scale. To protect against offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.

    In this session, learn about:
    • Paradigm shifts in the cyber landscape
    • Advancements in offensive AI attack techniques
    • The Immune System Approach to cyber security and defensive
    • Autonomous Response capabilities
    • Real-world examples of emerging threats that were stopped with Cyber AI

    Presentation level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:45 am
    Leveraging Culture to Optimize Information Security
    • session level icon
    speaker photo
    Information Security Manager, Wolters Kluwer Health
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    To build a culture that optimizes security, an organization needs to set information security leadership appropriately. Strategically, it needs to understand the organization’s risk tolerance, codify it as policy, and communicate it. Based on risk tolerance, it needs to create a roadmap that moves the organization from ad hoc and compliance-based cultures to one that’s risk-based. Tactically, security management needs to regularly drive buy-in for risk tolerance and policy. In addition, management needs to foster a culture that learns from incidents and failures rather than a culture that focuses on assigning blame.

    10:45 am
    [Panel] No Perimeter: Security in the Cloud
    • session level icon
    speaker photo
    Distinguished Solutions Engineer - North America, Alert Logic
    speaker photo
    Principal Security Strategist, Mimecast
    speaker photo
    CTO, RedSeal Networks
    speaker photo
    Security Evangelist, Arctic Wolf
    speaker photo
    Major Accounts Systems Engineer, Palo Alto Networks
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Worldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.

    11:15 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am
    11:30 am
    [Mid-Day Keynote] Tracking Down the Cyber Criminals: Revealing Malicious Infrastructures with Umbrella
    • session level icon
    speaker photo
    Product Manager, Cisco Umbrella, Cisco
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm

    Cyber criminals are exploiting the internet to build agile and resilient infrastructures. The internet is open and information to expose these infrastructures is out there; the challenge is making sense of the fragmented data. Connecting the dots by analyzing data (DNS queries, BGP anomalies, ASN reputation, network prefixes/IP fluctuations), allows us to map out where malicious infrastructure is and attacks are staged. This gives the defender the upper hand by letting them pivot through the criminal infrastructure.

    This session will explain how some of the Cisco Umbrella classifiers work and provide examples of threats that have been detected using this technology. First, we focus on the detection models that can be built and applied (such as co-occurrences, NLP Rank, Spike Detectors, Malvertising clustering), and how these can expose malicious infrastructures and APTs. The next part provides a practical use case on how this innovative approach can be used to pivot through attackers’ infrastructure and protect organizations from advanced threats. Examples include crypto phishing and crypto jacking. Finally, we will show some of this analysis visualized in 3D.

    12:15 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 12:30 pm
    12:30 pm
    Hey, Information Security: Be Part of the Digital Transformation or Be Left Behind!
    • session level icon
    speaker photo
    Director, Information Security Education & Consulting, Harvard University
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    “Digital transformation” (Dx) as a buzzword may be approaching the end of its life, but the fundamental concept—continuously improving the use of technology and data to provide value to customers—is real and critical to the survival of businesses. If information security teams don’t evolve to deliver the same Dx value and benefits to our organizations, then we risk losing our “customers” to intentional circumvention or preference for shadow IT providers. Make sure your information security team provides the core Dx attributes to your organization to cultivate value, loyalty, and trust.

    Join this session to learn how you can:
    •  Embed security into your culture, technologies and processes
    •  Empower innovation and expedite time-to-market through consistent security risk governance
    •  Assess the impacts, goals and methods of likely cyber attacks and incidents
    •  Align IT and security professionals with business objectives and risk tolerance
    •  Prepare now for effective detection and response to reduce business impacts of incidents

    Presentation level: MANAGERIAL (security and business leaders)

    12:30 pm
    Leveraging the Three Lines of Defense to Improve Your Security Position
    • session level icon
    speaker photo
    AVP, Global Technology Governance & Control, Manulife
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Depending on your role, a three lines of defense risk management model can be your best friend or worst enemy. No matter your view, the data produced through these channels can help you better understand your weaknesses, work more effectively with senior management, and respond to a variety of scenarios.
    Presentation Level: MANAGERIAL (security and business leaders)
    12:30 pm
    [Panel] Addressing Weakness: Vulnerability Management
    • session level icon
    speaker photo
    Sales Engineer, ReliaQuest
    speaker photo
    Enterprise Sales Engineer, Egress Software Technologies Ltd
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    NIST defines vulnerabilities as, “Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.” This panel will discuss current vulnerabilities and risk management through proper controls and best practices.

    1:00 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm
    1:15 pm
    Blue-Teaming and Incident Response for the "Win"
    • session level icon
    speaker photo
    Information Security Leader, Healthcare Industry
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    Does your company use Windows or is most of the environment Windows? Come to this session to specifically learn the ins and outs of what are the most critical things needed in order to establish a respectable blueteam program at your organization. Do you know what Windows security event log 4688 mean? What about others? What are the event logs that you should know by hand or have a cheat-sheet for? What are some tools that you should be using and how can you automate them to help detect lateral movement. Also, we will be leveraging opensource tools. No, additional $ is not required. Trying harder, building your technical skills and doing proactive threat hunting will help you and your team. “Don’t worry all of this information will be useful for all no matter what level.” Per time permitting, we might also quickly talk about incident response as well, initially. Also, bring your technical questions too during our Q&A session.
    Presentation Level: TECHNICAL (deeper dive including TTPs)

    1:15 pm
    Ethical Hacking and Cyber Ecosystems: Anticipating the Predators
    • session level icon
    speaker photo
    Professor, Computer Science, Western Governors University
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    In an ever-evolving digital landscape with cloud computing, mobility and IoT systems, more sophisticated approaches to vulnerability assessment are necessary. One of the central tools used in vulnerability testing is penetration testing, along with other techniques that are more broadly classified as ethical hacking. This discussion includes highlights from three case studies of ethical hacking in different settings. Highlights include approaches to ethical hacking and specific penetration techniques relevant to cloud computing and network security. Topics will also include challenges faced in ethical hacking within cybersecurity ecosystems and a discussion of a robust, integrative multi-layered used in ethical hacking.
    Presentation Level: TECHNICAL (deeper dive including TTPs)

    1:15 pm
    [Panel] Threat Landscape in Flux: Emerging Threats
    • session level icon
    speaker photo
    Principal, IT Risk Assurance & Advisory, DGC (DiCicco, Gulman & Company)
    speaker photo
    Head of Engineering, East US, Check Point Software Technologies
    speaker photo
    VP, Global Enterprise Solutions, BlackBerry
    speaker photo
    Sr. Sales Engineer, Malwarebytes
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.

    1:15 pm
    [Rapid7] Risk-Based Vulnerability Management: Changing the Narrative for Your Organization
    • session level icon
    speaker photo
    Manager, Advisory Services, Rapid7
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    Vulnerability Management is a core process to reducing risk for organizations, yet IT and Security teams often struggle to communicate metrics that are meaningful for business leaders. Risk is often not even part of the discussion. How can we change the narrative to support a culture of collaboration? How can we overcome the IT versus Security mindset and the battle for resources? How can we communicate overall risk reduction? We’ll discuss ways you can start rethinking vulnerability management and risk.

    1:45 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:00 pm
    Location / Room: Exhibitor Floor
    2:00 pm
    [Closing Keynote] Identity and Access Management: A Case Study from Harvard Medical School
    • session level icon
    speaker photo
    CISO, Harvard Medical School
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    Good identity management is one of the keys to good cyber hygiene within an organization, but it’s not without its fair share of challenges. Consider a large university with several schools within it, as well as a medical facility. You’ve got students, faculty, doctors, patients, and a host of random visitors all expecting access to your network.

    In this keynote address from Joe Zurba, CISO at Harvard Medical School, we will hear first-hand insight about his team’s approach to developing a robust and cohesive identity strategy: how they give the right levels of access to the right people, and how they track all of the moving pieces. We will also evaluate best practices in managing key components of identities, including: verification, validation, lifecycle management, and password management. Join us for this unique opportunity to get an insider’s perspective on cybersecurity at one of the most prestigious institutions in the nation.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

Exhibitors
  • AccessIT Group
    Booth: https://www.engagez.net/accessit-cylance

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • Alert Logic
    Booth: https://www.engagez.net/alert-logic

    Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

  • Arctic Wolf & Winslow Technology Group
    Booth: https://www.engagez.net/arctic-wolf-wtg

    Arctic Wolf® is the market leader in security operations. Using the cloud native Arctic Wolf® Platform, we provide security operations as a concierge service. For more information about Arctic Wolf, visit arcticwolf.com.

    Winslow Technology Group, LLC (WTG) is a leading provider of IT Solutions and Consulting Services dedicated to providing “better IT solutions” for our customers since 2003. WTG enables our clients to innovate and transform their business by realizing the benefits of hyperconverged, software defined, and hybrid cloud infrastructure frameworks. WTG serves the IT needs of clients ranging from medium sized organizations to Fortune 100 companies that operate in a variety of industries including finance, healthcare, education, manufacturing, technology, legal, and more. Visit https://winslowtg.com.

  • Armis, Inc
    Booth: https://www.engagez.net/armis-inc

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Axonius
    Booth: https://www.engagez.net/axonius

    Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security solution coverage gaps, and automatically validates and enforces security policies. By seamlessly integrating with over 200 security and management solutions, Axonius is deployed in minutes, improving cyber hygiene immediately.

  • Bitglass
    Booth: https://www.engagez.net/bitglass

    Your company’s move to the cloud delivers flexibility and cost savings, but that doesn’t mean you should lose control of your data. Bitglass’ Cloud Access Security Broker (CASB) solution enables your enterprise to adopt cloud apps while ensuring data security and regulatory compliance. Bitglass secures your data in the cloud, at access, on any device.

    Bitglass was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution.

  • BitSight
    Booth: https://www.engagez.net/bitsight

    BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter

  • BlackBerry
    Booth: https://www.engagez.net/blackberry

    BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including more than 175M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear—to secure a connected future you can trust.

    BlackBerry. Intelligent Security. Everywhere.

    For more information, visit BlackBerry.com and follow @BlackBerry.

  • Cisco
    Booth: https://www.engagez.net/cisco

    Cisco builds truly effective security solutions that are simple, open and automated. Drawing on unparalleled network presence as well as the industry’s broadest and deepest technology and talent, Cisco delivers ultimate visibility and responsiveness to detect more threats and remediate them faster. With Cisco, companies are poised to securely take advantage of a new world of digital business opportunities.

  • Code42
    Booth: https://www.engagez.net/code42

    Code42 is the leader in insider risk detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data from insider threats while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

  • CyberX
    Booth: https://www.engagez.net/cyberx

    CyberX delivers the only cybersecurity platform built by blue-team experts  with a track record of defending critical national infrastructure. That difference is the foundation for the most widely deployed platform for continuously reducing IoT risk and preventing costly outages, safety and environmental incidents, theft of intellectual property, and operational inefficiencies. For more information, visit CyberX.io

  • Cylance
    Booth: https://www.engagez.net/accessit-cylance

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • Darktrace
    Booth: https://www.engagez.net/darktrace-AI

    Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.

    The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

  • DGC
    Booth: https://www.engagez.net/dgc

    Every business faces a variety of challenges, including rapidly changing technology, cybersecurity threats, and regulations. DGC provides a wide range of IT audit, compliance, and cyber & information security services that can help identify, evaluate, measure, and manage compliance and cybersecurity risks. Our professionals are trained to identify areas of exposure and recommend size-appropriate, cost-conscious corrective actions. DGC’s team will put together a tailored plan to safeguard your organization.

  • EC-Council
    Booth: N/A

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Egress Software Technologies
    Booth: https://www.engagez.net/egress

    Egress Software Technologies Ltd is a UK-based software company. It provides a range of data security services designed to protect shared information throughout its lifecycle, offering on-demand security for organisations and individuals sharing confidential information electronically.

  • ForgeRock
    Booth: https://www.engagez.net/forgerock

    ForgeRock® is the digital identity management company transforming the way organizations interact securely with customers, employees, devices, and things. Organizations adopt the ForgeRock Identity Platform™ as their digital identity system of record to monetize customer relationships, address stringent regulations for privacy and consent (GDPR, HIPAA, FCC privacy, etc.), and leverage the internet of things. ForgeRock serves hundreds of brands, including Morningstar, Vodafone, GEICO, Toyota, TomTom, and Pearson, as well as governments like Norway, Canada, and Belgium, securing billions of identities worldwide. ForgeRock has offices across Europe, the USA, and Asia

  • Gigamon
    Booth: https://www.engagez.net/gigamon-bos

    Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.

  • HackerOne
    Booth: https://www.engagez.net/hackerone

    HackerOne is the #1 hacker-powered security platform. More than 1,400 organizations, including the U.S. Department of Defense, General Motors, Google Play, Twitter, GitHub, Nintendo, Panasonic Avionics, Qualcomm, Starbucks, and Dropbox, trust HackerOne to find critical software vulnerabilities.

  • HUB Tech
    Booth: https://www.engagez.net/hub-tech

    HUB Tech partners with its clients becoming part of their support team. We work beside you to ensure you have a strategy that allows you to transform your Information infrastructure to keep up with the needs of your organization and your users. We have developed proprietary tools and strategies that have enabled us to lower cost and increase the quality of service to our client base, especially to state agencies, municipalities and school districts, where cost is a deciding factor in everyday decision making.

    Our mission is simple – to take full ownership for all that we do, to protect those who trust in us, and to make lifelong clients from every customer contact.

  • InfraGard Boston
    Booth: N/A

    InfraGard is a United States government (FBI) and private sector alliance. InfraGard Boston was developed by the Boston FBI office in 1998 to promote protection of critical information systems. InfraGard provides formal and informal channels for the exchange of information about infrastructure threats and vulnerabilities. The purpose of the synergistic exchange is to allow members to better protect themselves and their corporate interests while enhancing the ability of the United States government to provide national security.

  • Infused Innovations
    Booth: https://www.engagez.net/infused-innovations

    We are consultants that operate at the intersection of technology, business, data, and human interaction. We are passionate and committed to delivering the right solutions to our clients.

    With staff with all manner of experiences – private business, startups, non-profit, healthcare, legal, education, data analytics, financial services, and more, we can speak your language. Our unique experiences don’t just allow us to tell you what your peers are doing, but how other industries have solved similar problems.

    When you partner with Infused Innovations you get to work with people who want to be a part of the solution with you, and are genuinely excited about the opportunity to bring something new to the table.

  • IOvations
    Booth: https://www.engagez.net/iovations

    IOvations, founded in 2006, is a value added reseller focused on protecting the data, infrastructure and applications of our customers through a combination of services and products that extend to the end point, traditional network and cloud environment.  Some of the things that make us unique include multiple industry awards, a long history of working with clients who appreciate how easy we are to work with, and our strong engineering expertise providing value and thought leadership.

  • (ISC)2 Eastern Massachusetts
    Booth: N/A

    Advancing Information Security One Community at a Time
    As anyone seriously involved in the information security profession can attest, peer networking is an invaluable resource. (ISC)² Eastern Massachusetts Chapter provide members with the opportunity to build a local network of peers to share knowledge, exchange resources, collaborate on projects, and create new ways to earn CPE credits!

  • ISSA New England
    Booth: N/A

    The Information Systems Security Association (ISSA) is an international organization providing educational forums, publications, and peer interaction opportunities that enhance the knowledge, skills, and professional growth of its members’ information security professionals. The primary goal of ISSA is to promote management practices that will ensure availability, integrity, and confidentiality of organizational resources.

    Since its inception in 1982, ISSA’s membership has grown to include more than 100 chapters around the world with members who represent a diverse collection of organizations, including major U.S. and international corporations, leading consulting firms, world-class educational institutions, and government agencies. From EDP audit and corporate security to contingency planning and disaster recovery, ISSA members are committed to protecting their organizations’ assets and resources.

    Visit the National Headquarter’s website at www.issa.org.

  • Kaspersky
    Booth: https://www.engagez.net/kaspersky

    We’re an independent global cybersecurity company that empowers people to make the most of technology and the endless opportunities it brings. Backed by our deep threat intelligence, security and training expertise, we give businesses the power to stay safe—and the confidence to accelerate their own success. With insights gained from our unique international reach, we secure consumers, governments and more than 270,000 organizations. We’re proud to be the world’s most tested and awarded cybersecurity, and we look forward to keeping your business safe. Bring on the future.

  • LogRhythm
    Booth: https://www.engagez.net/logrhythm

    LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

  • Malwarebytes
    Booth: https://www.engagez.net/malwarebytes

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.

  • Mimecast
    Booth: https://www.engagez.net/mimecast

    Mimecast (NASDAQ: MIME) was born in 2003 with a focus on delivering relentless protection. Each day, we take on cyber disruption for our tens of thousands of customers around the globe; always putting them first, and never giving up on tackling their biggest security challenges together. We are the company that built an intentional and scalable design ideology that solves the number one cyberattack vector—email. We continuously invest to thoughtfully integrate brand protection, security awareness training, web security, compliance and other essential capabilities. Mimecast is here to help protect large and small organizations from malicious activity, human error and technology failure; and to lead the movement toward building a more resilient world.

  • nCipher Entrust
    Booth: https://www.engagez.net/ncipher

    nCipher Security, a leader in the hardware security module (HSM) market, empowers world-leading organizations by delivering trust, integrity and control to their business critical information and applications, IoT, blockchain and digital payments

  • NinjaRMM
    Booth: https://www.engagez.net/ninjarmm

    NinjaRMM is an all-in-one endpoint management platform that helps IT leaders more efficiently manage a geographically diffuse IT infrastructure by enabling their teams to remotely monitor and manage workstations, laptops, servers, and networks. NinjaRMM increases business efficiency by combining monitoring, alerting, patching, antivirus, backup, and IT automation all within a single pane of glass. NinjaRMM has been named a Leader by G2Crowd and rated the #1 RMM across 8 categories, including ease of use, product direction, quality of support and overall satisfaction.

  • Okta
    Booth: https://www.engagez.net/okta-boston

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • OneTrust
    Booth: https://www.engagez.net/onetrust

    OneTrust is the leading and fastest growing privacy management software platform used by hundreds of organizations globally to comply with data privacy regulations across sectors and jurisdictions, including the EU GDPR and Privacy Shield.

  • Optiv
    Booth: https://www.engagez.net/optiv-tripwire

    Optiv is a security solutions integrator delivering end-to-end cybersecurity solutions that help clients maximize and communicate the effectiveness of their cybersecurity programs. Optiv starts with core requirement of every enterprise—risk mitigation—and builds out from there with strategy, infrastructure rationalization, operations optimization, and ongoing measurement. Learn more at https://www.optiv.com.

  • Palo Alto Networks
    Booth: https://www.engagez.net/palo-alto-networks

    Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 20Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. Most recently, Palo Alto Networks has enabled enterprises to extend this same network security to remote users with the release of GlobalProtect™ and to combat targeted malware with its WildFire™ service. For more information, visit www.paloaltonetworks.com.

  • Proofpoint
    Booth: https://www.engagez.net/proofpoint-boston

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Radiant Logic
    Booth: https://www.engagez.net/radiant-logic-idmworks

    Radiant Logic’s federated identity and directory platform, RadiantOne FID, is designed specifically for deployment in high-volume, high-complexity identity environments. RadiantOne FID includes an abstraction layer, extracting and virtualizing identity and context information out of various application and data silos, including AD domains and forests, LDAP directories, SQL databases, and more. RadiantOne FID also includes a scalable directory, HDAP, which is fully LDAP v3 compatible. RadiantOne FID re-maps the underlying data sources and presents the identity data in views customized for the needs of enterprise applications to enable authentication and fine-grained authorization for identity management and context-driven applications.

    Radiant Logic’s global customer base includes many Fortune 1000 companies in the fields of banking, finance, insurance, government, communications, manufacturing, education, entertainment and healthcare. Headquartered in Novato, CA, Radiant Logic has satellite offices in Chicago and Washington, DC, and distribution channels throughout the world.

  • Rapid7
    Booth: https://www.engagez.net/rapid7

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • RedSeal
    Booth: https://www.engagez.net/redseal

    By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.

  • ReliaQuest
    Booth: https://www.engagez.net/reliaquest

    ReliaQuest fortifies the world’s most trusted brands against cyber threats with its platform for proactive security model management. Acting as a force multiplier on an organization’s existing cybersecurity investments, only ReliaQuest’s GreyMatter integrates disparate technologies to provide a unified, actionable view that fills the gaps in enterprise security programs.

  • RSA a Dell Technologies Company
    Booth: https://www.engagez.net/rsa

    RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions.  With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.

  • Siemplify
    Booth: https://www.engagez.net/siemplify

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • SonicWall
    Booth: https://www.engagez.net/sonicwall

    SonicWall has been fighting the cybercriminal industry for over 28 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security.

  • Swimlane
    Booth: https://www.engagez.net/swimlane

    Swimlane is at the forefront of the security orchestration, automation and response (SOAR) solution market and was founded to deliver scalable security solutions to organizations struggling with alert fatigue, vendor proliferation and chronic staffing shortages.

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Trend Micro
    Booth: https://www.engagez.net/trend-micro

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • Tripwire
    Booth: https://www.engagez.net/optiv-tripwire

    Tripwire is the trusted leader for establishing a strong cybersecurity foundation. Partnering with Fortune 500 enterprises, industrial organizations and government agencies, Tripwire protects the integrity of mission-critical systems spanning physical, virtual, cloud and DevOps environments. Tripwire’s award-winning portfolio delivers top critical security controls, including asset discovery, secure configuration management, vulnerability management and log management. As the pioneers of file integrity monitoring (FIM), Tripwire’s expertise is built on a 20+ year history of innovation helping organizations discover, minimize and monitor their attack surfaces.

    Learn more at https://www.tripwire.com.

  • Women in CyberSecurity (WiCyS)
    Booth: N/A

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Vinny Troia
    Security Researcher and Pentester, Author "Hunting Cyber Criminals"

    Founder and Principal Security Consultant of Night Lion Security, Vinny Troia brings 20+ years of IT security and development experience. He is also a featured speaker on ABC, CNBC, and Fox News.

    "One afternoon, I drafted an email to the CEO and CISO of a major airline company. The title read – URGENT – Data breach in your network. During our phone conversation later that evening, I proceeded to tell the security admin that I received word from a dark web contact that sensitive data from their network was about to go on sale later that week. Working in tandem with my dark web contacts and the company’s security team, we were able to identify the hacker’s position within their network, turned off their access, and closed the vulnerabilities that allowed them to gain access. This is the kind of thing I do day in and day out, and I love my job." - Vinny Troia

  • speaker photo
    Achint Sehgal
    Global Head of Solutions Engineering, OneTrust

    Achint Sehgal, CIPP/E, CIPM, serves as a Global Head of Solutions Engineering for OneTrust Vendorpedia—a purpose-built software designed to operationalize third-party risk management. In his role, Sehgal advises companies throughout their third-party risk management implementations to help meet requirements relating to relevant standards, frameworks, and laws (e.g. ISO, NIST, SIG, GDPR, and CCPA). Sehgal works with clients to centralize their third-party information across business units, assess risks and performance, and monitor threats throughout the entire third-party relationship, from onboarding to offboarding.

  • speaker photo
    Ravi Thatavarthy
    VP & CISO, BJ's Wholesale Club

    Ravi Thatavarthy brings 20+ years of experience in Information Security to his role with a strong background in Security Architecture and building Security programs from ground up. His approach to Information Security is unique and well-balanced with a focus on ‘Business Value’ and ‘User Delight’. He recently appeared in ‘Profiles in Confidence’ as a Security leader running confident Security program. He spoke and served as a panelist in multiple conferences. Before joining BJ's, he was the Head of Information Security at iRobot, and previously led the Security, Policy & Compliance programs at Haemonetics where he worked as Director of Global Security & Policy.

  • speaker photo
    Esmond Kane
    CISO, Steward Health Care

    Prior to his role at Steward, Esmond was the Deputy CISO at Partners HealthCare, where he was responsible for the operational component of the "Lighthouse" program, a radical transformation in Partners approach to security and privacy risk management. Esmond spent 10 years helping to guide improvements in IT delivery and information security in Harvard University. Before working in Harvard, Esmond spent 10 years in several roles and industries including KPMG and BIDMC. In his spare time, Esmond likes to fret about spare time and annoy people who read bios.

  • speaker photo
    Erika Barber
    Director of Compliance and Privacy, Boston Medical
  • speaker photo
    Gillian Lockwood
    Enterprise Information Security Program Administration and Governance, Partners Healthcare
  • speaker photo
    Michael Lopez
    Director of Cloud Services, AccessIT Group

    Mike Lopez, Director of Cloud Services at AccessIT Group, has a history of designing cloud architecture with a security focused approach for government and fortune 500 clients. He has worked with private and public cloud environments including AWS, Azure, Oracle, and Google Cloud. Mike leads AccessIT Group’s Cloud practice by helping its customers create strategies for their cloud adoption through a vendor agnostic holistic approach to cloud security. Because of his mixed background, he bridges the traditional gap between security and development teams, helping them work together in the cloud journey. Prior to his role at AccessIT Group, Mike was the Lead Consultant of Professional Services at Check Point Software Technologies and served as the subject matter expert for their cloud security products. As a cloud specialist, Mike is AWS and Azure certified and maintains Check Point CCSE and CCVSE certifications.

  • speaker photo
    Rebecca Rakoski
    Managing Partner, XPAN Law Group, LLC

    Rebecca Rakoski is co-founder and managing partner at XPAN Law Group, a certified Women Owned boutique law firm. Rebecca focuses her practice exclusively on cybersecurity and data privacy. She has extensive experience in all aspects of cybersecurity, data privacy and cross border data transfer issues. Rebecca performs in-depth cybersecurity assessments and audits in accordance with regulatory requirements. Rebecca counsels clients through a breach by navigating the complexities of different state and federal regulations. Rebecca also performs cybersecurity and data privacy due diligence in M&A transactions, protecting intellectual property, and even transition and succession planning.

  • speaker photo
    Sabrina Stanich
    Cybersecurity Manager, Darktrace

    Sabrina Stanich is a Cyber Security Manager at Darktrace, the world’s leading machine learning company for cyber defense. She has worked extensively with clients across numerous industry verticals, from financial services to manufacturing, helping them deploy Darktrace’s Enterprise Immune System, the only AI technology capable of detecting and autonomously responding to early-stage cyber-threats. Stanich graduated with a bachelor’s degree from the University of Pennsylvania and is based out of Darktrace’s New York City office.

  • speaker photo
    Don McKeown
    Information Security Manager, Wolters Kluwer Health

    Don McKeown is currently an information security manager for a provider of healthcare solutions that facilitate effective clinical decisions. There he developed and teaches a threat modeling course, teaches code scanning, contributes to corporate application security advisory committees, and consults for technical and product teams. Previously he helped mature security programs at LogMeIn and athenahealth. Before focusing exclusively on information security, he contributed to several infrastructure teams over many years. He earned an MBA with Distinction from Bentley University and holds the CISSP, CRISC, and GIAC Security Leadership (GSLC) certifications. For more information, go to https://www.donmckeown.net/

  • speaker photo
    Marc Ybarra
    Distinguished Solutions Engineer - North America, Alert Logic
  • speaker photo
    Matthew Gardiner
    Principal Security Strategist, Mimecast

    Matthew Gardiner is a Director of Security at Mimecast and is currently focused on email & web security, phishing, awareness training, malware, and cloud security. With more than 15 years focused in security, Matthew’s expertise in various roles includes threat detection & response, network monitoring, SIEM, endpoint threat detection, threat intelligence, identity & access management, Web access management, identity federation, cloud security, and IT compliance at RSA, Netegrity, and CA Technologies. Previously he was President and a member of the board of trustees of the security industry non-profit, the Kantara Initiative. Matthew has a BS in Electrical Engineering from the University of Pennsylvania and an SM in Management from MIT's Sloan School of Management.

  • speaker photo
    Mike Lloyd
    CTO, RedSeal Networks

    Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.

    Dr. Mike Lloyd holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.

  • speaker photo
    Marc Keating
    Security Evangelist, Arctic Wolf
  • speaker photo
    Richard Schunk
    Major Accounts Systems Engineer, Palo Alto Networks
  • speaker photo
    Adam Winn
    Product Manager, Cisco Umbrella, Cisco

    Adam Winn is the platform product management lead for Cisco Umbrella. He got into cloud security product management in 2013 and never looked back. In 2016, he joined OpenDNS shortly before it was rebranded as Cisco Umbrella. He is a life-long California resident and a fan of live music (and can't wait for it to come back).

  • speaker photo
    Sandy Silk
    Director, Information Security Education & Consulting, Harvard University

    Sandy Silk is the Director of Information Security Education and Consulting at Harvard University, Founder of Cyber Risk and Resilience Consulting, and a member of the Board of Advisors for the MS in Information Security Leadership at Brandeis University. She excels at bringing together executive leaders, business teams, and IT professionals to align cyber risk management with strategic priorities and culture, risk tolerance levels, and positive customer experience. Sandy is also involved in several WIT organizations and programs. Her prior information security career included positions with Fidelity Investments, Bose Corporation, and Wellington Management Company.

  • speaker photo
    Brendan Campbell
    AVP, Global Technology Governance & Control, Manulife

    Brendan Campbell is currently the leader for Manulife’s Global Technology Governance & Control function and has prior experience across audit, risk management, information security. He is a part of the Global Technology Executive team and is responsible for leading the execution of risk activities globally. In addition, he is responsible for the company’s Executive Crisis Management plan. Prior to joining Technology he head of the global IT Audit function at Manulife. Prior to joining Manulife in 2007, Brendan held roles in information security specific to managing infrastructure security compliance and identity and access management initiatives.

  • speaker photo
    Kevin Romero
    Sales Engineer, ReliaQuest
  • speaker photo
    James Sheldrake
    Enterprise Sales Engineer, Egress Software Technologies Ltd
  • speaker photo
    Roy Wattanasin
    Information Security Leader, Healthcare Industry

    Roy Wattanasin is currently a healthcare information security professional. Additionally, Roy is an avid speaker who has spoken at many conferences and webinars. Roy also enjoys data forensics & incident response and building security in. He is heavily involved with many computer security groups including OWASP Boston, ISSA and the local communities. Roy is also a member of multiple advisory groups. He was an adjunct instructor at Brandeis University as part of the Health and Medical Informatics and is also the co-founder of that program. He is credited for bringing back the Security BSides Boston conference (setting the standards) and enjoys seeing it grow each year and being successful with its new team members.

  • speaker photo
    Lauren Provost
    Professor, Computer Science, Western Governors University

    Dr. Lauren E. Provost is an ethical hacker, author and professor. She directs The Ethical Hackers Cybersecurity organization, a virtual community for educators and industry providing comprehensive planning and risk management updates, network and cloud security knowledge and information on other cybersecurity topics such as general penetration testing and compliance readiness. Her publications span these areas. Her current research and practice focuses on ethical hacking. She earned her doctorate in mathematics from the University of New Hampshire after an undergraduate degree in computer science at the University of Texas at Austin.

  • speaker photo
    Nick DeLena
    Principal, IT Risk Assurance & Advisory, DGC (DiCicco, Gulman & Company)
  • speaker photo
    Mark Ostrowski
    Head of Engineering, East US, Check Point Software Technologies
  • speaker photo
    Thomas Pace
    VP, Global Enterprise Solutions, BlackBerry

    Thomas Pace has an extensive background in building incident response programs, policies, procedures and playbooks at multiple top-tier organizations. Thomas has 11 years of security experience in various fields including physical security, intelligence gathering and analysis, sensitive site exploitation, incident response, intrusion analysis, and endpoint and network forensics. Thomas also has extensive experience in conducting assessments against various NIST special publications such as 800-53 and 800-171. Thomas is also currently an Adjunct Professor at Tulane University where he has developed a portion of the Homeland Security Studies program curriculum centered on cybersecurity. Thomas also currently provides guidance and expertise to the New Orleans cloud security community as the Louisiana Cloud Security Alliance Co-Chair.

    Thomas served as a Senior Cybersecurity Engineer at Fluor Federal Petroleum Operations, a Department of Energy contractor supporting the Strategic Petroleum Reserve worth billions of dollars. In this role, Thomas was the lead incident response official and was responsible for ensuring all incidents were appropriately identified, contained and remediated in a timely manner and reported to proper authorities if necessary. Additionally, Thomas was responsible for conducting intrusion analysis and threat hunting on a daily basis to ensure the organization was not breached. While conducting a multitude of analyses based on intrusions and incidents, Thomas built a multitude of playbooks and processes so junior technical personnel could also conduct analyses in an efficient manner.

    Thomas served in the United States Marine Corps as an infantryman and intelligence specialist. During this time, Thomas deployed to both Iraq and Afghanistan as part of the Marine Corps.

    Thomas holds an M.S. in Information Science with a concentration in Information Assurance. Thomas also possesses multiple certifications such as GIAC GCIH, GCFA, GCIA, GICSP and GCWN. Thomas also is a Sourcefire certified professional, CISSP, and possesses CNSS 4011, 4012, 4013, 4014 and 4015.

  • speaker photo
    Kevin Kennedy
    Sr. Sales Engineer, Malwarebytes
  • speaker photo
    Brian Carey
    Manager, Advisory Services, Rapid7

    Brian Carey is a Rapid7 Manager of Advisory Consulting, specializing in: Security Program Assessments, Security Program Development, Risk Management, Vulnerability Management Program Development, Security Awareness and Policy Development. Before joining Rapid7 Brian was Information Security Director and interim Security Officer at LafargeHolcim NA, a multinational manufacturer, where he managed and supervised the North American ISO27002 compliant ITSEC program. Brian was with LafargeHolcim (previously Holcim NA) for 14 years and held many positions over that time period. Brian is a motivated, independent security professional comfortable speaking with both technical individuals as well as business leaders about a myriad of security-related topics Brian is a team player and leader with proven experience in security management.

  • speaker photo
    Joe Zurba
    CISO, Harvard Medical School

    In his role as the leader of Information Security at Harvard Medical School, Joe Zurba has been responsible for defining and building capabilities to meet the requirements of an extraordinarily diverse community of clinical and research faculty, students, and staff. Joe develops strategy, improves capabilities, and manages risk for all information security, Identity and Access Management, and IT compliance efforts across the school. Joe also serves on several committees in his role as the school’s information security leader. He is a non-scientific, voting member of the Harvard Medical School Institutional Review Board (IRB), which oversees human subjects research. He is also a co-chair of Harvard Catalyst subcommittee on Emerging Technologies, Ethics, and Research Data. His expertise is often sought in the creation of University policy, programs, and other initiatives that seek to benefit from his experiences working with biomedical and basic science research. Joe has worked for over 20 years in Information Security roles within Higher education, Health Care, High Tech Manufacturing, and Technology. Prior to his current role, he served as Research Information Security Officer in the Partners Healthcare Information Security and Privacy Office and 11 years previously in information security at Harvard Medical School and Director of IT Security at Harvard University Information Technology. He currently holds certifications as a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA).

secure world app
Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store