Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, May 6, 2021
    7:30 am
    Advisory Council Roundtable
    • session level icon
    Moving Forward Together: The State of Your Industry
    speaker photo
    Digital Event Director, SecureWorld
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:15 am

    This session is for SecureWorld Advisory Council members by invite only.

    8:00 am
    Exhibitor Hall Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:00 am
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes.

    8:15 am
    ISSA KC Chapter Meeting [Open to all attendees]
    • session level icon
    Aligning with the Business: Where Are We Going Wrong?
    speaker photo
    President, ISSA International; CISO, NeuEon
    speaker photo
    President, ISSA KC Chapter; Security Risk Manager, T-Mobile
    speaker photo
    Head of Information Security, Netflix DVD
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:55 am

    Join the ISSA KC Chapter meeting to hear the future of the organization from ISSA International President Candy Alexander, and stay for the panel discussion on technology risk versus business risk.

    Aligning with the Business: Where Are We Going Wrong?

    Many in our profession now operate under a “business enablement” mindset. We recognize the fact that we must align security efforts with the needs of the business, or we will continue towards becoming irrelevant. But what does “aligning with the business” really mean? Some believe we may be misunderstanding this concept and applying it incorrectly within our organizations. Attend this panel discussion with the ISSA International leadership for an honest and possibly controversial take on aligning security with the business.

    8:15 am
    A Modern Approach to Information Protection
    speaker photo
    Global Director, Cloud and Information Protection, Proofpoint
    Registration Level:
    8:15 am - 8:55 am

    Data Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations—especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021?

    9:00 am
    [Opening Keynote] Fireside Chat with Pentesters Arrested for Doing Their Job
    • session level icon
    speaker photo
    Directing, Center of Excellence for Red Team, Social Engineering, and Physical Penetration Testing, Coalfire
    speaker photo
    Sr. Security Consultant, Coalfire
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    When an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin will tell their story on the SecureWorld New England virtual stage during a candid fireside chat. They will take us through what happened to them and share what they learned in the process.

    For more background, read our original news story here.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:00 am
    Security as an Innovation Lab
    • session level icon
    speaker photo
    System VP & CISO, SSM Health
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Traditionally, security is seen as a cost center. What if we could flip that on its head by using security concepts to drive business revenue? Every department would want the security team at the table. In this session, I’ll talk about innovative ways to draw positive attention to information security in a way that makes people want to give time and resources to security.

    10:00 am
    Reducing Complexity While Increasing Data Protection in Financial Services
    • session level icon
    speaker photo
    VP, Security and Privacy, PKWARE
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Financial service firms have a responsibility to provide fool-proof security to instill faith in customers, and send a strong message that combating threats is a prime objective. They cannot afford to be complacent, especially when the majority of information produced or utilized in financial services is private and sensitive, not to mention highly regulated. All this adds up to make cybersecurity vital to business.

    Building sustainable ongoing security starts with all-inclusive optics into the sensitivity of data and automated organization-wide control of it. Organizations can assemble all this with multiple solutions, but doing so is time-consuming, expensive, and can be fraught with integration woes.

    There’s a better way. This session takes a deep dive into reducing complexity in sensitive and private data protection, including:

    • How to dig deep across the enterprise into every place sensitive data may be stored, from data lakes to endpoint devices
    • The benefit of automatic policy-specific remediation, including masking, redaction, deletion, and encryption
    • How to scale data protection and compliance as data volumes increase
    10:00 am
    The Implementation Journey of Zero Trust and SASE: Realizing the Benefits
    • session level icon
    speaker photo
    CSO & VP, Cloud Security Transformation, Netskope
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Most organizations have a hybrid implementation of cloud and on-prem services. With the rapid adoption of business digitalization and expanding remote work force, how do we consolidate controls and enhance the security of the systems?

    In this hybrid mode, enterprises need speed, visibility, security, and reliability without compromise. Enter the secure access service edge, better known as SASE. It’s inevitable that SASE implementations and Zero Trust implementations will provide a more comprehensive security capability to truly support digital transformation. How can your organization best position itself for the transition?

    In this session, James Christianson will discuss:
    ·  How to migrate your security controls to take advantage of SASE
    ·  Reducing cost while increasing your security posture
    ·  Implementing a road map for SASE / Zero Trust

    10:30 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:45 am
    The Case for Security Automation
    • session level icon
    speaker photo
    Director of Cybersecurity, Waddell & Reed
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    This presentation will highlight the cost and benefits of engaging in security automation. Pedro will discuss what’s needed to get started, potential applications, and how it can be tied to other security components.

    10:45 am
    Conquering Cloud Complexity
    • session level icon
    speaker photo
    CTO, RedSeal Networks
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Cloud security is hard, not least because cloud platforms change so quickly.  This talk presents several lessons learned from security teams struggling to get their arms around the sprawl of modern infrastructure, using practical analogies from pandemics and earthquakes.

    10:45 am
    Ransomware in Focus: How AI Stays One Step Ahead of Attackers
    • session level icon
    speaker photo
    Director for Cyber Intelligence and Analysis, Darktrace
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    As the world continues to endure ongoing global disruption, cyberattackers have been constantly updating their tactics in light of emerging trends. According to MIT Technology Review, 121 million ransomware attacks were recorded in the first half of 2020, each one attempting to encrypt private data and extort payment for its release. The automated elements of these attacks—malware that moves faster than security teams can respond—is one of the most damaging hallmarks of these ransomware campaigns.

    Join Justin Fier, Director of Cyber Intelligence & Analytics at Darktrace, as he unpacks the nuances of some of today’s most costly and advanced ransomware and shares how self-learning AI uniquely empowers organizations across industries to fight back.

    11:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    11:30 am
    [Panel] Operationalizing Your Knowledge for Maximum Impact
    • session level icon
    speaker photo
    Director, Cyber Operations, Cardinal Health
    speaker photo
    Associate CISO, Washington University in St. Louis
    speaker photo
    CISO, IntSights
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    We have a lot of collective knowledge within security. However, we still have work to do to operationalize this for maximum impact within organizations. What kind of trends can we take advantage of given security’s rise in importance? Do organizations really know what they need when hiring cybersecurity leadership? What do organizations need to see more of from CISOs and information security teams? This panel will explore these questions and more.

    11:30 am
    Securing the Cloud Control Plane: How to Make Security Predictable in the Cloud
    • session level icon
    speaker photo
    Sr. Director, Product Management, CrowdStrike
    speaker photo
    Director, Product Management, CrowdStrike
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    In a new survey from Enterprise Strategy Group (ESG), 88% of respondents said their cybersecurity program needs to evolve to secure their cloud-native applications and use of public cloud infrastructure, with many citing challenges around maintaining visibility and consistency across disparate environments.

    Join CrowdStrike’s session to learn about cloud-native security challenges and how to prevent inconsistency, uncover misconfigurations, and improve visibility. Spencer Parker and Sowmya Karmali will highlight best practices that DevOps and SecOps teams can employ to secure your applications in the cloud.

    11:30 am
    Get Beyond Compliance and Achieve Real Data Security
    • session level icon
    speaker photo
    SVP, Strategy and Imperva Fellow, Imperva
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    To keep pace with the database activity explosion that has accompanied recent rapid technology innovations, organizations must rethink their strategy for securing their data assets. A strategy designed to meet compliance requirements is not enough. Organizations need to develop new approaches that augment traditional agent-based monitoring to achieve real data security today and in the future.

    We’ll provide insight into how you can automate data collection and monitoring so you may apply more resources to identifying non-compliant behavior and orchestrating rapid responses, regardless of where your data is or the size of your data estate.

    12:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    12:15 pm
    From Technologist to CISO
    • session level icon
    speaker photo
    VP of Information Security, Veterans United Home Loans
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    Are you a technician feeling the call towards leadership? Are you just interested in learning more about leadership? Just being a good tech is no guarantee of being a good leader. There are many things that good leaders need to know that have nothing to do with technical knowledge. Come to this session and join in a conversation about the path from the Information Security technical role to an IS leadership role. Learn the right knowledge that will be powerful in helping you become a great IS leader!

    12:15 pm
    Managing Insider Risk without Compromising Speed of Business
    • session level icon
    speaker photo
    Security Community Evangelist, Manager, Code42
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    As companies double down on time to innovation, time to market, and time to revenue, they are inherently introducing more risk from the inside. The more cloud-based, collaborative, and fast an organization becomes, the greater the Insider Risks posed to its people, technology, and data. The upside is that cloud collaboration tools make employees more productive. The downside is that these same tools make it easier to exfiltrate data.

    Adding to the complexities of working from home and off the corporate network, more employees are routinely using unauthorized devices, tools, and cloud-based applications to share files and ideas with colleagues.

    Join us to discuss the growing Insider Risk problem and how the right data protection methods can set security teams up for success, without slowing down company productivity.

    12:15 pm
    [Panel] Managing a Remote Workforce in the Cloud
    • session level icon
    speaker photo
    Sr. Solutions Engineer, Okta
    speaker photo
    VP of Marketing, Appaegis
    speaker photo
    Sr. Director, Product Management, CrowdStrike
    speaker photo
    Sr. Sales Engineer, Gigamon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    Our panelists will discuss the continued challenges with managing the remote workforce securely. Whether people go back to an office again is up in the air, but InfoSec and Operations must have processes and technology in place to keep the business running with an acceptable risk. Bring your questions for our panel.

    1:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    VERIS A4 Threat Modeling
    • session level icon
    speaker photo
    Head of Research, Development, Innovation, Verizon Threat Research Advisory Center
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    VERIS, the Vocabulary for Event Recording and Incident Sharing, is a set of metrics designed to provide a common language for describing cybersecurity incidents (and data breaches) in a structured and repeatable manner. VERIS provides cyber defenders and intelligence practitioners with the ability to collect and share useful incident-related information—anonymously and responsibly—with others. The VERIS Framework underpins the Data Breach Investigations Report (DBIR); it’s what Verizon uses to codify the data and build this annual report.

    VERIS employs the A4 Threat Model to describe key aspects of incidents and breaches that affect victim organizations. Simply put, the A4 Threat Model seeks to answer: who (Actor) did what (Action) to what (Asset) in what way (Attribute) for threat modeling, intelligence analysis, breach mitigation, and detection / response improvement.

    Takeaways from this session will include:
    •  VERIS Framework Overview
    •  A4 Threat Model Components
    •  VERIS Use Cases

    1:15 pm
    [Panel] The Current Threatscape
    • session level icon
    speaker photo
    Sr. Sales Engineer, LogRhythm
    speaker photo
    Regional Director, Security Engineering, Check Point Evangelist, Check Point Software Technologies
    speaker photo
    Director of Technology - Office of the CTO, Imperva
    speaker photo
    Global Principal Engineer, Corelight
    speaker photo
    Solutions Architect, Armis
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Even a pandemic didn’t slow the roll of hackers and other nefarious groups. Ransomware and BEC attacks are at an all-time high, and insider threats (malicious and unknowing) are on the rise, as well. It seems if a dollar is to be had, someone is trying to take it. So, how do we arm our clients, partners, and coworkers with the tools they need to identify these next-level threats?

    1:15 pm
    [Panel] We Need a New Plan: Business Continuity, GRC, and Privacy
    speaker photo
    Director of Product Marketing, Siemplify
    speaker photo
    Director, Information Security & Compliance, RiskIQ
    speaker photo
    Co-Founder & Managing Partner, XPAN Law Partners
    Registration Level:
    1:15 pm - 2:00 pm

    The pandemic has taught InfoSec many lessons; among them, your IR/BC/DR plans must be scalable and flexible. Compliance and regulations still matter, and many states are initiating new data privacy and security laws. Our panel will go over some of the items you may have missed over the last year. Our experts will let you know which ones you need to really be concerned with and provide some guidance on what to include in your future Incident Response, Business Continuity, and Disaster Recovery plans.

    1:15 pm
    Advisory Council Roundtable
    • session level icon
    Leading with Purpose: Mentorship and Succession Planning 101
    speaker photo
    VP of Information Security, Veterans United Home Loans
    Registration Level:
    • session level iconVIP / Exclusive
    1:15 pm - 2:00 pm

    Discussion moderated by Randy Raw. This session is for SecureWorld Advisory Council members by invite only.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:15 pm
    [Closing Keynote] Digital Extortion Drama: Deconstructing the Ransomware Response Lifecycle
    • session level icon
    speaker photo
    Co-Chair, Cybersecurity & Data Privacy Practice Group, Spencer Fane LLP
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm

    This session is part drama and part virtual tabletop exercise. Cyber attorney Shawn Tuma will make the lifecycle of a successful ransomware attack come alive. From initial discovery and ransom negotiation, to IR team activation, to data recovery and restoration, all the way through the process to lingering litigation. Attend this session to more fully understand the impact a ransomware attack can create for any organization, including yours.

Exhibitors
  • Appaegis
    Booth:

    Appaegis provides the most secure agentless zero trust access solution to connect authorized users and devices to enterprise application. Appaegis’ cloud native solution fits into any organizations secure access service edge (SASE) framework, integrates with existing workflow, security infrastructure and is agnostic to the types of applications or endpoints. Appaegis provides complete visibility into every interaction between end points and applications, control access to applications and identify abnormal or anomalous transactions by leveraging its differentiated isolation technology.

    Appaegis solutions are built on the principal that organizations security posture must be based on the foundation of Zero Trust plus least privilege access, and account for the fact that every organization relies on a mix of internal applications, cloud native applications and SaaS.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Check Point Software Technologies Inc.
    Booth:

    Check Point Software Technologies Inc. is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Cisco
    Booth:

    Cisco builds truly effective security solutions that are simple, open and automated. Drawing on unparalleled network presence as well as the industry’s broadest and deepest technology and talent, Cisco delivers ultimate visibility and responsiveness to detect more threats and remediate them faster. With Cisco, companies are poised to securely take advantage of a new world of digital business opportunities.

  • Code42
    Booth:

    Code42 is the leader in insider risk detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data from insider threats while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

  • Corelight
    Booth:

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • CrowdStrike
    Booth:

    CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service—all delivered via a single lightweight agent.

  • Cybercrime Support Network
    Booth:

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Darktrace
    Booth:

    Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.

    The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

  • Gigamon
    Booth:

    Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.

  • Imperva
    Booth:

    Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.

  • ISSA Kansas City
    Booth:

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

  • LogRhythm
    Booth:

    LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

  • Netskope
    Booth:

    The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • PKWARE
    Booth:

    PKWARE protects the world’s data with smart encryption software and solutions. In use by more than 35,000 customers, including government agencies and global corporations, PKWARE’s easy-to-use security armors data itself and eliminates vulnerabilities wherever data is used, shared or stored.

    PKWARE offers the only data discovery and protection solution that locates and secures sensitive data to minimize organizational risks and costs, regardless of device or environment. Our software enables visibility and control of personal data, even in complex environments, making PKWARE a global leader in data discovery, security, and compliance.

  • Proofpoint
    Booth:

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • RedSeal
    Booth:

    By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.

  • Siemplify
    Booth:

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Tom Bechtold
    Digital Event Director, SecureWorld
  • speaker photo
    Candy Alexander
    President, ISSA International; CISO, NeuEon

    Ms. Alexander has over 30 years of experience in the cybersecurity profession. She has held several positions as CISO (Chief Information Security Officer) for which she developed and managed corporate security programs. She is now working as a CISO and Cyber Risk Practice lead for NeuEon, Inc., assisting companies large and small to improve their cyber risk and security programs through effective business alignment.

    Ms. Alexander is a leader within the cyber profession, where her contributions include being twice-elected as Information Systems Security Association's (ISSA) International President, chief architect for the Cyber Security Career Lifecycle, and a long-standing Director on the International Board. She is also the inaugural President and past Board Member of the ISSA Education and Research Foundation. She has been instrumental in establishing the annual ISSA/ESG research project to better understand challenges face by cybersecurity professionals worldwide.

  • speaker photo
    Naeem Babri
    President, ISSA KC Chapter; Security Risk Manager, T-Mobile
  • speaker photo
    Jimmy Sanders
    Head of Information Security, Netflix DVD

    Jimmy has spent the better part of two decades securing data and systems from cyber threats. In addition to his duties at DVD.com, Jimmy has served as the San Francisco Bay Area chapter president of the Information Systems Security Association (ISSA) since 2014. He is also on the ISSA International Board of Directors. Furthermore, he has been a speaker at BlackHat, SecureWorld, InfoSec World, as well as other notable events. Prior to DVD.com, Jimmy has also held senior security management roles at organizations that include Samsung, Fiserv, and SAP. He is a Cyber Security Committee advisor for Merritt College, Ohlone College as well as on advisory board for other colleges and non-profit movements. Jimmy Sanders maintains the certifications of Certified Information Systems Security Professional (CISSP), Certified in Risk Information and Information Systems Control (CRISC), and Certified Information Systems Manager (CISM). He holds degrees in Psychology and Behavioral Science from San Jose State University.

  • speaker photo
    Mike Stacy
    Global Director, Cloud and Information Protection, Proofpoint

    Mike Stacy is the Global Cloud and Information Protection Director at Proofpoint. Mike works with customers and oversees technical strategy for areas which include cloud security, advanced email defense, SOAR, browsing security, and SDP. Prior to joining Proofpoint, Mike held numerous technical leadership and product strategy roles across a variety of solutions.

  • speaker photo
    Gary DeMercurio
    Directing, Center of Excellence for Red Team, Social Engineering, and Physical Penetration Testing, Coalfire

    Gary DeMercurio runs one of the largest groups in Coalfire Labs as a Director, where he leads Coalfire’s “Center of Excellence” for Red Teaming, Social Engineering and Physical Penetration. At Coalfire, Gary manages day-to-day business involved with FedRAMP, PCI, HIPPA, and penetration testing, while helping to spearhead the physical and social engineering portion of testing. Gary is also a proud member of Coalfire Veterans.

  • speaker photo
    Justin Wynn
    Sr. Security Consultant, Coalfire

    As a Senior Security Consultant, Justin Wynn is responsible for actively compromising and reporting on virtual environments typically encountered at Fortune 500 companies. Justin performs wireless, physical, red team and social engineering engagements. Justin also conducts research to include the production of open-source models for printing/milling to aid in red team engagements, with specific regard to tool gaps in the locksport industry as well as master keys for access control/elevator overrides.

  • speaker photo
    Gary S. Chan
    System VP & CISO, SSM Health

    Gary S. Chan helps organizations innovate, stay secure, and meet compliance using information security as the vehicle. He has architected anti-fraud systems for state agencies, led the information security teams for a large-cap technology company, leads the information security department for a large multi-state healthcare system, owns an information security consulting company, and is an evaluator and mentor for cybersecurity start-ups. He served as President of the FBI St. Louis Citizens Academy Alumni Association and is on the board of the Greater St. Louis Area Association of Certified Fraud Examiners. An adaptable individual with international experience, Gary has been based out of Asia, Europe, and the U.S. and has a refined ability to resolve conflict through negotiations and mediations. He holds four security certifications and a degree in Electrical Engineering & Computer Science from MIT.

  • speaker photo
    Chris Pin
    VP, Security and Privacy, PKWARE

    Chris Pin serves as PKWARE’s VP, Security and Privacy. In this role, Chris drives value and awareness for all PKWARE customers regarding the various challenges that both privacy and security regulations bring to the data-driven world. He works closely with all customers and potential customers to help them better understand how PKWARE solutions best fit into their environments and processes. He also works very closely with many other departments such as Sales, Marketing, Partners, and Product to help build brand awareness and product insights.

    With over 15 years of experience, Chris’s career began at the Pentagon where he supported the Army Headquarters as a Systems Engineer. Following his tenure at the Pentagon, he transitioned into global architecture and engineering for SOCOM, focusing on global networks and security. This is where he developed a deep understanding of what it takes to operate global networks at scale while ensuring the best security and privacy without jeopardizing the end-user experience.

    Prior to joining PKWARE as part of the Dataguise acquisition, Chris spent four years at Costco leading the data center migration of the e-commerce domain before transitioning into Privacy and Compliance where he was a PCI-ISA and assisted through yearly PCI assessments. Most notably, Chris also led Costco’s GDPR and CCPA efforts on a global scale, working with teams across the company, Infosec, development, policy, legal, employee education, change review, marketing, HR, buyers, and more.

    Chris has a CIPM certification and studied Aviation Management at Dowling College. When not working, he enjoys spending time with family, flying drones, kayaking, and adventuring the Pacific Northwest.

  • speaker photo
    James Christiansen
    CSO & VP, Cloud Security Transformation, Netskope

    James Christiansen is Netskope’s vice president of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients understand the challenges and solutions of cloud deployments by helping drive thought leadership in cloud security transformation.

    James brings extensive expertise as a global leader in information security. Prior to joining Netskope, he was vice president CISO at Teradata where he led the global security, physical, and information security teams. Previously, James was vice president of information risk management at Optiv, chief information risk officer for Evantix, and CISO at Experian Americas, General Motors, and Visa International.

    As a sought-after expert speaker on security, James has been featured at numerous prestigious events, including the Business Roundtable, Research Board, American Bar Association, American Banker, the RSA Conference, BankInfoSecurity, ISSA, ISACA, HIMSS, and MIS Training Institute. He has also been featured in The New York Times and quoted as an expert in USA Today, The Wall Street Journal, Reuters, United States Cybersecurity Magazine, Bloomberg, and Healthcare IT News.

    James is a patent inventor and has received three innovation awards in cyber security, GRC, and cloud computing. He is the author of the Internet Survival Series and contributing author of CISO Essentials, as well as numerous industry papers.

  • speaker photo
    Pedro Vazquez
    Director of Cybersecurity, Waddell & Reed

    As the Director of Cyber Security for Waddell & Reed, Pedro is tasked with leading IR, SECOPS, Vulnerability Management, Security Automation, and IAM. Pedro has previously provided security services for the DoD, IRS, DST, and SS&C.

  • speaker photo
    Mike Lloyd
    CTO, RedSeal Networks

    Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.

    Dr. Mike Lloyd holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.

  • speaker photo
    Justin Fier
    Director for Cyber Intelligence and Analysis, Darktrace
  • speaker photo
    Britney Hommertzheim
    Director, Cyber Operations, Cardinal Health

    Britney began the first decade of her security career in the U.S. Army, where she managed over 90 teams and traveled internationally to assess the security of international government partners. Later, she oversaw the Information Security Department for AMC Theatres, responsible for the development and implementation of the global strategy, and overseeing all security personnel. Britney is a certified CISSP, CISM, PMP, and holds certifications for CompTIA S+, CCSK, and IT Business Management. She holds a BS in Applied & Discrete Mathematics, and an MS in Cybersecurity. She was also named an IT Security Power Player by SC Magazine.

  • speaker photo
    Kevin Hardcastle
    Associate CISO, Washington University in St. Louis

    Kevin Hardcastle, Chief Information Security Officer (CISO) for Washington University in St. Louis, is a member of the CIO Leadership team and serves a key role in University leadership, working closely with senior administration, academic leaders and the campus community. The CISO is responsible for the development and delivery of a holistic information security strategy to optimize the security posture through collaboration with campus-wide resources, facilitate information security governance, advise senior leadership on security direction and direct program functions of risk and incident management, compliance, information security operations, and information security policy development and education.

  • speaker photo
    Cindi Carter
    CISO, IntSights

    Prior to IntSights, Cindi served as Vice President and Chief Security Officer at MedeAnalytics, where she oversaw global enterprise security. Her mission encompassed creating a culture that places high value on securing and protecting MedeAnalytics and the clients’ information entrusted to them.

    Cindi has built and matured both cyber and physical security practices at The University of Michigan Health System and Cerner Corporation. More recently, Cindi served as the Deputy Chief Information Security Officer at Blue Cross and Blue Shield of Kansas City. Cindi is the founding President of Women in Security-Kansas City, a non-profit organization with the mission to support women at all career levels in Information Security, and serves as an Advisory Board member within the security industry.

  • speaker photo
    Spencer Parker
    Sr. Director, Product Management, CrowdStrike

    With over 20 years of product management experience at Cisco, Websense, and most recently Sophos before joining CrowdStrike in 2017, Spencer has been instrumental in leading the Intel/Falcon X and Mobile solutions. Spencer holds a B.S. in Molecular Biology from the University of Portsmouth.

  • speaker photo
    Sowmya Karmali
    Director, Product Management, CrowdStrike

    Sowmya Karmali is a Director of Product Management at CrowdStrike and is responsible for Falcon Horizon (CSPM) and Falcon Discover for Cloud. She has over 20 years of product development and management experience covering cloud, data, and IoT, and has worked in startups and large organizations. Prior to CrowdStrike, Sowmya held product leadership roles for a multitude of cloud services at Microsoft Azure and Cloudera.

  • speaker photo
    Terry Ray
    SVP, Strategy and Imperva Fellow, Imperva

    Terry Ray is the SVP and Imperva Fellow for Imperva Inc. As a technology fellow, Terry supports all of Imperva’s business functions with his years of industry experience and expertise. Previously he served as Chief Technology Officer where he was responsible for developing and articulating the company’s technical vision and strategy, as well as, maintaining a deep knowledge of the Application and Data Security Solution and Threats Landscape.

    Earlier in his tenure at Imperva, he held the role of Chief Product Strategist where he consulted directly with Imperva’s strategic global customers on industry best practices, threat landscape, application and data security implementation and industry regulations. He continues to operate as an executive sponsor to strategic customers who benefit from having a bridge between both company’s executive teams. He was the first U.S.-based employee, and during his 15 years at Imperva, he has worked hundreds of data security projects to meet the security requirements of customers and regulators from every industry.

    Terry is a frequent speaker for RSA, ISSA, OWASP, ISACA, IANS, CDM, NLIT, The American Petroleum Institute, and other professional security and audit organizations in the Americas and abroad. Terry also provides expert commentary to the media and has been quoted in Security Week, SC Magazine, CBS News, the BBC, and others.

  • speaker photo
    Randy Raw
    VP of Information Security, Veterans United Home Loans

    Randy Raw is VP of Information Security, serving as the Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.

  • speaker photo
    Riley Bruce
    Security Community Evangelist, Manager, Code42

    Riley is a Security Community Evangelist at Code42, where he enjoys educating Security and IT teams through engaging technical content and presentation. Previously, Riley served in both customer support and customer education roles at Code42. In his spare time, he enjoys photography, travel, and relaxing at the lake in northern Wisconsin with his pug Mimi.

  • speaker photo
    Igor Sorkin
    Sr. Solutions Engineer, Okta

    Igor is a 25-year Kansas City IT professional with background across Telecom, Fin-Tech, and Security Technology companies focusing on Software Development, Enterprise Architecture, Security, and Identity and Access Management. A member of Okta's Enterprise Solutions team since 2019, Igor has been helping companies in the Central region to visualize and architect Okta's technology to achieve a variety of Workforce and Customer Identity needs.

  • speaker photo
    Prakash Nagpal
    VP of Marketing, Appaegis

    Prakash Nagpal is VP of Marketing at Appaegis, where he is responsible for bringing the next generation of Zero Trust Secure Application Access solutions to market. His mission is to help customers realize the vision of securing applications and data without compromising user experience, with a Zero Trust application centric approach to security. He has spent over two decades in various leadership roles in technology including marketing, product marketing product management, and engineering in networking, security, and cloud-based services. He has brought several security products to market, including UEBA, security intelligence platforms, data security solutions, and perimeter defense products.

  • speaker photo
    Spencer Parker
    Sr. Director, Product Management, CrowdStrike

    With over 20 years of product management experience at Cisco, Websense, and most recently Sophos before joining CrowdStrike in 2017, Spencer has been instrumental in leading the Intel/Falcon X and Mobile solutions. Spencer holds a B.S. in Molecular Biology from the University of Portsmouth.

  • speaker photo
    Keval Shah
    Sr. Sales Engineer, Gigamon

    With over 12 years of technical consulting and solution engineering experience in the field of Enterprise Networking & Security, Keval has enjoyed architecting and transforming businesses. Prior to Gigamon, Keval spent a decade at Cisco. He holds a Masters in Science, Electrical Engineering, from University of Southern California and a Master’s in Business, Administration & Management, from Washington University in St. Louis, as well as a BS in Electrical Engineering from Pune University, India. Keval resides in Kansas City with his two children and wife. He enjoys playing sports, primarily soccer, where he learned how important a "team" matters to success.

  • speaker photo
    John Grim
    Head of Research, Development, Innovation, Verizon Threat Research Advisory Center

    John has over 17 years of experience investigating, and leading teams investigating, data breaches and cybersecurity incidents within the government and civilian security sectors. Currently, John heads the Verizon Threat Research Advisory Center (VTRAC) research, development, and innovation effort. In this role, he focuses on researching cybersecurity incidents, performing digital forensic examinations, advising on data breach containment and eradication efforts, and creating data breach response preparedness training and breach simulation exercises for customers worldwide. Prior to joining Verizon, John served 12 years with the U.S. Army investigating security-related incidents with eight years specifically focused on network intrusion investigations and forensic examinations.

  • speaker photo
    Michael McGinnis
    Sr. Sales Engineer, LogRhythm

    A Senior Sales Engineer for LogRhythm, Michael McGinnis has worked in IT Security for over 15 years, specializing in SIEM technology for the past 10. Michael’s experience began as a Security Architect for the largest hospital network in the Midwest where he developed and matured a security posture that is the framework used by many hospital systems throughout the country. Michael has been a Principal Engineer for multiple Security Vendors. Michael’s SIEM methodologies and strategies have been referenced by organizations throughout the world. During the implementation of the Affordable Care Act Marketplace, Michael was specifically brought in to help identify log collection strategies. Out of all his accomplishments, Michael is most proud of his amazing wife and three beautiful children.

  • speaker photo
    Joel Hollenbeck
    Regional Director, Security Engineering, Check Point Evangelist, Check Point Software Technologies

    Joel Hollenbeck is a Cyber Security Visionary with the Office of the CTO at Check Point Software Technologies Inc., the worldwide leader in securing the internet. His background includes over 20 years of experience deploying application protection and network-based security. Joel has been securing networks and systems since 1994, including developing and executing on strategies to connect some of the most sensitive networks for the federal government and financial institutions to the internet in the earliest days of commercial internet connectivity. Joel has served as a consulting Security Architect with Check Point, advising a wide variety of clients across many verticals on security best practices, security architecture, and deriving the maximum value from investments in security. Prior to joining Check Point, Joel held various security engineering, leadership, and executive roles within organizations local to St. Louis.

  • speaker photo
    Peter Klimek
    Director of Technology - Office of the CTO, Imperva
  • speaker photo
    Alex Kirk
    Global Principal Engineer, Corelight

    Alex Kirk is an open source security veteran, with a combined 17 years at Sourcefire, Cisco, Tenable, and now Corelight, where he serves as Global Principal for Suricata. Formerly a malware zookeeper and IDS signature writer, today he spends his time helping SOC analysts and advising on security policy for government agencies, universities, and large corporations around the world.

  • speaker photo
    Terrence Davis
    Solutions Architect, Armis
  • speaker photo
    Kristen Cooper
    Director of Product Marketing, Siemplify

    Product marketing specialist with over 15 years of experience at emerging and growing cybersecurity and SaaS companies. Currently heading up product marketing at Siemplify. SecOps solution specialist. Remote work advocate.

  • speaker photo
    Brian Wasko
    Director, Information Security & Compliance, RiskIQ
  • speaker photo
    Rebecca Rakoski
    Co-Founder & Managing Partner, XPAN Law Partners

    Rebecca L. Rakoski, Esq., is the managing partner at XPAN Law Partners. Rebecca counsels and defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. She manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to aggressively mitigate her client's litigation risks. As an experienced litigator, she has handled hundreds of matters in state and federal courts. Rebecca advises her clients on a proactive, multi-jurisdictional approach to identify and address data privacy and cybersecurity compliance gaps and potential liabilities. She works with clients to create and tailor a security and privacy governance program that fits their specific needs in order to limit their regulatory exposure.

    As a thought leader in the area of data privacy and cybersecurity, Rebecca serves on the New Jersey State Bar Association's Cyber Task Force. Rebecca is Vice-Chair Elect for the New Jersey State Bar Association's Bankruptcy Law Section, and also served on the Complex Business Litigation Committee that drafted and revised the Court Rules involving electronic discovery in complex litigation matters. She has been appointed in several litigation matters by the New Jersey Superior Court as a Discovery Special Master.

    Rebecca is on the Board of Governors for Temple University Health Systems, and is an adjunct professor at Drexel University’s Thomas R. Kline School of Law and Rowan University.

  • speaker photo
    Randy Raw
    VP of Information Security, Veterans United Home Loans

    Randy Raw is VP of Information Security, serving as the Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.

  • speaker photo
    Shawn E. Tuma
    Co-Chair, Cybersecurity & Data Privacy Practice Group, Spencer Fane LLP

    Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store