Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, March 1, 2017
    8:30 am
    SecureWorld PLUS Course – Threat Hunting and Analysis
    • session level icon
    Threat Hunting and Analysis - Earn 12 CPEs!
    speaker photo
    Technology Editor and author of "Threat Hunter" blog, SC Magazine
    Registration Level:
    • session level iconSecureWorld Plus
    8:30 am - 3:30 pm
    Location / Room: 215

    Threat intelligence has become the coin of the realm in fighting cybercrime. However, simply knowing who the bad guys are and what they do is not enough. You must be able to dig for actionable intelligence and apply that explicitly to your environment. Broadly speaking, we call that threat hunting. Once you have determined the nature and details of threats to your enterprise, you must be able to disseminate them in a manner that is understandable by both humans and machines.

    This full-day, hands-on workshop will introduce you to threat hunting techniques and tools—both free and commercial—that you can use and how to translate your findings to Stix for dissemination to a variety of audiences, as well as consumption by an increasing number of security devices such as IPSs and firewalls. You will work in a virtual lab environment using tools and techniques to discover threats, research them in depth, and create Stix profiles. By the end of the workshop you will have compiled a list of tools that you can use, evaluated those tools in a lab environment, created a Stix profile of an actual cyber campaign, and presented your profile to the rest of the class.

    Visit the Center for Digital Forensic Studies’ Training Portal to read the syllabus and other course related materials.

    For this workshop you will need to bring your own Windows laptop and have the current version of the Chrome browser pre-installed. All other tools will be available on a virtual lab machine you will connect to remotely.

  • Thursday, March 2, 2017
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Round Table Breakfast: The Cost and Consequence of Insider Threats – (VIP / INVITE ONLY)
    • session level icon
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    Location / Room: 216 AB

    This session is for Advisory Council members only.

    8:00 am
    ISACA Breakfast Meet & Greet
    • session level icon
    Members Only
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:30 am
    Location / Room: Keynote Theater

    Light breakfast served

    8:30 am
    Cloud and Outsourcing, Oh No
    • session level icon
    speaker photo
    Sr. Compliance & Cybersecurity Auditor, CipherTechs, Inc.
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 211B

    Everyone does some sort of outsourcing or using the cloud. Do you have the necessary requirements and third party programs built and implemented? Many companies continue to “Oops, I forgot” or “Oops, I didn’t think about that.” What are basic items that need to be in place BEFORE you contract.

    8:30 am
    How to Up-Level Your Skills to Enhance Your Career
    • session level icon
    speaker photo
    Cybersecurity Consultant, ExecSec Inc.
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 211A

    Up-Level Your Hard and Soft Skills to Turbo-Charge Your Career

    8:30 am
    Practical Application of the NIST CSF
    • session level icon
    speaker photo
    Sr. Lead of Information Security, SPX Corporation
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 212B

    The NIST Cybersecurity Framework is a valuable tool for mapping security posture and maturity in an organization. This presentation strives to take some of the confusion out of how to approach and apply the framework to an organization in an effective manner, including an expanded CSF worksheet template.

    8:30 am
    Four Levels of Thinking as a Geek Leader
    • session level icon
    ISACA Meeting - Open to all attendees
    speaker photo
    Principal Geek, BrightHill Group
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    The best technical experts are often moved to leadership positions. But did you know that in order to succeed as a leader of people you will need to think differently? Discover two myths that hold you back and the Four Levels of Thinking Great Geek Leaders use to succeed.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: The Cost and Consequences of Complexity in IT Security
    • session level icon
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    The actions of Imposters, negligent and malicious insiders can have significant financial and reputational consequences for companies. Most companies, according to recent Ponemon Institute research, admit they have failed to detect a data breach involving the loss or theft of business-critical information. They also believe it is highly likely that one or more pieces of information critical to the success and competitiveness of their companies is now in the hands of a competitor. In this session, Dr. Larry Ponemon will quantify the cost of the insider risk, why the threat is serious and how to secure business-critical information in the workplace.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:15 am
    Current Cyber Threats, Trends & Impact
    • session level icon
    speaker photo
    Charlotte Supervisory Intelligence Analyst for Cyber, FBI
    speaker photo
    Charlotte Cyber, FBI
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 211B

    Review of the current threats and trends impacting businesses through Cyber methodology. A “look into the future” of potential new, upcoming trends based upon consumer use of the IoT.

    11:15 am
    Cylance: Hitchhiker’s Guide to Ransomware – From Genesis to Current Menace
    • session level icon
    speaker photo
    Principal Consultant - Incident Response, Cylance
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 211A

    This presentation will cover: ransomware, ransomware infection vectors, the history & evolution of ransomware, business model for ransomware and what the best ways to detect and prevent ransomware.

    11:15 am
    Risk-Based Security
    • session level icon
    speaker photo
    Enterprise Security Architect, Retail Business Services, LLC
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 212A

    Risk-based cybersecurity: a viable choice or an unreachable goal?
    In this presentation, the audience will see the evolution of the security perimeter of the enterprise with its new defense challenges such as vendor-managed equipment and IT function outsourcing, cloud offerings and compliance vs security. Then, the presentation will focus on risk-based solutions to meet those challenges.

    12:00 pm
    Advisory Council Roundtable: Navigating 3rd Party Risk
    • session level icon
    (VIP / Invite Only)
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 216AB
    12:15 pm
    LUNCH KEYNOTE: Hacked Again – It Can Happen to Anyone, Even a Cybersecurity Expert
    • session level icon
    speaker photo
    President / CEO of BVS, Cybersecurity Expert, Author, BVS
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Scott Schober shares his personal accounts as a business owner, thought leader, and wireless technology expert as his book ‘Hacked Again’ examines a multitude of cybersecurity issues affecting all of us, including: malware, hackers, email scams, identity theft, spam, social engineering, passwords, the dark web.

    1:15 pm
    Panel: Phishing and Social Engineering Scams 2.0
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: What Will They Think of Next? (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 211B
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    Mobile Cyber Targets
    • session level icon
    speaker photo
    Sr. Information Security Manager, Snyder's-Lance, Inc.
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 211B

    Mobile devices currently come in a large variety of options and as technology progresses those options and cyber risks will potentially become more a reality. So how are devices and data on them targeted now and how can a cyber mobile attack affect you and your business.

    3:00 pm
    Integration of a Secure System Development Life Cycle (SSDL)
    • session level icon
    speaker photo
    Senior Associate, PwC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 211A

    This presentation reviews the essential need of security being introduced early into the system development life cycles (SDLC). Effective integration of security requirements can be challenging. The key to success is where the process is:
    • based on policy and controls,
    • consistent and repeatable,
    • efficient, with a clear path to production.

    11:15 am
    First 90 Days. New (or Renewed) CISO Assessment
    • session level icon
    speaker photo
    Chapter Member, (ISC)2
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 212B

    New leaders are afforded a grace period as they come into a new position. This is an extremely valuable window where the leader can assess him/herself, his relationships, his team, his organization and assess strengths and weaknesses, opportunities and weakness. This discussion will walk through the exercise and share lessons from a recently placed CISO.

    3:00 pm
    How do Bad Guys Dream? Tales From the Criminal Mind
    • session level icon
    speaker photo
    Penetration Tester, Wells Fargo, Charlotte ISSA Board Member
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 212A

    How are our systems really being impacted? Lets take a deep dive into the world of the criminal mind, from a professional penetration tester / red team member.

Exhibitors
  • Binary Defense Systems
    Booth: 415

    BDS is a company that works with you to understand your environment, what you have and building defenses to combat what we face today and for the attacks of tomorrow. Technology is continuously changing, businesses change every day – in order to keep up with the changes, BDS has created an extensively flexible yet highly accurate way of detecting attackers. We are attackers, and we know the best ways in detecting how attackers breach your network. An added bonus with BDS – continual penetration tests are performed regularly to enhance and develop additional safeguards. We are here to defend, protect and secure your company.

  • Carbon Black
    Booth: 125

    Carbon Black is Transforming Security Through Big Data and Analytics in the Cloud Growing trends in mobility and cloud have made the endpoint the new perimeter. New and emerging attacks are beating traditional defenses, and security teams are too reactive and held back by their technologies. Carbon Black is leveraging the power of big data and analytics to solve the challenges surrounding endpoint security. With the Cb Predictive Security Cloud platform, we are transforming cybersecurity to deliver a new generation of cloud-delivered security solutions designed to protect against the most advanced threats.

     

  • Cloud Passage
    Booth: 230

    CloudPassage® Halo® is the world’s leading agile security platform that provides instant visibility and continuous protection for servers in any combination of data centers, private clouds and public clouds. Halo uses minimal system resources; so layered security can be deployed right at every workload – servers, instances and containers.

  • Cloud Security Alliance (CSA)
    Booth: 115

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • CPAC
    Booth: 610

    CPAC is an all volunteer, 501-(c)3, professional peer group. CPAC promotes promotes awareness about the value contingency planning provides business, government and individuals, by identifying common problems, proposing solutions and sharing lessons learned from past experiences. CPAC also assists in objectively identifying vendor resources which may facilitate effective contingency planning and disaster recovery. While CPAC is a membership organization, all regular meetings are free and open to the public.

  • Cylance
    Booth: 430

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • DHG
    Booth: 105

    Headquartered in Charlotte, NC, DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 13 states, we combine deep experience with a strong commitment to personal service. We are passionate about helping our clients succeed—and we do so through a resourceful approach to solving problems, providing solutions and helping our clients achieve their goals.

    Dedicated client focus and relationships have been and always will be our touchstone. Here at DHG, you’ll receive personalized service provided by a team of professionals who are eager to share their knowledge and experience with you. We draw on our extensive resources to combine comprehensive assurance, tax and advisory services.

  • FireEye
    Booth: 330

    FireEye (https://www.fireeye.com/) is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,100 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.

  • Institute of Internal Auditors (IIA)
    Booth: 310

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • InfraGard
    Booth: 510

    InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

    The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.

  • Internetwork Engineering
    Booth: 410

    Internetwork Engineering (IE) is a private technology consulting company that improves business outcomes with the expert selection, implementation and operation of information technology. Since 1996, our expert combination of people, partners and process have allowed us to become a strategic service provider for clients throughout the Southeast. With our Blueprint for Business (B4B) methodology, we deliver customized technology solutions that align with business goals to create a distinct competitive advantage.
    To learn more about IE, visit ineteng.com or subscribe to our blog at http://blog.ineteng.com.

  • IntraLinks
    Booth: 300

    Intralinks helps enterprises extend business processes and content across traditional organizational, corporate and geographical boundaries.

  • ISACA
    Booth: 215

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

  • (ISC)2
    Booth: 600

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA Charlotte Chapter
    Booth: 515

    The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.

  • Kaspersky Lab
    Booth: 530

    In 1999, Kaspersky Lab was the first company to introduce integrated antivirus software for workstations, file servers and application servers running on Linux/FreeBSD operating systems. Today, the company offers a whole range of effective corporate security solutions for the most popular operating systems specifically designed for different types of businesses. The company?s product range covers all of the main information security requirements that businesses and large state organizations have to adhere to, including: excellent protection levels, adaptability to changing circumstances, scalability, compatibility with different platforms, high performance, high fault tolerance, ease of use and high value. One of the primary advantages of Kaspersky Lab’s corporate range is the easy, centralized management provided by Kaspersky Security Center that extends to the entire network regardless of the number and type of platforms used.

  • Kudelski Security
    Booth: 210

    Kudelski Security is the premier cybersecurity innovator for Fortune 500 organizations. Our approach continuously evaluates customer’s security posture to reduce risk, maintain compliance and increase security effectiveness. Our partner, Wombat Security Technologies provides awareness and training to teach secure behavior. Wombat’s solutions reduce phishing attacks and malware infections up to 90%.

  • North Carolina Technology Association
    Booth: No Booth

    Founded in 1993, the North Carolina Technology Association (NCTA) is a 501 (c) (6) not-for-profit association focused on advancing the state’s tech industry. NCTA has 700+ member companies, organizations and institutions representing more than 200,000 North Carolina based employees.

  • NETSCOUT
    Booth: 100

    NETSCOUT nGenius packet flow switches provide security visibility by optimizing the flow of traffic from the network to security systems. These appliances collect and organize packet flows—creating a unified packet plane that logically separates the network layer from the security systems. Our customers use packet flow switches to optimize and scale out their cyber security deployments, so that they can spend less time in adding, testing and managing their security systems.

  • SailPoint
    Booth: 400

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Spectrum Enterprise
    Booth: 315

    Spectrum Enterprise, a division of Charter Communications, is a national provider of scalable, fiber-based technology solutions serving many of America’s largest businesses and communications service providers. The broad Spectrum Enterprise portfolio includes Internet access, Ethernet access and networks, Voice and TV solutions extending to Managed IT solutions, including Application, Cloud Infrastructure and Managed Hosting Services offered by its affiliate, Navisite. Our industry-leading team of experts works closely with clients to achieve greater business success by providing these right-fit solutions designed to meet their evolving needs. For more information, visit enterprise.spectrum.com. Charter Communications was formerly Time Warner Cable.

  • Stalwart
    Booth: 125

    Since 2002, Stalwart has been focused on architecting, implementing, and managing secure, enterprise-class IT infrastructure solutions. Our high impact professional services are delivered through a proprietary project management methodology – Accelerated Integration Management (AIM), resulting in a sterling (and 100% referenceable) reputation for quality of service. In 2015, Stalwart became a wholly-owned subsidiary of North State Communications.

  • TechTarget
    Booth: No Booth

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • TrustedSec
    Booth: 415

    TrustedSec is a leader in attack intelligence and security advisory services. Our team of highly talented, skilled, senior consultants sets us apart from other commodity-service security companies. We form partnerships with our number one goal to help you holistically improve your security program. You’ll find that working with us amounts to more than “just another engagement”—it’s establishing an understanding with your organization, and working to make you more secure, and better as a whole.

     

  • WatchGuard
    Booth: 110

    Seattle-based WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises. Recognizing an unmet need for a security solution that addresses the rapidly evolving threat landscape, WatchGuard architected its high-throughput, highly scalable, and flexible Fireware® operating system to form the backbone of its products. This platform yields dramatically higher performance at a much lower cost than competitors in environments where multiple security engines are enabled.

  • Wombat Security Technologies
    Booth: 210

    Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%.

  • Ziften
    Booth: 200

    Ziften delivers all-the-time visibility and control for any asset, anywhere – client devices, servers, and cloud VMs – whether on-network or remote; connected or not. Our SysSecOps platform empowers enterprises, governments, and MSSPs to quickly repair endpoint issues, reduce their overall risk posture, speed threat response, and increase operations productivity.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Dr. Peter Stephenson
    Technology Editor and author of "Threat Hunter" blog, SC Magazine

    Dr. Peter Stephenson is the Technology Editor and author of the “Threat Hunter” blog in SC Magazine, a leading industry publication for which he has written for over 20 years. He is a cyber criminologist, digital investigator and digital forensic research scientist, as well as being a writer, researcher and lecturer on cyber threat analysis, cyber criminology, cyber jurisprudence and cyber criminalistics on large-scale computer networks.

    He has lectured extensively on digital investigation and security, and has written, edited or contributed to 20 books and several hundred articles and peer-reviewed papers in major national and international trade, technical and scientific publications. He is the series editor of the new Peter Stephenson Series on Cyber Crime Investigation (Auerbach). He spends his time in retirement as a writer and researcher specializing in cyber threat analysis, cyber criminology, and cyber jurisprudence.

    Dr. Stephenson was an Associate Professor and the Chief Information Security Officer for Norwich University and, prior to his retirement in July of 2015, was Director of the Norwich University Global Cyber Threat Observatory and Center for Advanced Computing and Digital Forensics, both of which he founded. He received the Distinguished Faculty Award in the Norwich College of Graduate and Continuing Studies. He retired from the university in July, 2015.

    Dr. Stephenson has lectured or delivered consulting engagements for the past 45 years in eleven countries plus the United States and has been a technologist for fifty-three years.

    Dr. Stephenson obtained his PhD by research in computing at Oxford Brookes University, Oxford, England where his research was in the structured investigation of digital incidents in complex computing environments. He holds a Master of Arts degree (cum laude) in diplomacy with a concentration in terrorism from Norwich University. He currently is pursuing a second PhD in law focusing on cyber jurisprudence research.

    Dr. Stephenson is a full member of the Vidocq Society, for which he acts as Chief Information Security Officer, and has retired as a Fellow of the American Academy of Forensic Sciences. He is a member of the Albany chapter of InfraGard. He held—but has retired from—the CCFP, CISSP, CISM, FICAF and FAAFS designations, and currently is a licensed professional investigator in Michigan.

  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    Sandy Bacik
    Sr. Compliance & Cybersecurity Auditor, CipherTechs, Inc.

    Sandy Bacik, former ISO / Director of InfoSec and author, has many years of direct development, implementation, and management information security experience in the areas of audit, DR/BCP, incident investigation, physical security, privacy, compliance, policies/procedures, and data center operations. She has developed enterprise-wide security conscious culture through information assurance programs.

  • speaker photo
    Cheri Sigmon
    Cybersecurity Consultant, ExecSec Inc.

    Leveraging 21 years of experience in leadership, information security and workforce development, as a Chief Information Security Officer (CISO), Office of the Secretary of Defense (OSD), Cheri secured sensitive military networks/communications/technology. The Joint Staff; USSTRATCOM Joint Task Force-Global Network Operations; Headquarters Air Combat Command; US Joint Forces Command. Retired US Air Force officer, Clemson University alum, native of York, SC.

  • speaker photo
    Torry Crass
    Sr. Lead of Information Security, SPX Corporation

    Torry Crass is an information security expert with over 7 years in the information security field and more than 20 in information technology. He currently manages a security team for a global manufacturing company and holds ITIL and GCED certifications with membership in OWASP, ISSA, and InfraGard.

  • speaker photo
    Tom Cooper
    Principal Geek, BrightHill Group

    Tom Cooper, PMP is the founder of BrightHill Group, where he believes that "Because People Matter, We Must Lead Them Well.” Because of his deep experience in software development and enterprise IT implementation, Tom specializes in working with highly technical experts.

  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    Joseph Szczerba
    Charlotte Supervisory Intelligence Analyst for Cyber, FBI
  • speaker photo
    Special Agent David Katowski
    Charlotte Cyber, FBI
  • speaker photo
    Thomas Pace
    Principal Consultant - Incident Response, Cylance

    Thomas Pace has an extensive background in building incident response programs, policies, procedures and playbooks at multiple top-tier organizations. Thomas has 11 years of security experience in various fields including physical security, intelligence gathering and analysis, sensitive site exploitation, incident response, intrusion analysis, and endpoint and network forensics. Thomas also has extensive experience in conducting assessments against various NIST special publications such as 800-53 and 800-171.

    At Cylance, Thomas serves as a Principal Consultant where he acts as a technical lead on various projects sold and delivered, and also creates processes and methodologies to better assist Cylance’s client base. Thomas conducts incident readiness assessments, security tool assessments, and responds to incidents as needed. Thomas is also currently an Adjunct Professor at Tulane University where he has developed a portion of the Homeland Security Studies program curriculum centered on cybersecurity. Thomas also currently provides guidance and expertise to the New Orleans cloud security community as the Louisiana Cloud Security Alliance Co-Chair.

    Prior to Cylance, Thomas served as a Senior Cybersecurity Engineer at Fluor Federal Petroleum Operations, a Department of Energy contractor supporting the Strategic Petroleum Reserve worth billions of dollars. In this role, Thomas was the lead incident response official and was responsible for ensuring all incidents were appropriately identified, contained and remediated in a timely manner and reported to proper authorities if necessary. Additionally, Thomas was responsible for conducting intrusion analysis and threat hunting on a daily basis to ensure the organization was not breached. While conducting a multitude of analyses based on intrusions and incidents, Thomas built a multitude of playbooks and processes so junior technical personnel could also conduct analyses in an efficient manner.

    Thomas served in the United States Marine Corps as an infantryman and intelligence specialist. During this time, Thomas deployed to both Iraq and Afghanistan as part of the Marine Corps.

    Thomas holds an M.S. in Information Science with a concentration in Information Assurance. Thomas also possesses multiple certifications such as GIAC GCIH, GCFA, GCIA, GICSP and GCWN. Thomas also is a Sourcefire certified professional, CISSP, and possesses CNSS 4011, 4012, 4013, 4014 and 4015.

  • speaker photo
    Claire LaVelle
    Enterprise Security Architect, Retail Business Services, LLC

    Claire LaVelle is currently the Enterprise Security Architect at Retail Business Services supporting the 4th largest food retailer on the US East Coast and a global retailer. She owns the security standards that she applies to the various environments such as cloud, mobile, access management… to incorporate in reference architectures that align to security policies and IT strategies. Prior to this present position, Claire was the Manager of the PCI and HIPAA compliance programs. Before shifting to the private section, Claire worked for the DMDC, a DoD agency, for as an Information Officer.

    Claire has two Masters Degrees in Computer Science. She earned her first Masters Degree at Mills College while working on her thesis with Guidance Software, which she published with Elesvier. She earned her second Masters Degree at Naval Post Graduate School under the Scholarship for Service (SFS), sponsored mainly by the National Science Foundation (NSF). At Naval Post Graduate, she focused on Information Security familiarizing herself intimately with topics such as ethical hacking, reverse engineering, protocol analysis (encryption), privacy, ethics and the internet, advance networking, vulnerability management, compliance and much more in addition to participating in practical defense exercises against government agencies and hacking competitions.

    Claire loves to share her passion for computer security via speaking engagements inside her company and at various conferences. She presented at the CFO (Chief Financial Officer) Risk Summit in Boston, in front of the Association of Forensic Document Examiners in Myrtle Beach, and at local colleges, last year.

  • speaker photo
    Scott Schober
    President / CEO of BVS, Cybersecurity Expert, Author, BVS

    Scott Schober is the president and CEO of Berkeley Varitronics Systems, an experienced provider of wireless test and security solutions. He is considered one of the foremost wireless technology and cybersecurity experts in the world, and is regularly interviewed for leading national publications, as well as appearing on major network television and radio stations to offer his expertise.

  • speaker photo
    Mike Muscatell
    Sr. Information Security Manager, Snyder's-Lance, Inc.

    Mike Muscatell is a seasoned IT veteran with more than twenty years in the Information Security field. He is a certified ethical hacker. Was honored as top 100 professionals in the Information Security Field by Strathmore's for 2014. Member of a number of security organizations including Infragard, US Chamber of Commerce Cyber Committee.

  • speaker photo
    Diane McCarthy
    Senior Associate, PwC

    Diane holds a Bachelor’s in Telecommunications\Network Management, CISSP, CISA, and CRISC. She has 15 years of technical knowledge including 13 years in IT risk and cybersecurity. She is currently collaborating on multiple projects to automate security assessments including compliance to policy and controls, issue management and exception processing.

  • speaker photo
    Terry Ziemniak, CISSP
    Chapter Member, (ISC)2

    Terry has over 25 years' experience in the information security field with work ranging from security architecture, pen testing, operations, auditing, risk management, disaster preparedness and compliance. His roles have ranged from white-hat hacker up to CISO for billion dollar companies. Terry has achieved the CISSP (Certified Information System Security Practitioner) designation as well as having completed his Master's degree in Information Security from DePaul University. He has spoken on cybersecurity topics to groups all over the country and as far away as Germany.

  • speaker photo
    Dave Keene
    Penetration Tester, Wells Fargo, Charlotte ISSA Board Member

    Dave enjoys the outdoors as much as he can get away from his computer. He is active in the security community in Charlotte as well as international endeavors.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store