Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, March 13, 2019
    9:00 am
    SecureWorld PLUS - Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: 216AB

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    9:00 am
    SecureWorld PLUS - Insider Threat: A White Hat Hacking Methodology Approach to Insider Threats
    • session level icon
    9 a.m. - 3 p.m. - Earn 12 CPEs!
    speaker photo
    Information Security Advisor, Enterprise IT Solutions
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: 215

    There are several courses which teach insider threat program development. While the methods and controls taught are very comprehensive and effective, often-times they can also be bypassed.

    Learn how the controls of your current security program can be bypassed by utilizing routine IT procedures. Will also show how to identify business processes which can contribute to insider threats. Learn how to enhance procedures required to identify insider threat exposures.

    This program is designed to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology. A series of live demonstrations will be performed to show the white hat hacking techniques used to bypass various controls.

    Learning Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity.
    • How to identify system based behavioral indicators.
    • Learn which existing or enhanced security layer can provide insider threat profile data.
    • Learn how areas of the organization i.e. Legal, Procurement & HR are key stakeholders in assisting to identify insider threat activity.

    Take-Aways from the Course:

    • Establishing or enhancing an existing cyber security program to include insider threat.
    • Define self-assessments of insider threat segment of the cyber security program.
    • Enhance awareness training to include additional methods of insider threat.
    • Enhance existing security layers to better identify specific insider threat activity.
  • Thursday, March 14, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Breakfast: (VIP / INVITE ONLY)
    • session level icon
    Topic: 3rd Party Risk- Establish and Manage
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    Location / Room: 216AB

    This session is for our Advisory Council members only. Light breakfast, coffee and tea served.

    8:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    8:00 am
    ISACA Chapter Meeting - Open to all Attendees - Coffee Served
    • session level icon
    Presentation — Hack Yourself: Going Dark on the Internet
    speaker photo
    Audit Analytics Leader, Wells Fargo
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:15 am
    Location / Room: Keynote Theater

    Interested in your local associations? Join ISACA for their monthly meeting, light breakfast, and guest speaker.
    8:00-8:15 am – networking
    8:15-9:15 am – guest presentation

    Presentation:

    • Information on the internet
    • Why hack yourself?
    • Cleaning your information
    • Maintaining cleanliness
    • Basic safety going forward
    • Privacy legislation – what can we do?
    8:30 am
    Cyber Resiliency: Reducing Your Risk by Increasing Your Resiliency
    • session level icon
    speaker photo
    Director, Experis Finance
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 213BC
    Cyber Resiliency enables organizations to take actions that reduce their overall risk, minimize the impact of cyber-attacks, and more predictably ensure the continuity of essential services.

    This presentation will provide a high-level overview of cyber resiliency and explore the following aspects of cyber resiliency:
    • Where cyber resiliency differs from traditional business continuity management
    • How to determine your organization’s need for cyber resiliency
    • Practical ways to assess your current and future organizational exposure
    • Who should be involved in cyber resiliency
    • What are some practical steps to begin implementing a cyber resiliency program

    8:30 am
    [SentinelOne] The Power of One: Autonomous Endpoint Protection
    • session level icon
    speaker photo
    Senior Sales Architect, SentinelOne
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 215

    As a decision maker trying to improve security posture in an increasingly sophisticated threat landscape, you should look for products which make use of AI to build attack context, simplify the story, and automate as much as possible to save you time.

    SentinelOne is an enterprise security platform that uses patented behavioral AI to prevent, detect, respond, and hunt cyber attacks autonomously. With endpoints serving as the elastic barrier of today’s networks, SentinelOne creates a software-defined security layer that not only operates as an SOC on each endpoint—but also unifies existing and future cybersecurity investments through integrations with other technologies.

    8:30 am
    [Check Point Software Technologies] My CEO Told Me We Have to Move Our Datacenter to the Public Cloud... So, What's the Big Deal?
    • session level icon
    speaker photo
    Global Cloud Evangelist, Check Point Software Technologies
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 213D
    In this session, we will discuss why today’s IT organizations require mature and complete native tools—built in the cloud for the cloud—which provide:
    – Complete visibility
    – Configuration management – Identity protection
    – Secure DevOps
    – Compliance Automation
    – Governance Enforcement
    – Environment Lockdown

    We will discuss the subtle yet profound differences in operating your datacenter in the public cloud versus operating your own datacenter. We will discuss the ‘Shared Responsibility Model’ and what it really means to you and your IT department as you expand the number of workloads you move to the public cloud. And, as your sophistication increases and you expand your use of PaaS and IaaS, the complexities follow in tandem. We will show how today’s IT organizations require new, purpose-built tools designed and capable of ‘speaking the same language’ as the public cloud infrastructures and built to leverage the extensive APIs they provide.

    9:30 am
    OPENING KEYNOTE: Recent Cyber Threats and Trends from the FBI
    • session level icon
    speaker photo
    Supervisory Special Agent, FBI
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    Special Agent Brian Cyprian will highlight recent cyber threats and trends seen by the FBI, and provide a case study on cybercriminals located overseas who committed crimes against U.S. citizens. These criminals were arrested, extradited to North Carolina, and brought to justice.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable — (VIP / Invite Only)
    • session level icon
    Topic — Security Metrics: The Good, the Bad, and the Ugly
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 216AB

    This session is for our Advisory Council members only.

    11:15 am
    Moving Your Business Securely Out of Your Data Center - Into the Cloud
    • session level icon
    speaker photo
    Director, Infrastructure & Security, National Gypsum
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 215
    Your business can adopt new tools, new processes that add lots of value – and become more secure at the same time.
    I used to think that cloud solutions to business problems were too risky – NOW I believe that our cloud solution is MORE SECURE than our other alternatives. I firmly believe that security works BEST when it is embedded in what people routinely do and it makes what they do EASIER and more SECURE at the same time. New cloud services and tools from Microsoft are key to NGC becoming more secure and saving serious money overall.
    11:15 am
    [Radware] Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 213A

    Throughout 2018 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    [DHG] Operational Technology: The “Other” Cybersecurity
    • session level icon
    speaker photo
    Sr. Manager, IT Advisory, DHG
    speaker photo
    Director of Cybersecurity , Intelligent Buildings, LLC
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 213D

    Organizations have traditionally focused cybersecurity initiatives on enterprise IT infrastructure and systems. Yet, non-traditional, legacy systems responsible for controlling building technology, including HVAC, elevators, metering, lighting and parking systems introduce significant risk to sensitive data, brand reputation, and even health and safety.  In spite of becoming more connected to corporate networks, Operational Technology (OT), is often overlooked as a vulnerability point and large organizations often struggle with understanding how to effectively manage the security around these systems.
    DHG has teamed up with Intelligent Buildings to provide an overview of how operational technology and building automation systems work, and how they can be exploited to compromise a company.  DHG and Intelligent Buildings have developed a framework and approach for managing operational technology.  This session will teach you how to identify and assess your risks, prepare a gap analysis and move toward remediation.

    11:15 am
    Addressing the Cybersecurity Talent Gap at Fever Pitch Levels
    • session level icon
    speaker photo
    Director of Cybersecurity Engineering and Operations, Sealed Air
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 213BC

    The growing number and size of data breaches indicates that threats are outpacing security measures taken by organizations and lack of cybersecurity workforce to effectively thwart such attacks. Cybersecurity threats and exploits are growing faster at a rate of 24 percent since 2016 which is greater than the capacity of most organizations security teams. At this rate, the global shortfall of cybersecurity professionals is expected to reach 3.5 million by 2022. The impact of such resource deficiency is realized when on average only 50 percent of applicants for cybersecurity positions are qualified for the jobs. Also, more than half or 53 percent of organizations face delays for as long as six months to find and hire qualified cybersecurity candidates. Since the responsibility for keeping data breaches from doing serious damage falls on either internal staff or offshored managed security service providers it is necessary to re-think how colleges prepare the work force for cyber security roles, recruiters build a bench of qualified resources and human resources approach compensation for qualified resources.

    12:15 pm
    LUNCH KEYNOTE: Executive Leadership Panel
    • session level icon
    Topic: Establishing and Evaluating Effective Cybersecurity Programs
    speaker photo
    Director, IT Governance , Novolex
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:15 pm
    Location / Room: Keynote Theater

    How to do it and how to test it involves strategic planning and leadership at the executive level.  The practical take-aways from this discussion will be immensely meaningful.
    Panelists:
    Stephen Head, Director, Experis Finance
    Frank Depaola, Head of Info Sec, Enpro Industries
    Larry Eighmy, CISO, The Halo Group
    Torry Crass, INMA Cybercamp Program Director, InfraGard
    Mike Hillhouse, CIO/CISO, Cadrillion Capital
    Andre Mintz, Executive Vice President, CISO and CPO, Red Ventures
    Thomas Tollerton, Senior Manager, IT Advisory, Dixon Hughes Goodman LLP

     

     

    1:30 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:30 pm - 2:15 pm
    Location / Room: 213A

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.
    Panelists:
    Ron Winward, Radware
    Patrick Barry, Rebyc Security
    John McClurg, Cylance
    Rich Burke, Delta Risk
    Chris Steven, SentinelOne
    Mike Kiser, SailPoint
    Moderator: Danielle Fritzler

    1:30 pm
    Panel: Access Control – the End of the Password?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:30 pm - 2:15 pm
    Location / Room: Keynote Theater

    “Open Sesame!” Whether you recognize the term coming from Ali Baba or one of the forty thieves, this timeless password ranks up there with “password123” or “admin” on your home wireless router. Passwords were created to keep us safe or keep something safe for us. Back in the day you were able to look the person in the eye when they said the password. You knew (roughly) what you were getting, and you could perform a risk assessment (of sorts) on the speaker. Now, with some many ways at getting our information, the password is going the way of the dodo. Is 2FA good enough? Zero Trust? Biometrics? Pass phrases? Perhaps your own voice is the password? I don’t know the answer, but I’d be willing to bet that some of the experts on this panel will be able to help you decide what to do with the password dilemma.
    Panelists:
    Jorge Alago, Veristor
    Gary Walderich, Check Point Security
    William Clay James, Marine Federal Credit Union
    William Curtis, Hanes
    Moderator: RJ Sudlow, DHG

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    Finding Your Vulnerabilities—Before Attackers and Auditors Do
    • session level icon
    speaker photo
    Director, Information Security, Fluor
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 213A
    Do you know where all of your cyber security vulnerabilities are? As enterprise defenders and security leaders, we can take the initiative in looking for these vulnerabilities, both within the organization as well as on our systems exposed directly to the Internet. This presentation provides some considerations and practical tips for organizations in strengthening, or establishing, their own vulnerability management program and ensuring the most benefit from outside vulnerability assessments and penetration tests.
    3:00 pm
    Scoping Insights for Compliance Data
    • session level icon
    speaker photo
    Event Director, ISSA
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 213BC
    This presentation addresses the scoping issues that exists in compliance programs. It reviews de-scoping techniques and highlights potential scope creeps. The presentation also gives an overview about the categorization of assets and services depending on their roles within the compliance program. To conclude, the presentation will show possible remediation path and good practices to keep the scope current and relevant.

     

    3:00 pm
    Applying the Scientific Method to Cybersecurity Event Analysis
    • session level icon
    speaker photo
    Information Security Analyst, Novant Health
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 213D
    What is one of the biggest frustrations when analyzing a cybersecurity event? To me, it is a simple frustration of not knowing where to go next with my investigation. I find that it is easy to trail down what we like to call “rabbit holes.” These rabbit holes may not lead anywhere, which is fine. However, it is frustrating when you are deep in a rabbit hole and end up at a cross tunnel not knowing which way to go next or where you just came from.
    By applying the scientific method to our analysis we are able to better organize our thought process, focus on where we should go next, and where we have already been in the investigation that took us to a dead-end. The scientific method can be used for even the simplest adverse cybersecurity events, as well as complex cybersecurity incidents.
    4:00 pm
    Happy Hour Reception
    • session level icon
    Join your fellow security professionals for drinks and appetizers compliments of GuidePoint and Partners
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 6:00 pm
    Location / Room: Merchant and Trade - 303 S Church St,, Charlotte

    Join your peers for complimentary hors d’oeuvres, drinks, and conversation following SecureWorld. This is a great opportunity to network with other security professionals from the Charlotte area, and to discuss the hot topics from the day.
    Compliments of GuidePoint Security and Partners.
    Merchant and Trade, 303 S Church St. Charlotte, NC 28202
    4:00 P.M.
    Register Here (space is limited)

Exhibitors
  • Arctic Wolf Networks
    Booth: 630

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOCTMservice is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.

  • Ballantyne IT Professionals
    Booth: 350

    A non-profit technology professional group formed in 2011 under the premise to provide a relaxing atmosphere for IT Professionals living and working in the Ballantyne area of Charlotte North Carolina to build relationships and share ideas. Our mission is to Connect IT, Build IT, Create IT and Give Back to IT & Our Community.

  • BlackBerry
    Booth: 580

    BlackBerry Limited (NYSE: BB; TSX: BB) enables the Enterprise of Things by providing the technology that allows endpoints to trust one another, communicate securely, and maintain privacy. Based in Waterloo, Ontario, the company was founded in 1984 and operates globally. For more information, visit www.BlackBerry.com and follow @BlackBerry.

  • Burwood Group, Inc.
    Booth: 500

    Burwood Group, Inc. is an IT consulting and integration firm. We help forward-thinking leaders design, use, and manage technology to transform their business and improve outcomes. Our services in consulting, technology, and operations are rooted in business alignment and technical expertise in cloud, automation, security, and collaboration.

  • Cyber Lounge Sponsor: Mimecast
    Booth: 160 (Cyber Lounge)

    Mimecast Is Making Email Safer For Business.

    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • Check Point Security
    Booth: 650

    Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

  • Cloud Security Alliance (CSA)
    Booth: 150

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Cobalt.io
    Booth: 630

    At Cobalt, we use a combination of data, technology and talent to meet the security challenges of the modern web or mobile application, and ensure we provide the smartest, most efficient services possible. From Cobalt Central, our powerful vulnerability dashboard, to Cobalt Insights, which gives you an intelligent overview of your application security program, we are driven by great technology.

  • Cofense
    Booth: 820

    With more than 90% of breaches attributed to successful phishing campaigns, it’s easy for organizations to point to the everyday employee as the root cause – as the problem to be solved. We disagree. CofenseTM believes employees –  humans – should be empowered as part of the solution to help strengthen defenses and gather real-time attack intelligence to stop attacks in progress.

  • Comodo Cybersecurity
    Booth: 260

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • Delta Risk
    Booth: 550

    Delta Risk was founded in 2007 from a vision of strategic and operational effectiveness to assist private sector and government organizations in understanding their current cyber security posture and building advanced cyber defense and risk management capabilities. We are a global provider of strategic, operational, and advisory solutions, including managed security services and security consulting services. Delta Risk is a Chertoff Group company.

  • DHG
    Booth: 300

    Headquartered in Charlotte, NC, DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 13 states, we combine deep experience with a strong commitment to personal service. We are passionate about helping our clients succeed—and we do so through a resourceful approach to solving problems, providing solutions and helping our clients achieve their goals.

    Dedicated client focus and relationships have been and always will be our touchstone. Here at DHG, you’ll receive personalized service provided by a team of professionals who are eager to share their knowledge and experience with you. We draw on our extensive resources to combine comprehensive assurance, tax and advisory services.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ForeScout Technologies, Inc.
    Booth: 860

    ForeScout Technologies, Inc. has pioneered an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT). We offer a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of today’s vast array of physical and virtual devices the instant they connect to the network. Our technology continuously assesses, remediates and monitors devices and works with disparate security tools to help accelerate incident response, break down silos, automate workflows and optimize existing investments. As of June 30, 2018, more than 2,900 customers in over 80 countries improve their network security and compliance posture with ForeScout solutions.

  • Gigamon
    Booth: 830

    Gigamon is leading the convergence of network and security operations to reduce complexity and increase efficiency of security stacks. Our GigaSECURE® Security Delivery Platform is a next generation network packet broker that makes threats more visible – across cloud, hybrid and on-premises environments, deploy resources faster and maximize the performance of security tools.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • GuidePoint Security LLC
    Booth: 840

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

  • IBM Resilient
    Booth: 460

    IBM Resilient’s mission is to help organizations thrive in the face of any cyberattack or business crisis. The industry’s leading Incident Response Platform (IRP) empowers security teams to analyze, respond to, and mitigate incidents faster, more intelligently, and more efficiently. The Resilient IRP is the industry’s only complete IR orchestration and automation platform, enabling teams to integrate and align people, processes, and technologies into a single incident response hub. With Resilient, security teams can have best-in-class response capabilities. IBM Resilient has more than 150 global customers, including 50 of the Fortune 500, and hundreds of partners globally. Learn more at www.resilientsystems.com.

  • InfoSec-Conferences.com
    Booth: n/a

    We’re the InfoSec Community’s #1 ‘Go To’ resource for Cybersecurity Conferences. Since 2012 we’ve provided Cybersecurity Professionals with accurate event listings that are manually checked and updated every day.

  • InfraGard
    Booth: 340

    InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

    The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.

  • Intsights
    Booth: 322

    We are an intelligence driven security provider offering a subscription-based service which delivers rapid, accurate cyberthreat intelligence and incident mitigation in real time.

  • Institute of Internal Auditors (IIA)
    Booth: 330

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • ISACA Charlotte
    Booth: 540

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the region.

  • ISSA Charlotte Chapter
    Booth: 230

    The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.

  • Ixia, a Keysight Business
    Booth: 140

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Jazz Networks
    Booth: 760

    Jazz Networks is a cyber analytics platform that simplifies insider threat detection and breach prevention. It works by collecting rich metadata before it’s encrypted from endpoints and servers, with machine learning analyzing to identify behavioral pattern changes. Alarms are raised for events that require attention and response time is swift with native platform actions.

  • NCTECH Association
    Booth: 360

    Founded in 1993, the North Carolina Technology Association (NCTA) is a 501 (c) (6) not-for-profit association focused on advancing the state’s tech industry. NCTA has 700+ member companies, organizations and institutions representing more than 200,000 North Carolina based employees.

  • Okta
    Booth: 740

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • Radware
    Booth: 220

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • RedSeal
    Booth: 730

    At RedSeal, our vision is to become the essential analytics and decision-making platform for building digitally resilient organizations people can trust. We do this by becoming the measure by which every organization can quantify its digital resilience. As thought leaders on resilience, we envision every organization starting the security discussion with the question “What’s our Digital Resilience Score?” Founded in 2004, RedSeal is headquartered in Sunnyvale, California.

  • SailPoint
    Booth: 240

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Securonix
    Booth: 430

    Securonix is redefining the next generation of cyber-threat detection using the power of machine learning and big data. Our purpose-built security analytics platform uses machine learning to track and create baselines of user, account, and system behavior and detects the most advanced insider threats, cyber threats, and fraud activities in real time. Built on a Hadoop platform, the Securonix solution provides an open platform with unlimited scalability. Securonix provides incident orchestration capabilities with playbooks that enable automated incident response. Globally, customers use Securonix to address their insider threat, cyber threat, cloud security, fraud, and application security monitoring requirements. Visit www.securonix.com.

  • SentinelOne
    Booth: 870

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • Sherpa Software
    Booth: 600

    Sherpa Software is the cost-effective solution for information security, data governance, GDPR, and eDiscovery compliance. With more than 18 years of experience in the landscape, Sherpa Software was founded in 2010 and is based in Pittsburgh, PA. Our SaaS platform, Altitude IG, is the first step in cybersecurity: it’s scalable, affordable information governance and data compliance software that provides complete transparency and visibility into your unstructured data. With Altitude IG, data protection begins here.

  • Siemplify
    Booth: 530

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • SolveiT
    Booth: 630

    Solve iT (aka SolveiT.rocks) introduces:

    •  Failsafe SD-WAN with best-in-breed “Oracle + Talari” connecting 911 Emergency Call Centers. Why Fail Over?

    •  “White Glove” Security Operations Center as a Service for Managed Detection & Response (MDR). Security Incident and Response with guided remediation is every CISO’s best friend.

  • Sonatype
    Booth: 750

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • Synopsys
    Booth: 250

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: 660

    Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

  • Veristor
    Booth: 400

    At VeriStor, we design, implement and manage IT solutions that fuel business productivity. As an end-to-end solutions provider, VeriStor specializes in enterprise data storage, virtual infrastructure, public, private and hybrid cloud services, migration, and technology financing. Headquartered in Atlanta, VeriStor delivers solutions nationwide to enterprise and mid-market companies in all industries including financial services, manufacturing, healthcare, education and federal, state and local government. To learn how VeriStor can help you achieve an IT infrastructure that accelerates business growth, improves efficiencies and reduces costs, visit: http://www.veristor.com

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Mike Muscatell
    Information Security Advisor, Enterprise IT Solutions

    Mike Muscatell is a seasoned IT veteran with more than twenty years in the Information Security field. He is a certified ethical hacker. Was honored as top 100 professionals in the Information Security Field by Strathmore's for 2014. Member of a number of security organizations including Infragard, US Chamber of Commerce Cyber Committee.

  • speaker photo
    Ron Reidy
    Audit Analytics Leader, Wells Fargo

    Ron has been working in IT for over 30 years. Starting as a software engineer writing database programs on CP/M, MSDOS, VAX/VMS, and UNIX in C, Pascal, VAX/VMS assembler, and FORTRAN. After 15 years, he switched into a database administration role, managing large Oracle databases as well as smaller SQL Server and Sybase databases. Ron became interested in security while working for a biotech firm when he was required to secure databases to comply with Sox and FDA requirements. He has been working in InfoSec and audit for over 10 years, performing security assessments and testing, and as a database and general security instructor.

  • speaker photo
    Stephen Head
    Director, Experis Finance

    Stephen Head is Director of IT Risk Advisory Services for Experis Finance. He has broad-based experience in cyber risk, regulatory compliance, IT governance and aligning controls with multiple standards and frameworks. He is the author of the internationally recognized Internal Auditing Manual and Practical IT Auditing, both published by Thomson Reuters. He was International Chair of ISACA’s Standards Board and a member of the AICPA Information Technology Executive Committee. As a Certified Business Continuity Professional (CBCP), CISSP, and a CISM, he brings a unique perspective to cyber resiliency, having managed information security practices as well as business continuity programs.

  • speaker photo
    Parker Crook
    Senior Sales Architect, SentinelOne

    Parker Crook has been in the security industry for over 10 years across multiple verticals. He has experience working on both blue and red teams and has been asked to speak at various regional security conferences. Some of his speaking engagements have covered topics such as purple-teaming, wargaming, orchestration, and his own research. Parker is currently a Solution Architect at SentinelOne, where he helps companies across North America solve some of the most challenging cybersecurity issues.

  • speaker photo
    Grant Asplund
    Global Cloud Evangelist, Check Point Software Technologies

    Through the acquisition of Dome9 Security, Grant Asplund has returned to Evangelize for Check Point Software Technologies. Grant was the first Check Point Evangelist in 1998. Grant has more than 30 years of experience in sales, marketing, business development and management in enterprise software with the last 20 years focused within security. Grant was Principal Evangelist for Dome9 when Check Point made the acquisition. Grant has held worldwide evangelist roles at Check Point Software Technologies and more recently Blue Coat Systems, Inc. where he was Director of Evangelism. Grant has also held the Head of Market Development and Sales for Altor Networks, and was Vice President, Enterprise Sales for NeuStar. Additionally, he was President and CEO of MetaInfo before successfully selling the company to NeuStar. Grant brings his unique story-telling style mixed with high energy and passion, representing Dome9 at public events and conferences worldwide. Grant has also been a featured speaker and panelist at numerous industry trade shows, conferences and several radio blogs which include RSAC, Next100 CIO’s and BlogTalkRadio.

  • speaker photo
    Brian Cyprian
    Supervisory Special Agent, FBI

    Brian N. Cyprian has been the supervisor for the FBI’s Charlotte Cyber Task Force since March 2016. He worked at FBI Headquarters managing national security computer intrusion investigations prior to arriving in Charlotte. Brian has a B.S. in Computer Information Systems and an MBA in Commerce from Texas A&M University.

  • speaker photo
    Mike Brannon
    Director, Infrastructure & Security, National Gypsum

    Mike Brannon is an experienced IT professional and long-term employee at National Gypsum Company (NGC). His IT career began in 1977, and he joined NGC in 1985. Mike leads the teams that provide infrastructure and security: "We Keep National Gypsum Running."

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    Tom Tollerton
    Sr. Manager, IT Advisory, DHG

    Tom has 15+ years of experience in the IT industry, and has extensive experience performing SOC 1 and 2 examinations and reporting, cybersecurity risk assessments, PCI compliance assessments, and system security assessments. Tom is one of DHG’s PCI Qualified Security Assessors and has completed multiple Reports on Compliance for PCI Level 1 merchants and service providers.
    Tom advises on development of holistic security governance and risk management programs integrated into IT and business operations across a wide variety of industries including financial services, retail, technology, healthcare, manufacturing, government contractors, and state and local government agencies.
    Licenses & Certifications:
    • Certified Information Systems Auditor (CISA)
    • Certified Information Systems Security Professional (CISSP)
    • Payment Card Industry Qualified Security Assessor (PCI QSA)
    Education:
    • Florida State University, MBA, Management Information Systems; Bachelor of Science

  • speaker photo
    Fred Gordy
    Director of Cybersecurity , Intelligent Buildings, LLC

    Fred Gordy is the Director of Cybersecurity at Intelligent Buildings, LLC and is a nationally recognized thought leader, speaker and expert in building systems cybersecurity specializing in organizational and technical vulnerabilities. He has over 20 years of industry experience including information technology and building controls systems. Fred has been the Chairperson of the Cyber Security Committee for the InsideIQ 55 international member companies, Security Steering Committee Member for S.E.A.T. (Sports & Entertainment Alliance in Technology), founding member of Cyber Security for Control Systems Association International (CS2AI), past president and current president emeritus the Atlanta CS2AI Chapter.

  • speaker photo
    John Opala
    Director of Cybersecurity Engineering and Operations, Sealed Air

    As it is evident that the posted jobs far exceed the applicants, it is incumbent on colleges to partner with employers for technical development programs that allows students work experience with guaranteed placement. Such partnerships give employers an opportunity to advice colleges and universities required skillsets relevant for the ever-changing roles of cyber security. The study recommends a change on training for cybersecurity roles, optimization of recruitment process, partnering with colleges to provide a path to employment for the students, and automation for mundane security tasks as some of the steps to mitigate the lack of cybersecurity resources.

  • speaker photo
    Moderator: James Kidwell
    Director, IT Governance , Novolex
  • speaker photo
    Michael Holcomb
    Director, Information Security, Fluor

    Michael Holcomb is the Director of Information Security for Fluor, one of the world's largest construction, engineering and project services companies with 60,000 employees around the world. In his role at Fluor, Michael is responsible for vulnerability management, incident detection/response, penetration testing and industrial controls for the global organization. He also teaches cyber security as an adjunct instructor at Greenville Technical College and helps students, career transitioners and others that are new to cyber security at becomeacybersecuritypro.com.

  • speaker photo
    Claire LaVelle
    Event Director, ISSA

    Claire LaVelle is a Security Consultant for the North America PCI team at Verizon with over 15 years of Information Technology experience, including a decade dedicated to all facets of Information Security (compliance, architecture, operational, privacy and forensics).

    Claire has two Masters Degrees in Computer Science. She earned her first Masters Degree at Mills College while working on her thesis with Guidance Software, which she published with Elesvier. She earned her second Masters Degree at Naval Post Graduate School under the Scholarship for Service (SFS), sponsored mainly by the National Science Foundation (NSF). At Naval Post Graduate, she focused on Information Security familiarizing herself intimately with topics such as ethical hacking, reverse engineering, protocol analysis (encryption), privacy, ethics and the internet, advance networking, vulnerability management, compliance and much more in addition to participating in practical defense exercises against government agencies and hacking competitions.

    Claire loves to share her passion for computer security via speaking engagements inside her company and at various conferences. She presented at the CFO (Chief Financial Officer) Risk Summit in Boston, in front of the Association of Forensic Document Examiners in Myrtle Beach, and at local colleges, last year.

  • speaker photo
    Brandi Keough
    Information Security Analyst, Novant Health

    Brandi Keough is a Charlotte, North Carolina, native who started her college career at UNC Charlotte as a Chemistry major and graduated from Utica College in 2016 with her Bachelors of Science in Cybersecurity and Information Assurance with a concentration in Forensics and Investigations. Brandi is currently an information security analyst with Novant Health’s Cybersecurity Incident Response Center (CIRC), supporting their clinical counterparts and patients by providing continuous monitoring and incident response of cybersecurity events.

  • speaker photo
    Happy Hour
Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!