Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, March 13, 2019
    9:00 am
    SecureWorld PLUS - Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: 216AB

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    9:00 am
    SecureWorld PLUS - Insider Threat: A White Hat Hacking Methodology Approach to Insider Threats
    • session level icon
    9 a.m. - 3 p.m. - Earn 12 CPEs!
    speaker photo
    Information Security Advisor, Enterprise IT Solutions
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: 215

    There are several courses which teach insider threat program development. While the methods and controls taught are very comprehensive and effective, often-times they can also be bypassed.

    Learn how the controls of your current security program can be bypassed by utilizing routine IT procedures. Will also show how to identify business processes which can contribute to insider threats. Learn how to enhance procedures required to identify insider threat exposures.

    This program is designed to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology.

    A series of live demonstrations will be performed to show the white hat hacking techniques used to bypass various controls.

    Learning Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity.
    • How to identify system based behavioral indicators.
    • Learn which existing or enhanced security layer can provide insider threat profile data.
    • Learn how areas of the organization i.e. Legal, Procurement & HR are key stakeholders in assisting to identify insider threat activity.

    Take-Aways From the Course:

    • Establishing or enhancing an existing cyber security program to include insider threat.
    • Define self-assessments of insider threat segment of the cyber security program.
    • Enhance awareness training to include additional methods of insider threat.
    • Enhance existing security layers to better identify specific insider threat activity.
  • Thursday, March 14, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Breakfast: (VIP / INVITE ONLY)
    • session level icon
    Topic: 3rd Party Risk- Establish and Manage
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    Location / Room: 216AB

    This session is for our Advisory Council members only. Light breakfast, coffee and tea served.

    8:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    8:00 am
    ISACA Chapter Meeting - Open to all attendees - Light breakfast served
    • session level icon
    Presentation — Hack Yourself: Going Dark on the Internet
    speaker photo
    Audit Analytics Leader, Wells Fargo
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:15 am
    Location / Room: 213A

    Interested in your local associations? Join ISACA for their monthly meeting, light breakfast, and guest speaker.
    8:00-8:15 am – networking
    8:15-9:15 am – guest presentation

    Presentation:

    • Information on the internet
    • Why hack yourself?
    • Cleaning your information
    • Maintaining cleanliness
    • Basic safety going forward
    • Privacy legislation – what can we do?
    8:30 am
    Cyber Resiliency: Reducing Your Risk by Increasing Your Resiliency
    • session level icon
    speaker photo
    Director, Experis Finance
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 213BC
    Cyber Resiliency enables organizations to take actions that reduce their overall risk, minimize the impact of cyber-attacks, and more predictably ensure the continuity of essential services.

    This presentation will provide a high-level overview of cyber resiliency and explore the following aspects of cyber resiliency:
    • Where cyber resiliency differs from traditional business continuity management
    • How to determine your organization’s need for cyber resiliency
    • Practical ways to assess your current and future organizational exposure
    • Who should be involved in cyber resiliency
    • What are some practical steps to begin implementing a cyber resiliency program

    8:30 am
    GDPR Compliance 101
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    This presentation outlines the requirements of the EU General Data Protection Regulation and highlights key compliance challenges.

    8:30 am
    Application / System Security Development Life Cycle
    • session level icon
    Check List and Business Discussion Points
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    ADLC / SDLC should and needs to have security stage gates and requirements built in so that all processes have information protection in mind from the beginning. This will show the simple things and requirements that need to be built in the life cycle processes, which can apply to projects.

    9:30 am
    OPENING KEYNOTE: Recent Cyber Threats and Trends from the FBI
    • session level icon
    speaker photo
    Supervisory Special Agent, FBI
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    Special Agent Brian Cyprian will highlight recent cyber threats and trends seen by the FBI, and provide a case study on cybercriminals located overseas who committed crimes against U.S. citizens. These criminals were arrested, extradited to North Carolina, and brought to justice.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable — (VIP / Invite Only)
    • session level icon
    Topic — Security Metrics: The Good, the Bad, and the Ugly
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 216AB

    This session is for our Advisory Council members only.

    11:15 am
    Moving Your Business Securely Out of Your Data Center - Into the Cloud
    • session level icon
    speaker photo
    Director, Infrastructure & Security, National Gypsum
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 215
    Your business can adopt new tools, new processes that add lots of value – and become more secure at the same time.
    I used to think that cloud solutions to business problems were too risky – NOW I believe that our cloud solution is MORE SECURE than our other alternatives. I firmly believe that security works BEST when it is embedded in what people routinely do and it makes what they do EASIER and more SECURE at the same time. New cloud services and tools from Microsoft are key to NGC becoming more secure and saving serious money overall.
    11:15 am
    Radware: Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 213A

    Throughout 2018 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    DHG: Operational Technology: The “Other” Cybersecurity
    • session level icon
    speaker photo
    Senior Manager, IT Advisory, DHG
    speaker photo
    Director of Cybersecurity , Intelligent Buildings, LLC
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 213D

    Organizations have traditionally focused cybersecurity initiatives on enterprise IT infrastructure and systems. Yet, non-traditional, legacy systems responsible for controlling building technology, including HVAC, elevators, metering, lighting and parking systems introduce significant risk to sensitive data, brand reputation, and even health and safety.  In spite of becoming more connected to corporate networks, Operational Technology (OT), is often overlooked as a vulnerability point and large organizations often struggle with understanding how to effectively manage the security around these systems.
    DHG has teamed up with Intelligent Buildings to provide an overview of how operational technology and building automation systems work, and how they can be exploited to compromise a company.  DHG and Intelligent Buildings have developed a framework and approach for managing operational technology.  This session will teach you how to identify and assess your risks, prepare a gap analysis and move toward remediation.

    11:15 am
    Addressing the Cybersecurity Talent Gap at Fever Pitch Levels
    • session level icon
    speaker photo
    Director of Cybersecurity Engineering and Operations, Sealed Air
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 213BC

    The growing number and size of data breaches indicates that threats are outpacing security measures taken by organizations and lack of cybersecurity workforce to effectively thwart such attacks. Cybersecurity threats and exploits are growing faster at a rate of 24 percent since 2016 which is greater than the capacity of most organizations security teams. At this rate, the global shortfall of cybersecurity professionals is expected to reach 3.5 million by 2022. The impact of such resource deficiency is realized when on average only 50 percent of applicants for cybersecurity positions are qualified for the jobs. Also, more than half or 53 percent of organizations face delays for as long as six months to find and hire qualified cybersecurity candidates. Since the responsibility for keeping data breaches from doing serious damage falls on either internal staff or offshored managed security service providers it is necessary to re-think how colleges prepare the work force for cyber security roles, recruiters build a bench of qualified resources and human resources approach compensation for qualified resources.

    12:15 pm
    LUNCH KEYNOTE: Executive Leadership Panel
    • session level icon
    Topic: Establishing and Evaluating Effective Cybersecurity Programs
    speaker photo
    Director, IT Governance , Novolex
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:15 pm
    Location / Room: Keynote Theater

    How to do it and how to test it involves strategic planning and leadership at the executive level.  The practical take-aways from this discussion will be immensely meaningful.
    Panelists:
    Stephen Head, Director, Experis Finance
    Frank Depaola, Head of Info Sec, Enpro Industries
    Larry Eighmy, CISO, The Halo Group
    Torry Crass, INMA Cybercamp Program Director, InfraGard
    Mike Hillhouse, CIO/CISO, Cadrillion Capital
    Andre Mintz, Executive Vice President, CISO and CPO, Red Ventures
    Thomas Tollerton, Senior Manager, IT Advisory, Dixon Hughes Goodman LLP

     

     

    1:30 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:30 pm - 2:15 pm
    Location / Room: 213A

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.

    1:30 pm
    Panel: Access Control – the End of the Password?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:30 pm - 2:15 pm
    Location / Room: Keynote Theater

    “Open Sesame!” Whether you recognize the term coming from Ali Baba or one of the forty thieves, this timeless password ranks up there with “password123” or “admin” on your home wireless router. Passwords were created to keep us safe or keep something safe for us. Back in the day you were able to look the person in the eye when they said the password. You knew (roughly) what you were getting, and you could perform a risk assessment (of sorts) on the speaker. Now, with some many ways at getting our information, the password is going the way of the dodo. Is 2FA good enough? Zero Trust? Biometrics? Pass phrases? Perhaps your own voice is the password? I don’t know the answer, but I’d be willing to bet that some of the experts on this panel will be able to help you decide what to do with the password dilemma.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    Finding Your Vulnerabilities—Before Attackers and Auditors Do
    • session level icon
    speaker photo
    Director, Information Security, Fluor
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 213A
    Do you know where all of your cyber security vulnerabilities are? As enterprise defenders and security leaders, we can take the initiative in looking for these vulnerabilities, both within the organization as well as on our systems exposed directly to the Internet. This presentation provides some considerations and practical tips for organizations in strengthening, or establishing, their own vulnerability management program and ensuring the most benefit from outside vulnerability assessments and penetration tests.
    3:00 pm
    Building Mental Models for Cyber Success
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    Using mental models can help us succeed in any area of life and can help us make intelligent, efficient and practical decisions when it comes to cyber security. Each area of an organization’s information security program can be enhanced by building and leveraging mental models specifically for their teams’ own unique needs. This presentation will look at building mental models aligned with the Top 20 Critical Security Controls, though the principals discussed can be applied to any existing framework.

    3:00 pm
    IoT Cybersecurity: Evolution, Risks and Executive Responsibilities
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    The focus of this talk is the connected product ecosystem (IoT) and the blurring of traditional boundaries that requires a “true” end to end security strategy. Topics will include evolution of IoT products, impact on companies who use IoT devices, supply chain risks, and management and board responsibilities.

    3:00 pm
    Applying the Scientific Method to Cybersecurity Event Analysis
    • session level icon
    speaker photo
    Information Security Analyst, Novant Health
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 213D
    What is one of the biggest frustrations when analyzing a cybersecurity event? To me, it is a simple frustration of not knowing where to go next with my investigation. I find that it is easy to trail down what we like to call “rabbit holes.” These rabbit holes may not lead anywhere, which is fine. However, it is frustrating when you are deep in a rabbit hole and end up at a cross tunnel not knowing which way to go next or where you just came from.
    By applying the scientific method to our analysis we are able to better organize our thought process, focus on where we should go next, and where we have already been in the investigation that took us to a dead-end. The scientific method can be used for even the simplest adverse cybersecurity events, as well as complex cybersecurity incidents.
Exhibitors
  • Burwood Group, Inc.
    Booth: 500

    Burwood Group, Inc. is an IT consulting and integration firm. We help forward-thinking leaders design, use, and manage technology to transform their business and improve outcomes. Our services in consulting, technology, and operations are rooted in business alignment and technical expertise in cloud, automation, security, and collaboration.

  • Check Point Security
    Booth: 870

    Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

  • Cloud Security Alliance (CSA)
    Booth:

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Cobalt.io
    Booth: 810

    At Cobalt, we use a combination of data, technology and talent to meet the security challenges of the modern web or mobile application, and ensure we provide the smartest, most efficient services possible. From Cobalt Central, our powerful vulnerability dashboard, to Cobalt Insights, which gives you an intelligent overview of your application security program, we are driven by great technology.

  • Comodo Cybersecurity
    Booth: 260

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • Delta Risk
    Booth: 550

    Delta Risk was founded in 2007 from a vision of strategic and operational effectiveness to assist private sector and government organizations in understanding their current cyber security posture and building advanced cyber defense and risk management capabilities. We are a global provider of strategic, operational, and advisory solutions, including managed security services and security consulting services. Delta Risk is a Chertoff Group company.

  • DHG
    Booth: 300

    Headquartered in Charlotte, NC, DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 13 states, we combine deep experience with a strong commitment to personal service. We are passionate about helping our clients succeed—and we do so through a resourceful approach to solving problems, providing solutions and helping our clients achieve their goals.

    Dedicated client focus and relationships have been and always will be our touchstone. Here at DHG, you’ll receive personalized service provided by a team of professionals who are eager to share their knowledge and experience with you. We draw on our extensive resources to combine comprehensive assurance, tax and advisory services.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • IBM Resilient
    Booth: 460

    IBM Resilient’s mission is to help organizations thrive in the face of any cyberattack or business crisis. The industry’s leading Incident Response Platform (IRP) empowers security teams to analyze, respond to, and mitigate incidents faster, more intelligently, and more efficiently. The Resilient IRP is the industry’s only complete IR orchestration and automation platform, enabling teams to integrate and align people, processes, and technologies into a single incident response hub. With Resilient, security teams can have best-in-class response capabilities. IBM Resilient has more than 150 global customers, including 50 of the Fortune 500, and hundreds of partners globally. Learn more at www.resilientsystems.com.

  • InfoSec-Conferences.com
    Booth: n/a

    We’re the InfoSec Community’s #1 ‘Go To’ resource for Cybersecurity Conferences. Since 2012 we’ve provided Cybersecurity Professionals with accurate event listings that are manually checked and updated every day.

  • InfraGard
    Booth:

    InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

    The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.

  • Institute of Internal Auditors (IIA)
    Booth:

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • ISACA
    Booth:

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

  • (ISC)2
    Booth:

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA Charlotte Chapter
    Booth:

    The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.

  • Ixia, a Keysight Business
    Booth: 140

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Jazz Networks
    Booth: 700

    Jazz Networks is a cyber analytics platform that simplifies insider threat detection and breach prevention. It works by collecting rich metadata before it’s encrypted from endpoints and servers, with machine learning analyzing to identify behavioral pattern changes. Alarms are raised for events that require attention and response time is swift with native platform actions.

  • Mimecast
    Booth: 160

    Mimecast Is Making Email Safer For Business.
    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service.
    Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • NCTECH Association
    Booth:

    Founded in 1993, the North Carolina Technology Association (NCTA) is a 501 (c) (6) not-for-profit association focused on advancing the state’s tech industry. NCTA has 700+ member companies, organizations and institutions representing more than 200,000 North Carolina based employees.

  • Radware
    Booth: 220

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • SailPoint
    Booth: 240

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • SentinelOne
    Booth: 660

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • Sherpa Software
    Booth: 600

    Sherpa Software is the cost-effective solution for information security, data governance, GDPR, and eDiscovery compliance. With more than 18 years of experience in the landscape, Sherpa Software was founded in 2010 and is based in Pittsburgh, PA. Our SaaS platform, Altitude IG, is the first step in cybersecurity: it’s scalable, affordable information governance and data compliance software that provides complete transparency and visibility into your unstructured data. With Altitude IG, data protection begins here.

  • Siemplify
    Booth: 530

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • Synopsys
    Booth: 250

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Veristor
    Booth: 400

    At VeriStor, we design, implement and manage IT solutions that fuel business productivity. As an end-to-end solutions provider, VeriStor specializes in enterprise data storage, virtual infrastructure, public, private and hybrid cloud services, migration, and technology financing. Headquartered in Atlanta, VeriStor delivers solutions nationwide to enterprise and mid-market companies in all industries including financial services, manufacturing, healthcare, education and federal, state and local government. To learn how VeriStor can help you achieve an IT infrastructure that accelerates business growth, improves efficiencies and reduces costs, visit: http://www.veristor.com

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Mike Muscatell
    Information Security Advisor, Enterprise IT Solutions

    Mike Muscatell is a seasoned IT veteran with more than twenty years in the Information Security field. He is a certified ethical hacker. Was honored as top 100 professionals in the Information Security Field by Strathmore's for 2014. Member of a number of security organizations including Infragard, US Chamber of Commerce Cyber Committee.

  • speaker photo
    Ron Reidy
    Audit Analytics Leader, Wells Fargo

    Ron has been working in IT for over 30 years. Starting as a
    software engineer writing database programs on CP/M, MSDOS,
    VAX/VMS, and UNIX in C, Pascal, VAX/VMS
    assembler, and FORTRAN. After 15 years, he switched into
    a database administration role, managing large Oracle
    databases as well as smaller SQL Server and Sybase
    databases. Ron became interested in security while working
    for a biotech firm when he was required to secure databases
    to comply with Sox and FDA requirements. He has been
    working in INFOSEC and audit for over 10 years, performing
    security assessments and testing, and as a database and
    general security instructor.

  • speaker photo
    Stephen Head
    Director, Experis Finance

    Stephen Head is Director of IT Risk Advisory Services for Experis Finance. He has broad-based experience in cyber risk, regulatory compliance, IT governance and aligning controls with multiple standards and frameworks. He is the author of the internationally recognized Internal Auditing Manual and Practical IT Auditing, both published by Thomson Reuters. He was International Chair of ISACA’s Standards Board and a member of the AICPA Information Technology Executive Committee. As a Certified Business Continuity Professional (CBCP), CISSP, and a CISM, he brings a unique perspective to cyber resiliency, having managed information security practices as well as business continuity programs.

  • speaker photo
    Brian Cyprian
    Supervisory Special Agent, FBI

    Brian N. Cyprian has been the supervisor for the FBI’s Charlotte Cyber Task Force since March 2016. He worked at FBI Headquarters managing national security computer intrusion investigations prior to arriving in Charlotte. Brian has a B.S. in Computer Information Systems and an MBA in Commerce from Texas A&M University.

  • speaker photo
    Mike Brannon
    Director, Infrastructure & Security, National Gypsum

    Mike Brannon is an experienced IT professional and long-term employee at National Gypsum Company (NGC). His IT career began in 1977, and he joined NGC in 1985. Mike leads the teams that provide infrastructure and security: "We Keep National Gypsum Running."

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    Tom Tollerton
    Senior Manager, IT Advisory, DHG

    Tom has 15+ years of experience in the Information Technology industry, and has extensive experience performing SOC 1 and 2 examinations and reporting, cybersecurity risk assessments, PCI compliance assessments, and system security assessments. Tom is one of DHG’s PCI Qualified Security Assessors and has completed multiple Reports on Compliance for PCI Level 1 merchants and service providers.
    Tom advises on development of holistic security governance and risk management programs integrated into IT and business operations across a wide variety of industries including financial services, retail, technology, healthcare, manufacturing, government contractors, and state and local government agencies.
    Licenses & Certifications
     Certified Information Systems Auditor (CISA)
     Certified Information Systems Security Professional (CISSP)
     Payment Card Industry Qualified Security Assessor (PCI QSA)
    Education
     Florida State University, Master of Business Administration, Management Information Systems; Bachelor of Science

  • speaker photo
    Fred Gordy
    Director of Cybersecurity , Intelligent Buildings, LLC

    Fred Gordy is the Director of Cybersecurity at Intelligent Buildings, LLC and is a nationally recognized thought leader, speaker and expert in building systems cybersecurity specializing in organizational and technical vulnerabilities. He has over 20 years of industry experience including information technology and building controls systems. Fred has been the Chairperson of the Cyber Security Committee for the InsideIQ 55 international member companies, Security Steering Committee Member for S.E.A.T. (Sports & Entertainment Alliance in Technology), founding member of Cyber Security for Control Systems Association International (CS2AI), past president and current president emeritus the Atlanta CS2AI Chapter.

  • speaker photo
    John Opala
    Director of Cybersecurity Engineering and Operations, Sealed Air

    As it is evident that the posted jobs far exceed the applicants, it is incumbent on colleges to partner with employers for technical development programs that allows students work experience with guaranteed placement. Such partnerships give employers an opportunity to advice colleges and universities required skillsets relevant for the ever-changing roles of cyber security. The study recommends a change on training for cybersecurity roles, optimization of recruitment process, partnering with colleges to provide a path to employment for the students, and automation for mundane security tasks as some of the steps to mitigate the lack of cybersecurity resources.

  • speaker photo
    Moderator: James Kidwell
    Director, IT Governance , Novolex
  • speaker photo
    Michael Holcomb
    Director, Information Security, Fluor

    Michael Holcomb is the Director of Information Security for Fluor, one of the world's largest construction, engineering and project services companies with 60,000 employees around the world. In his role at Fluor, Michael is responsible for vulnerability management, incident detection/response, penetration testing and industrial controls for the global organization. He also teaches cyber security as an adjunct instructor at Greenville Technical College and helps students, career transitioners and others that are new to cyber security at becomeacybersecuritypro.com.

  • speaker photo
    Brandi Keough
    Information Security Analyst, Novant Health

    Brandi Keough is a Charlotte, North Carolina, native who started her college career at UNC Charlotte as a Chemistry major and graduated from Utica College in 2016 with her Bachelors of Science in Cybersecurity and Information Assurance with a concentration in Forensics and Investigations. Brandi is currently an information security analyst with Novant Health’s Cybersecurity Incident Response Center (CIRC), supporting their clinical counterparts and patients by providing continuous monitoring and incident response of cybersecurity events.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!