googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, June 7, 2023
    9:00 am
    [PLUS Course] Operationalizing Privacy Laws into Your Organization
    • session level icon
    An Overview of US and Global Privacy Laws
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: 25

    This SecureWorld PLUS course will focus on key privacy laws and concepts, and how to implement privacy into your organization. The main components that the course will cover include:

    1. Overview of US and Global Privacy Laws
    2. Building an Effective and Practical Privacy and Security compliance program
    3. Creating a process to respond to data subject rights
    4. Addressing key privacy concepts: data minimization, privacy by design, data protection impact assessments, responding to privacy breaches.

    Increasingly, each country, and even each state, is providing unique legal solutions to data privacy and information security. For businesses that cross borders, both national and domestic, this creates distinct challenges to building effective solutions that address legal requirements while also allowing a business to innovate and evolve. These changing privacy, security and technology requirements are impacting the growth and innovation within companies, requiring strategic decisions regarding risk, legal liability, and strategic planning.

    Often, understanding the requirements of the law, and translating those requirements into technological solutions can be challenging. However, companies that are operationalizing privacy and information security within their organizations are able to address these evolving legal requirements while balancing growth and new opportunities. This workshop will provide in-depth understanding of those legal requirements, and provide a framework to help the industry incorporate privacy and security within their operations so that the law can work hand-in-hand with the business, and not become a barrier for the businesses growth and evolution.

    The course will include both lecture and hands-on exercises. The goal is for attendees to take away tools and strategies to bring this conversation to their teams and departments.

    Session 1 of the course will start with an overview of general privacy and security legal and policy principles, and then will focus on the key laws and regulatory decisions that are pushing the privacy and security legal landscape, including the European Union’s General Data Protection Regulation (“GDPR”), the Federal Trade Commission (“FTC”) rules and regulations, the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), and the various U.S. state privacy laws. Using these laws, we will discuss case studies, and how to communicate, plan, and strategize on products and solutions that
    incorporate privacy and security requirements.

  • Thursday, June 8, 2023
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    A Whole Lotta BS (Behavioral Science) About Cybersecurity
    • session level icon
    speaker photo
    Executive Director, National Cybersecurity Alliance
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am
    Location / Room: 26

    Let’s be honest: people can frustrate us. They don’t always do the things we’d like, and they often do some things we’d rather they didn’t. New research from the National Cybersecurity Alliance reveals insights about the public’s attitudes and beliefs about security.  We’ll explore the 2022 “Oh Behave! Cybersecurity Attitudes and Behaviors Report,” and some of the findings may surprise you! We’ll also give you practical, actionable advice on how you can better communicate to influence the behavior change you want to see.

     

    8:00 am
    WiCyS Chicago Affiliate Meeting
    • session level icon
    Open to all attendees
    speaker photo
    Executive Director, Women in CyberSecurity (WiCyS)
    speaker photo
    Security Engineer, Morningstar Inc.; Events Lead, WiCyS Chicago
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am
    Location / Room: 25
    Learn about the WiCyS Chicago Affiliate, network with members, and meet your local board members and WiCyS Executive Director Lynn Dohm.
    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    speaker photo
    CISO, Cushman & Wakefield
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am
    Location / Room: 30

    This roundtable discussion is for our Advisory Council members only.

    9:00 am
    [Panel] Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape
    • session level icon
    speaker photo
    BISO, The Kraft Heinz Company
    speaker photo
    CISO, Thrivent
    speaker photo
    VP & Chief Security Officer, Zebra Technologies
    speaker photo
    Executive Director, Women in CyberSecurity (WiCyS)
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater
    Over the last few years, the workforce and the way we work has entirely shifted and evolved. Much like conducting a grand orchestra, cybersecurity executives are now called upon to more than just conduct procedures and make “good music.” Listen to local cybersecurity executives who are in the trenches navigating the “new normal,” the threats impacting the industry, and their different key takeaways and lessons learned along the way. This discussion is followed by a live Q&A, so come prepared to ask your local executives your burning workforce questions!
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    These Aren't the Droids You're Looking For
    • session level icon
    Where to Find Cyber Talent without Stealing from Your Peers
    speaker photo
    VP & CISO, DeVry University
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Location / Room: 27

    Session description to come.

    10:15 am
    The Science of Normal: Changing Cybersecurity and Your Poker Game
    • session level icon
    speaker photo
    Sales CTO & Principal Systems Engineer, Exabeam
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    Location / Room: 25

    You wouldn’t play poker blind, so why search for cyberthreats without analytics?

    Searching data lakes for cybersecurity threats or vulnerable assets without using scaled analytics is like playing a round of poker while blindfolded! You always want the upper hand, so in this talk, you’ll learn how security related content including pre-built reports, dashboards, and visualizations can handle common security and compliance requirements. Analytics ensure sound security postures so organizations don’t fold to cyber threats.

    By simplifying the review of an enterprise data lake using easily implemented data science with scaled analytics, you can eliminate blind spots and significantly improve your organization’s cybersecurity framework. We’ll also show you how the SOC can extract the most value from security data, plus we’ll share many more stealth tips for your advantage.

    10:15 am
    Deriving Insight from Threat Actor Infrastructure
    • session level icon
    speaker photo
    Sr. Security Engineer, Team Cymru
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    Location / Room: 26

    From proactively hunting for unknown attacker infrastructure, to placing the exploitation of vulnerabilities on a timeline often obscured by large spikes in activity, this talk will explore ways in which we can enrich our understanding of the threat landscape beyond that which is shared in threat feeds and reports.

    11:10 am
    [Panel] The Future of Privacy and Cyber: AI, Quantum, and Mind Readers
    • session level icon
    speaker photo
    Cyber Counsel, HSB Insurance
    speaker photo
    Partner & Chair, Cybersecurity, Data Privacy, and Incident Response, Connell Foley LLP
    speaker photo
    Adjunct Professor, Baylor School of Law; AVP, Cyber Solutions, Crum & Forster
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    Location / Room: 26
    In the past year alone, advances in artificial intelligence, the implications of quantum computing, and rapid developments in the ability to convert thoughts to speech have dominated headlines and challenge us to both assess the risks and fashion protections and risk-transfer products. This all-women panel of cyber attorneys examines, explains, and opines on the rapid developments in these technologies, the implications, and what the future may bring. Join them for this not-to-be-missed discussion.
    11:10 am
    [Panel] There's a Bad Moon on the Rise – Are You Ready?
    • session level icon
    Identifying the Current Threat Landscape
    speaker photo
    Sr. Solutions Engineer, Okta
    speaker photo
    Field CISO, Netwrix
    speaker photo
    SVP, Strategic Initiatives, Zimperium
    speaker photo
    Solutions Architect, Global Alliances and Partners, Forescout
    speaker photo
    Executive Director, Global Information Security, JLL
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    Location / Room: 27

    Like the main character in the 1981 horror movie, An American Werewolf in London, cybercriminals continue to morph into something evil, lurking in the night (and day) to cause harm to people, organizations, and governments. Cue the Creedence Clearwater Revival song, Bad Moon Rising.

    The cybersecurity community is smart and more than capable of thwarting bad actors, fangs and all. They have tools, technologies, partnerships across private and public entities, and solution vendors to help them along the way. Don’t forget about the consultants working hard to stay ahead of those wanting to do harm, as well.

    Hear our panelists’ views on the current threat landscape, solutions they have to offer, and ideas they have for turning a bad moon into a harvest moon.

    12:00 pm
    [Lunch Keynote] When Your Why Is Your What: Thoughts on a Meaningful Career in Cybersecurity
    • session level icon
    speaker photo
    CISO, City of Chicago
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    Cybersecurity is a tough but rewarding career choice. It is easy to become burned out if your purpose is not aligned with the work. Bruce Coffing will share insights learned, many times the hard way, from a 25+ year career in IT and cybersecurity to hopefully make your journey a bit easier.
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    speaker photo
    Chief Security Officer & Technology Lead, Trexin Group
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm
    Location / Room: 30

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    [Keynote] Cyber-Enabled Fraud and Business Email Compromise in 2023
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm
    Location / Room: 25
    This presentation will focus on the BEC fraud playbook and show how technical advancements and applications have reduced the red flags and defenses against cyber fraud, allowing threat actors to increase the efficacy of their attacks.
    1:15 pm
    I Can See Clearly Now, the Threats Are Gone
    • session level icon
    Threat Intelligence: The State of InfoSec Today
    speaker photo
    Executive Director, Americas Region, CREST
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm
    Location / Room: 26

    Zero Trust is considered by many to be a marketing buzzword, but what it really alludes to is having good, basic cybersecurity hygiene. It’s what any cybersecurity professional worth their salt has been doing, and does, daily. Ransomware, phishing, and BEC grab the headlines, but your run-of-the-mill cyberattacks can’t be ignored because of the shiny new thing garnering all the attention.

    The CISO is like a musical conductor that must pay attention to all the resources at his or her disposal—be it people, tools, technologies, systems, and more. How is the organization handling security awareness training? What about staffing shortages affecting the organization, or even the vendors with which CISOs and their teams work?

    Join this session to hear insights and takeaways on the state of the information security profession today, including tips for seeing clearly and staying ahead of threats.

    1:15 pm
    [Fireside Chat] Lucy in the Clouds
    • session level icon
    Securing Your Cloud Environment
    speaker photo
    CISO, The Kraft Heinz Company
    speaker photo
    CISO, Follett Learning
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 27

    Can you “imagine” if The Beatles, when first starting out, had to deal with having their catalog of music hacked, stolen, and held for ransom simply because it was in an unsecure cloud setting? While it is possible for that to happen with their hit-laden collection of songs today, it’s merely a tiny example of how businesses operate at a minimum in a hybrid cloud environment—many in a cloud-only platform.

    With that comes security issues and another major area which cybersecurity professionals must work diligently to protect.

    Our panel of experts share the good, the bad, and the ugly of operating in a cloud environment, what it takes to make the move to hybrid or multi-cloud successful, how to protect data from insider and outsider threats, and what it takes to provide the support DevOps teams need.

    2:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 2:30 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:30 pm
    [Fireside Chat] Sustainable Cybersecurity and Resiliency
    • session level icon
    speaker photo
    Chief of Cybersecurity, Region 5, U.S. Cybersecurity and Infrastructure Security Agency (CISA)
    speaker photo
    Cybersecurity Advisor, Region 5, CISA
    speaker photo
    VP & Chief Security Officer, Claro Healthcare
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Location / Room: 27

    As the nation’s cyber defense agency, CISA leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure. Since the majority of our nation’s critical infrastructure is privately owned, ensuring the nation’s cybersecurity posture requires continued collaboration between government and the private sector. During this fireside chat, CISA will discuss the current cyber threat landscape, the agency’s latest initiatives to help critical infrastructure owners and operators protect and defend their networks, and the catalog of CISA services available to organizations to become more cyber resilient.

    2:30 pm
    A Modern Security Strategy: Tips on Building Policies for Securing Data
    • session level icon
    speaker photo
    Principal Product Manager, Lookout
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    Location / Room: 26

    The world has changed, but have your security policies and tools kept up? What does it mean to have a modern security strategy for securing data in the cloud? An SSE tool can help us address the challenges that organizations face. Here’s how to think, adopt, and integrate with existing solutions.

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:15 pm
    Happy Hour
    • session level icon
    Sponsored by CREST
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 5:00 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary beer, wine, and soda. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    Generously sponsored by:

    3:45 pm
    [Closing Keynote] Cyber World on Fire: A Look at Internet Security in Today’s Age of Conflict
    • session level icon
    speaker photo
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    Location / Room: Keynote Theater

    This informative session analyses the growing threat of cyberattacks and risks to internet security in today’s world. Col. Leighton explores the various types of attacks and vectors, including how bad actors can impact businesses and individuals. The session also examines the role of governments and international organizations—partnering with public and private businesses—in protecting against cyber threats.

    Col. Leighton describes how nefarious actions are becoming increasingly more sophisticated and widespread, with hackers targeting not just large corporations but also smaller businesses and even individuals. He emphasizes the need for organizations to take proactive measures to protect their networks and data, including investing in advanced security technologies and providing regular training to employees.

    He shares examples of cyber activity—good and bad; offensive and defensive—from Ukraine, China, and around the globe.

Exhibitors
  • Arctic Wolf + SentinelOne
    Booth: 350

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit  https://www.arcticwolf.com.

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • Clarity Security
    Booth: 160

    Meet audit and compliance requirements while saving time and money. Clarity’s simplified access certification, highly granular access governance, and automated lifecycle management create the ultimate all-in-one identity governance platform.

  • Cloudflare
    Booth: 220

    Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company. It empowers organizations to make their employees, applications, and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.

    Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations—from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.

    Learn more about Cloudflare’s connectivity cloud at cloudflare.com/connectivity-cloud. Learn more about the latest internet trends and insights at radar.cloudflare.com.

  • Cofense
    Booth: 440

    Cofense® provides the world’s most effective email threat detection and remediation solutions. Cofense PhishMe® and the Cofense Phishing Detection and Response Platform (PDR), are powered by over 35 million Cofense-trained employees who report phishing and other dangerous email threats in real time. Exclusive to Cofense, our network detects and eradicates threats other email security systems miss and removes them from our customer inboxes. For more information, visit www.cofense.com or connect with Cofense on X and LinkedIn.

  • CREST
    Booth: 100

    CREST is an international not-for-profit accreditation and certification body that represents and supports the technical information security market. CREST provides internationally recognised accreditations for organisations and professional level certifications for individuals providing penetration testing, cyber incident response, threat intelligence, and Security Operations Centre (SOC) services.

  • Cyber Fraud Task Force – U.S. Secret Service
    Booth: n/a

    Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.

  • Exabeam
    Booth: 330

    Exabeam is a global cybersecurity leader that adds intelligence to every IT and security stack. The leader in Next-gen SIEM and XDR, Exabeam is reinventing the way security teams use analytics and automation to solve Threat Detection, Investigation, and Response (TDIR), from common security threats to the most critical that are difficult to identify. Exabeam offers a comprehensive cloud-delivered solution that leverages machine learning and automation using a prescriptive, outcomes-based approach to TDIR. We design and build products to help security teams detect external threats, compromised users and malicious adversaries, minimize false positives and best protect their organizations.

  • Fortanix
    Booth: 210

    Fortanix provides a developer and cloud-friendly key management and encryption solution to keep data secure at the application level. Fortanix DSM exclusively manages complete confidential computing environment & enclave lifecycle, including creation, deployment, monitoring, & auditing.

  • GuidePoint Security + Forescout Technologies
    Booth: 230

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

    Forescout Technologies, Inc. actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing. Fortune 1000 companies trust Forescout as it provides the most widely deployed, enterprise-class platform at scale across IT, IoT, and OT managed and unmanaged devices. Forescout arms customers with more device intelligence than any other company in the world, allowing organizations across every industry to accurately classify risk, detect anomalies and quickly remediate cyberthreats without disruption of critical business assets. Don’t just see it. Secure it. For more information, visit: https://www.forescout.com.

  • InfraGard Chicago
    Booth: 470

    All InfraGard participants are committed to the proposition that a robust exchange of information about threats to and actual attacks on these critical infrastructures is an important element for successful infrastructure protection efforts. This chapter is governed by our local bylaws.

    The goal of InfraGard is to enable the flow of information so that the owners and operators of infrastructure assets can better protect themselves and so that the United States government can better discharge its law enforcement and national security responsibilities.

  • InQuest
    Booth: 130

    The leader in File Detection and Response. Protecting end users from the myriad of attacks of today and the evolving threats of tomorrow.

    Founded in 2013 by a well-versed team hailing from both the public and private sectors. Our platform was purpose-built by SOC analysts for SOC analysts and network defenders. With capabilities in attack prevention, breach detection, threat hunting, and data leakage discovery. We’ve automated much of the typically mundane tasks of the SOC analyst. Resulting in analyst-level scrutiny at multi-gigabit speeds, all the while reducing frustration, and in turn, allowing precious human time to be spent where it matters. Since our inception, we have exclusively catered to the federal sector and we’re currently recognized by the Department of Defense (DoD) as well as the Intelligence Community (IC) as a leading security services and solutions provider.

    2020 marks the year we expanded our offerings to the private sector, offering enterprises worldwide a SaaS email security solution based on the InQuest platform. A turn-key solution for mitigating threats to your users from phishing, ransomware, fraud/scams, executive impersonation, and more.

    Get in touch for a briefing.

  • ISC2 Chicago Chapter
    Booth: 370

    The mission of the Chicago Chapter is to advance the local Chicagoland information security community by providing its members with opportunities to increase knowledge, grow professional networks, share information and advance the profession as a whole by promoting certification, ethical behavior, and social responsibility.

    Our members consist of ISC2 credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification. Our chapter program is focused on sharing knowledge and exchanging ideas among security professionals in the local area.  Ultimately, we want to advance the field of information security by educating practitioners and the public at large on how to protect and defend against security threats.

  • ISACA Chicago Chapter
    Booth: 190

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Chicago area.

    Chapter meetings are generally held the third Thursday of each month at The Conference Center at One North Wacker (1 N. Wacker Drive, 2nd Floor, Chicago, Illinois 60606)

    Please check our web site from time to time for the most up-to-date listing of chapter related events and training opportunities.

  • ISSA Chicago Chapter
    Booth: 120

    The Chicago Chapter of the Information Systems Security Association (ISSA) has a mission to offer a stimulating combination of discussion forums, hands-on learning, CISSP certification training, conferences, and other events which are designed to enhance understanding and awareness of information security issues for information security professionals.

    Whether you are exploring a career in cybersecurity, honing your technical expertise or an established security executive, the ISSA offers you a network of 10,000 colleagues worldwide to support you in managing technology risk and protecting critical information and infrastructure. Enhance your professional stature, expand your peer network and achieve your personal career goals. Your local chapter and ISSA International will provide you with a wealth of resources to keep you current with industry trends and developments in our ever-evolving field.

  • LogRhythm
    Booth: 180

    LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

  • Lookout
    Booth: 320

    Lookout is a cybersecurity company that makes it possible for individuals and enterprises to be both mobile and secure. With 100 million mobile sensors fueling a dataset of virtually all the mobile code in the world, the Lookout Security Cloud can identify connections that would otherwise go unseen—predicting and stopping mobile attacks before they do harm.

  • Material Security
    Booth: 300

    Material Security uses ubiquitous tools in unexpected ways to understand and mitigate risk in cloud office apps. Material is known and loved in the security community for protecting cloud email at global media and financial conglomerates, large tech companies, and highly-targeted public sector organizations. The platform connects in minutes to Microsoft and Google environments to analyze risk, detect threats, automatically investigate incidents, and crowdsource mitigation with end-users via novel integrations with identity providers like Okta, Duo, Ping, and Microsoft Azure AD.

    The company was started in response to the 2016 Election hacks, is backed by Andreessen Horowitz, and was recently valued at $1.1B. Material is single-tenant, can be deployed in the customer’s cloud, and Material personnel do not need access to customer data. Material also protects the personal accounts of high-risk VIPs.

  • National Cybersecurity Alliance
    Booth: 310

    Our alliance stands for the safe and secure use of all technology. We encourage everyone to do their part to prevent digital wrongdoing of any kind. We build strong partnerships, educate and inspire all to take action to protect ourselves, our families, organizations and nations. Only together can we realize a more secure, interconnected world.

  • Netwrix
    Booth: 240

    Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact.
    More than 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

  • Okta
    Booth: 390

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Oort
    Booth: 430

    Oort is an early-stage Boston-area startup focused on the intersection of Edge Computing and Cybersecurity. They are pioneering a new model for efficiently delivering security-as-a-service for remote workers, IoT devices, and branch offices using hundreds of globally-distributed data centers at the Edge of the Internet.

  • SecurEnds, Inc
    Booth: 420

    SecurEnds provides companies with a tool to automate user access reviews (UAR) across cloud and on-prem applications to meet SOX, ISO27001, PCI, HIPAA, HITRUST, FFEIC, GDPR, and CCPA audit requirements. Utilizing fuzzy logic to pull data from systems of record (SOR), complimentary identity governance and administration (IGA) solutions, and SaaS-based, custom, and legacy downstream applications, SecurEnds provides a complete, end-to-end process for UAR, then automates it out of the box.

  • Sprocket Security
    Booth: 380

    Sprocket Security was founded to improve the way we approach cybersecurity. Currently the industry performs services in a timeboxed, or point-in-time approach. We think this is fundamentally flawed. We protect your business by monitoring the cybersecurity landscape and performing continuous penetration testing services.

  • Team Cymru
    Booth: 200

    Team Cymru’s mission is to save and improve human lives.  We are unrivalled across three disciplines; digital business risk platforms, free to use community services and support services to over 143 Government CSIRT teams.

    Our business risk and threat intelligence platforms empower global organizations with unmatched Threat Reconnaissance and Attack Surface Management capabilities to meet the challenges of today’s cyber threats.

    Community Services equip those who run the internet to defend it from criminals who wish to disrupt and cause harm, and CSIRT enables Governments the tools to outmaneuver nation state threat actors.

    Since 2005, our reputation remains unchallenged.

  • TechTarget
    Booth: n/a

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tevora
    Booth: 145

    Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats. For more information visit https://www.tevora.com.com/.

  • ThreatLocker
    Booth: 170

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • WiCyS Chicago Affiliate
    Booth: 360
  • Zimperium
    Booth: 150

    Zimperium, the global leader in mobile device and application security, offers the only real-time, on-device, machine learning-based protection against Android, iOS, and Chromebooks threats.

    Powered by our patented z9 engine, Zimperium provides protection against device, network, phishing, and malicious app attacks. Our best-in-class solutions include zIPS, which protects mobile devices against risks and attacks without requiring a connection to the cloud and our Mobile Application Protection Suite (MAPS), the only comprehensive solution that protects mobile apps from risks during development, in the app marketplaces, and on end-user devices.

    Zimperium was the first MTD provider to be granted an Authority to Operate (ATO) status from the Federal Risk and Authorization Management Program (FedRAMP). Headquartered in Dallas, TX, Zimperium is backed by Liberty Strategic Capital and SoftBank.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Lisa Plaggemier
    Executive Director, National Cybersecurity Alliance

    Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

  • speaker photo
    Lynn Dohm
    Executive Director, Women in CyberSecurity (WiCyS)

    Lynn Dohm brings more than 25 years of organizational and leadership experience to the WiCyS team as the Executive Director. She has long been committed to cybersecurity education and for the last 14 years held active roles in grant-funded programs and nonprofits that assist in providing educational solutions for the cybersecurity workforce. She is passionate about the need for diverse mindsets, skill sets and perspectives to solve problems that never previously existed and aims to facilitate learning opportunities and discussions on leading with inclusion, equity and allyship. In addition to Lynn being awarded Top 100 Women in Cybersecurity by Cyber Defense Magazine, she accepted the Nonprofit of the Year Award for WiCyS in 2020 and 2021, is on numerous cybersecurity judging panels, advisory boards, and is an inaugural member of (ISC)2’s DEI Task Force. She has been interviewed on TV and radio throughout the nation and is a keynote presenter, panelist and moderator for multiple international conferences, events and organizations.

  • speaker photo
    Aria Langer, Host
    Security Engineer, Morningstar Inc.; Events Lead, WiCyS Chicago
  • speaker photo
    Erik Hart, Moderator
    CISO, Cushman & Wakefield

    Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, InfraGard Chicago Members Alliance and Western Illinois University.

    Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries. Erik earned his Bachelors from Western Illinois University and Masters from Western Governors University.

  • speaker photo
    Sarah Buerger
    BISO, The Kraft Heinz Company

    Sarah Buerger serves as the Business Information Security Officer for The Kraft Heinz Company.

  • speaker photo
    Mary Faulkner
    CISO, Thrivent
  • speaker photo
    Mike Zachman
    VP & Chief Security Officer, Zebra Technologies
  • speaker photo
    Lynn Dohm, Moderator
    Executive Director, Women in CyberSecurity (WiCyS)

    Lynn Dohm brings more than 25 years of organizational and leadership experience to the WiCyS team as the Executive Director. She has long been committed to cybersecurity education and for the last 14 years held active roles in grant-funded programs and nonprofits that assist in providing educational solutions for the cybersecurity workforce. She is passionate about the need for diverse mindsets, skill sets and perspectives to solve problems that never previously existed and aims to facilitate learning opportunities and discussions on leading with inclusion, equity and allyship. In addition to Lynn being awarded Top 100 Women in Cybersecurity by Cyber Defense Magazine, she accepted the Nonprofit of the Year Award for WiCyS in 2020 and 2021, is on numerous cybersecurity judging panels, advisory boards, and is an inaugural member of (ISC)2’s DEI Task Force. She has been interviewed on TV and radio throughout the nation and is a keynote presenter, panelist and moderator for multiple international conferences, events and organizations.

  • speaker photo
    Dr. Fred Kwong
    VP & CISO, DeVry University

    Dr. Fred Kwong has been in the information security and technology field for the past 20 years in working in education, financial, telecommunication, healthcare, and insurance sectors. He is an award-winning thought leader in security and currently works at DeVry University where he currently serves as the VP and Chief Information Security Officer. He is a member of several advisory boards and is a frequent speaker at national security forums on cyber security and information technology and is often asked to consult on matters of security and leadership

    Fred also serves as an adjunct faculty member at Roosevelt and Benedictine Universities. He received his Bachelor of Arts in psychology and professional communications, Master of Business Administration in management information systems from Roosevelt University, and holds his Doctorate in organization development from Benedictine University. Fred has earned several certifications including the CISSP, CISA, CISM, CDPE, PCIP, PMP and ITILv3f.

  • speaker photo
    Bob Reny
    Sales CTO & Principal Systems Engineer, Exabeam

    Bob Reny is a recent addition to the CTO team at Exabeam. His 27 years of experience in information technology starting in systems administration and security in the US Air Force. This started a path for all things security, focusing on computer and networks. Bob has done network security design, firewall architecture, IPS deployment, network access control and end point security architecture. Large program security include zero trust, Operational Architecture safety/security. His expertise has supported customer organizations public and private. This covers scaling for many large federal agencies, global 1000 companies in many business verticals across finance, utilities, service, and technology. Bob has been a CISSP for the past almost 22 years and continues to help organizations evaluate the broad security policy to streamline Security Operations Center activities. This includes improving cross-functional processes for change management, incident response, event escalation, and response.

  • speaker photo
    Scott Fisher
    Sr. Security Engineer, Team Cymru
  • speaker photo
    Monique Ferraro
    Cyber Counsel, HSB Insurance

    Monique Ferraro provides legal and technical expertise in support of HSB Global Cyber Products. Ms. Ferraro's cybersecurity and privacy experience spans more than twenty-five years in digital forensics, ediscovery, information security and privacy. Ms. Ferraro holds a master’s degree and a JD. She is a Certified Information Systems Security Professional (CISSP), a Fellow of Information Privacy, Certified Information Privacy Professional/US (CIPP/US), Certified Information Privacy Manager (CIPM) and Chartered Property Casualty Underwriter (CPCU).

  • speaker photo
    Karen Painter Randall
    Partner & Chair, Cybersecurity, Data Privacy, and Incident Response, Connell Foley LLP

    Karen Painter Randall, partner and Certified Civil Trial attorney at Connell Foley LLP, chairs the firm’s Cybersecurity, Data Privacy and Incident Response Group. Considered a national thought leader, she has extensive experience advising clients on cyber risk mitigation and resiliency, privacy laws and regulations and incident response. The Connell Foley Team has been designated an authorized NetDiligence Breach Coach.

    Karen provides counsel across all industries and organizations of all sizes on proactive measures to help identify, protect, detect, respond and recover from cyberattacks, focusing on ransomware, business email compromise insider and third party attacks. She drives strategic solutions on how to safeguard a business’s sensitive data, using security risk assessments, policies and procedures, security awareness training, incident response plans, tabletop exercises and cyber liability insurance. Karen has handled hundreds of incident response matters each year since 2010 for carriers and uninsured businesses. She leads the response effort, working with the client and leading vendors to contain/eradicate the attack, manage crisis communications, evaluate legal, contractual/regulatory notification requirements, manage internal workforce messaging, and prepare consumer notification, effectively utilizing resources to reduce exposure. Karen’s clients span multiple industries – financial services, healthcare, public entities, education, transportation and retail, including lawyers and other licensed professionals.

    In addition, Karen oversees Connell Foley’s 24/7 Breach Response and Crisis Management Team, which provides immediate counsel designed for crisis management, preserving critical assets, mitigating harm to the business’s reputation, and limiting legal liability. Post-breach representation also includes defense of class action litigation, regulatory enforcement actions and investigations.

    Karen received three presidential appointments to the American Bar Association’s Cybersecurity Legal Task Force, and was named the Task Force’s Private Sector Liaison. She founded/chairs the New Jersey State Bar Association Cybersecurity Legal Task Force and Institute. Additionally, Karen was selected by the University of South Carolina School of Law to lead its Cybersecurity Legal Task Force and serve as Director of its annual National Cybersecurity Institute. She also chairs the USLAW Network Cybersecurity and Data Privacy Group. Among her many honors, Karen has been named by NJBIZ as a “Leader in Law” for Cybersecurity and as a “Digi-Tech Innovator,” and by ROI-NJ to its “Influencers: Law” list for E-discovery/Cyber.

  • speaker photo
    Violet Sullivan
    Adjunct Professor, Baylor School of Law; AVP, Cyber Solutions, Crum & Forster

    Violet Sullivan leads cyber consulting services at Crum & Forster. She works with insurance carriers, trade associations, and individual business clients from around the world providing expert guidance on cybersecurity threat management and response. She represents Crum & Forster within the legal, insurance, and risk management channels to develop long-term relationships, recurring revenue, and new business growth. Ms. Sullivan is a licensed attorney in Texas and Pennsylvania and a Certified Information Privacy Professional (CIPP/US), with her JD and MBA degrees from Baylor University. In addition to her full-time role, Violet serves as a professor of Cybersecurity & Privacy Law for Baylor Law School’s LL.M. Degree in Litigation Management, the first of its kind nationwide. Her diverse practice experience at both the individual and policy levels has prepared her for developing new tools and approaches to solving what is fast-becoming a pervasive and costly challenge in modern industry: how to respond to a cybersecurity incident.

    Early in her career, Violet worked on the incident responses for some of the largest and most notable data breaches to date, including: Home Depot, Sony, and Anthem. Her experience in managing scaled breach responses led to her expertise and proficiency in proactively preparing organizations for cyber incidents. In the past eight years, she has facilitated over 450 cyber incident simulations (tabletops) for public and private sector companies, including many Fortune 100 companies.

    As a cybersecurity and privacy attorney, Violet provides consulting services to respond to the needs of various cybersecurity programs. She reviews and develops customized incident response plans to ensure organizations are prepared to respond efficiently and effectively to a data breach. Violet also helps improve internal coordination by facilitating customized tabletop simulations focused on "pressure-testing" an organization's incident response procedures and protocols. Each of these customer-facing services mentioned has been built and developed for the purpose of creating long-standing relationships that turn to Violet for guidance, referrals, questions, and future projects.

    As a cybersecurity and privacy professor, Violet developed the entire curriculum for an innovative course on cybersecurity and privacy law for licensed attorneys working toward their LL.M. degree. The specific focus on litigation management has made Sullivan’s course and her lecture series uniquely valuable to experts across the United States.

  • speaker photo
    Jordan Fischer, Moderator
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Ve Bui
    Sr. Solutions Engineer, Okta

    Ve is a technologist at heart who graduated University of Iowa during the dot com boom. He started as a software engineer in airlines at Unisys, then moved to ecommerce in 2005 where he implemented omni channel experiences. Since 2011, he's been a solutions engineer helping grow market share for technologies like ATG, Endeca, Oracle, Sitecore, Salesforce, and now Okta.

  • speaker photo
    Craig Riddell
    Field CISO, Netwrix

    Craig Riddell is an ephemeral identity enthusiast and has recently joined the Netwrix team as the North American Field CISO. Prior to joining Netwrix Craig was responsible for all of Identity at HP. He brings a wealth of knowledge and experience around modernizing identity solutions while reducing costs and improving security. Outside of work Craig is an avid reader, semi-retired rugby player and loves spending time with his wife and daughter.

  • speaker photo
    JT Keating
    SVP, Strategic Initiatives, Zimperium

    For 30 years, JT Keating has been driven to deliver technology-based solutions that make enterprises more profitable, compliant, and secure. At Zimperium, JT is responsible for leading strategic initiatives/partnerships, tracking/reporting mobile threat data, and guiding product strategies.

  • speaker photo
    Eric Vanderbur
    Solutions Architect, Global Alliances and Partners, Forescout

    Eric Vanderbur is a highly skilled computer security professional with a deep understanding of cybersecurity principles and a passion for protecting digital assets. With over 20 years of experience in the field, Eric has developed expertise in network security, endpoint security, cyber, threat intelligence, and incident response.

    Throughout his career, Eric has worked with diverse organizations, including multinational corporations, educational and government agencies, to identify and mitigate security risks. Eric specializes in assisting these organizations with identifying risk exposures, implementing robust security technologies, and formulating proactive strategies to safeguard critical systems and data.

    As an advocate for cybersecurity awareness, Eric has delivered numerous training sessions and workshops to educate both technical and non-technical stakeholders on best practices for maintaining a secure computing environment. He believes that a strong security posture requires a holistic approach, encompassing technology, processes, and human factors.

  • speaker photo
    Michael Boucher, Moderator
    Executive Director, Global Information Security, JLL
  • speaker photo
    Bruce Coffing
    CISO, City of Chicago

    Bruce Coffing is an information security professional with over twenty-five years industry experience in information technology and cybersecurity. He is currently the Chief Information Security Officer for the City of Chicago. Prior to joining the City of Chicago, Mr. Coffing held Senior Vice President information security positions at Bank of America and was a Senior Manager at consulting firm Accenture. Mr. Coffing holds the Certified Information Systems Security Professional (CISSP) certification.

  • speaker photo
    Glenn Kapetansky, Moderator
    Chief Security Officer & Technology Lead, Trexin Group

    Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.

    Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).

  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Tom Brennan
    Executive Director, Americas Region, CREST

    Tom Brennan is the CIO of the national law firm Mandelbaum Barrett PC and leads the U.S. arm of CREST International. In this role, he works with government and commercial organizations to optimize the value of CREST as a cybersecurity accreditation body and industry standards advocate, particularly for companies in the Cybersecurity & Infrastructure Security Agency’s 16 critical infrastructure sectors which are vital to U.S. security, national economy, and public health and safety. As CREST USA Chairman, Brennan spearheads strategic plans for CREST USA’s organizational growth while also serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protection worldwide.

    As a proud U.S. Marine veteran, Brennan became involved with CREST International in 2016 while serving the Global Board of Directors for the Open Web Application Security Project (OWASP). Seeing similar goals, he became more active in the CREST organization and was nominated to lead the organization’s U.S. Advisory in 2019. Over his career, Brennan has amassed security expertise across the cybersecurity spectrum, including penetration testing, vulnerability assessment, application security, threat intelligence, and more. In addition to being CREST USA Chairman, he is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the information services advisory Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.

  • speaker photo
    Ricardo Lafosse
    CISO, The Kraft Heinz Company

    Ricardo Lafosse is responsible for IT risk governance, software and product security, incident management, technical disaster recovery, and determining enterprise-wide security policies and procedures. Lafosse regularly presents on security topics at global conferences, including Defcon, MirCon, and ISACA CACS. Lafosse has more than 15 years of experience in information security for the government, finance, legal, and healthcare. Lafosse holds a Master’s in Information Assurance from the Iowa State University. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) designations.

  • speaker photo
    Greg York, Moderator
    CISO, Follett Learning

    Greg enjoys inspiring, innovating, and collaborating to drive business value; time with family; backpacking adventures; and craft beer.

  • speaker photo
    Tony Enriquez
    Chief of Cybersecurity, Region 5, U.S. Cybersecurity and Infrastructure Security Agency (CISA)

    Tony serves as a Cybersecurity and Infrastructure Security Agency (CISA) Chief of Cybersecurity for Region 5 (Illinois, Indiana, Michigan, Minnesota, Ohio, and Wisconsin). Based in Chicago, he leads the cyber team, supporting the mission of strengthening the security and resilience of the nation's critical infrastructure. Before becoming the Cyber Chief for Region 5, Tony served as the Region 5 Cybersecurity Advisor (CSA), for six years. Prior to joining CISA, Enriquez served 23 years with the U.S. Secret Service and served eight years with the U.S. Army Signal Corp. Enriquez is a Certified Information Systems Security Professional (CISSP), has a bachelor’s degree from American Military University and a master’s degree from Johns Hopkins University.

  • speaker photo
    Brian Yoshino
    Cybersecurity Advisor, Region 5, CISA

    Brian Yoshino serves as a Cybersecurity Advisor with the Cybersecurity and Infrastructure Security Agency (CISA) where he supports CISA’s mission of strengthening the security and resilience of the nation’s critical infrastructure. As a CSA, Mr. Yoshino is the liaison between federal services and state, local, tribal, and territorial governments, critical infrastructure, and private industry. He conducts various cyber preparedness, risk mitigation, and incident response coordination activities through public and private partnerships and outreach efforts. Mr. Yoshino has over two decades of experience in cybersecurity spanning the federal civilian and private sector communities. Prior to joining CISA, Mr. Yoshino held positions within the National Security Agency and the Executive Office of the President, White House Information Security Directorate. He holds numerous cybersecurity certifications including the SANS GIAC Security Expert (GSE) certification. He holds a bachelor’s degree from Northern Illinois University and a master’s degree in Information Security from Lewis University.

  • speaker photo
    Tony Beaird, Moderator
    VP & Chief Security Officer, Claro Healthcare
  • speaker photo
    Madhu Dodda
    Principal Product Manager, Lookout

    Madhu Dodda is a seasoned security professional who has been contributing to the growth and evolution of the Lookout security solutions for the past 10 years. Dodda has been building network & data security products at scale for over a decade. As Field CTO, he evangelizes on Zero Trust principles and helps organizations defend against modern cyberthreats and data protection.

    Being an active member in the NIST SP 800-207 focus working group, he works with multiple cybersecurity vendors to define Zero Trust reference architecture for federal and commercial markets. Over a career spanning 18 years, he has built multiple security products both on-prem and cloud focusing on protecting the data.

  • speaker photo
    Happy Hour
  • speaker photo
    Col. Cedric Leighton
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC

    Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes