Click here to view registration types and pricing (PDF)
2017 Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Monday, October 23, 2017
    9:00 am
    SecureWorld PLUS Course – Big Data and IoT: Wonderful, Terrible, Inevitable
    • session level icon
    9 a.m. - 3 p.m. - Earn 12 CPEs!
    speaker photo
    CISSP, President, O'Leary Management Education
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    Join us the day before the conference for 6 additional CPE credits (12 total when attending the PLUS course and the conference).

    Big Data and the Internet of Things are revolutionizing virtually every industry. We’re told of pinpoint accurate medical records and diagnostics, all-encompassing analytics, mastery of industrial processes, effortless control of our static and moving environments and complete connectivity and communication with anything and everything we might ever imagine being useful. Wonderful!

    But SecureWorld attendees and others who’ve been in IT Security for any appreciable time have an internal red flag that goes up upon hearing “It’s gonna be great!” Then those euphoria-deflating security questions start multiplying and running through our somewhat addled brains. Where is all this Big Data coming from? Where will it reside? Who controls it? Who grants access? On what basis? How do we know it’s accurate, relevant? Is it complete enough for life and death medical decisions? What about analytics system administration; data monitoring and correction procedures; incompatible security architectures? Oh yeah, and privacy?

    What kind of security is built into all these Internet-connected devices? How easy is it to control access? Is the data they trade and store encrypted? Who’s liable if they fail or give erroneous signals?

    Big Data and IoT are neither fads nor merely trends, they constitute a revolution. There’s no going back. Join us as we look from a security perspective at both the bright and dark sides.

    9:00 am
    SecureWorld PLUS - Using the NIST Cybersecurity Framework to Build and Mature an Information Security Program
    • session level icon
    SecureWorld PLUS registrants ONLY
    speaker photo
    CISO, Pulte Financial Services
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    Managing a successful Information Security Program requires a plan. In this hands-on workshop, participants will leverage the NIST Cybersecurity Framework as a guide to create or mature their security program. Regardless of industry, the framework provides an ideal platform for planning, communicating and validating your security approach.

  • Tuesday, October 24, 2017
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Breakfast: Security Risks in the IoT Ecosystem - (VIP / INVITE ONLY)
    • session level icon
    Coffee / Breakfast Served
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    8:30 am
    Data Breach Digest – Perspective is Reality
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Data breaches are complex affairs. Response activities are proportionately complex involving various stakeholders with slightly different perspective. This presentation covers the 2017 "Data Breach Digest – Perspective is Reality"; a compendium of data breach scenarios told from different stakeholder points of view covering their decisions, actions and crucial lessons learned.

    8:30 am
    Surviving the Siege: Medieval Lessons in Modern Security
    • session level icon
    Discover the 2017 SecureWorld Theme
    speaker photo
    CISSP, President, O'Leary Management Education
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    Warfare and the arts of intrusion have advanced considerably since the Middle Ages, but in many ways the principles of fortification we use today remain the same. The great castles of antiquity were ingeniously designed with multiple layers of physical security to protect their inhabitants from persistent, even advanced enemy threats. Their carefully planned and creative defensive measures provide rich metaphors, both positive and negative, for today’s cyber guardians. On the other hand, clever, daring, sometimes brilliant offensive strategies and tactics have historically breached battlements thought to be unassailable. Come join us as we examine lessons that can be applied to securing our own sophisticated digital fortresses.

    8:30 am
    Gaining Better Visibility Into Risk – The Future of GRC
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    In this session we will be discussing the general achievements and failings that clients have experienced utilizing GRC platforms and processes, where the market is headed, and how integration of different data sources and risk correlation techniques are starting to be utilized to get a better picture of risk.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: The Evolving Role of CISOs and Their Importance to the Business
    • session level icon
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    What is a CISO and what do they do? As the leader of cyber defense for an organization, the CISO is rapidly becoming indispensable for an organization’s survival. This presentation is based on interviews with senior level IT professionals at 184 companies in seven countries. The goal of the research is to better understand how CISOs work, what their concerns are, and how they are improving their effectiveness in managing risks to the enterprise.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:15 am
    What You Can Do Now to Secure the Internet of Things
    • session level icon
    speaker photo
    Executive Director, Information Security & Compliance, Indiana University Health
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    While there are any number of potential security solutions that add on to an already complex organization with limited budget and resources, there are simple tasks that you can do to improve security and protect your organization from security issues such as Mirai that cause havoc with connected devices.

    11:15 am
    A New Framework for Overcoming Common Security Challenges
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    This session will focus on challenges typically encountered in managing security operations teams like budget, talent management, and reducing noise. Often times, these challenges directly connect to tangible gaps in mission/vision/strategy. We will introduce a framework and approach for managing these challenges.

    11:15 am
    Security and Medical Devices
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Since, medical devices are critical to providing care and treatment, this talk will address three key issues: 1) identify specific threats to providers and medical devices, 2) present some practical, cost-effective mitigations, and 3) provide a strategy for the future.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm

    Advisory Council - VIP / INVITE ONLY

    12:15 pm
    LUNCH KEYNOTE: The Ever-Evolving Threat Landscape: From Cybercrime to Cyber Espionage
    • session level icon
    speaker photo
    VP, Infrastructure Strategies, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    The threat landscape is constantly evolving—from global ransomware outbreaks such as WannaCry and NotPetya, to international cyber espionage campaigns distilling propaganda such as Pawn Storm/APT28. Learn what makes these attacks successful to better understand how you need defend your networks, data, and users.

    1:15 pm
    Panel
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    1:15 pm
    Panel
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    Ingredients of Credential Stuffing – A Recipe For Pwnage
    • session level icon
    speaker photo
    Director of Information Security, Paycor
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Just last year, over three billion credentials were reported stolen from various sources in both small and large amounts. Credential theft and “stuffing” is a real and present threat to all organizations and the risk of account takeover, particularly for privileged accounts, is substantial. In this presentation, we’ll take a journey through the various stages of credential stuffing from theft, to sale, to actual stuffing on sites. Next, we’ll review some tested controls that you can put in place to either detect or prevent this threat against your enterprise.

    3:00 pm
    GDPR Compliance 101
    • session level icon
    speaker photo
    Counsel - Global Privacy, Cybersecurity and IT Law, The Procter and Gamble Company
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: TBD

    This presentation outlines the requirements of the EU General Data Protection Regulation and highlights key compliance challenges.

    3:00 pm
    Me and My Auditor
    • session level icon
    Tips on how to make the most of your relationship with Audit.
    speaker photo
    Information Security Program Management, The Christ Hospital Health Network
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    A "How To Guide" to surviving and thriving an audit.

    3:00 pm
    Methods That Work: Security Awareness That Changes Behavior
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    91% of cyber attacks start with a phishing email. Traditional security won’t protect you from users with poor security habits and criminals know it. Learn to be an educator, marketing guru, and entertainer to get users to adopt safe online behaviors.

Exhibitors
  • Arbor Networks
    Booth: 104

    Arbor Networks is the leading provider of network security and management solutions for enterprise and service provider networks. Arbor Networks protects enterprises from distributed denial of service attacks and advanced malware using Arbor’s global network intelligence. Arbor's proven solutions help grow and protect customer networks, businesses and brands.

  • ASIS
    Booth: TBD

    ASIS International, with more than 32,000 members, is the preeminent international organization for professionals responsible for security, including managers and directors of security. In addition, corporate executives and other management personnel, as well as consultants, architects, attorneys, and federal, state, and local law enforcement, are becoming involved with ASIS to better understand the constant changes in security issues and solutions.

  • Cadre Information Security
    Booth: 108

    At Cadre, our entire business is based on making sure your information is secure. Every person in the company is committed to doing whatever it takes to understand your information security needs and develop the best systems and solutions for you. We invest the right amount of time, energy and money in training, education, certification and technologies to make sure your needs are met before, during and after your Cadre Solution is implemented. Around the corner or around the globe, our service extends beyond our technical capabilities.

  • Check Point Security
    Booth: 206

    Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

  • Darktrace
    Booth: 201

    Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ECTF
    Booth: TBD

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • ExtraHop
    Booth: 406

    ExtraHop is a force multiplier for IT teams struggling with increasing complexity. With the ExtraHop platform, organizations can regain control over the security and performance of their applications and infrastructure, and capitalize on their data analytics opportunity to improve business operations and results. Learn more at www.extrahop.com

  • Fidelis Cybersecurity
    Booth: 302

    Fidelis Cybersecurity protects the world’s most sensitive data by equipping organizations to detect, investigate and stop advanced cyber attacks. Our products, services and proprietary threat intelligence enable customers to proactively face advanced threats and prevent data theft with immediate detection, monitoring and response capabilities. With our Fidelis Network and Fidelis Endpoint, customers can get one step ahead of any attacker before a major breach hits. To learn more about Fidelis Cybersecurity, please visit www.fidelissecurity.com and follow us on Twitter @FidelisCyber

  • FireMon
    Booth: 301

    FireMon is at the forefront of the security management category, delivering first-ever functionality such as firewall behavior testing, workflow integration, traffic flow analysis and rule recertification. Our solutions have helped more than 1,500 organizations around the world gain visibility into and control over their complex network security infrastructures.

  • InfraGard
    Booth: TBD

    InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

    The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.

  • ISACA
    Booth: TBD

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

  • ISC2
    Booth: TBD

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation - The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA Greater Cincinnati Chapter
    Booth: TBD

    The Greater Cincinnati Information Systems Security Association is a non-profit group dedicated to providing educational and networking opportunities to promote the exchange of ideas, knowledge, and member's growth within the information security profession. The Greater Cincinnati Chapter will host monthly meetings with a variety of security professionals. Please check our events page for further information on upcoming events.

  • Ixia
    Booth: 306

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks.
    Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Mimecast
    Booth: 305

    Mimecast Is Making Email Safer For Business.
    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service.
    Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • Nexum
    Booth: 303

    Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio and Wisconsin as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.

  • OWASP
    Booth: TBD

    The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

  • Preempt Security
    Booth: 408

    Preempt protects enterprises from security breaches and malicious insiders with an innovative and patented Behavioral Firewall that couples User Behavior Analysis and Adaptive Response to provide the most effective solution for both detecting and automatically responding to security threats. This proactive approach allows organizations to mitigate threats in real-time without engaging already overwhelmed security teams.

  • Rapid7
    Booth: 304

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • Sumo Logic
    Booth: 205

    Sumo Logic was founded in 2010 by experts in log management, scalable systems, big data, and security. Today, our purpose-built, cloud-native service analyzes more than 100 petabytes of data, more than 16 million searches, and delivers 10s of millions of insights daily – positioning Sumo among the most powerful machine data analytics services in the world.

  • Synopsys
    Booth: 102

    Synopsys offers the most comprehensive solution for integrating security and quality into your SDLC and supply chain. Whether you’re well-versed in software security or just starting out, we provide the tools you need to ensure the integrity of the applications that power your business. We don’t stop when the test is over. Our experts also provide remediation guidance, program design services, and training that empower you to build and maintain secure software. For more information go to www.synopsys.com/software.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: 110

    Tenable Network Security transforms security technology for the business needs of tomorrow through comprehensive solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization. Tenable eliminates blind spots, prioritizes threats, and reduces exposure and loss. With more than one million users and more than 20,000 enterprise customers worldwide, organizations trust Tenable for proven security innovation. Tenable's customers range from Fortune Global 500 companies, to the U.S. Department of Defense, to mid-sized and small businesses in all sectors, including finance, government, healthcare, higher education, retail and energy. Transform security with Tenable, the creators of Nessus and leaders in continuous monitoring.

  • The Circuit
    Booth: TBD

    Our goal is to deliver education and informational programs; enable members to connect and foster collaboration between IT solution and service providers, corporate IT departments, the individuals within these organizations and the businesses that support them.

  • Trend Micro
    Booth: 202

    As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With more than 20 years of experience, we're recognized as the market leader in server security for delivering top-ranked client, server, and cloud-based security solutions that stop threats faster and protect data in physical, virtualized, and cloud environments.

  • Wombat Security Technologies
    Booth: 106

    Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%.

  • Zscaler
    Booth: 203

    Zscaler's Cloud-delivered security solution provides policy-based secure internet access for any employee, on any device, anywhere. Our proxy and scanning scalability ensures ultra-low latency in a 100% SaaS security solution requiring no hardware, software or desktop all while providing complete control over security, policy and DLP.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    John O'Leary
    CISSP, President, O'Leary Management Education

    John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John is the recipient of the 2004 COSAC award, the 2006 EuroSec Prix de Fidelite, and the 2011 ISC2 Lifetime Achievement Award

  • speaker photo
    Alex Wood
    CISO, Pulte Financial Services

    Alex Wood is currently the CISO for Pulte Financial Services and has over 18 years of experience in information security. Previously he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has a MAS in Information Security from the University of Denver.

  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    John O'Leary
    CISSP, President, O'Leary Management Education

    John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John is the recipient of the 2004 COSAC award, the 2006 EuroSec Prix de Fidelite, and the 2011 ISC2 Lifetime Achievement Award

  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    Mitchell Parker
    Executive Director, Information Security & Compliance, Indiana University Health
  • speaker photo
    William J. Malik, CISA
    VP, Infrastructure Strategies, Trend Micro

    Bill helps clients achieve an effective information security posture spanning endpoints, networks, servers, cloud, and the Internet of Things. This involves technology, policy, and procedures, and impacts acquisition/development through deployment, operations, maintenance, and replacement or retirement.

    During his four-decade IT career, Bill has worked as an application programmer with the John Hancock Insurance company; an OS developer, tester, and planner with IBM; a research director and manager at Gartner for the Information Security Strategies service and the Application Integration and Middleware service, and served as CTO of Waveset, an identity management vendor acquired by Sun. He ran his own consulting business providing information security, disaster recovery, identity management, and enterprise solution architecture services for clients including Motorola, AIG, and Silver Lake Partners. Bill has over 160 publications and has spoken at numerous events worldwide.

    Bill attended MIT, majoring in Mathematics. He is a member of Connecticut chapters of InfraGard and ISACA.

  • speaker photo
    Adam Leisring
    Director of Information Security, Paycor

    Adam is the Director of Information Security for Paycor, one of the largest independently held Human Capital Management companies in America. He oversees Information Security for Paycor’s 1400 associates as well as Paycor’s 30,000 clients of their award-winning Software as a Service product. In past positions, he has served in leadership roles including Technical Services and Operations, Enterprise Architecture and Software Engineering. Adam holds CISSP and CISM certifications as well as a Master’s Certificate in Corporate Information Security. Adam is a volunteer in ISC(2)’s Safe and Secure Online program which spreads security awareness to children at local schools. He also plays jazz trumpet in non-profit “Jump and Jive” big band in Cincinnati donating proceeds to area schools for music education.

  • speaker photo
    Matt Lawless
    Counsel - Global Privacy, Cybersecurity and IT Law, The Procter and Gamble Company

    Matt Lawless is a global privacy and information security attorney for The Procter & Gamble Company. He teaches information privacy law at the Northern Kentucky University Chase College of Law, the University of Dayton School of Law, and the University of Cincinnati College of Law. He has been recognized as an Ohio Super Lawyers “Rising Star," and holds the CIPP/E, CIPM, CIPP/US, and FIP credentials from the International Association of Privacy Professionals.

  • speaker photo
    Andy Willingham
    Information Security Program Management, The Christ Hospital Health Network

    Andy has over 15 years' experience in information security. He has been in the trenches, building programs from the ground up, and helping the business understand risk and how to best manage it. He has been involved in both great and not-so-great audit engagements, and has learned from all of them. He currently serves as President of the Cincinnati chapter of OWASP.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
DON'T MISS OUT

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!