Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, May 15, 2019
    9:00 am
    [SecureWorld PLUS] Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: 202

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
  • Thursday, May 16, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    8:30 am
    Building a Better Cyber Awareness Training System with Machine Learning and Artificial Intelligence
    • session level icon
    speaker photo
    Cyber Threat Researcher, Federal Reserve Bank of Cleveland
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 203

    Cybersecurity awareness training (CAT) should be adaptable to the evolving cyber threat landscape, cost effective, and integrated well with other components. Unfortunately, few CAT systems can satisfy those requirements.

    This presentation introduces a new smart model for conducting cybersecurity trainings based on ML/AI with three main goals: (1) training efforts are initiated by emerging relevant threats and delivered first to the most vulnerable members; (2) training results must be able to provide actionable intelligence to be employed by enterprise risk management, enterprise threat intelligence, and other systems; and (3) the CAT system must be effective and affordable.

    8:30 am
    The Anatomy of a Hack
    • session level icon
    speaker photo
    Security Administrator, 19-facility Healthcare System
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 204
    This presentation will introduce you to the dark side of hacking. We’ll take you through the thought process, the preparation and the actual efforts that a true Black Hat hacker undertakes to compromise your systems. Once you are able to think like a Black Hat, then you can better defend your environment from a Black Hat.
    8:30 am
    Why a SIEM Isn't Always What It Seems
    • session level icon
    speaker photo
    Sr. Security Consultant, Crowe
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 202
    Security Incident and Event Managers (SIEM) are a key tool for any good security program. The problem? SIEMs are often improperly implemented, lack proper configuration and tuning, and are not staffed properly. This leaves organizations with an expensive tool that doesn’t provide much of a return. From a financial and a value standpoint, small- and medium-sized organizations are better off partnering with an outsourced Security Operations Center (SOC).
    9:30 am
    OPENING KEYNOTE: Growing the Cyber Workforce
    • session level icon
    speaker photo
    CISO, The Ohio State University
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:30 am
    Location / Room: Keynote Theater

    We know there is a shortage of talent, so what can a CISO do about it? Let’s explore ways to help the community grow, while helping your own company to find diverse, capable, affordable talent when and where you need it. We will talk about how to keep and develop that talent, and explore the pros and cons of formal education and on-the-job training approaches.

    10:30 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Topic: How to Make Security Part of Every Users Responsibility
    speaker photo
    CISO, American Financial Group
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 108

    This session is for Advisory Council members only.

    11:15 am
    Incident Response: Ready, Set, Test!
    • session level icon
    speaker photo
    Director of Compliance and Risk Management, Dinsmore & Shohl LLP
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 203

    Studies show the single most impactful factor to reducing the cost of a cyber breach is an Incident Response Team. Everyone knows the importance of having an Incident Response Plan, but what is the value of having one if it isn’t tested and communicated? This presentation describes how our security team planned, developed and executed our first IR Tabletop as well as will provide guidance on other considerations such as how to get leadership support to hold one for your organization.

    11:15 am
    [Mimecast] Critical Areas to Improve Email Security & Resilience for Office 365
    • session level icon
    speaker photo
    Director of Security , Mimecast
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 202

    The success of Office 365 as a SaaS application is undeniable. In fact, Microsoft reports that 70% of the Fortune 500 have purchased it in the last year.  If your organization isn’t currently using it there is an excellent chance it will soon! But what of security and resilience?  Does Microsoft provide you everything you need here? In this session I will go through 10 critical security and resilience issues you should consider when using Office 365 in your organization.

    11:15 am
    Social Media and Why It Remains the Most Prevalent Vector
    • session level icon
    speaker photo
    VP, Threat Management & Cybersecurity Operations, GE Aviation
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 204

    Social engineering remains a challenge to cyber professionals as it is a threat surface that is hard to control: human behavior. We will discuss different forms of social engineering and ways to reduce these threats.

    11:15 am
    [Tenable] Quantifying the Attacker’s First-Mover Advantage
    • session level icon
    speaker photo
    Enterprise Security Engineer, Tenable
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 201

    Security professionals are engaged in a continuous arms race with threat actors. In relation to vulnerabilities, this arms race is between attackers’ access to exploits and defenders’ ability to assess, remediate and mitigate them. The attackers gain and maintain the advantage if they can stay at least one step ahead of the defender, resulting in a window of exposure. The race is never-ending and begins again with every new vulnerability discovered. The finish line keeps shifting, with the attacker setting the pace.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Topic: Communicating Risk Effectively in Business Terms
    speaker photo
    CISO, American Financial Group
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 108

    This session is for Advisory Council members only.

    12:15 pm
    LUNCH KEYNOTE: Building a Culture that Engages and Retains Top Talent: A Cincinnati Cybersecurity Start-Up Case Study
    • session level icon
    speaker photo
    CISO, Fifth Third Bank
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    In today’s cybersecurity job market, the talent on your team has a lot of options. In this session we will look at what Morphick, a Cincinnati-based cybersecurity start-up, did to attract, engage, and retain talent even when funding was tight. We will look at specific elements of culture, such as aligning to a mission and vision, creating a sense of team, creating opportunities for growth (even within a 30-40 person company), and more. If a start-up can grow and retain top talent over the course of years, so can you!
    1:15 pm
    Panel: Cloudy With a Chance of Breach
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Everything old is new again. Migrating to the cloud certainly is not a new thing. It is for some smaller companies that are just now able to afford making the move to the cloud. Cloud boasts a secure, disaster proof option for companies to store their data offsite with access to that data from practically anywhere. So, who’s fault is it when the data is compromised? What if your information is stolen from the cloud because another user’s data was at fault? At the end of the day, isn’t the cloud just someone else’s computer? Join this panel discussion as they guide you through the pros and cons in migrating to the cloud.
    Panelists:
    Geoff Rance, Trend Micro
    Kes Jecius, Redseal
    Tim O’Connor, Cadre
    Moderator: Tom Dager

    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 201

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.
    Panelists:
    Adam Gates, Malwarebytes
    Paul Schofield, enSilo
    Matthew Gardiner, Mimecast
    Donovan Blaylock, Sailpoint
    Moderator: Andy Willingham

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    Star Wars: How an Ineffective Data Governance Program Destroyed the Galactic Empire
    • session level icon
    speaker photo
    Vice President, Greater Cincinnati ISSA
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 202

    This session will be 100% vendor agnostic and focus on exploring the different types of data governance tools and control categories within IT Security. We will actively compare and contrast tools, techniques and tactics to allow an IT Security Practitioner to build actionable policies on how users can store, process, transmit and access data. We will discuss data governance role in the small, medium, large, and enterprise businesses, who the key stakeholders are, and strategies on how to win their support.

    3:00 pm
    PCI’s Evolving Approach to Address NextGen Threats
    • session level icon
    speaker photo
    Chief Technology Officer, PCI Security Standards Council
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 201
    Don’t miss this session for a look into the evolution of payments and security standards. Hear about some opportunities and challenges that have been created by the innovations in technology. This session will also cover how PCI SSC is addressing these changes and how you can help.
    Note: Tools include people (e.g. ISA/QIR), process (DSE, DSS), and technology (P2PE, SPOC, Contactless).
    3:00 pm
    Utilizing Dashboards and Metrics to Drive Performance, Measure Success, and Decrease Vulnerabilities
    • session level icon
    speaker photo
    Head of Information Security and Privacy, Safelite Group
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 203
    Cyber and threat intel teams leverage numerous dashboards and metrics to guide key actions, intelligence and even performance. In a world of limited resources, capitalizing on these feeds and harnessing the business intelligence captured is critical for every security leader. In this session, Grant Sewell will speak on his experiences with operationalizing metrics in real-life scenarios to drive better results in security programs. This talk will emphasize the importance of leveraging the right BI from feeds to drive action across teams, and provide real-world examples of metrics to increase performance and establish more proactive partnerships across technology teams.
Exhibitors
  • Cincinnati Tri-State ASIS
    Booth: TBD

    The Cincinnati Tri-State Chapter and its members are committed to not only their own professional careers, but the security industry as a whole. The chapter promotes networking, education, and friendship with those in the fields of security and law enforcement. Our membership is comprised of professionals that work in different aspects of security and law enforcement.

    If you are interested in joining ASIS, the Cincinnati Chapter, or attending a meeting to see what we are all about please contact us to find out more information. We look forward to hearing from you and growing with you professionally!

  • Cadre Information Security
    Booth: 204

    Cadre is a network and information security solutions provider that serves large and medium sized firms. Widely recognized as a pioneer in the security industry, Cadre delivers value through superior customer service, advanced engineering and a resolute focus on design, assessment, installation, training and support of information security systems. All over the world, clients rely on Cadre to provide guidance and technical expertise on compliance, controlling technical risks, and achieving security goals.

  • CDW
    Booth: 306

    CDW is a leading multi-brand technology solutions provider to business, government, education and healthcare organizations in the United States, the United Kingdom and Canada. A Fortune 500 company with multi-national capabilities, CDW was founded in 1984 and employs more than 9,000 coworkers. For the year ended December 31, 2018, the company generated net sales over $16 billion. For more information about CDW, please visit www.CDW.com.

  • Cincinnati Networking Professionals Association
    Booth: TBD
  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ECTF
    Booth: TBD

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • enSilo
    Booth: 104

    enSilo protects businesses around the world from data breaches and disruption caused by cyber attacks. The enSilo Endpoint Security Platform comprehensively secures endpoints in real-time pre- and post-infection without alert fatigue, excessive dwell time or breach anxiety while also containing incident response costs by orchestrating automated detection, prevention and incident response actions against advanced malware. enSilo’s patented approach stops advanced malware with a high degree of precision, provides full system visibility and an intuitive user interface and combines next-generation antivirus (NGAV), application communication control, automated endpoint detection and response (EDR) with real-time blocking, threat hunting, incident response, and virtual patching capabilities in a single agent. The platform can be deployed either in the cloud or on-premises and supports multi-tenancy.

  • Gemalto
    Booth: 302

    SafeNet and Gemalto have joined forces to create the worldwide leader in enterprise and banking security from core data protection to secure access at the edge of the network. Together, we protect more data, transactions, and identities than any other company, delivering security services that are used by more than 30,000 businesses and two billion people in more than 190 countries around the world. We support 3,000 financial institutions and secure more than 80% of the world’s intra-bank fund transfers, and protect the world’s leading software applications.

  • InfoSec-Conferences.com
    Booth: n/a

    We’re the InfoSec community’s #1 ‘Go To’ resource for cybersecurity conference listings. Since 2012 we’ve provided cybersecurity professionals with accurate event listings that are manually checked and updated every day.

  • InfraGard Cincinnati
    Booth: TBD

    The mission of the InfraGard Cincinnati Members Alliance is to increase the security of the United States’ national infrastructure through information exchange, education, outreach, and similar efforts. To accomplish our goal, we strive to maintain a close working relationship between federal agencies such as the Federal Bureau of Investigation and the Department of Homeland Security, law enforcement agencies, subject matter experts such as cybersecurity and physical security professionals, industry-specific experts, and numerous other professionals.

  • ISACA Cincinnati
    Booth: TBD

    The Greater Cincinnati ISACA® Chapter is a not-for-profit professional association serving the information technology audit, security, and control community. We support the areas of Cincinnati & Dayton, Ohio and Northern Kentucky. The chapter consists of over 450 professionals that represent a cross-section of the public, private, and not-for-profit business sectors at all levels within those industries.

    Purpose: To promote the education of individuals for the improvement and development of their capabilities relating to the auditing of and/or management consulting in the field of Information Technology audit and control.

  • (ISC)2 Cincinnati Tri-State Chapter
    Booth: TBD

    Follow us on Twitter: https://twitter.com/Cinci_Tri_ISC2

  • ISSA Greater Cincinnati Chapter
    Booth: TBD

    The Greater Cincinnati Information Systems Security Association is a non-profit group dedicated to providing educational and networking opportunities to promote the exchange of ideas, knowledge, and member’s growth within the information security profession. The Greater Cincinnati Chapter will host monthly meetings with a variety of security professionals. Please check our events page for further information on upcoming events.

  • Ixia, a Keysight Business
    Booth: 201

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Malwarebytes
    Booth: 106

    Malwarebytes provides anti-malware and anti-exploit software designed to protect users against zero-day threats that consistently escape detection by traditional endpoint security solutions. Malwarebytes Anti-Malware earned an “Outstanding” rating by CNET editors, is a PCMag.com Editor’s Choice, and was the only security software to earn a perfect malware remediation score from AV-TEST.org. That’s why large Enterprise businesses worldwide, including Disney, Dole, and Samsung, trust Malwarebytes to protect their mission-critical data. For more information visit www.malwarebytes.com/business

  • Mimecast
    Booth: 202

    Mimecast Is Making Email Safer For Business.

    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • Nexum
    Booth: 305

    Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio and Wisconsin as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.

  • Okta
    Booth: 406

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • OWASP Cincinnati
    Booth: TBD

    OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas.

    The Cincinnati chapter leads are Andy Willingham and Allison Shubert. Chapter meetings are free and open to anyone interested in information security, risk management, data protection and application security.

  • ProcessUnity
    Booth: 205

    ProcessUnity’s cloud-based solutions help organizations of all sizes automate their risk and compliance programs. Our highly configurable, easy-to-use tools significantly reduce manual administrative tasks, allowing customers to spend more time on strategic risk mitigation. As a software-as-a-service technology, ProcessUnity deploys quickly with minimal effort from customers and their IT resources.

  • RedSeal
    Booth: 223

    At RedSeal, our vision is to become the essential analytics and decision-making platform for building digitally resilient organizations people can trust. We do this by becoming the measure by which every organization can quantify its digital resilience. As thought leaders on resilience, we envision every organization starting the security discussion with the question “What’s our Digital Resilience Score?” Founded in 2004, RedSeal is headquartered in Sunnyvale, California.

  • RSA Security
    Booth: 204

    RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions.  With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.

  • SailPoint
    Booth: 206

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Siemplify
    Booth: 303

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • Sonatype
    Booth: 304

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • Symantec
    Booth: 306

    Symantec is the world’s leading cyber security company. Organizations worldwide look to Symantec for strategic, integrated solutions to defend against sophisticated attacks, and more than 50 million people rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home. For more information, please visit www.symantec.com.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: 108

    Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

  • The Circuit
    Booth: TBD

    Our goal is to deliver education and informational programs; enable members to connect and foster collaboration between IT solution and service providers, corporate IT departments, the individuals within these organizations and the businesses that support them.

  • Trend Micro
    Booth: 102

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Tam Nguyen
    Cyber Threat Researcher, Federal Reserve Bank of Cleveland

    Tam Nguyen is an IEEE peer-reviewed cybersecurity researcher whose recent works include a long-term cyber threat evaluation & prediction strategy for the Federal Reserve Bank of Cleveland, and an accepted research paper on Software Defined Network's security to be presented in Paris, France. Tam's research interests include large-scale cyber threat modeling, cyber behavioral science, and applications of quantum computing in cybersecurity.

  • speaker photo
    David Howard
    Security Administrator, 19-facility Healthcare System

    David Howard is a CISSP, Certified Ethical Hacker, and holder of many other certifications. He also has 20 years of experience and currently is the senior member of the security staff of a regional hospital system. He is the host of Bring Your Own Security Radio, heard on iHeartRadio's app and many of their AM/FM stations nationwide, and is known as Dave The IT Guy on air.

  • speaker photo
    Joseph Thacker
    Sr. Security Consultant, Crowe

    Joseph Thacker, CISSP, is a Senior Staff Member in Crowe’s cybersecurity practice. With experience in software development, automation, and cybersecurity, he is serving in Security Engineer and Analyst roles to assist in the development and maturing of one of Crowe’s cybersecurity programs. He has a Bachelor’s degree in Computer Science and a Master’s degree in Cybersecurity and Information Assurance.

  • speaker photo
    Helen Patton
    CISO, The Ohio State University

    Helen is the Chief Information Security Officer at The Ohio State University. She is part of the Enterprise Security team, and oversees Security, Privacy and Disaster Recovery across the university. Helen believes Security is a critical element of data integrity. She works to improve diversity in STEM, and mentors anyone needing career development assistance. Helen has a Master’s degree in Public Policy, and has earned various security certifications. She is a member of the State of Ohio Cybersecurity Advisory Board, a founding board member of the National Technology Security Coalition, and an advisory board member of CISOExecNet.

    Helen was recently recognized as the 2018 ISE® North American Executive of the Year in the Academic/Public division by the Information Security Executive® awards program.

  • speaker photo
    JD Rogers
    CISO, American Financial Group

    JD Rogers is the Chief Information Security Officer for American Financial Group, where he leads the IT security vision, strategy and function for the insurance holding company. JD has more than 20 years of information security experience working in the energy, manufacturing, finance and insurance industries. He joined American Financial Group in 2008 as the Director of Information Security for Great American’s Annuity Group, and assumed leadership of this function enterprise-wide in 2013. In this role, he created a cross-company information security group—the first of its kind for the organization. Previously, he held information security positions at Toyota, Duke Energy and Cinergy. Placing a strong focus on security integration into business process and culture, JD serves as a security evangelist to the 36 different business units within American Financial Group, regularly conducting department-wide presentations and one-on-one conversations, as well as presenting at industry conferences such as Black Hat, SecureWorld and the Dayton Defense Conference. JD Rogers holds a Bachelor of Science in computer science from Northern Kentucky University and a Master of Science in information systems from the University of Denver. He also holds numerous designations, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and GIAC Certified ISO-27000 Specialist (G2700).

  • speaker photo
    Lynn Watson
    Director of Compliance and Risk Management, Dinsmore & Shohl LLP

    Lynn is the Director of Compliance & Risk Management for Dinsmore & Shohl, a national law firm with 1,300 attorneys and employees in 26 offices. Lynn oversees the cybersecurity team and is responsible for all firm security policies, procedures, technology, and initiatives, including the incident response program.

  • speaker photo
    Matthew Gardiner
    Director of Security , Mimecast

    Matthew Gardiner is a Director of Security at Mimecast and is currently focused on email & web security, phishing, awareness training, malware, and cloud security. With more than 15 years focused in security, Matthew’s expertise in various roles includes threat detection & response, network monitoring, SIEM, endpoint threat detection, threat intelligence, identity & access management, Web access management, identity federation, cloud security, and IT compliance at RSA, Netegrity, and CA Technologies. Previously he was President and a member of the board of trustees of the security industry non-profit, the Kantara Initiative. Matthew has a BS in Electrical Engineering from the University of Pennsylvania and an SM in Management from MIT's Sloan School of Management.

  • speaker photo
    Lori Anello
    VP, Threat Management & Cybersecurity Operations, GE Aviation

    Lori Anello is an adaptive leader with broad background in leading large enterprise teams in the areas of infrastructure, security technology, application architecture, and business solutions. She started her career working for the National Institutes of Health and then moved into private industry in the areas of consulting and manufacturing companies. Lori is presently Executive VP of Threat Management and Cyber Operations for GE Aviation.

  • speaker photo
    Paul Russo
    Enterprise Security Engineer, Tenable

    Paul is a passionate technologist focusing on solutions at the intersection of business and technology. He has over 20 years of industry experience architecting, deploying and consulting on enterprise solutions. In his current role as a Sr. Security Engineer for Tenable he helps organizations reduce risk due to Cyber Exposure.

  • speaker photo
    JD Rogers
    CISO, American Financial Group

    JD Rogers is the Chief Information Security Officer for American Financial Group, where he leads the IT security vision, strategy and function for the insurance holding company. JD has more than 20 years of information security experience working in the energy, manufacturing, finance and insurance industries. He joined American Financial Group in 2008 as the Director of Information Security for Great American’s Annuity Group, and assumed leadership of this function enterprise-wide in 2013. In this role, he created a cross-company information security group—the first of its kind for the organization. Previously, he held information security positions at Toyota, Duke Energy and Cinergy. Placing a strong focus on security integration into business process and culture, JD serves as a security evangelist to the 36 different business units within American Financial Group, regularly conducting department-wide presentations and one-on-one conversations, as well as presenting at industry conferences such as Black Hat, SecureWorld and the Dayton Defense Conference. JD Rogers holds a Bachelor of Science in computer science from Northern Kentucky University and a Master of Science in information systems from the University of Denver. He also holds numerous designations, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and GIAC Certified ISO-27000 Specialist (G2700).

  • speaker photo
    Brian Minick
    CISO, Fifth Third Bank

    Brian Minick is CISO at Fifth Third Bank. Brian has responsibility for the bank’s information protection program. Brian is a noted speaker and published author. He brings 20 years of technology and cybersecurity leadership and experience to this position. Prior, Brian was VP of Managed Threat Services at Booz Allen Hamilton following the acquisition of Morphick, a pioneer in the Managed Detection and Response market, where Brian was Co-Founder and CEO. Before founding Morphick, he was CISO at General Electric’s Aviation, Energy and Transportation businesses where he was responsible for developing and implementing advanced cybersecurity strategies.

  • speaker photo
    Micah Brown
    Vice President, Greater Cincinnati ISSA

    Micah K. Brown is a member of the IT Security Engineering team at American Modern Insurance, part of the Munich RE Group. Over the past two years he has served as the lead Engineer on the DLP implementation for Data Loss Prevention for the Munich RE organizations located in North and South America. In this role Micah has learned the many intricacies of what works in a successful DLP project. In his free time, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President. Micah graduated from the University of Cincinnati and holds an active CISSP.

  • speaker photo
    Troy Leach
    Chief Technology Officer, PCI Security Standards Council

    : Troy Leach is the Chief Technology Officer for the PCI Security Standards Council. In his role, Mr. Leach partners with Council representatives, Participating Organizations and industry leaders to develop comprehensive standards and strategies to secure payment card data and the supporting infrastructure. He is a congressional subject matter expert on payment security and holds advanced degrees from Syracuse University in network management and information security.

  • speaker photo
    Grant Sewell
    Head of Information Security and Privacy, Safelite Group

    Grant Sewell manages the Information Security and Privacy program at Safelite Group, the largest provider of vehicle glass repair, replacement, and calibration services in the United States. He serves on the board of directors for the Retail & Hospitality ISAC, the Central Ohio Chapter of (ISC)², and has held information security leadership roles with several Fortune 500 companies and U.S. Government agencies. Grant has more than a decade of experience in security, holds numerous industry certifications, and is a frequent speaker at regional and national conferences.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store