Click here to view registration types and pricing (PDF)
2017 Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, November 1, 2017
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Breakfast: Security Risks in the IoT Ecosystem - (VIP / INVITE ONLY)
    • session level icon
    Coffee / Breakfast Served
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    Location / Room: Windstar A
    8:00 am
    SecureWorld PLUS Part 1 – How To Build And Maintain A Game-Changing Security Awareness Program That Measures Success
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Chief Strategist and Chief Security Officer, Security Mentor
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Bristlecone

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.

    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    8:00 am
    SecureWorld PLUS Part 1 - Using the NIST Cybersecurity Framework to Build and Mature an Information Security Program
    • session level icon
    speaker photo
    CISO, Pulte Financial Services
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Keynote Theater

    Managing a successful Information Security Program requires a plan. In this hands-on workshop, participants will leverage the NIST Cybersecurity Framework as a guide to create or mature their security program. Regardless of industry, the framework provides an ideal platform for planning, communicating, and validating your security approach. This course is perfect for attendees that are just starting a security program, looking to mature their current program, or just looking to learn more about the Framework.

    8:30 am
    InfraGard Presentation: Danger Stewards – Measuring Risk and Predicting The Future For Fun and Profit
    • session level icon
    Open to all Attendees - Coffee and Light Breakfast Included
    speaker photo
    IT Risk and Compliance Manager/SANS Instructor, University of Colorado Denver/SANS Institute
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Mesa Verde B

    Are you having trouble convincing the decision makers in your business to support security initiatives? One of the biggest challenges InfoSec professionals face today is getting leadership to support their activities. Learn how to gain support for your activities and receive the support your cybersecurity initiatives need.

    8:30 am
    Using Block Chain to Establish Distributed Trust for IOT
    • session level icon
    speaker photo
    CTO, BlockFrame Inc
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Mesa Verde A

    This session will examine some systematic problems which exist within the cyber security industry. We will digest several of these identified systematic problems in the Cyber Security Industry and give a first look at next generation Block-Chain-enabled-solutions which may provide revolutionary solutions to these issues. We will outline the path to solutions for these problem which will enabling a framework to securing the Internet of Things (IOT) worldwide. We will discuss how efforts under way in partnership with the Colorado Springs based National Cybersecurity Center (NCC) may providing the governance support to implement these IOT Security frameworks globally.

    8:30 am
    Making SIEM Useful Again
    • session level icon
    speaker photo
    Chief Cyber Security Officer, Bremer Bank
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Windstar B

    SIEMs haven’t failed us we have failed SIEMs; companies have not invested enough in making them actually functional and vital to their security operations and business. SIEM platforms can also be used way beyond traditional methods moving into automation and log analytics giving value to the entire business.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: The Evolving Role of CISOs and Their Importance to the Business
    • session level icon
    speaker photo
    Chairman and Founder, Ponemon Institute
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    What is a CISO and what do they do? As the leader of cyber defense for an organization, the CISO is rapidly becoming indispensable for an organization’s survival. This presentation is based on interviews with senior level IT professionals at 184 companies in seven countries. The goal of the research is to better understand how CISOs work, what their concerns are, and how they are improving their effectiveness in managing risks to the enterprise.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: Windstar A

    Advisory Council - VIP / INVITE ONLY

    11:15 am
    Trend Micro: Security Automation in the Cloud
    • session level icon
    speaker photo
    Principal Engineer, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Mesa Verde B

    How do you properly apply security in a Cloud Computing environment without creating complexity. Automation is key. In this session we
    will discuss the drivers for security automation and how this can be achieved through not only API-based security automation but also
    through what is normally considered detection controls.

    11:15 am
    Sustaining Your Security Program in an Ever Changing World
    • session level icon
    Balancing Security Risks, Business Needs and Financial Pressures
    speaker photo
    Chief Information Security Officer, Catholic Health Initiatives
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Mesa Verde A

    How does a security organization retain a strong, risk based security posture amid evolving threats? Security teams spend years building strong foundational programs, but are they ever complete? Amid evolving security threats running them operationally and ensuring compliance is just as important as the initial implementation. This will be an interactive discussion on how Security leaders/professionals balance the security risks, business needs and financial pressures that may present themselves. Discussion around how key risk indicators and other factors help communicate the security posture as well as justify the need for additional capabilities/funding.

    11:15 am
    The Impact of Homomorphic Encryption on Machine Learning, Deep Learning, Artificial Intelligence, Natural Language Processing in Healthcare
    • session level icon
    speaker photo
    Professor, St. John's University, Distinguished Engineer, United Healthcare Group / Optum
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Mesa Verde C

    Homomorphic encryption is a bleeding edge cryptographic technology to secure query and search capabilities in machine learning, deep learning and artificial intelligence/natural language processing. This advanced session shall explore the architecture and application of this technology. A focus will include a current US patent providing a risk management architecture and assessment methodology to protect applications with sensitive data in cloud environments. We will briefly examine this technologies impact on health care, financial services and the insurance verticals.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: Windstar A

    Advisory Council - VIP / INVITE ONLY

    12:15 pm
    LUNCH KEYNOTE: Business Email Compromise
    • session level icon
    speaker photo
    Assistant to the Special Agent in Charge, U.S. Secret Service
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Hacking has changed. You no longer need to be a hacker to target a system or deploy malware. With little or no experience, you can learn on the Internet how to obtain malware, embed it in a document, and send it to thousands of people. What are the current trends in business email compromise schemes and what can you do.

    1:15 pm
    Panel: Close the Front Gate - Identify all Travelers
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Mesa Verde B

    One of the first lines of defense for a castle was the front gate or portcullis. When the need arose, they would simply close the gate and stop everyone from entering. Castle guards would stop each traveler and determine their identity and if they were a threat before letting them in. Sort of like today’s network access control and firewalls. Identity or the perception of one’s identity was all that mattered and a smart spy or thief would gain access to the castle with only minor delays. Our experts will discuss your options for defending your castle.

    1:15 pm
    Panel: Hazards on the Horizon - Emerging Threats
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Just as in the days of yore, you must have watch guards in the tower scanning the horizon for enemy banners. If you follow cyber threats, then you know that the landscape is constantly changing. From the bring your own device (BYOD) workplace to mobile-malware, social engineering, and everything in between, information security has transformed. In order stay ahead of the ever-changing threats, it is imperative to constantly improve and change security policies. Join industry experts as they discuss the importance of rolling with the changes, and how your company can stop the threat before it gets to the castle gate.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    IoT Threat Analysis
    • session level icon
    Gain a better understanding of the risks involved with IoT devices.
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    This session will review the current threat landscape, identify security concerns, provide examples and offer recommendations on securing the devices.

    3:00 pm
    GDPR Compliance – 10 Key Takeaways for Businesses
    • session level icon
    speaker photo
    Shareholder and Head of Cybersecurity, Privacy & Technology Transactions Practice and Adjunct Professor of Law
    speaker photo
    Associate in Cybersecurity, Privacy and Technology Transactions Practice
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Windstar B

    Companies that do not maintain a physical presence in the EU may still face liability under the new EU General Data Protection Regulation which becomes effective on May 25, 2018. This presentation will provide attendees with a high level overview of significant provisions and compliance requirements.

    3:00 pm
    Internet of Bio-Nano Things: Using the In Vivo Biochemical & Connecting to the Electrical of the Human Internet
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Mesa Verde C

    The Internet of Things has become a topic of concern over the past few years: the interconnection of devices have brought to life the Internet in a manner seldom conceived in science and is looking to broaden its expansive nature. Enter nano-robotics with an extension of IoT called the Internet of Bio-NanoRobotic Things: linking human physiology and human vulnerability to the internet. How do we secure what we do not understand?

    3:00 pm
    SecureWorld PLUS Part 2 – How To Build And Maintain A Game-Changing Security Awareness Program That Measures Success
    • session level icon
    SecureWorld PLUS registrants ONLY
    speaker photo
    Chief Strategist and Chief Security Officer, Security Mentor
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: Bristlecone

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.

    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    3:00 pm
    SecureWorld PLUS Part Two - Using the NIST Cybersecurity Framework to Build and Mature an Information Security Program
    • session level icon
    speaker photo
    CISO, Pulte Financial Services
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: Keynote Theater

    Managing a successful Information Security Program requires a plan. In this hands-on workshop, participants will leverage the NIST Cybersecurity Framework as a guide to create or mature their security program. Regardless of industry, the framework provides an ideal platform for planning, communicating, and validating your security approach. This course is perfect for attendees that are just starting a security program, looking to mature their current program, or just looking to learn more about the Framework.

  • Thursday, November 2, 2017
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 – How To Build And Maintain A Game-Changing Security Awareness Program That Measures Success
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Chief Strategist and Chief Security Officer, Security Mentor
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Bristlecone

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.

    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    8:00 am
    SecureWorld PLUS Part 3 - Using the NIST Cybersecurity Framework to Build and Mature an Information Security Program
    • session level icon
    speaker photo
    CISO, Pulte Financial Services
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Keynote Theater

    Managing a successful Information Security Program requires a plan. In this hands-on workshop, participants will leverage the NIST Cybersecurity Framework as a guide to create or mature their security program. Regardless of industry, the framework provides an ideal platform for planning, communicating, and validating your security approach. This course is perfect for attendees that are just starting a security program, looking to mature their current program, or just looking to learn more about the Framework.

    8:30 am
    Privacy Considerations for the Information Security Professional
    • session level icon
    speaker photo
    Privacy & Security Officer, Connect for Health Colorado
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Windstar B

    Privacy can be a confusing topic, particularly in the U.S. From his experience building a federally compliant privacy program, Michael will cover basic components of a privacy program, opportunities to incorporate privacy into existing security work, and practical examples of privacy tools. Challenges you may encounter will also be discussed.

    8:30 am
    It's Time for IoT to Grow Up!
    • session level icon
    How to balance the scales between convenience and security with IoT devices.
    speaker photo
    Adjunct Professor of Computer Foresnics and Ethical Hacking, University of Denver
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Mesa Verde B

    IoT devices are hacked and added to malicious botnets every day. Since much of the IoT industry began with disconnected devices, IoT developers and owners were not aware of the care needed to prevent attacks. This presentation will address the challenges and architectures that balance the convenience and security of IoT.

    8:30 am
    The A-Z of Phishing -Defining Phishing and Actions to Take Against It
    • session level icon
    speaker photo
    Director of Security Architecture and Engineering, Instructor, OWASP Board Member, Red Rocks Community College
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Mesa Verde C

    In this presentation we will start with the basics of phishing, defining the types to how to identify them, techniques to validate the phishing and incident responses.

    8:30 am
    WannaCry All Night Long: Cybersecurity Legal Issues 2017
    • session level icon
    speaker photo
    Attorney, Hall, Render, Killian, Heath & Lyman
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Mesa Verde A

    Emerging threats result in changing legal issues and evolving legal obligations and liabilities. This
    session will look at the legal implications of cybersecurity trends.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: Cybersecurity 2.0 – Controls, Governance, and Business Reimagined
    • session level icon
    speaker photo
    General Counsel & Chief Security Officer, EVP, Viewpost
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    Our backs are up against a wall of never ending breaches, blame, and ineffective controls. Hear from not only a thought leader, but someone with operation experience as a CISO, General Counsel, and Chief Privacy Officer today as we will discuss new controls, how to lead and govern along side the Board, and how to enable business through better cybersecurity.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: Windstar A

    Advisory Council - VIP / INVITE ONLY

    11:15 am
    Maturity in Third-Party Risk Management
    • session level icon
    speaker photo
    CISO and Privacy Officer, Denver Health
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Windstar B

    We all manage IT risk with our vendors, but this process is often immature. As we continually outsource to external parties, we must evolve to ensure we are protecting our organization from those often unseen, critical risks. This presentation will help us understand how to take Third-Party Risk Management to the next level.

    11:15 am
    Panel: Women in Security
    • session level icon
    speaker photo
    VP, Network Security, Charter Communications
    speaker photo
    IT Security and Compliance Manager, Antero Resources
    speaker photo
    Chief Information Security Officer, Catholic Health Initiatives
    speaker photo
    CISO, Polycom
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Mesa Verde B

    Diversity in teams has been proven to produce better results. In the Information Security field only 11% of these positions are filled with women. Women bring a unique skill set to the industry and we need to continue to increase the number in the Information Security field.

    During the "Women In Security" panel, you will hear from women who have been successful in navigating a career in Information Security. These executives will speak about how they got into the field, how they were able to break through the glass firewall and what they are doing to promote getting more women into security.

    11:15 am
    Tackle IT Governance and Quality to Dramatically Improve Security – a Case Study From AT&T Wireless
    • session level icon
    speaker photo
    Founder, Managing Principal , W Risk Group LLC
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Mesa Verde C

    In 2003, an epic software failure led to the sale of AT&T Wireless.  What followed was an incredible lesson in how governance and internal control focus on IT systems dramatically improved cybersecurity.  

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: Windstar A

    Advisory Council - VIP / INVITE ONLY

    12:15 pm
    LUNCH KEYNOTE: The Legal Case for Cybersecurity
    • session level icon
    speaker photo
    Cybersecurity & Data Privacy Attorney, Scheef & Stone, LLP and Cyber Future Foundation
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Shawn Tuma will explain why cybersecurity is a legal issue and overall business risk issue that companies must manage. He will address why federal, state, and international law (including the GDPR and NY Cyber Regs) requires companies to have a cyber risk management program and key components to include.

    1:15 pm
    Panel: Beware the Highwaymen: Rise of the Cyber Criminal
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Mesa Verde B

    Modern civilization has always been plagued by various classes of criminals. Travelers would hire guards to protect their caravans from hijackers. Thieves came up with various ploys to trick travelers on the road. In today’s day and age the advent of interconnected devices, allowing for portability of corporate secrets, has given rise to a completely different class of nefarious actors. Cyber criminals range from those bent on stealing your personal information to “cyber terrorists” who have the capability to inflict harm on a much wider scale. Uninhibited by current laws, they are very effective given the speeds of networks, lack of appropriate security controls, and the anonymous nature of the attacker. Making matters worse, the crime may be perpetrated by entities outside of the legal jurisdiction where the unlawful act took place. This panel will explore the tools these criminals use, what can be done to prevent them, and how to safeguard your data.

    1:15 pm
    Panel: The Court Jester Has the Crown Jewels (Ransomware)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Way back in the day if you wanted to get someone to bend to your will you could just kidnap the princess or steal the Crown Jewels. Kingdoms would do just about anything to get these things back. It was probably a bit easier to grab the princess and leave a note with your demands. The exchange of coin for the princess was a risky maneuver but worth the reward if you escaped. Now it just takes one foolish click to become a victim of ransomware. Sadly, they are not easily caught when you make the trade with bitcoin. This panel will talk about the current schemes happening with ransomware and how you can try to keep the Crown Jewels safe.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Two Companies Walk Into a Bar… Cyber Risk for the C-Suite
    • session level icon
    speaker photo
    Principal Cybersecurity Engineer (The MITRE Corporation), CEO (Synthus, Inc.), The MITRE Corporation
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Mesa Verde A

    It's become a truism among cybersecurity professionals that there are two types of companies: those that have been hacked and those that will be. If cyber incidents are inevitable, what can organizations do to pro-actively minimize the impact on their operations? This session addresses considerations for organizations addressing cyber-risk at the strategic level.

    3:00 pm
    Rationalizing Irrational (Unsecure) Behavior
    • session level icon
    speaker photo
    International Security Researcher
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Windstar B

    Every day, our user communities are faced with secure and unsecure choices, and every day security practitioners struggle to understand why users make poor choices despite frequent security training. Understanding the science behind those choices has furthered our ability to predict future (potentially unsecure) behavior.

    3:00 pm
    Turning Horses Into Unicorns
    • session level icon
    The jobs gap is real, but expectations for hiring new talent is unrealistic.
    speaker photo
    Cybersecurity Writer, Cybersecurity Ventures
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Mesa Verde B

    Finding the talent you need to fill the jobs gap is easier than you think. The solution is as easy as managing expectations. Instead of looking for unicorns, look around you at all the skilled horses that can be trained to be your next unicorn.

Exhibitors
  • ACP
    Booth: TBD

    ACP is the premier organization for business continuity professionals providing a powerful networking and learning environment for ACPits members. Known for its progressive programs, workshops and symposiums, the organization has become a unifying force in defining and leading the continuously evolving fields of business continuity, disaster recovery, and emergency response (the "profession"). The Organization is strategically aligned with business partners such as DRI International, and BC Management, as well as our corporate sponsors. With a strong presence in North America, ACP has 42 chapters and over 2,300 members. We welcome all individuals, regardless of experience or certification, with an interest in the Profession.

    Founded in 1983, we are an established community of industry experts, educators, practitioners, leaders, facilitators and advocates. Our members view us as connectors and as a vital networking source.

  • Arbor Networks
    Booth: 302

    Arbor Networks is the leading provider of network security and management solutions for enterprise and service provider networks. Arbor Networks protects enterprises from distributed denial of service attacks and advanced malware using Arbor’s global network intelligence. Arbor's proven solutions help grow and protect customer networks, businesses and brands.

  • Bay Pay Forum
    Booth: TBD

    The BayPay Forum, a Silicon Valley-based international network composed of over 14,000 payment and commerce executives, entrepreneurs and investors from thousands of different companies, serves as a forum to connect members in identifying and understanding the emerging trends and innovations in the industry.

  • Binary Defense Systems
    Booth: 222

    BDS is a company that works with you to understand your environment, what you have and building defenses to combat what we face today and for the attacks of tomorrow. Technology is continuously changing, businesses change every day – in order to keep up with the changes, BDS has created an extensively flexible yet highly accurate way of detecting attackers. We are attackers, and we know the best ways in detecting how attackers breach your network. An added bonus with BDS – continual penetration tests are performed regularly to enhance and develop additional safeguards. We are here to defend, protect and secure your company.

  • Bitdefender
    Booth: 405

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures - Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • CIOReview
    Booth: TBD

    CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIOReview is an excellent platform for the enterprise to showcase their innovative solutions.

  • Cloud Security Alliance (CSA)
    Booth: TBD

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Colorado ECTF
    Booth: TBD

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multi-pronged approach.

  • Colorado Technology Association
    Booth: TBD

    The Colorado Technology Association leads the network of companies and professionals fueling Colorado's economy, through technology.

    At the Colorado Technology Association, we:

    - Lead an inclusive network that benefits our member community
    - Advocate for a pro-business and technology-friendly climate
    - Influence the development of a robust talent pipeline
    - Lead initiatives to help companies grow.

  • Darktrace
    Booth: 300

    Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ExtraHop
    Booth: 305

    ExtraHop is a force multiplier for IT teams struggling with increasing complexity. With the ExtraHop platform, organizations can regain control over the security and performance of their applications and infrastructure, and capitalize on their data analytics opportunity to improve business operations and results. Learn more at www.extrahop.com

  • FireMon
    Booth: 221

    FireMon is at the forefront of the security management category, delivering first-ever functionality such as firewall behavior testing, workflow integration, traffic flow analysis and rule recertification. Our solutions have helped more than 1,500 organizations around the world gain visibility into and control over their complex network security infrastructures.

  • InfraGard
    Booth: TBD

    InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

    The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.

  • ISC2
    Booth: TBD

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation - The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA Colorado Springs Chapter
    Booth: TBD

    ISSA Colorado Springs Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • Ixia
    Booth: 221

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks.
    Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Juniper
    Booth: 109

    Our customers don’t set out to build networks. They build on ideas that reinvent, reimagine, and improve the world around them. It makes sense that we should begin there, too.

    Through our passion for creating high-performing networks, Juniper extends knowledge, collaboration, and human advancement in industries around the world—such as energy, healthcare, education, and many others.

    While our innovative product and services portfolio evolves continuously, we need to reach farther to secure our customers’ long-term success. We’re looking beyond the horizons of today’s business challenges, and the technology future we see is built on real-time service integration. That means everything we develop must align with our vision.

  • Kaspersky Lab
    Booth: TBD

    In 1999, Kaspersky Lab was the first company to introduce integrated antivirus software for workstations, file servers and application servers running on Linux/FreeBSD operating systems. Today, the company offers a whole range of effective corporate security solutions for the most popular operating systems specifically designed for different types of businesses. The company?s product range covers all of the main information security requirements that businesses and large state organizations have to adhere to, including: excellent protection levels, adaptability to changing circumstances, scalability, compatibility with different platforms, high performance, high fault tolerance, ease of use and high value.

    One of the primary advantages of Kaspersky Lab?s corporate range is the easy, centralized management provided by Kaspersky Security Center that extends to the entire network regardless of the number and type of platforms used.

  • OneWorld InfoTech
    Booth: 421

    OneWorld InfoTech provides advanced cyber security solutions and services that help clients define cyber security strategy, identify and remediate threats and risks, and achieve operational readiness to reduce the risk of targeted attacks and breaches.

    Our diverse management and advisory team draws upon experience gained globally in working with the world leading software and telecommunication giants as well as military communities.

  • Ping Identity
    Booth: 340

    Come and see why Ping Identity is consistently named a leader in IAM for solving a diverse set of enterprise challenges meeting employee, partner and customer identity needs. Ping solutions can help your enterprise prevent security breaches, increase employee and partner productivity and provide seamless customer experiences.

  • Proofpoint
    Booth: 321

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Qualys, Inc.
    Booth: 200

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • Rapid7
    Booth: 121

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • RSA Security
    Booth: TBD

    RSA’s business-driven security solutions help customers comprehensively and rapidly link security incidents with business context to respond effectively and protect what matters most. With award-winning solutions for rapid detection and response, identity and access assurance, consumer fraud protection, and business risk management, RSA customers can thrive in an uncertain, high-risk world.

  • SANS Institute
    Booth: 450

    The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.

    SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.

  • Synopsys
    Booth: 333

    Synopsys offers the most comprehensive solution for integrating security and quality into your SDLC and supply chain. Whether you’re well-versed in software security or just starting out, we provide the tools you need to ensure the integrity of the applications that power your business. We don’t stop when the test is over. Our experts also provide remediation guidance, program design services, and training that empower you to build and maintain secure software. For more information go to www.synopsys.com/software.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Trend Micro
    Booth: 105

    As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With more than 20 years of experience, we're recognized as the market leader in server security for delivering top-ranked client, server, and cloud-based security solutions that stop threats faster and protect data in physical, virtualized, and cloud environments.

  • TrustedSec
    Booth: 222

    Our #1 priority is you, our customer. We believe in our services and our quality of them. We truly care about each and every organization as much as you do. Our team is highly talented, skilled, senior, and not a commodity service like other INFOSEC consulting companies. TrustedSec’s model is to staff with only senior level resources and the highest quality of information security consulting. Our brand, reputation, and quality is how we have established ourselves in this industry and with the mindset of “always doing the right thing”. When we work with our customers, it’s more than “just another engagement” – it’s establishing an understanding with an organization, and working to make them better.

  • University of Denver
    Booth: TBD

    The oldest and largest private university in the Rocky Mountain region, DU offers innovative and rigorous undergraduate, graduate and professional programs.

  • Vade Secure
    Booth: 421

    Vade Secure has developed a full set of security features against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware. As a Global company, protecting more than 400 million mailboxes worldwide, we have an accurate vision on worldwide email flow. This allows us to provide the comprehensive solution against all email threats, ensuring a zero-day protection, even on targeted attacks. Our solutions are tailored to deal with a large amount of emails to help ISPs, OEMs, hosting companies and Enterprises.

    At Vade Secure, we also consider that the messaging system should be easy and convenient to use. After elimination all threats, we eliminate the nuisance of low priority emails with the Graymail Management. Ads, social networks notification and newsletters are automatically sent to the graymail folder while the Safe Unsubscribe button eliminate them forever. Users have now a clutter free inbox for more productivity.

  • VirtualArmour
    Booth: 109

    VirtualArmour is an international cybersecurity and Managed Services provider that delivers customized solutions to help businesses build, monitor, maintain and secure their networks.

    The Company maintains 24/7 client monitoring and service management with specialist teams located in its US and UK-based security operation centers (“SOC”). Through partnerships with best-in-class technology providers, VirtualArmour delivers only leading hardware and software solutions for customers that are both sophisticated and scalable, and backed by industry-leading customer service and experience. VirtualArmour’s proprietary CloudCastr client portal and prevention platform provides clients with unparalleled access to real-time reporting on threat levels, breach prevention and overall network security.

    VirtualArmour services a wide range of clients - which include those listed on the Fortune 500 - within several industry sectors, in over 30 countries, across five continents. Further information about the Company is available under its profile on the SEDAR website, www.sedar.com, on the CSE website, www.thecse.com, and on its website www.virtualarmour.com

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    Dan Lohrmann
    Chief Strategist and Chief Security Officer, Security Mentor

    Dan Lohrmann is Chief Strategist and Chief Security Officer (CSO) at Security Mentor. In this role, Lohrmann leads efforts to define and develop key strategic initiatives for the company’s security awareness training offerings, including new programs that can improve security and compliance by elevating an organization’s workforce into security savvy employees. Representing Security Mentor, Lohrmann serves as thought leader serving as a keynote speaker on security and security awareness training, and giving government and industry presentations.

    Over the past decade, Lohrmann has advised the U.S. Department of Homeland Security, the White House, FBI, numerous federal agencies, law enforcement, state and local governments, non-profits, foreign governments, local businesses, universities, churches, and home users on issues ranging from personal Internet safety to defending government and business-owned technology and critical infrastructures from online attacks. Prior to joining Security Mentor, Lohrmann was Michigan's first CSO and Deputy Director for Cybersecurity and Infrastructure Protection and has been recognized as a global leader in cyber defense for government.

    Previously, Lohrmann represented the National Association of State Chief Information Officers on the U.S. Department of Homeland Security’s IT Government Coordinating Council where he assisted in the writing and editing of the National Infrastructure Protection Plans, sector specific plans, Cybersecurity Framework, and other federal cyber documents. Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web, published in November 2008 by Brazos Press and BYOD for You: The Guide to Bring Your Own Device to Work, published in Kindle format in April 2013.

    He has been honored with numerous cybersecurity and technology leadership awards, including “CSO of the Year” by SC Magazine, “Public Official of the Year” by Governing magazine and “Premier 100 IT Leader” by Computerworld Magazine. Lohrmann received his bachelor’s degree in computer science from Valparaiso University in Indiana and his M.S. in Computer Science from Johns Hopkins University in Baltimore.

  • speaker photo
    Alex Wood
    CISO, Pulte Financial Services

    Alex Wood is currently the CISO for Pulte Financial Services and has over 18 years of experience in information security. Previously he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has a MAS in Information Security from the University of Denver.

  • speaker photo
    Doc Blackburn
    IT Risk and Compliance Manager/SANS Instructor, University of Colorado Denver/SANS Institute

    Doc Blackburn has over 30 years of experience in system and software design, server and network administration, and programming. Doc ran a successful consulting firm until he found his passion was in cybersecurity. He has vast experience at various levels of information technology from technical support to security leadership roles.

  • speaker photo
    Christopher Gorog
    CTO, BlockFrame Inc

    Christopher Gorog, CTO of BlockFrame Inc., Lead Faculty for Cyber Security at Colorado Technical University, and the host of the New Cyber Frontier Podcast, He is a published author, is an advisors to the Cyber Institute of the National Cybersecurity Center, and member of the BODs for Cyber Resilience Institute.

  • speaker photo
    Jeremiah Cruit
    Chief Cyber Security Officer, Bremer Bank

    Jeremiah Cruit has been working in security for the past 20 plus years coving all aspects of security including penetration testing, incident response, infrastructure security and security management. Currently working as Chief Cyber Security Officer at Bremer Bank where he manages the teams that run all aspects of IT security.

  • speaker photo
    Larry Ponemon
    Chairman and Founder, Ponemon Institute

    Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research “think tank” dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

    Ponemon Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

    Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security including financial services, health care, pharmaceutical, telecom and Internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

    Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

  • speaker photo
    Victor Devine
    Principal Engineer, Trend Micro

    Victor Devine has been focused on IT Security for the last 10 years of his 20 year IT career. While playing a big role with securing data centers, endpoint protection and gateways; he joined Trend Micro as a Principle Engineer to expand client education on the importance of IT Security both in and out of the workplace. When he is not talking about security, you will most likely find him on a Disc Golf course.

  • speaker photo
    Sheryl Rose
    Chief Information Security Officer, Catholic Health Initiatives

    Sheryl Rose, an experienced IT security and audit professional, has been Chief Information Security Officer since 2010 at Catholic Health Initiatives, a nonprofit, faith-based health system that is the nation's third largest, comprised of 103 hospitals and a variety of other health-based facilities spanning the inpatient and outpatient continuum of care in 17 states. She has worked in the audit and security fields for more than 20 years, gaining most of her experience in the financial services sector. Before coming to CHI, she spent 12 years at First Data as the Vice President of Global Security Operations. She has also worked at Wells Fargo and Price Waterhouse Coopers. Sheryl earned a master's degree in computer information systems from Regis University and an undergraduate degree in accounting. She holds several professional certifications: CISA (certified information systems auditor), CISM (certified information security manager), and CRISC (certified in risk and information systems control).

  • speaker photo
    Phil Lerner
    Professor, St. John's University, Distinguished Engineer, United Healthcare Group / Optum

    Phil Lerner has been a professor at St. John’s University for the past 10 years. He is the first Distinguished Engineer at United Healthcare Group. He has 26 years of progressive cyber, network and systems security experience in vast enterprises as a customer side senior technology leader. Phil provides consultative guidance and programmatic advisory services to this Fortune 6 company and higher education institution on critical programs that contain highly sensitive data requiring advanced technology protections. Phil is still heavily credentialed and working through a PhD in quantum cryptography.

  • speaker photo
    Ike Barnes
    Assistant to the Special Agent in Charge, U.S. Secret Service

    Assistant to the Special Agent in Charge (ATSAIC) Ike Barnes is a graduate of the United States Military Academy at West Point. After serving in the US Army, ATSAIC Barnes became a Special Agent with the Secret Service in 2000 and was assigned to the New York Field Office. While there, ATSAIC Barnes was a member of the New York Electronic Crimes Task Force and other criminal investigative squads. After his assignment to the New York Field Office, ATSAIC Barnes was assigned to the Presidential Protective Division. After the Presidential Protective Division, ATSAIC Barnes was assigned to Secret Service Headquarters. ATSAIC Barnes is currently assigned to the Denver Field Office and is in charge of the Colorado Electronic Crimes Task Force.

  • speaker photo
    Tracy Lechner
    Shareholder and Head of Cybersecurity, Privacy & Technology Transactions Practice and Adjunct Professor of Law

    Tracy L. Lechner leads Brownstein’s Cybersecurity and Technology Transactions, Licensing, Advanced Media and Privacy practice groups. With more than a decade of in-house experience in the media industry, Tracy has a unique, inside understanding of the complexities that organizations face in monetizing their data and protecting their assets. She has provided strategic legal advice across corporate sales, marketing, real estate, finance, digital, information technology and human resources departments. At Brownstein, Tracy assists clients with technology and media-related transactions, advising on a broad range of matters, including privacy, data security, online behavioral marketing, children's privacy, geolocation privacy and mobile marketing. She also provides clients with strategic legal advice in connection with developing and implementing data monetization strategies, privacy and data security policies, information security policies and acceptable use policies. She also assists clients with developing and activating incident response plans and responding to data security breach incidents.

    Prior to Brownstein, Tracy served as chief privacy officer, vice president and assistant general counsel for Outfront Media, Inc. where she interfaced with business teams, senior management and internal and external counsel to identify and mitigate risk, ensure awareness of “best practices” on data privacy and data security issues and to develop strategic plans for the collection, use and sharing of information in a manner that maximized value while complying with applicable privacy policies, industry self-regulatory guidelines and legal obligations. Prior to joining Outfront Media, Tracy worked as a consultant for 24/7 Real Media, Inc., a WPP company, where she provided guidance and support to various internal departments in connection with the company's online advertising, privacy and data collection practices. There, Tracy was actively involved in industry self-regulation efforts through the NAI, IAB and DAA, including implementation of the industry icon and enhanced consumer notice. Tracy also previously served in positions as associate general counsel and director of business development for Titan Outdoor LLC (n/k/a Intersection Media LLC); and as staff attorney for Contract Services in the Office of the Mayor (Michael Bloomberg administration), City of New York.

  • speaker photo
    Esteban Morin
    Associate in Cybersecurity, Privacy and Technology Transactions Practice

    Esteban Morin is an attorney in Brownstein’s Cybersecurity and Technology Transactions, Licensing, Advanced Media and Privacy practice group. Drawing on years of experience in the private sector counseling large consumer-facing companies and in the public sector advising federal agencies, he provides clients with a unique perspective on privacy and cybersecurity issues. Esteban’s expertise is broad, and includes the full spectrum of state, federal, and international privacy regulations. In addition to providing regulatory compliance advice, he assists clients with structuring privacy programs, minimizing risks posed by vendors, and managing every step of the information life cycle.

    Prior to Brownstein, Esteban served as counselor to the Chairman of the Privacy and Civil Liberties Oversight Board, an independent federal agency in Washington, DC. In this role, he advised numerous federal agencies on practices that implicated Americans’ privacy rights. Esteban also analyzed emerging technology issues, drafted congressional testimony, devised several foundational agency policies, and was designated as the agency’s liaison to the Federal Privacy Council. Before joining the Board, Esteban served as a core member of Jenner & Block’s Privacy and Information Governance practice group, where he counseled high-profile companies. At the firm, he advised clients on a variety of issues including website design, compliance with international frameworks, mobile application functionality, and data breach response.

  • speaker photo
    DrPH Gregory "Junkbond" Carpenter
    Owner, GCE, LLC

    Former NSA/CSS & retired military, owner: GCE, National & Cyber Security contributer - newsl.org, BOD ATNA Systems, International Board of Advisors MacKenzie Institute; radio host, author: Reverse
    Deception translated into 4 languages. Frequently on Fox, ABD & SiriusXM; International Keynote Speaker. Recipient of NSA Military Performer of the Year Award.

  • speaker photo
    Dan Lohrmann
    Chief Strategist and Chief Security Officer, Security Mentor

    Dan Lohrmann is Chief Strategist and Chief Security Officer (CSO) at Security Mentor. In this role, Lohrmann leads efforts to define and develop key strategic initiatives for the company’s security awareness training offerings, including new programs that can improve security and compliance by elevating an organization’s workforce into security savvy employees. Representing Security Mentor, Lohrmann serves as thought leader serving as a keynote speaker on security and security awareness training, and giving government and industry presentations.

    Over the past decade, Lohrmann has advised the U.S. Department of Homeland Security, the White House, FBI, numerous federal agencies, law enforcement, state and local governments, non-profits, foreign governments, local businesses, universities, churches, and home users on issues ranging from personal Internet safety to defending government and business-owned technology and critical infrastructures from online attacks. Prior to joining Security Mentor, Lohrmann was Michigan's first CSO and Deputy Director for Cybersecurity and Infrastructure Protection and has been recognized as a global leader in cyber defense for government.

    Previously, Lohrmann represented the National Association of State Chief Information Officers on the U.S. Department of Homeland Security’s IT Government Coordinating Council where he assisted in the writing and editing of the National Infrastructure Protection Plans, sector specific plans, Cybersecurity Framework, and other federal cyber documents. Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web, published in November 2008 by Brazos Press and BYOD for You: The Guide to Bring Your Own Device to Work, published in Kindle format in April 2013.

    He has been honored with numerous cybersecurity and technology leadership awards, including “CSO of the Year” by SC Magazine, “Public Official of the Year” by Governing magazine and “Premier 100 IT Leader” by Computerworld Magazine. Lohrmann received his bachelor’s degree in computer science from Valparaiso University in Indiana and his M.S. in Computer Science from Johns Hopkins University in Baltimore.

  • speaker photo
    Alex Wood
    CISO, Pulte Financial Services

    Alex Wood is currently the CISO for Pulte Financial Services and has over 18 years of experience in information security. Previously he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has a MAS in Information Security from the University of Denver.

  • speaker photo
    Dan Lohrmann
    Chief Strategist and Chief Security Officer, Security Mentor

    Dan Lohrmann is Chief Strategist and Chief Security Officer (CSO) at Security Mentor. In this role, Lohrmann leads efforts to define and develop key strategic initiatives for the company’s security awareness training offerings, including new programs that can improve security and compliance by elevating an organization’s workforce into security savvy employees. Representing Security Mentor, Lohrmann serves as thought leader serving as a keynote speaker on security and security awareness training, and giving government and industry presentations.

    Over the past decade, Lohrmann has advised the U.S. Department of Homeland Security, the White House, FBI, numerous federal agencies, law enforcement, state and local governments, non-profits, foreign governments, local businesses, universities, churches, and home users on issues ranging from personal Internet safety to defending government and business-owned technology and critical infrastructures from online attacks. Prior to joining Security Mentor, Lohrmann was Michigan's first CSO and Deputy Director for Cybersecurity and Infrastructure Protection and has been recognized as a global leader in cyber defense for government.

    Previously, Lohrmann represented the National Association of State Chief Information Officers on the U.S. Department of Homeland Security’s IT Government Coordinating Council where he assisted in the writing and editing of the National Infrastructure Protection Plans, sector specific plans, Cybersecurity Framework, and other federal cyber documents. Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web, published in November 2008 by Brazos Press and BYOD for You: The Guide to Bring Your Own Device to Work, published in Kindle format in April 2013.

    He has been honored with numerous cybersecurity and technology leadership awards, including “CSO of the Year” by SC Magazine, “Public Official of the Year” by Governing magazine and “Premier 100 IT Leader” by Computerworld Magazine. Lohrmann received his bachelor’s degree in computer science from Valparaiso University in Indiana and his M.S. in Computer Science from Johns Hopkins University in Baltimore.

  • speaker photo
    Alex Wood
    CISO, Pulte Financial Services

    Alex Wood is currently the CISO for Pulte Financial Services and has over 18 years of experience in information security. Previously he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has a MAS in Information Security from the University of Denver.

  • speaker photo
    Michael Stephen
    Privacy & Security Officer, Connect for Health Colorado

    Michael Stephen is the Privacy & Security Officer for Connect for Health Colorado. He has 17+ years of IT experience most of which involves designing and building information security solutions and programs to support and further business goals. At Connect he developed and manages a federally compliant privacy program.

  • speaker photo
    Chuck Davis
    Adjunct Professor of Computer Foresnics and Ethical Hacking, University of Denver

    Chuck Davis teaches ethical hacking and computer forensics graduate courses in the University of Denver's computer science program. Mr. Davis holds the CISSP-ISSAP, he has co-authored two books, has 8 patents, 3 patents-pending and 9 invention disclosures. Mr. Davis is frequently interviewed by various media on the subject of cybersecurity.

  • speaker photo
    Frank Vianzon
    Director of Security Architecture and Engineering, Instructor, OWASP Board Member, Red Rocks Community College

    Frank Vianzon works for a large corporation as the Director of Security Architecture and Engineering. He also writes and teaches courses for Red Rocks Cybersecurity Program, including Vulnerability Assessment. Frank has also served on the Board for the Denver Chapter of OWASP.

  • speaker photo
    Melissa Markey
    Attorney, Hall, Render, Killian, Heath & Lyman

    Melissa Markey is a shareholder with Hall, Render, Killian, Heath & Lyman, and is licensed in Michigan, Utah, Colorado and Texas. Melissa's practice focuses on technology and life sciences, especially cybersecurity, data privacy, and legal issues at the developing edges of technology. Ms. Markey is a paramedic, and a nationally recognized author and presenter. She is a candidate for a Masters of Professional Studies in Cyber Policy and Risk Analysis.

  • speaker photo
    Christopher Pierson
    General Counsel & Chief Security Officer, EVP, Viewpost

    Dr. Christopher Pierson is the General Counsel & Chief Security Officer, EVP for Viewpost. Chris serves on the DHS Data Privacy and Integrity Advisory Committee and Cybersecurity Subcommittee and is a Distinguished Fellow of the Ponemon Institute. Previously, Chris was the first Chief Privacy Officer, SVP for the Royal Bank of Scotland’s U.S. banking operations leading its privacy and data protection program. Chris was also a corporate attorney for Lewis and Roca. Chris is a graduate of Boston College (B.A., M.A.) and The University of Iowa (Ph.D., J.D.) and speaks at national events and is frequently quoted on cybersecurity.

  • speaker photo
    Randall Frietzsche
    CISO and Privacy Officer, Denver Health

    Randall Frietzsche is the CISO for Denver Health, and an Adjunct Professor teaching Ethical Hacking and Digital Forensics. Randall has worked in InfoSec for 15 years, including seven years with Catholic Health Initiatives. Randall is an ISSA Distinguished Fellow, holds a Master’s Degree in Information Security, and is a former law enforcement officer.

  • speaker photo
    Mary Haynes
    VP, Network Security, Charter Communications
  • speaker photo
    Deon Mahaffie
    IT Security and Compliance Manager, Antero Resources
  • speaker photo
    Sheryl Rose
    Chief Information Security Officer, Catholic Health Initiatives

    Sheryl Rose, an experienced IT security and audit professional, has been Chief Information Security Officer since 2010 at Catholic Health Initiatives, a nonprofit, faith-based health system that is the nation's third largest, comprised of 103 hospitals and a variety of other health-based facilities spanning the inpatient and outpatient continuum of care in 17 states. She has worked in the audit and security fields for more than 20 years, gaining most of her experience in the financial services sector. Before coming to CHI, she spent 12 years at First Data as the Vice President of Global Security Operations. She has also worked at Wells Fargo and Price Waterhouse Coopers. Sheryl earned a master's degree in computer information systems from Regis University and an undergraduate degree in accounting. She holds several professional certifications: CISA (certified information systems auditor), CISM (certified information security manager), and CRISC (certified in risk and information systems control).

  • speaker photo
    Lucia Milica Turpin
    CISO, Polycom
  • speaker photo
    Karen Freeman Worstell
    Founder, Managing Principal , W Risk Group LLC

    Karen Worstell began her cyber career 30 years ago when her Programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question.
    She provided cyber security support for programs like the Advanced Tactical Fighter prototype and B2 Bomber, developed the first computer security manual for the Boeing Company, and led research in secure distributed computing for Boeing’s Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide, SRI Consulting, Bank of America, AT&T Wireless, Microsoft and Russell Investments. She was the CEO for AtomicTangerine, the SRI International spinoff focused on security that served international Fortune 100 companies in security strategy and major technology implementations. She co-chaired major security events for SRI International, Forbes.com, and Georgetown University Law Center.
    She held positions at NIST for OSI security architecture, the security subcommittee of the Aerospace Industries Association, US Department of Commerce Security and Privacy Advisory Board, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld, IIA, ISSA, ISACA, AusCERT, Security Conference Israel, and RSA.

    She is the author of “Governance and Internal Controls for Cutting Edge IT” published by ITG, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms” by Pike & Fisher.
    Her technical expertise spans Identity and Access Management, Intrusion Detection and Response, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks.” Today she focuses on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leadership roles for enterprises who are serious about cyber security.

    Karen tweets at https://twitter.com/karenworstell and blogs at karenworstell.com.

  • speaker photo
    Shawn E. Tuma
    Cybersecurity & Data Privacy Attorney, Scheef & Stone, LLP and Cyber Future Foundation

    Shawn Tuma is an attorney internationally recognized in cybersecurity and data privacy law, which he has practiced since 1999. He is a Partner at Scheef & Stone. In 2016, the National Law Journal selected him as a Cybersecurity Law Trailblazer and Texas SuperLawyers selected him for the Top 100 Lawyers in DFW.

  • speaker photo
    Cynthia Wright
    Principal Cybersecurity Engineer (The MITRE Corporation), CEO (Synthus, Inc.), The MITRE Corporation

    Cynthia Wright is a retired military officer with over 20 years’ experience in national security and cyber strategy. She also co-developed a methodology to assess the cyber needs of developing nations, and assisted DHS in drafting the National Cyber Incident Response Plan and incentivizing market-driven approaches to cyber risk management.

  • speaker photo
    Dr. Jacob Rubin
    International Security Researcher

    Dr. Jacob Rubin is a cybersecurity researcher striving to better the industry’s understanding of the human behavior in cybersecurity. He has served as a security leader for over a decade, with experience in manufacturing, healthcare, technology services, and various government entities. Academically, his doctoral studies span more than 15 years of research and focus on Unsecure User Behavior.

  • speaker photo
    Kacy Zurkus
    Cybersecurity Writer, Cybersecurity Ventures

    Zurkus is an influential cybersecurity writer, covering a variety of topics on security and risk for Cybersecurity Ventures and CyberDB. She’s contributed to a variety of publications including K12 Tech Decisions, CSO Online, CIO, and The Parallax. She authored a regular blog, Security Newb, for CSO Online. In addition, Zurkus has created content for a variety of clients in the security industry.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
DON'T MISS OUT

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!