googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, October 9, 2024
    9:00 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0
    • session level icon
    speaker photo
    Cyber Risk Analyst, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

     

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

  • Thursday, October 10, 2024
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:15 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Participating professional associations and details to be announced.

    8:00 am
    An Honest Peer-Driven Conversation About Cyber Insurance
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Cyber insurance is no longer a “do I need it?” but a must-have for organizations. This conversation among cybersecurity peers will discusse how to properly assess insurance programs, including a candid look into how the organization should drive what is and is not covered, not the insurance provider.

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] Cyber World on Fire: A Look at Internet Security in Today’s Age of Conflict
    • session level icon
    speaker photo
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    This informative session analyses the growing threat of cyberattacks and risks to internet security in today’s world. Col. Leighton explores the various types of attacks and vectors, including how bad actors can impact businesses and individuals. The session also examines the role of governments and international organizations—partnering with public and private businesses—in protecting against cyber threats.

    Col. Leighton describes how nefarious actions are becoming increasingly more sophisticated and widespread, with hackers targeting not just large corporations but also smaller businesses and even individuals. He emphasizes the need for organizations to take proactive measures to protect their networks and data, including investing in advanced security technologies and providing regular training to employees.

    He shares examples of cyber activity—good and bad; offensive and defensive—from Ukraine, China, and around the globe.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    Building a Robust Privacy Framework: Mastering ‘Forget Me’ and Subject Access Requests
    • session level icon
    speaker photo
    Executive Director of Cybersecurity & Infrastructure, Focus on the Family
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    In today’s data-driven world, organizations face increasing pressure to protect personal information while complying with complex privacy regulations. This session offers practical insights and strategies for developing a comprehensive privacy program that effectively manages ‘Forget Me’ requests and Subject Access Requests (SARs). Drawing from real-world experiences, we’ll explore how to leverage people, processes, and technology to create a privacy framework that meets regulatory requirements and builds trust with customers and stakeholders.

    Key Takeaways:

    1. Roadmap to Success: Learn how to develop a strategic project roadmap for implementing a robust privacy program, including key milestones and dependencies.
    2. Streamlined SAR Management: Discover efficient processes for handling Subject Access Requests, from initial receipt to final delivery of information.
    3. Effective ‘Forget Me’ Protocols: Explore best practices for implementing and managing data erasure requests in compliance with GDPR and other privacy regulations.
    4. Data Discovery and Classification: Understand techniques for conducting thorough data inventories and classification to support privacy initiatives.
    5. Technology Integration: Learn how to leverage technology solutions to automate and enhance privacy processes, including data mapping and request management.
    6. Training and Culture: Develop strategies for fostering a privacy-aware culture through comprehensive employee training and engagement.
    7. Balancing Compliance and Operations: Gain insights on striking the right balance between regulatory compliance and operational efficiency.
    8. Continuous Improvement: Explore methods for monitoring, auditing, and continuously improving your privacy program to adapt to evolving regulations and threats.

    This session will equip privacy professionals, IT leaders, and compliance officers with actionable strategies to enhance their organization’s privacy posture and effectively manage data subject rights in an increasingly complex regulatory landscape.

    10:15 am
    Ransomware: How to Stay Off the Front Pages
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    10:15 am
    SOC Essentials: Assembling Your First Response Team
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    The Security Operations Center (SOC) is an organization’s first eyes and ears to security threats and risks. For the SOC to support being an organization’s first response team, the team must have the proper resources for continuous growth and monitoring to keep an organization secure. This discussion focuses on key foundational elements for developing and maturing a SOC. Attendees will learn how to establish processes, procedures, and growth plans for their SOC. Additionally, use metrics to show maturity opportunities within a SOC and identify cyber security risks in a business.

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Cybersecurity Really Is a Team Sport
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Why strategic leadership and an understanding of roles, personalities, and psychology is important for building and managing effective cybersecurity teams.

    11:10 am
    How to Build an Insider Threat Program
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

    Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

    This presentation will explore:

    • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
    • Four attributes of a successful insider threat program
    • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
    • An automated investigation experience that replaces manual routines and effectively guides new insider threat teams
    11:10 am
    [Panel] Unveiling the Threat Landscape and Unmasking Digital Villains
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    In the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.

    Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.

    Our panel provides a comprehensive overview of the current threat landscape.

    12:00 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    Benchmarking Your Cybersecurity Framework
    • session level icon
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

    1:15 pm
    Securing Your Sensitive Assets in a Cloud-First World
    • session level icon
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Key take-away: 
    How to rethink database security controls in a cloud-first world.

    For most organizations, data repositories hold our most sensitive, mission critical assets. As enterprises continue their digital transformation journeys, data repositories and the sensitive assets within are more exposed than ever before for several reasons, including a dramatic rise in the:

    • Amount of data created, collected, and stored
    • Number of repositories storing sensitive data across clouds
    • Number of users and applications that need access to data
    1:15 pm
    [Panel] Beyond the Shadows: Anticipating Tomorrow's Cyber Threats
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    In the dynamic realm of cybersecurity, the battle between defenders and digital villains is an ongoing saga. This forward-looking session will explore the evolution of cyber threats, forecasting the next wave of challenges that organizations and individuals may face. We aim to unmask the upcoming generation of digital villains, examining their sophisticated tactics and exploiting vulnerabilities that may become prevalent in the future.

    Our distinguished panel of cybersecurity experts will dissect the motivations driving these threats, from the ever-adapting strategies of profit-driven cybercriminals to the evolving techniques employed by state-sponsored actors wielding cyberweapons. As we peer into the future, we will also address the role of emerging technologies in reshaping the threat landscape, providing insights that empower organizations to proactively defend against tomorrow’s cyber challenges.

    Join us in this exploration of the unseen, as we strive to anticipate and understand the threats that lie beyond the shadows of the current cybersecurity landscape.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    Running Cybersecurity as a Business
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    The old way of running security no longer works. Providing insights from a CISO’s perspective—and perhaps with some controversial takes—this keynote delves into the strategic shift from traditional IT security to “trust product development” measured in value outcomes. The session underlines how such a strategic pivot can meet rigorous cybersecurity standards while promoting growth and retention by aligning trust mechanisms to various customer stakeholders.

    2:10 pm
    Cybersecurity in the Age of Machine Learning and Artificial Intelligence
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    Artificial Intelligence (AI) coupled with Machine Learning (ML) has tremendous potential to strengthen defenses, but the benefits of ML/AI in cust be contextualized against the risks it poses. The usage of ML/AI has increased exponentially, but security and privacy governance and policies have not expanded at the same rate. Moreover, the pace of instituting AI and privacy regulations varies across the globe, creating a rather complex governance structure for cybersecurity personnel to operate under. This presentation delves into the security and privacy implications of using ML/AI in the organization, whether it is using ML/AI-based security tools or ensuring security of ML/AI-based products developed by the organization.

    2:10 pm
    Developing a Crisis Management Playbook
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    When a data breach or other cyber incident happens, having a plan in place can mean the difference between a quick recovery and unwanted headlines and irreparable harm to stakeholder trust.

    3:00 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary hors d’oeuvres and beverages. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    3:30 pm
    [Closing Keynote] Radical Transparency Needed to Build Trust
    • session level icon
    speaker photo
    CISO, Ruby Life; Co-Host, Bare Knuckles & Brass Tacks Podcast
    speaker photo
    Podcast Co-Host, Bare Knuckles & Brass Tacks
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    Location / Room: Keynote Theater

    Session description coming soon.

Exhibitors
  • Colorado Technology Association
    Booth: TBD

    The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.

    At the Colorado Technology Association, we:

    – Lead an inclusive network that benefits our member community
    – Advocate for a pro-business and technology-friendly climate
    – Influence the development of a robust talent pipeline
    – Lead initiatives to help companies grow.

  • CyberArk Software
    Booth: TBD

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Entrust
    Booth: TBD

    Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.

  • ISACA Denver Chapter
    Booth: TBD

    The Denver Chapter of ISACA® (formerly EDPAA) was founded in June 1976 with just a handful of members. Today, the Denver chapter with over 1,040 members, is one of the largest chapters within the Southwestern Region. The Denver Chapter contributes to the international organization with financial support and periodic hosting of the International Conference.

    The Denver Chapter of ISACA® is a non-profit organization dedicated to the continued development and enhancement of the information systems audit and control profession by providing benefits to its members and to the professional community-at-large.

  • ISSA Denver Chapter
    Booth: TBD

    ISSA Denver Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • Keysight
    Booth: TBD

    Keysight’s portfolio of network security solutions simulate threats, eliminate blind spots, taking control of a rapidly-changing attack surface. Be a hero, not a headline, by proving your network is secure simulating attacks, exposing gaps early, and course correct with step-by-step fixes; protecting users and applications with increased the efficiency, performance, and reliability of your security systems;  patrolling every packet eliminating vulnerable blind spots and decrypt threats hiding in SSL traffic; and practice your cyber skills enhancing your security and attack response skills against real-world threats.

  • Lacework
    Booth: TBD

    Lacework automates security across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), providing a comprehensive view of risks across cloud workloads and containers. Lacework’s unified cloud security platform provides unprecedented visibility, automates intrusion detection, delivers one-click investigation, and simplifies cloud compliance.

  • Rapid7
    Booth: TBD

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • Savvy Security
    Booth: TBD

    Savvy automatically discovers and remediates your most toxic combinations of SaaS identity risk. It also allows you to guide users at scale towards proper security hygiene using just-in-time security guardrails.

  • WiCys Colorado Affiliate
    Booth: TBD
Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Rob Finch, Instructor
    Cyber Risk Analyst, Cyber Risk Opportunities LLC
  • speaker photo
    Col. Cedric Leighton
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC

    Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

  • speaker photo
    Rhett Saunders
    Executive Director of Cybersecurity & Infrastructure, Focus on the Family

    Before coming to Focus on the Family, Rhett served the Federal Reserve, and while there, led regular Enterprise Risk Management discussions between the Federal Reserve and U.S. Treasury with a focus on cybersecurity. He is a former NSA cryptoanalyst and a U.S. Army veteran, having served multiple joint intelligence communities, both foreign and domestic government agencies in international locations.

    Rhett is a public speaker on the topic of privacy and identity theft prevention. He lectures on cybersecurity and cryptography topics at University of Colorado Colorado Springs (UCCS) and Flatiron School. He also serves on the SecureWorld Advisory Council. Rhett earned a Master of Business Administration from LeTourneau University and holds the CISSP credential.

  • speaker photo
    Panel Discussion
  • speaker photo
    Panel Discussion
  • speaker photo
    Happy Hour
  • speaker photo
    George Al-Koura
    CISO, Ruby Life; Co-Host, Bare Knuckles & Brass Tacks Podcast
  • speaker photo
    George Kamide
    Podcast Co-Host, Bare Knuckles & Brass Tacks
Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Best practices & solutions, straight from the source

Join your local cybersecurity community for learning and professional growth!