- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Thursday, November 12, 20208:00 amExecutive Roundtable [VIP invite only]Discussion topic: NOW What Are You Including in Your Incident Response Plan?Registration Level:
8:00 am - 8:45 am
- VIP / Exclusive
This session is for Advisory Council members only.
The current global threat landscape has shifted dramatically in the past several months due to the COVID-19 pandemic. Security professionals are being tasked with keeping the company’s data safe with an influx of remote workers that we’ve never had to account for. Inevitably something is going to happen. An incident WILL arise. You may have had a great plan in the past, and you probably continuously tested it. But have you tested it now that the IT and InfoSec departments are separated and the employees are everywhere? In either case, it’s time to reevaluate your Incident Response plan to accommodate for this unprecedented shift.8:30 amExhibitor Hall openRegistration Level:
8:30 am - 9:00 amLocation / Room: Exhibitor Floor
- Open Sessions
Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.9:00 am[Opening Keynote] The Human Aspect of Security LeadershipRegistration Level:
9:00 am - 9:45 am
- Open Sessions
Security leadership is largely misunderstood, and many organizations struggle to define their expectations from their security leaders. During times of peace, businesses want a diplomat that talks about business objectives in non-technical terms; but when all hell breaks loose, they want a Commander in Chief to just make it all go away.
From convoluted CISO job descriptions, to interviews that take many months to complete, the real struggle begins when one finally gets the job. Why is being a CISO one of the most difficult leadership roles? What do many CISOs struggle with? And why should CISOs focus on people skills in order to deliver their mission?
In this talk, Yaron Levi—CISO of Blue Cross and Blue Shield of Kansas City and co-host of the Cyber Security Leadership podcast—will share his views and experiences from the front lines and provide a path for security leaders to keep their sanity.9:45 amNetworking BreakRegistration Level:
9:45 am - 10:00 amLocation / Room: Exhibitor Floor
- Open Sessions
Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.10:00 amThe New National Cyber Power Index: Which Nations Are Truly the Most Powerful in Cyber?Registration Level:
10:00 am - 10:30 am
- Open Sessions
Think you know which countries are the most powerful in the cyber realm? You may have some surprises coming. Julia Voo and her fellow researchers just published a first-of-its-kind ranking called the National Cyber Power Index (NCPI). The research ranks cyber superpowers on a “whole of country approach,” measuring government strategies, capabilities for defense and offense, resource allocation, the private sector, workforce, and innovation. And its assessment is both a measurement of proven power and potential. Julia will unpack key findings, including areas where the U.S. and Canada are ranked lower than countries like Russia and China. Following this presentation and fireside chat, you may view cyber power in a brand new light.10:00 amPractical Considerations When Verifying Your Vendors' Cybersecurity ControlsRegistration Level:
10:00 am - 10:30 am
- Open Sessions
As businesses grow, it becomes increasingly cheaper, more convenient, and more efficient to rely on third parties to take on certain business functions. However, the security of your organization’s assets is only as strong as the weakest link in your vendor chain.
Embracing the “trust-but-verify” approach, this session offers helpful tips and areas to focus on when validating your vendors’ cybersecurity controls.
Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)10:00 am[Panel] Lessons Learned from a Cloud-Based Remote Work ForceDistinguished Solutions Engineer - North America, Alert LogicDirector of Information Security and Research, AutomoxCISO, Dairy Farmers of AmericaRegistration Level:10:00 am - 10:30 am
The global pandemic forced us all into the cloud; some for the first time, while others have been enjoying its features for a while. The difference is those employees were going to work remote anyway. Now, we have people all over the place. What are we seeing as the dust settles around us? Are you finding someone didn’t configure things correctly? Do you know who all the vendors are now? Did the security team purchase these services or is someone using shadow IT? What about DevSecOps in the cloud? How do you manage multiple cloud providers? Is VPN the right way to go? We’ll task our panel with these questions and get a few insights into 2021.10:30 amNetworking BreakRegistration Level:10:30 am - 10:45 am
Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.10:45 amPivoting Your Information Security Program to the New NormalRegistration Level:
10:45 am - 11:15 am
- Open Sessions
We are living in different times that demand different ways of thinking. Many existing Information Security tools have lost some visibility and viability. How has your thinking changed about your Information Security program? Maybe more importantly, what are you thinking the future will look like and how are you posturing your next purchase, hire, or action to be prepared for the next pivot? We will talk about some questions you should be asking yourself, your team, your peers, and your executives.10:45 amThe Changing Legal Enforcement in Cyber and PrivacyCyber Attorney, Global Leader of Privacy Practice Group, Octillo LawMember, Litigation Team Lead, Octillo LawRegistration Level:
10:45 am - 11:15 am
- Open Sessions
With the changing legislation, here in the U.S. and globally, there is an increasing emphasis on enforcement of data privacy and cybersecurity, both by regulators and individuals. The ability to bring a private right of action by individuals is a sword that data subjects are using to enforce their rights, both in the U.S. and Europe. This session will provide a detailed update on key enforcement actions, with the courts and by agencies, to ensure that companies understand the challenges and their potential liabilities.10:45 amDetect Everything: Bringing Google Scale Threat Detection to Your SOCHead of Customer Experience Engineering, ChronicleHead of Product Marketing, Google Cloud SecurityRegistration Level:
10:45 am - 11:15 am
- Open Sessions
Skillful threat detection and investigation starts with a diverse hub of security telemetry to draw from. The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place, and perform investigations in seconds. Join this session to learn all about what’s new in Chronicle and see it in action with a live demo.11:15 amNetworking BreakRegistration Level:
11:15 am - 11:30 am
- Open Sessions
Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.11:30 amThe New NIST Phish Scale: Revealing Why End-Users ClickComputer Scientist, Visualization and Usability Group, National Institute of Standards and Technology (NIST)Registration Level:
11:30 am - 12:15 pm
- Open Sessions
Developed based on over four years of NIST phishing training data, the NIST Phish Scale is a DIY method for rating human phishing detection difficulty—key to understanding variability in phishing click rates. This talk will cover why end-users click, why it’s important to understand phishing detection difficulty, and how to use the NIST Phish Scale. Understanding what emails your end-users are susceptible to will help you better defend against phishing attacks in the wild.11:30 am[Panel] Threat Landscape in Flux: Emerging ThreatsVice President, Western and LATAM Sales, EntrustSr. Technical Product Manager, ArmisChief Security & Technology Officer, Beckage LawSr. Security Architect, Check Point Software TechnologiesRegistration Level:
11:30 am - 12:15 pm
- Open Sessions
The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.11:30 amRansomware and Digital Extortion: Legal Issues and Practical ResponsesRegistration Level:
11:30 am - 12:15 pm
- Open Sessions
Ransomware incidents increased sharply in 2019 due to organizations’ existing security weaknesses and the development of increasingly sophisticated attack mechanisms specifically designed to exploit those weaknesses.
This presentation will examine case studies of how ransomware is evolving, how organizations should prepare and respond to ransomware, and the legal issues surrounding payment of ransom demands, the compromise of sensitive information, and how to recover from an attack.
Presentation Level: MANAGERIAL (security and business leaders)12:15 pmNetworking BreakRegistration Level:
12:15 pm - 12:30 pm
- Open Sessions
Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.12:30 pm[Mid-Day Keynote] Criminal Minds 401: A Glimpse into the DarknessRegistration Level:
12:30 pm - 1:00 pm
- Open Sessions
How do our cyber adversaries think? Easy: like the rest of us. Well, with a slightly different optic. In this interactive presentation, Michael Anaya exposes the audience to real-world criminality and his observations of each. Michael will hone in on four critical elements (exhibited by all of his subjects) used to explain criminality. One key factor that the audience will learn is context. Understanding the context of one’s decision-making process is critical to explain their rationale and motivation.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles.” — Sun Tzu1:00 pmNetworking BreakRegistration Level:1:00 pm - 1:15 pm
Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.1:15 pmModern Cloud Security ConsiderationsRegistration Level:
1:15 pm - 1:45 pm
- Open Sessions
Transformational projects typically occur when an organization is ready to make significant investments in changing and updating technology. These projects are usually sponsored by the technology group and involve moving to the cloud and reevaluating all legacy platforms, applications, database, and business intelligence functions. This much change presents opportunities to modernize information security controls, but also challenges for the information security team. Modern Cloud Security Considerations will be presented within the context of a transformation project involving the Colorado Healthcare Exchange.1:15 pmCyber-Espionage: Out of the Shadows, into the Digital CrosshairsRegistration Level:
1:15 pm - 1:45 pm
- Open Sessions
Cyber-espionage breaches pose a unique challenge. Through advanced techniques and a specific focus, cyber-espionage threat actors seek to swiftly gain access to heavily defended environments, laterally move with stealth, efficiently obtain targeted assets and data, and move out smartly (or even stay back and maintain covert persistence).
The Verizon Cyber-Espionage Report is our first-ever data-driven publication that focuses on advanced cyberattacks. We’ve examined seven years of DBIR data for Cyber-Espionage breaches and all breaches. We identify the frameworks and tools needed to help improve capabilities to better prevent, mitigate, detect, and respond to these cyberattacks.
The audience will take away the frameworks and tools needed to help improve capabilities to better prevent, mitigate, detect, and respond to these cyberattacks. These frameworks and tools include the VERIS framework, VIPR phases, NIST Cybersecurity Framework, and Center for Internet Security (CIS) Critical Security Controls (CSCs).1:45 pmNetworking BreakRegistration Level:
1:45 pm - 2:00 pmLocation / Room: Exhibitor Floor
- Open Sessions
Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.2:00 pm[Closing Keynote] Wake Up Inspired: Cultivating Trust and Value for Your Team’s SuccessRegistration Level:
2:00 pm - 2:45 pm
- Open Sessions
While “first, do no harm” is attributed to the ancient Greek physician Hippocrates, there is a similar calling for security practitioners. “Human Safety,” above all else, online or in-person, is a shared purpose amongst us, which includes the emotions, thoughts, and actions that security practitioners experience every minute of every day.
As a student of Simon Sinek’s teachings, Cindi shares her own experiences that trust, and helping people feel valued and cared for, is key for leaders to inspire true loyalty on their teams and achieve outstanding results—no matter what the circumstances. Expect to walk away from this presentation feeling inspired.
“We imagine a world in which the vast majority of people wake up inspired, feel safe wherever they are, and end the day fulfilled by the work they do.”
— Simon Sinek
- ACP Colorado Rocky Mountain ChapterBooth:
ACP is the premier organization for business continuity professionals providing a powerful networking and learning environment for ACPits members. Known for its progressive programs, workshops and symposiums, the organization has become a unifying force in defining and leading the continuously evolving fields of business continuity, disaster recovery, and emergency response (the “profession”). The Organization is strategically aligned with business partners such as DRI International, and BC Management, as well as our corporate sponsors. With a strong presence in North America, ACP has 42 chapters and over 2,300 members. We welcome all individuals, regardless of experience or certification, with an interest in the Profession.
Founded in 1983, we are an established community of industry experts, educators, practitioners, leaders, facilitators and advocates. Our members view us as connectors and as a vital networking source.
- Alert LogicBooth:
Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.
- Armis, IncBooth:
Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.
Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.
- Check Point Software Technologies Inc.Booth:
Check Point Software Technologies Inc. is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.
- Chronicle SecurityBooth:
Cybercrime now affects billions of people globally, and the organizations responsible for protecting critical information and systems need more help to keep up. Cybersecurity needed a moonshot.
Chronicle was born in 2016 as a project within X, Alphabet’s moonshot factory. As an Alphabet company, we bring unique resources and talent to the goal of giving enterprises, and the people within them, the tools to win the fight against cybercrime.
We see a future where enterprise security teams can find and stop cyberattacks before they cause harm. By applying planet-scale computing and analytics to security operations, we provide the tools teams need to secure their networks and their customers’ data. We turn the advantage to the forces of good.
- Cloud Security Alliance Colorado ChapterBooth:
The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.
- Colorado Technology AssociationBooth:
The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.
At the Colorado Technology Association, we:
– Lead an inclusive network that benefits our member community
– Advocate for a pro-business and technology-friendly climate
– Influence the development of a robust talent pipeline
– Lead initiatives to help companies grow.
- Colorado ECTFBooth:
As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multi-pronged approach.
Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.
Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.
- Global Cyber AllianceBooth:
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org
Your Comprehensive global information privacy community and resource. Data powers the information economy. And the risks associated with it continue to skyrocket. Data breach, identity theft, loss of customer trust—these are the threats to organizations of all sizes, in all sectors, in today’s marketplace.
The International Association of Privacy Professionals (IAPP) is a resource for professionals who want to develop and advance their careers by helping their organizations successfully manage these risks and protect their data. In fact, we’re the world’s largest and most comprehensive global information privacy community.
The IAPP is the only place that brings together the people, tools and global information management practices you need to thrive in today’s rapidly evolving information economy.
- Identity Defined Security AllianceBooth:
Identity Defined Security provides real time, intelligence-based access to data and applications by integrating IAM infrastructure with enterprise cyber security technologies.
The Identity Defined Security Alliance provides the framework and practical guidance that helps organizations put identity at the center of their security strategy, optimizing cyber security investments while controlling risk as IT infrastructures converge.
Community developed, practitioner approved.
- InfraGard Colorado – Denver Members AllianceBooth:
InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.
The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.
- InfraGard Kansas CityBooth:
InfraGard Kansas City Members Alliance (IMA) is a non-profit organization serving as a public-private partnership among U.S. businesses, individuals involved in the protection and resilience of U.S. critical infrastructures, and the Federal Bureau of Investigation.
The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States and has thousands of members. The FBI leads the U.S. Government side of InfraGard. The private sector side of InfraGard is led by a non-profit corporation, the InfraGard National Members Alliance, which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “Chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together. “InfraGard” is a registered service mark of the FBI.
- ISACA Denver ChapterBooth:
The Denver Chapter of ISACA® (formerly EDPAA) was founded in June 1976 with just a handful of members. Today, the Denver chapter with over 1,040 members, is one of the largest chapters within the Southwestern Region. The Denver Chapter contributes to the international organization with financial support and periodic hosting of the International Conference.
- ISACA Kansas CityBooth:
Welcome to the local Kansas City Chapter of ISACA® (ISACA KC Chapter). The ISACA KC Chapter was founded in 1984 and continues to promote the education of individuals relating to the auditing of, management consulting in, or direct management of the fields of IT governance, IS audit, security, control and assurance.
- (ISC)2 Denver ChapterBooth:
(ISC)²® is the largest not-for-profit membership body of certified information security professionals worldwide, with nearly 80,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates.
- (ISC)2 Kansas City ChapterBooth:
The mission of (ISC)² Kansas City (KC) Chapter is to advance the Information Security Profession by leveraging our shared body of knowledge to better our communities, groom the next generation of security professionals by delivering solutions to real-world security problems and issues that our members face.
“We” began as a few security-minded friends that worked together. We decided to quit talking about launching a local (ISC)² chapter in Kansas City or worse yet, wait around for someone else to do it for us. We stepped up and took the initiative. We have been growing as others hear about our group and join with us.
- ISSA Central Plains ChapterBooth:
The Information Systems Security Association (ISSA) ® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.
General Meetings are held monthly on the first Friday of the month. These meetings may have some type of formal presentation. In the absense of a presentation, the meeting will focus on a roundtable discussion based on the 8 domains of the CISSP CBK.
Location: Friends University Business & Technology Bld
Corner of Hiram & Maple, Wichita, KS 67213
- ISSA Colorado Springs ChapterBooth:
ISSA Colorado Springs Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.
- ISSA Kansas CityBooth:
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.
- Kansas City ECTFBooth:
The USSS ECTF aims to increase the resources, skills and vision by which state, local, and federal law enforcement agencies team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. The common purpose is the prevention, detection, mitigation, and aggressive investigation of attacks on the nation’s financial and critical infrastructures.
- KC Tech CouncilBooth:
The KC Tech Council represents Kansas City’s tech industry, a diverse ecosystem anchored by multinational corporations and driven by innovative entrepreneurs, with industry footholds in Healthcare IT, Telecommunications, Digital Media, and more.
In conjunction with strategic partners, active stakeholders and unique cultural and lifestyle advantages, the KC Tech Council elevates Kansas City as a leading technology hub.
The KC Tech Council’s work helps to attract, retain and grow technology companies and highly skilled tech talent in Kansas City, ensuring the sustained competitiveness of our region into the future.
The KC Tech Council is the operator of ChuteKC.com, an online-portal for tech candidates and employers to connect.
- KU – Edwards CampusBooth:
The University of Kansas holds a tradition of excellence over a century old. In the 1970s, it shared that tradition with Greater Kansas City by providing courses to working professionals. In 1993 the university opened another location, the KU Edwards Campus, to provide permanent growth and education in the Kansas City community. In the past two decades, it has contributed more than $400 million to the Johnson County economy. In 2008, the Edwards Campus became proud partners in the Johnson County Education Research Triangle.
- NewCloud NetworksBooth:
NewCloud Networks is a global cloud services provider specializing in Backup, Disaster Recovery, Production Cloud, Hosted PBX, and Security as a Service. NewCloud’s solutions are built using best in breed technology and hosted on our ultra-low latency network in the United States and in Europe. At NewCloud, we believe that great technology is powered by great people. While others are automating support and customer service, we’re proud of our personalized service.
Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.
- OWASP DenverBooth:
- Recorded FutureBooth:
Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.
For those of you in Kansas City who find yourselves doing information security work as part of the day-to-day (be it consulting, penetration testing, internal compliance or just being the netadmin or sysadmin that has to mind the patches, firewalls and whatnot), I suggest trying to make it to SecKC.
- Women in Security – Kansas CityBooth:
Here at Women in Security – Kansas City, our mission is to provide a focus for women in Information Security through peer mentoring, workshops, and networking opportunities. Our vision for Women in Security – Kansas City is to inspire and support women at all career levels in Information Security.
- Women in CyberSecurity (WiCyS)Booth:
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Yaron LeviCISO, Dolby Laboratories
Yaron Levi is the CISO for Dolby Laboratories. Prior to joining Blue KC, he was CISO of Blue Cross and Blue Shield of Kansas City; a Director of Information Security for Cerner Corporation; an Information Security Business Partner for Intuit; an Information Security Architect and Product Manager for eBay; and a Director of Cloud Security for ANX. Yaron is a Research Fellow for the Cloud Security Alliance, serves as an advisory board member for several information security companies, and is co-founder of the Kansas City CISO forum. He graduated from the FBI CISO academy in 2018, and currently serves on the board of InfraGard KC.
- Julia VooCyber Fellow, Harvard Kennedy School, Belfer Center for Science and International Affairs
Julia Voo is a Cyber Fellow and leads the team behind Belfer's National Cyber Power Index. She was formerly the Research Director for the China Cyber Policy Initiative.
Her areas of research concern geotech strategy including the Digital Silk Road, industrial policy, and technical standards for strategic technologies.
Voo has research affiliations with the Future of Humanity Institute (Oxford), the Hague Program for Cyber Norms (Leiden) and the China-Africa Research Initiative (Johns Hopkins).
A 2019 graduate of Harvard Kennedy School's mid-career Master in Public Administration program, Julia served earlier at the British Embassy in Beijing where she covered China's cyber and artificial intelligence policy from a commercial perspective, technical standards, and other trade policy issues. She lived in Beijing for seven years with stints at the EU Delegation to China, Carnegie-Tsinghua Centre for Global Policy, and she has spent time at the UK's Cabinet Office.
- Arif HameedSr. Director, Client Security, Equifax Canada
Arif Hameed is Senior Director at Equifax, where he leads a team that handles client cybersecurity due diligence activities including questionnaires, audits, remediation support, security schedules, etc. Prior to his role at Equifax, he worked at two of the largest banks in Canada in Security Advisory, IT Risk, Third Party Cyber Risk, and IT Audit.
- Marc YbarraDistinguished Solutions Engineer - North America, Alert Logic
- Christopher HassDirector of Information Security and Research, Automox
Chris Hass is an extremely driven and proven information security professional with extensive experience in Malware Reverse Engineering, Threat Intelligence, and Offensive Security Operations. In his current role, Chris serves as Director of Information Security and Research at Automox. In addition to being a former cybersecurity analyst for the NSA, he also served as a principal research engineer at LogRhythm and helped fight off malware authors using AI/ML at Cylance. His unique experience makes him adept at understanding today's current threat landscape, and works passionately to secure Automox and its customers from today's cyber attacks.
- Sherry CallahanCISO, Dairy Farmers of America
- Randy RawCISO, Veterans United Home Loans
Randy Raw is Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.
- Instructor: Jordan FischerCyber Attorney, Global Leader of Privacy Practice Group, Octillo Law
Jordan Fischer leads Octillo Law's Global Privacy Team, where she represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.
Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).
Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.
- Myriah V. Jaworski, Esq., CIPP/US, CIPP/EMember, Litigation Team Lead, Octillo Law
Myriah Jaworski leads Octillo Law's Privacy Litigation Team, where she represents clients in data breach actions, technology disputes, and in the defense of consumer class actions and related regulatory investigations stemming from alleged privacy torts and violations of the TCPA, BIPA, IRPA, and other state and federal privacy laws. Myriah also works with clients to devise and implement privacy and security compliance programs and to evaluate and implement new technologies, including enterprise-wide AI and machine learning tools. She is also been recognized as a Super Lawyer® for her Civil Litigation practice in 2018, 2019, 2020, and 2021.
- Svetla YankovaHead of Customer Experience Engineering, Chronicle
- Ansh PatnaikHead of Product Marketing, Google Cloud Security
Ansh Patnaik, former Chief Product Officer for Chronicle, is now the head of product marketing for Google Cloud Security. Previously, he was VP of Product Management at Oracle where he defined and launched their Security Analytics Cloud service. Over the last 20 years, Ansh has held product management, marketing and sales engineering roles at several cybersecurity and data segment market leaders including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec). He holds an MS in Operations Research from Columbia University and an MBA from the University of California, Berkeley.
- Dr. Shaneé DawkinsComputer Scientist, Visualization and Usability Group, National Institute of Standards and Technology (NIST)
Dr. Shaneé Dawkins is a Computer Scientist in the Visualization and Usability Group at the National Institute of Standards and Technology (NIST). She performs research focusing on human centered design and leads the NIST Phish Scale research effort. Shaneé received her M.S. and Ph.D. in Computer Science at Auburn University, and B.S. in Computer Engineering at North Carolina A&T State University.
- Brad BeutlichVice President, Western and LATAM Sales, Entrust
Brad Beutlich is an information security professional who has worked with numerous U.S. based companies over the past 20 years, providing security solutions ranging from end-point to data security. The last 13 years, he has worked for Entrust providing security solutions that protect customer data, financial transactions, and IoT device manufacturing. Brad holds a B.S. in Electrical Engineering Technology from Bradley University, and is an award-winning writer and speaker on numerous security topics. His passion as a historian is on brass-era (pre 1913) automobiles, of which he owns a 120-year-old car that runs on steam. As an avid skier, he hits the slopes on the weekends when possible. Brad resides with his wife and three children in Southern California.
- Matt HubbardSr. Technical Product Manager, Armis
- Sam MasielloChief Security & Technology Officer, Beckage Law
Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to Beckage, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.
Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).
- Bryan MagoffinSr. Security Architect, Check Point Software Technologies
- Daniel PepperPartner, BakerHostetler
Dan Pepper is a partner on BakerHostetler's Privacy and Data Protection team. Utilizing 25 years of comprehensive experience in information technology, data privacy, and cybersecurity law, Dan advises clients on proactive data security practices, data breach incident response, and regulatory compliance. He frequently handles security incidents and has interacted with federal and state agencies and forensic service providers, overseen investigations, and designed post-incident response notification and remediation plans.
- Michael AnayaSupervisory Special Agent, Cyber, FBI (Prior)
Michael is the Head of Cyber Risk at Expanse (one of Forbes' 25 fastest-growing venture-backed startups likely to reach a $1 billion valuation). He leads a large team of analysts who identify vulnerabilities in large Fortune 500 companies' and government agencies’ vast online presence. He also has 14 years of FBI experience as a Special Agent, leading extensive investigations and overseeing countless arrests, search warrants, and dismantlements of cyber threat actor sets. He has spoken on cybersecurity topics over 500 times around the world and was considered "one of the FBI’s most talented presenters." He also serves on the Board of Advisors for an emerging cybersecurity startup, DEVCON.
- Michael StephenPrivacy & Security Officer, Connect for Health Colorado
Former network security architect and geek with 20 years' IT experience, almost all doing InfoSec. Background in telecommunications, healthcare, state & local government, financial, and retail. Implemented multiple compliance and privacy programs and CISSP/SABSA certified. Currently Privacy & Security Officer for Connect for Health CO, the Healthcare Exchange for Colorado.
- John GrimHead of Research, Development, Innovation, Verizon Threat Research Advisory Center
John has over 17 years of experience investigating, and leading teams investigating, data breaches and cybersecurity incidents within the government and civilian security sectors. Currently, John heads the Verizon Threat Research Advisory Center (VTRAC) research, development, and innovation effort. In this role, he focuses on researching cybersecurity incidents, performing digital forensic examinations, advising on data breach containment and eradication efforts, and creating data breach response preparedness training and breach simulation exercises for customers worldwide. Prior to joining Verizon, John served 12 years with the U.S. Army investigating security-related incidents with eight years specifically focused on network intrusion investigations and forensic examinations.
- Cindi CarterCISO, Check Point Software Technologies
Cindi Carter is a global, multi-industry Cybersecurity and Information Technology Executive with more than 15 years of experience as a transformational leader for both startups and enterprises. Cindi’s expertise includes building Cybersecurity practices in highly regulated industries, turning strategic goals into actionable outcomes, influencing a “secure from the start” culture, developing secure architecture & engineering platforms, and highly collaborative engagement (C-Suite, Board, Clients and Industry) for managing risk.
At Check Point Software Technologies, Cindi is a Chief Information Security Officer in the Office of the CISO, committed to helping other CISOs achieve success in both strategic and tactical initiatives and contributing to Check Point’s own security practices. Cindi possesses a firm grasp of the challenges surrounding the security, privacy, and risk management landscape, and is a trusted advisor within Check Point as well as for our customers. More recently, Cindi was the CISO for IntSights Cyber Threat Intelligence, where she was responsible for driving the company’s internal security initiatives, as well as serving as an external-facing advisor and subject matter expert in the areas of threat intelligence, cybersecurity resilience and risk management. Cindi also served as VP and Chief Security Officer at MedeAnalytics, a healthcare analytics software-as-a-service (SaaS) leader; prior to that Cindi was the Deputy Chief Information Security Officer at Blue Cross and Blue Shield of Kansas City.
Industry Collaboration Cindi is the founding President of Women in Security - Kansas City. She was honored as part of SC Media magazine’s “Women to Watch in Cyber Security” list, and was also featured in Cybersecurity Venture’s book, “Women Know Cyber: 100 Fascinating Females Fighting Cybercrime.” She presents at nationwide conferences, local chapters, and webinars including SecureWorld, RSA Conference, HIMSS, Evanta CxO Summit, and B-Sides. Cindi holds several recognized IT, security, and project management certifications and has a Master of Science degree in Information Technology and a Bachelor of Science degree in Management Information Systems, both from Central Michigan University.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes