Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, October 7, 2020
    8:30 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:00 am
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:00 am
    OPENING KEYNOTE:
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor
    10:00 am
    One Phish, Two Phish: Running Simulated Phishing Attacks
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Learn how USNH’s Phishing Awareness Program provides a realistic phishing experience in a safe and controlled environment to help our communities identify and avoid phishing attacks. Session includes an overview of program development, lessons learned, and advice for those considering similar programs.
    Presentation Level: General (InfoSec best practices, trends, solutions)

     

    10:00 am
    Building Blocks to Achieve Cloud Security
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Cloud computing has entered its second decade, and its prevalence is increasing, as “cloud first” is gaining more popularity than ever. Despite its prolonged existence, cloud computing still suffers from confusion and hype over how to secure the Cloud. Also, longstanding concerns such as cloud governance continue to muddle the opinions and approaches of CIOs, CISO’s, architects and IT leaders. This session is aimed to demystify the myth of cloud, being insecure and would emphasize on how to build the security blocks around Cloud while using varied service and deployments of cloud computing

    10:00 am
    [Panel Discussion] What Our Security Team Learned During COVID-19
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    Location / Room: 103

    This panel features honest dialogue about securing an organization through the pandemic, so far. What changed at an organizational level that required security to pivot? What kind of immediate impacts did the security team face and how were those overcome? How did security maintain adequate communication and controls in the midst of this rapid change? What are the greatest lessons for security coming out of COVID-19? Where do we go from here?

    10:30 am
    IoT Defense: A Holistic Approach
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 11:00 am

    Reviewing the current state of IoT devices, their cloud endpoints and the connection between them to understand the threat landscape and where our focus needs to be in the years ahead.

    10:30 am
    Business Impact Assessments and Continuity Planning – Strategies for a Cybersecurity Roadmap
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 11:00 am
    Businesses consider several specific areas of security metrics when developing long term cyber security road maps. The metrics used are often focused on the current technology, incident handling, detection and response, and threat monitoring capabilities. Little attention is given to the Business Impact Assessments (BIA’s) and the Business Continuity Planning (BCP) implications of the organization. Both of these areas can help you expose potential gaps in the planning phase that may not have been considered when drafting a long term cyber security road map.
    This talk will center on a fictional company with a BIA for several departments along with a Business Continuity Plan (BCP) that shall be used to create a fictional cyber security road map. New CISO’s or those assuming the role shall benefit from this exercise by participating in the creation of the fictional road map.
    Presentation Level: MANAGERIAL (security and business leaders)

    10:30 am
    Leveraging Culture to Optimize Information Security
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 11:00 am

    To build a culture that optimizes security, an organization needs to set information security leadership appropriately. Strategically, it needs to understand the organization’s risk tolerance, codify it as policy, and communicate it. Based on risk tolerance, it needs to create a roadmap that moves the organization from ad hoc and compliance-based cultures to one that’s risk-based. Tactically, security management needs to regularly drive buy-in for risk tolerance and policy. In addition, management needs to foster a culture that learns from incidents and failures rather than a culture that focuses on assigning blame.

    11:00 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:15 am
    11:15 am
    Mid-Day Keynote
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    12:00 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:30 pm
    12:30 pm
    Hey, Information Security: Be Part of the Digital Transformation or Be Left Behind!
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    “Digital transformation” (Dx) as a buzzword may be approaching the end of its life, but the fundamental concept—continuously improving the use of technology and data to provide value to customers—is real and critical to the survival of businesses. If information security teams don’t evolve to deliver the same Dx value and benefits to our organizations, then we risk losing our “customers” to intentional circumvention or preference for shadow IT providers. Make sure your information security team provides the core Dx attributes to your organization to cultivate value, loyalty, and trust.
    Join this session to learn how you can:
    •Embed security into your culture, technologies and processes
    •Empower innovation and expedite time-to-market through consistent security risk governance
    •Assess the impacts, goals and methods of likely cyber attacks and incidents
    •Align IT and security professionals with business objectives and risk tolerance
    •Prepare now for effective detection and response to reduce business impacts of incidents
    Presentation Level: MANAGERIAL (security and business leaders)
    12:30 pm
    Leveraging the Three Lines of Defense to Improve Your Security Position
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Depending on your role, a three lines of defense risk management model can be your best friend or worst enemy. No matter your view, the data produced through these channels can help you better understand your weaknesses, work more effectively with senior management, and respond to a variety of scenarios.
    Presentation Level: MANAGERIAL (security and business leaders)
    12:30 pm
    Remote Work Risk: Privacy & Security Pitfalls and Best Practices
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    The sudden growth in the remote workforce exposed critical cybersecurity and privacy concerns that should be considered. This presentation will provide an overview of key legal considerations with remote work when it comes to privacy and security, as well as discuss some solutions to help mitigate risk as your employees work from home.

    1:00 pm
    Blue-Teaming and Incident Response for the "Win"
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:30 pm

    Does your company use Windows or is most of the environment Windows? Come to this session to specifically learn the ins and outs of what are the most critical things needed in order to establish a respectable blueteam program at your organization. Do you know what Windows security event log 4688 mean? What about others? What are the event logs that you should know by hand or have a cheat-sheet for? What are some tools that you should be using and how can you automate them to help detect lateral movement. Also, we will be leveraging opensource tools. No, additional $ is not required. Trying harder, building your technical skills and doing proactive threat hunting will help you and your team. “Don’t worry all of this information will be useful for all no matter what level.” Per time permitting, we might also quickly talk about incident response as well, initially. Also, bring your technical questions too during our Q&A session.
    Presentation Level: TECHNICAL (deeper dive including TTPs)

    1:00 pm
    Ethical Hacking and Cyber Ecosystems: Anticipating the Predators
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:30 pm

    In an ever-evolving digital landscape with cloud computing, mobility and IoT systems, more sophisticated approaches to vulnerability assessment are necessary. One of the central tools used in vulnerability testing is penetration testing, along with other techniques that are more broadly classified as ethical hacking. This discussion includes highlights from three case studies of ethical hacking in different settings. Highlights include approaches to ethical hacking and specific penetration techniques relevant to cloud computing and network security. Topics will also include challenges faced in ethical hacking within cybersecurity ecosystems and a discussion of a robust, integrative multi-layered used in ethical hacking.
    Presentation Level: TECHNICAL (deeper dive including TTPs)

    1:00 pm
    Teaching the Human: Security Awareness Program Design and Discussion
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:30 pm

    At any given moment in their work day, a person will make a security decision that will impact your organization.  Have you enabled your workforce with the knowledge to make the right one?  Generational and cultural differences, as well as learning styles, will all impact the design of a security awareness program.  Learn about these factors and how social engineering is the greatest threat your workforce faces in this session.

    1:30 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:30 pm - 1:45 pm
    Location / Room: Exhibitor Floor
    1:45 pm
    Closing Keynote
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:30 pm
Exhibitors
  • ACP Colorado Rocky Mountain Chapter
    Booth:

    ACP is the premier organization for business continuity professionals providing a powerful networking and learning environment for ACPits members. Known for its progressive programs, workshops and symposiums, the organization has become a unifying force in defining and leading the continuously evolving fields of business continuity, disaster recovery, and emergency response (the “profession”). The Organization is strategically aligned with business partners such as DRI International, and BC Management, as well as our corporate sponsors. With a strong presence in North America, ACP has 42 chapters and over 2,300 members. We welcome all individuals, regardless of experience or certification, with an interest in the Profession.

    Founded in 1983, we are an established community of industry experts, educators, practitioners, leaders, facilitators and advocates. Our members view us as connectors and as a vital networking source.

  • Alert Logic
    Booth:

    Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Cloud Security Alliance Colorado Chapter
    Booth:

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Colorado Technology Association
    Booth:

    The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.

    At the Colorado Technology Association, we:

    – Lead an inclusive network that benefits our member community
    – Advocate for a pro-business and technology-friendly climate
    – Influence the development of a robust talent pipeline
    – Lead initiatives to help companies grow.

  • Corelight
    Booth:

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com 

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Colorado ECTF
    Booth:

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multi-pronged approach.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • IAPP
    Booth:

    Your Comprehensive global information privacy community and resource. Data powers the information economy. And the risks associated with it continue to skyrocket. Data breach, identity theft, loss of customer trust—these are the threats to organizations of all sizes, in all sectors, in today’s marketplace.

    The International Association of Privacy Professionals (IAPP) is a resource for professionals who want to develop and advance their careers by helping their organizations successfully manage these risks and protect their data. In fact, we’re the world’s largest and most comprehensive global information privacy community.

    The IAPP is the only place that brings together the people, tools and global information management practices you need to thrive in today’s rapidly evolving information economy.

  • Identity Defined Security Alliance
    Booth:

    Identity Defined Security provides real time, intelligence-based access to data and applications by integrating IAM infrastructure with enterprise cyber security technologies.
    The Identity Defined Security Alliance provides the framework and practical guidance that helps organizations put identity at the center of their security strategy, optimizing cyber security investments while controlling risk as IT infrastructures converge.
    Community developed, practitioner approved.

  • InfraGard Colorado – Denver Members Alliance
    Booth:

    InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

    The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.

  • InfraGard Kansas City
    Booth:

    InfraGard Kansas City Members Alliance (IMA) is a non-profit organization serving as a public-private partnership among U.S. businesses, individuals involved in the protection and resilience of U.S. critical infrastructures, and the Federal Bureau of Investigation.

    The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States and has thousands of members. The FBI leads the U.S. Government side of InfraGard. The private sector side of InfraGard is led by a non-profit corporation, the InfraGard National Members Alliance, which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “Chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together. “InfraGard” is a registered service mark of the FBI.

  • ISACA Denver Chapter
    Booth:

    The Denver Chapter of ISACA® (formerly EDPAA) was founded in June 1976 with just a handful of members. Today, the Denver chapter with over 1,040 members, is one of the largest chapters within the Southwestern Region. The Denver Chapter contributes to the international organization with financial support and periodic hosting of the International Conference.

  • ISACA Kansas City
    Booth:

    Welcome to the local Kansas City Chapter of ISACA® (ISACA KC Chapter). The ISACA KC Chapter was founded in 1984 and continues to promote the education of individuals relating to the auditing of, management consulting in, or direct management of the fields of IT governance, IS audit, security, control and assurance.

  • (ISC)2 Denver Chapter
    Booth:

    (ISC)²® is the largest not-for-profit membership body of certified information security professionals worldwide, with nearly 80,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates.

  • (ISC)2 Kansas City Chapter
    Booth:

    The mission of (ISC)² Kansas City (KC) Chapter is to advance the Information Security Profession by leveraging our shared body of knowledge to better our communities, groom the next generation of security professionals by delivering solutions to real-world security problems and issues that our members face.

    “We” began as a few security-minded friends that worked together.  We decided to quit talking about launching a local (ISC)² chapter in Kansas City or worse yet, wait around for someone else to do it for us.  We stepped up and took the initiative.  We have been growing as others hear about our group and join with us.

  • ISSA Central Plains Chapter
    Booth:

    The Information Systems Security Association (ISSA) ® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.
    MEETINGS
    General Meetings are held monthly on the first Friday of the month. These meetings may have some type of formal presentation. In the absense of a presentation, the meeting will focus on a roundtable discussion based on the 8 domains of the CISSP CBK.

    Location: Friends University Business & Technology Bld 
    Corner of Hiram & Maple, Wichita, KS 67213
  • ISSA Colorado Springs Chapter
    Booth:

    ISSA Colorado Springs Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • ISSA Kansas City
    Booth:

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

  • Kansas City ECTF
    Booth:

    The USSS ECTF aims to increase the resources, skills and vision by which state, local, and federal law enforcement agencies team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. The common purpose is the prevention, detection, mitigation, and aggressive investigation of attacks on the nation’s financial and critical infrastructures.

  • KC Tech Council
    Booth:

    The KC Tech Council represents Kansas City’s tech industry, a diverse ecosystem anchored by multinational corporations and driven by innovative entrepreneurs, with industry footholds in Healthcare IT, Telecommunications, Digital Media, and more.

    In conjunction with strategic partners, active stakeholders and unique cultural and lifestyle advantages, the KC Tech Council elevates Kansas City as a leading technology hub.

    The KC Tech Council’s work helps to attract, retain and grow technology companies and highly skilled tech talent in Kansas City, ensuring the sustained competitiveness of our region into the future.

    The KC Tech Council is the operator of ChuteKC.com, an online-portal for tech candidates and employers to connect.

  • KU – Edwards Campus
    Booth:

    The University of Kansas holds a tradition of excellence over a century old. In the 1970s, it shared that tradition with Greater Kansas City by providing courses to working professionals. In 1993 the university opened another location, the KU Edwards Campus, to provide permanent growth and education in the Kansas City community. In the past two decades, it has contributed more than $400 million to the Johnson County economy. In 2008, the Edwards Campus became proud partners in the Johnson County Education Research Triangle.

  • nCipher
    Booth:

    nCipher Security, a leader in the hardware security module (HSM) market, empowers world-leading organizations by delivering trust, integrity and control to their business critical information and applications, IoT, blockchain and digital payments

  • SecKC
    Booth:

    For those of you in Kansas City who find yourselves doing information security work as part of the day-to-day (be it consulting, penetration testing, internal compliance or just being the netadmin or sysadmin that has to mind the patches, firewalls and whatnot), I suggest trying to make it to SecKC.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • OWASP Denver
    Booth:
  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Women in Security – Kansas City
    Booth:

    Here at Women in Security – Kansas City, our mission is to provide a focus for women in Information Security through peer mentoring, workshops, and networking opportunities. Our vision for Women in Security – Kansas City is to inspire and support women at all career levels in Information Security.

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store