Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, October 8, 2020
    8:00 am
    Executive Roundtable [VIP invite only]
    • session level icon
    Discussion topic: NOW What Are You Including in Your Incident Response Plan?
    speaker photo
    Professor and Director, Graduate Program, University of Detroit Mercy
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This session is for Advisory Council members only.

    The current global threat landscape has shifted dramatically in the past several months due to the COVID-19 pandemic. Security professionals are being tasked with keeping the company’s data safe with an influx of remote workers that we’ve never had to account for. Inevitably something is going to happen. An incident WILL arise. You may have had a great plan in the past, and you probably continuously tested it. But have you tested it now that the IT and InfoSec departments are separated and the employees are everywhere? In either case, it’s time to reevaluate your Incident Response plan to accommodate for this unprecedented shift.

    8:30 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:00 am
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:00 am
    [Opening Keynote] The Resilient Enterprise: Securing the Virtual Workforce
    • session level icon
    speaker photo
    CISO, Paycor
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    Throughout the course of 2020, organizations have seen a transformational shift in the way that businesses operate. As we adapt to new realities, digital transformation has been accelerated in many areas, including how we protect our information assets. From entirely new threats to exacerbating existing threats, Information Security teams are at the forefront of enabling businesses to operate efficiently and securely in the new virtual-first world. We’ll deep dive into considerations that your organization should be making in technology, process, and policy as you work to secure your virtual workforce.

    9:45 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor
    10:00 am
    Practical Considerations When Verifying Your Vendors’ Cybersecurity Controls
    • session level icon
    speaker photo
    Sr. Director, Client Security, Equifax Canada
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    As businesses grow, it becomes increasingly cheaper, more convenient, and more efficient to rely on third parties to take on certain business functions. However, the security of your organization’s assets is only as strong as the weakest link in your vendor chain.
    Embracing the “trust-but-verify” approach, this session offers helpful tips and areas to focus on when validating your vendors’ cybersecurity controls.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:00 am
    A Hitchhiker’s Guide to the 2020 National/Industry/Cloud Exposure Report (NICER)
    • session level icon
    speaker photo
    Chief Security Data Scientist, Rapid7
    speaker photo
    Research Director, Rapid7
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Rapid7 has built upon four years of work measuring the internet for National Exposure Index (NEI) and Industry Cyber Exposure (ICER) reports to create the most comprehensive, modern atlas of internet-facing services to date. This session will provide an overview of the findings, including a comparison of the internet pre- and post-pandemic, along with a guide for how to digest the 150-page deep dive into 24 critical internet protocols and services.

    10:00 am
    Cybercrime: What Is the State of Support for Consumer and SMB Victims?
    • session level icon
    speaker photo
    CEO & President, Cybercrime Support Network
    speaker photo
    Detective First Lieutenant, Commander, Michigan Cyber Command Center (MC3), Michigan State Police
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    How can you support your end users if they are a victim of cybercrime in their personal lives? What kind of resources are available to help SMBs report cybercrime, recover, and reinforce their security? Cybercrime Support Network is the leading public-private partnership serving the victims and coordinating federal, state, and local resources.

    Join Kristin Judge and James Ellis of Cybercrime Support Network as we explore the current state of cybercrime reporting and recovery, work being done on common language for cybercrime among law enforcement, and a national pilot to build a reporting and information sharing program to capture threats facing consumers and SMBs.

    10:00 am
    [Panel] Data Threats in the Cloud
    • session level icon
    speaker photo
    VP, Global Field CISO Team, Fortinet
    speaker photo
    Sales Engineer, FireMon
    speaker photo
    Solutions Engineer, Okta
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    We all know that COVID-19 has forced us into the cloud. We had to, to keep the economy and business going. The cloud can be a wonderful tool for organizations to thrive in, but there are many threats and pitfalls that should be addressed. Do you know what services your staff bought? Did anyone review the terms and conditions? How are you handling identity in the cloud? Is a Zero Trust mindset working in the cloud? Our panelists will dive into the threats to be prepared for and some you might not be aware of!

    10:30 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am
    10:45 am
    Approaches to Justifying Cybersecurity Projects and Spend
    • session level icon
    speaker photo
    Chief Information Security & Privacy Officer, WorkForce Software
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Feel like you’re not getting enough funding for your security projects or program? Learn to stack the deck in your favor by following four basic rules. Lots of examples will be presented!

    10:45 am
    Navigating Maze: Can You Recover from Ransomware?
    • session level icon
    speaker photo
    IT Director & CISO, Maple Reinders Group
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am
    One-fifth of companies have been hit with ransomware, and yet most companies still rely on hoping they won’t be hit rather than addressing shortcomings and following best practices. The industry has said for years that “it is not if, but when you will be breached,” so let’s set some goals and follow some simple steps to at least make ourselves a less desirable target than the companies that are “giving in.” If we agree that protection is not a guarantee, then we must also accept that recovery is CRITICAL and that the work starts now.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:45 am
    Being Our Own Worst Enemy: Sloppy IT Causing Security Incidents
    • session level icon
    speaker photo
    Cyber Security Regional Manager, Faurecia
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    IT and the IT Security Team have put in countless controls and tools to protect the enterprise, but are their daily operations and practices causing security incidents? Are the ones with the most privilege the most successful targets in the environment? This topic will shift the focus on the care given to staying safe by the ones who are keeping the environment safe. Don’t be the one who causes the next security incident!

    10:45 am
    [Panel] Remote Workforce: Lessons Learned
    • session level icon
    speaker photo
    Sr. Director, Product Management, Ivanti
    speaker photo
    Director of Information Security and Research, Automox
    speaker photo
    Director of Solution Architecture, Perimeter 81
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Companies had no real choice as we all moved to the “new normal” and a fledgling at home workforce due to the coronavirus outbreak. If you stop and think about it, it was quite the feat—a massive cloud migration the likes of which had never been seen before. Now that things are somewhat settled into a pattern, what are you discovering that should have been done differently? Realizing that a lot of the same things need to be done? How is the network perimeter now? How many devices are suddenly on your networks? IoT devices from the remote workers piggybacking on the home connections? What are the legal challenges now (think reasonable security)? Join us for a panel discussion of security experts.

    11:15 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am
    11:30 am
    The Changing Landscape of Cybercrime and Its Impact
    • session level icon
    speaker photo
    Detective Constable, Coordinated Cyber Centre (C3), Toronto Police Service, Former VP of IT at Capital G Bank
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm

    The average loss from a bank robbery is about $3,000. The average loss from a successful Business Email Compromise (BEC) attack is nearly $130,000. Numbers like that show why BEC and other cyber crimes are rampant and on the rise—and every type of organization is at risk.
    Join Kenrick Bagnall, Detective Constable of Toronto Police Service’s Coordinated Cyber Centre (C3), as he shares true crime examples of emerging cyber threats impacting both Canada and the U.S., as well as some of the challenges that are inherent in this space.

    Kenrick will share insight into how the Toronto Police Service Cybercrime Unit is evolving to better support the community it serves. He will also discuss industry best practices that can help organizations prepare to face and respond to inevitable predatory cyber threats.

    The key audience take away will be how to avoid complacency when it comes to defense against cyber threats and to always have a response plan that is current, robust, tested, and involves law enforcement in the process.

    11:30 am
    Developing an Effective Security Awareness Program
    • session level icon
    speaker photo
    Manager of Knowledge Services, Cadre Information Security
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm

    Security Awareness is well known for being the “best bang for the buck” out of all the risk mitigation techniques, but is it really? For Security Awareness to be effective, it must change the behaviors of employees and ideally lead to a mature security culture in your organization. Many programs that do not use adult education techniques and neuroscience fail to achieve behavior change—and can even make things worse. Once employees start to have a negative impression about information security, feel helpless, or begin to consider remediation as punitive, great damage has been done to the security culture and this can be difficult to reverse.

    This fun presentation will help you to gain an understanding about effective Security Awareness program creation and implementation, as well as to build buy-in for a mature security culture.

    11:30 am
    Detect Everything: Bringing Google Scale Threat Detection to Your SOC
    • session level icon
    speaker photo
    Head of Customer Experience Engineering, Chronicle
    speaker photo
    Head of Product Marketing, Google Cloud Security
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm

    Skillful threat detection and investigation starts with a diverse hub of security telemetry to draw from. The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place, and perform investigations in seconds. Join this session to learn all about what’s new in Chronicle and see it in action with a live demo.

    11:30 am
    [Panel] No Perimeter: Security in the Cloud
    • session level icon
    speaker photo
    VP, Infrastructure Strategies, Trend Micro
    speaker photo
    Chief Cyber Security Evangelist, Check Point Software Technologies
    speaker photo
    CTO, RedSeal Networks
    speaker photo
    Sr. Sales Engineer, Arctic Wolf Networks
    speaker photo
    Professional Sales Engineer, Alert Logic
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm

    Worldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.

    12:15 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 12:30 pm
    12:30 pm
    Security for, from, and with Machine Learning and Artificial Intelligence Technologies
    • session level icon
    speaker photo
    Director of Information Security, NFI
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    As companies look to increase their operational efficiencies and competitive advantage, many are turning to machine learning (ML) and artificial intelligence (AI) to make better decisions faster. With this shift comes new challenges for businesses and security professionals to ensure these technologies remain effective, safe, unbiased, and ethical. Additionally, as AI and ML become more accessible to the masses, there is a growing risk that these technologies could be leveraged to launch sophisticated attacks. In this presentation, we will explore emerging threats related to AI and ML, as well as how security leaders can utilize these emerging technologies to better defend their organizations and respond to sophisticated attacks.
    Presentation Level: MANAGERIAL (security and business leaders)

    12:30 pm
    The Paradigm Shift: HIPAA, PCI-DSS, Home, and Work
    • session level icon
    speaker photo
    Executive Director, Information Security & Compliance, Indiana University Health
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    Much of the security training that we have put in place has assumed that the large majority of employees would be working at their desk in an office building. In the space of several weeks, that completely changed. The bulk of healthcare workforces now work from home. This has changed the security paradigm, as many healthcare providers based their security around the office. This requires healthcare providers to change security awareness training to refocus on what can be done given the new environment. This session will cover what your organization needs to address in awareness training for work-from-home staff in healthcare, specifically covering HIPAA, printing, home networks, split tunneling, Payment Card Industry – Data Security Standards (PCI-DSS), phishing, and scams.

    12:30 pm
    How an XDR Approach Helps Speed Response and Improve MITRE ATT&CK Coverage
    • session level icon
    speaker photo
    VP, Market Strategy, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    XDR is an emerging industry approach that extends EDR’s insight to a broad range of sources (endpoint, servers, network, email; and more). Learn how the XDR approach takes advantage of detailed activity telemetry (not just alerts) from its sources, enabling more meaningful correlation and enabling rapid detection of subtle chains of malicious activity. Higher-fidelity correlated detections mean that alert volumes decrease, enabling faster response. See how network and email telemetry help XDR expand your coverage of MITRE’s ATT&CK frameworks, without resorting to painstaking manual correlation across security toolsets.

    12:30 pm
    Cybersecurity in Canada: The Evolution of Legal Trends & How to Respond
    • session level icon
    speaker photo
    Partner/ Attorney, Blake, Cassels & Graydon LLP
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    As cybersecurity and privacy laws evolve, there is a growing need to stay abreast of the changing regulations and compliance obligations. This session will provide an overview of recent legal developments in Canada and best practices for addressing these regulatory changes within your organization.
    We will explore:

    • Recent cybersecurity and privacy legal developments in Canada
    • Governance-related best practices for responding to these new developments
    • Best practices for managing vendors
    • Making strategic decisions regarding cyber insurance
      Presentation Level:GENERAL (InfoSec best practices, trends, solutions, etc.)

    1:00 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm
    1:15 pm
    When Cyberattacks Get Physical
    • session level icon
    speaker photo
    CISO, Analytics 4 Life
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    Advancements in technology, especially over the past decade, have resulted in a significant increase in the number of connected devices worldwide. While there are plenty of conversations on cybersecurity of connected devices, they are mainly around data protection and privacy issues. The fact of the matter is, a percentage of these cyberattacks can cause physical harm to humans. Although this issue is important, it does not often get the attention it deserves.

    This presentation focuses on a few cyberattack scenarios on connected devices which may pose safety risks for the user/operator, including: medical devices, connected cars, and car wash systems.

    1:15 pm
    Hey, Information Security: Be Part of the Digital Transformation or Be Left Behind!
    • session level icon
    speaker photo
    Director, Information Security Education & Consulting, Harvard University
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm
    “Digital transformation” (Dx) as a buzzword may be approaching the end of its life, but the fundamental concept—continuously improving the use of technology and data to provide value to customers—is real and critical to the survival of businesses. If information security teams don’t evolve to deliver the same Dx value and benefits to our organizations, then we risk losing our “customers” to intentional circumvention or preference for shadow IT providers. Make sure your information security team provides the core Dx attributes to your organization to cultivate value, loyalty, and trust.

    Join this session to learn how you can:
    •  Embed security into your culture, technologies and processes
    •  Empower innovation and expedite time-to-market through consistent security risk governance
    •  Assess the impacts, goals and methods of likely cyber attacks and incidents
    •  Align IT and security professionals with business objectives and risk tolerance
    •  Prepare now for effective detection and response to reduce business impacts of incidents

    Presentation level: MANAGERIAL (security and business leaders)

    1:15 pm
    The DoD’s Cybersecurity Maturity Model Certification (CMMC) Is Coming – Are You Ready?
    • session level icon
    speaker photo
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    Supply chain risks are at the top of everyone’s mind today, and the US Department of Defense (DoD) is no different. That is why the DoD created its Cybersecurity Maturity Model Certification (CMMC). CMMC is a five level, third-party validated maturity certification. CMMC includes both technical and process/procedural requirements. Organizations in the Defense Supply Chain will be required to obtain CMMC certification before contract award. Requests for Proposals (RFPs) containing CMMC requirements are expected in October 2020. This session provides an overview of CMMC and the corresponding industry-led ecosystem that is being created, spearheaded by the CMMC Accreditation Body (CMMC-AB).
    Presentation Level: MANAGERIAL (security and business leaders)

    1:15 pm
    [Panel] Threat Landscape in Flux: Emerging Threats
    speaker photo
    Cyber Defense Solution Specialist, RSA
    speaker photo
    Sr. Technical Product Manager, Armis
    speaker photo
    Sr. Sales Engineer, Malwarebytes
    Registration Level:
    1:15 pm - 1:45 pm

    The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.

    1:45 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:00 pm
    Location / Room: Exhibitor Floor
    2:00 pm
    [Closing Keynote] The New National Cyber Power Index: Which Nations Are Truly the Most Powerful in Cyber?
    • session level icon
    speaker photo
    Cyber Fellow, Harvard Kennedy School, Belfer Center for Science and International Affairs
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    Think you know which countries are the most powerful in the cyber realm? You may have some surprises coming. Julia Voo and her fellow researchers just published a first-of-its-kind ranking called the National Cyber Power Index (NCPI). The research ranks cyber superpowers on a “whole of country approach,” measuring government strategies, capabilities for defense and offense, resource allocation, the private sector, workforce, and innovation. And its assessment is both a measurement of proven power and potential. Julia will unpack key findings, including areas where the U.S. and Canada are ranked lower than countries like Russia and China. Following this presentation and fireside chat, you may view cyber power in a brand new light.

Exhibitors
  • Alert Logic
    Booth:

    Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

  • AmeriNet
    Booth:

    AmeriNet is a total solutions provider of networking, business collaboration, storage and security products. Our strength is derived from a combination of technical and engineering experience and product excellence. We partner with industry-leading manufacturers of technology. These partnerships allow us to provide comprehensive solutions in Security, Cloud, LAN/WAN Switching and Routing, Network Management and Diagnostics, Unified Communications, Wireless, and Storage solutions. Together we will deploy the right solutions and technology to ensure the continued success of day-to-day operations and objectives of our customers.  For more information, visit https://www.amerinet.com/about-us.

  • Arctic Wolf Networks
    Booth:

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOCTMservice is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Automox
    Booth:

    Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.

  • Cincinnati Tri-State ASIS
    Booth:

    The Cincinnati Tri-State Chapter and its members are committed to not only their own professional careers, but the security industry as a whole. The chapter promotes networking, education, and friendship with those in the fields of security and law enforcement. Our membership is comprised of professionals that work in different aspects of security and law enforcement.

    If you are interested in joining ASIS, the Cincinnati Chapter, or attending a meeting to see what we are all about please contact us to find out more information. We look forward to hearing from you and growing with you professionally!

  • Cadre Information Security
    Booth:

    Data and network security is a critical element for any business, but it is not enough to win. To win, cybersecurity must be viewed through the prism of business process management, align with capabilities and core competencies of the business and be optimized to minimize or eliminate the friction. For more than 25 years, Cadre Information Security enables operationally obsessed, mid-market companies to lower their costs, gain more control and increase the velocity and impact of the efforts. For more information, visit www.cadre.net

  • Check Point Software Technologies Inc.
    Booth:

    Check Point Software Technologies Inc. is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Canadian Cyber Threat Exchange (CCTX)
    Booth:

    The CCTX was created to build a secure Canada where all organizations, both private and public, collaborate to reduce cyber security risks. We do this in two ways.

    First, through the CCTX Data Exchange we gather, enrich, analyze and share cyber threat information across business sectors and from other Canadian and international cyber threat sharing hubs. And we provide actionable cyber threat intelligence with a Canadian focus.

    Second, our CCTX Collaboration Centre is a unique forum for cyber professionals to solve problems by exchanging best practices, techniques and insights.

  • Checkmarx
    Booth:

    Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive software security platform that unifies with DevOps and provides static and interactive application security testing, SCA and developer AppSec training to reduce and remediate risk from software vulnerabilities. www.checkmarx.com

  • Chronicle Security
    Booth:

    Cybercrime now affects billions of people globally, and the organizations responsible for protecting critical information and systems need more help to keep up. Cybersecurity needed a moonshot.

    Chronicle was born in 2016 as a project within X, Alphabet’s moonshot factory. As an Alphabet company, we bring unique resources and talent to the goal of giving enterprises, and the people within them, the tools to win the fight against cybercrime.

    We see a future where enterprise security teams can find and stop cyberattacks before they cause harm. By applying planet-scale computing and analytics to security operations, we provide the tools teams need to secure their networks and their customers’ data. We turn the advantage to the forces of good.

  • Cincinnati Networking Professionals Association
    Booth:

    Established in 1991, the non-profit Network Professional Association (NPA) is a professional association for computer network professionals. Members adhere to a code-of ethics, demonstrate continual professional development and knowledge, adhere to the latest best practice standards, and strive for continual growth. International awards for professionalism honor individuals for outstanding achievements and meeting the values of professionalism.

    The NPA offers a Certified Network Professional CNP credential and provides advocacy for workers in the field. Members receive a certificate of membership, quarterly journal publications, chapters and programs, and opportunities to volunteer and publish.

  • Cobalt.io
    Booth:

    Cobalt’s Pentest as a Service (PtaaS) Platform transforms traditional pentesting into a data-driven vulnerability management engine. Fueled by a global talent pool of certified freelancers, our modern pentest platform delivers actionable results that empowers agile teams to pinpoint, track, and remediate vulnerabilities.

  • Corelight
    Booth:

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • Cybercrime Support Network
    Booth:

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after

  • ECTF
    Booth:

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • FireMon
    Booth:

    FireMon is the only agile network security policy platform for hybrid cloud enterprises. FireMon delivers persistent network security for multi-cloud environments through a powerful fusion of real-time asset visibility, compliance and automation. Since creating the first-ever network security policy management solution, FireMon has delivered command and control over complex network security infrastructures for more than 1,700 customers located in nearly 70 countries around the world. For more information, visit www.firemon.com.

  • Fortinet
    Booth:

    Fortinet secures the largest enterprise, service provider, and government organizations around the world. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 300,000 customers trust Fortinet to protect their businesses.

  • Global Cyber Alliance
    Booth:

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • Gigamon
    Booth: w/ AmeriNet

    Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.

  • InfraGard Cincinnati
    Booth:

    The mission of the InfraGard Cincinnati Members Alliance is to increase the security of the United States’ national infrastructure through information exchange, education, outreach, and similar efforts. To accomplish our goal, we strive to maintain a close working relationship between federal agencies such as the Federal Bureau of Investigation and the Department of Homeland Security, law enforcement agencies, subject matter experts such as cybersecurity and physical security professionals, industry-specific experts, and numerous other professionals.

  • ISACA Cincinnati
    Booth:

    The Greater Cincinnati ISACA® Chapter is a not-for-profit professional association serving the information technology audit, security, and control community. We support the areas of Cincinnati & Dayton, Ohio and Northern Kentucky. The chapter consists of over 450 professionals that represent a cross-section of the public, private, and not-for-profit business sectors at all levels within those industries.

    Purpose: To promote the education of individuals for the improvement and development of their capabilities relating to the auditing of and/or management consulting in the field of Information Technology audit and control.

  • ISACA Toronto
    Booth:

    The ISACA Toronto Chapter, with 2800 plus members, is the largest chapter in Canada and the 5th largest in the world. As of 2017, it will have existed in the Toronto information systems audit, control and governance community for 40 years, and is one of the most active ISACA chapters serving IT Governance, Risk, Audit, and Security professionals.

    The aim of the Chapter is to sponsor local educational seminars and workshops, conducts regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the Greater Toronto Area.

    ISACA (previously the Information Systems Audit and Control Association) is a worldwide association of IS governance professionals. The association currently focuses on assurance, security, and governance and provides globally recognized certification in assurance (Certified Information Systems Auditor), security (Certified Information Security Manager), and governance (Certified in the Governance of Enterprise IT).

  • (ISC)2 Cincinnati Tri-State Chapter
    Booth:

    Follow us on Twitter: https://twitter.com/Cinci_Tri_ISC2

  • (ISC)2 Toronto
    Booth:

    Founded in 2013, the (ISC)² Toronto Chapter is an official chapter of (ISC)².  Based in Toronto, our purpose is to provide educational opportunities for management, operational and technical aspects of the information security field, and to support the mission of (ISC)².

  • ISSA Greater Cincinnati Chapter
    Booth:

    The Greater Cincinnati Information Systems Security Association is a non-profit group dedicated to providing educational and networking opportunities to promote the exchange of ideas, knowledge, and member’s growth within the information security profession. The Greater Cincinnati Chapter will host monthly meetings with a variety of security professionals. Please check our events page for further information on upcoming events.

  • Ivanti
    Booth:

    Ivanti Supply Chain helps organizations leverage modern technology in the warehouse and across the supply chain to improve delivery without modifying backend systems. The company also unifies IT and Security Operations to better manage and secure the digital workplace. From PCs to mobile devices, VDI and the data center, Ivanti discovers IT assets on-premises and in the cloud, improves IT service delivery, and reduces risk with insights and automation. Ivanti is headquartered in Salt Lake City, Utah and has offices all over the world.

  • Leading Cyber Ladies – Toronto Chapter
    Booth:

    Leading Cyber Ladies is a global non-profit organization who focuses on bringing more women into the cyber field through educational cybersecurity sessions, mentorship, speaking opportunities, networking and career opportunities through close partnership with the business sector and other groups in the cybersecurity community.

    While we are focusing on educating women, we are welcoming everyone, all genders and identities! Here we support each other in a friendly and encouraging environment. We are proud to partner with many sponsor companies across Toronto to bring our events to the community free of charge. Join our Meetup group for details on upcoming events!

    We are proud to partner with many sponsor companies across Toronto to bring our events to the community free of charge. Join our Meetup group for details on upcoming events!

  • Malwarebytes
    Booth:

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • OWASP Cincinnati
    Booth:

    OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas.

    The Cincinnati chapter leads are Andy Willingham and Allison Shubert. Chapter meetings are free and open to anyone interested in information security, risk management, data protection and application security.

  • OWASP Toronto
    Booth:

    The Toronto area chapter of The Open Web Application Security Project. Our core purpose: Be the thriving global community that drives visibility and evolution in the safety and security of the world’s software.

  • Perimeter 81
    Booth:

    Perimeter 81 is an Israeli cloud and network security company that develops secure remote networks, based on the zero trust architecture, for organizations. Its technology replaces legacy security appliances like VPNs and firewalls.

  • Rapid7
    Booth:

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • RSA a Dell Technologies Company
    Booth:

    RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions.  With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.

  • Sonatype
    Booth:

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • TASK
    Booth:

    Toronto’s Security User Group TASK (Toronto Area Security Klatch) provides a forum for experts to encourage discussion and share expertise in understanding the latest trends and security threats facing computer networks, systems and data.

    Our membership includes Information Security practitioners, managers, network administrators, students, and anyone who is interested in learning more about securing information.

    We meet to discuss issues that we all share in common, including:

    • New technologies and products that impact information security
    • Emerging threats, and the vulnerabilities being exploited
    • Managing security
    • New laws and regulations
  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • The Circuit
    Booth:

    Our goal is to deliver education and informational programs; enable members to connect and foster collaboration between IT solution and service providers, corporate IT departments, the individuals within these organizations and the businesses that support them.

  • ThreatConnect
    Booth:

    Designed by analysts but built for the team, ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. To learn more about our TIP and SOAR solutions, visit www.ThreatConnect.com.

  • Trend Micro
    Booth:

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

  • Women Who Code Toronto
    Booth:

    Our mission is to inspire women to excel in technology careers. We envision a world where women are proportionally represented as technical leaders, executives, founders, VCs, board members, and software engineers.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Daniel Shoemaker
    Professor and Director, Graduate Program, University of Detroit Mercy

    Daniel P. Shoemaker, PhD, is a Full Professor and Director of the Graduate Program in Cybersecurity at the University of Detroit Mercy, where he has worked for over 35 years. He has retired from his administrative position as Department Chair, PI for the NSA Center and Subject Matter Expert for DHS and NIST. He is enjoying more time with his students and writing. He has published over 200 cybersecurity papers and articles as well as this list of books:
    • Cybersecurity “The Essential Body of Knowledge”
    • “The CSSLP Certification All-in-One Exam Guide”
    • Cybersecurity “Engineering a More Secure Software Organization”
    • “A Guide to the National Initiative for Cybersecurity Education (NICE) Framework: The Complete Guide to Cybersecurity Risk & Controls in Cyber Security”
    • ”Implementing Cybersecurity: A Guide to the NIST Risk Management Framework”,
    • “Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Product”
    • “How to Build A Cyber Resilient Organization”
    • “The Complete Guide to Cybersecurity Risks and Controls”
    • Information Assurance for the Enterprise: A Roadmap to Information Security”
    • “The Cybersecurity Body of Knowledge”
    • “The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity”

  • speaker photo
    Adam Leisring
    CISO, Paycor

    Adam is the Chief Information Security Officer for Paycor, one of the largest independently held Human Capital Management companies in America. He oversees Information Security for Paycor’s 1,400 associates, as well as Paycor’s 30,000 clients of their award-winning SaaS product. In past positions, he has served in leadership roles including Technical Services and Operations, Enterprise Architecture, and Software Engineering. Adam holds CISSP and CISM certifications, as well as a Master’s Certificate in Corporate Information Security. Adam is a volunteer in ISC(2)'s Safe and Secure Online program, which spreads security awareness to children at local schools. He also plays jazz trumpet in non-profit “Jump and Jive” big band in Cincinnati, donating proceeds to area schools for music education.

  • speaker photo
    Arif Hameed
    Sr. Director, Client Security, Equifax Canada

    Arif Hameed is Senior Director at Equifax, where he leads a team that handles client cybersecurity due diligence activities including questionnaires, audits, remediation support, security schedules, etc. Prior to his role at Equifax, he worked at two of the largest banks in Canada in Security Advisory, IT Risk, Third Party Cyber Risk, and IT Audit.

  • speaker photo
    Bob Rudis
    Chief Security Data Scientist, Rapid7

    Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is currently [Master] Chief Data Scientist at Rapid7, where he specializes in research on internet-scale exposure. He was formerly a Security Data Scientist & Managing Principal at Verizon, overseeing the team that produces the annual Data Breach Investigations Report. Bob is a serial tweeter (@hrbrmstr), avid blogger (rud.is), R (#rstats) avunculur, author (Data-Driven Security), speaker, and regular contributor to the open source community.

  • speaker photo
    Tod Beardsley
    Research Director, Rapid7

    Tod Beardsley is the director of research at Rapid7. He has over 20 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and IT Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the myriad security research programs and initiatives at Rapid7. He can be uniquely identified at https://keybase.io/todb.

  • speaker photo
    Kristin Judge
    CEO & President, Cybercrime Support Network

    Kristin founded nonprofit Cybercrime Support Network to be a voice for cybercrime victims. She’s been seen on the C-SPAN Network, local news outlets and called on by technology publications like SC Magazine and Government Technology, to share best practices for online safety. Kristin was an SC Media "Women in IT Security Influencer" in 2017. At MS-ISAC and National Cyber Security Alliance she worked as a “technology interpreter” helping nontechnical people become more secure. She’s a national speaker, sharing cybersecurity best practices with elected officials, businesses and consumers, and authored the LinkedIn course, “Cybersecurity for Small and Medium Businesses: Essential Training.”

  • speaker photo
    James Ellis
    Detective First Lieutenant, Commander, Michigan Cyber Command Center (MC3), Michigan State Police

    Detective First Lieutenant Jim Ellis is the commander of the Michigan State Police Cyber Section within the Intelligence Operations Division. He leads a cyber team of 56 MSP members located at 7 offices throughout Michigan. He has oversight over the Michigan Cyber Command Center (MC3), Computer Crimes Unit (CCU), and the Michigan region of the Internet Crimes Against Children Task Force (ICAC) that consists of an additional 55 affiliate law enforcement agency members throughout Michigan.

    MSP Cyber specializes in high tech criminal investigations of all types, complex network intrusions, forensic data recovery, in addition to proactive cyber investigations involving the online exploitation of children. MSP Cyber is also heavily involved in evidential forensic data recovery services, public awareness, and law enforcement outreach, education, and training opportunities.

    He is currently active on the board of directors with the Michigan Healthcare Cybersecurity Council, the Cybercrime Support Network, including being a member of the Michigan Governors Cybersecurity Advisory Council in addition to participating with many other cybersecurity related organizations and groups throughout Michigan and the US. D/F/Lt. Ellis is a 25-year member of the MSP and earned his Bachelor of Science degree and holds multiple cyber security industry certifications in addition to a Certified Information Systems Security Professional (CISSP).

  • speaker photo
    Jonathan Nguyen-Duy
    VP, Global Field CISO Team, Fortinet
  • speaker photo
    Lisa Wallace
    Sales Engineer, FireMon
  • speaker photo
    Mitch Spaulding
    Solutions Engineer, Okta
  • speaker photo
    Michael Muha, PhD, CISSP, CISM, CIPM, Certified GDPR Practitioner
    Chief Information Security & Privacy Officer, WorkForce Software

    Mike drove the global expansion of WorkForce Software’s cloud-based workforce management products from one data center to eight across the US, Europe, Canada, and Australia, and directed all compliance efforts (starting with SAS 70 and moving onto SOC 1, ISAE 3402, SOC 2, ISO 27001 certification, and EU-US Privacy Shield certification). Having led the company’s GDPR journey, he’s currently implementing a “Personal Information Management System” and additional global security controls to protect company and customer data.

  • speaker photo
    Kevin Dreyer
    IT Director & CISO, Maple Reinders Group

    Kevin Dreyer is an IT Director and CISO with over 25 years of industry experience for a General Contractor securing a national network and its 400 users across a hybrid cloud infrastructure. He fell in love with computers at age 12 when a cousin introduced him to programming, and has never looked back. Having dropped out of college due to the lures of the darker side of computer security, he has spent his adult life working on the defensive side while finishing a college diploma and working on certifications from IBM, Cisco, Novell, Microsoft, Mile2, and finally CISSP about two years ago.

  • speaker photo
    Ryan Mostiller
    Cyber Security Regional Manager, Faurecia

    Ryan has nearly 10 years of experience in defending large enterprise environments, specializing in Windows and Active Directory environments. Ryan has responsibility for Incident Response, Vulnerability Management, and the Management of all Security Tools and Controls. Ryan is a proud double alumnus from Oakland University as well as husband and father.

  • speaker photo
    Chris Goettl
    Sr. Director, Product Management, Ivanti

    Chris Goettl is the Director of Product Management for security products at Ivanti. Chris has over 15 years of experience working in IT, where he supports and implements security solutions for Ivanti customers and guides the security strategy and vision for Ivanti security products. He is also a security evangelist speaking at security events globally where he gives guidance around modern cyber threats and how to combat them effectively. Chris hosts a monthly webinar focusing on Patch Tuesday and security vulnerabilities, and frequently blogs about security topics. You can find contributed articles as well as commentary from Chris in notable security news sources like SC Magazine, Redmond Magazine, ComputerWorld, ThreatPost, Help Net Security, and more.

  • speaker photo
    Christopher Hass
    Director of Information Security and Research, Automox
  • speaker photo
    Sivan Tehila
    Director of Solution Architecture, Perimeter 81

    Sivan Tehila is the Director of Solution Architecture at Perimeter 81, a leading Secure Access Service Edge (SASE) provider, and a cybersecurity expert with over 14 years of industry experience. Sivan served in the IDF as an Intelligence Officer and then in various field positions, including Information Security Officer, CISO of the Research and Analysis Division, and Head of the Information Security Department of the Intelligence Corps. After being honorably discharged as Captain, Sivan joined the Israeli defense technology company, RAFAEL, as an Information Security Officer and worked as a cybersecurity consultant for the Israel Railways. For the past two years, Sivan has dedicated herself to promoting women in cybersecurity and founded the Cyber Ladies community in NYC. She is also an Adjunct Professor of Cybersecurity at Yeshiva University.

  • speaker photo
    Kenrick Bagnall
    Detective Constable, Coordinated Cyber Centre (C3), Toronto Police Service, Former VP of IT at Capital G Bank

    Kenrick has been a member of the Toronto Police Service since April of 2006 and currently serves as an investigator in the Coordinated Cyber Centre (C3) section of Intelligence Services. Before this Kenrick spent 20 years in the Information Technology industry primarily in the financial services sector, holding positions of Senior Network Analyst, Information Technology Manager and Senior Vice President of Information Technology.
    Kenrick is also an Associate Professor at George Brown College where he instructs the Cybersecurity Security Certificate program and also lectures on the University of Toronto Global Professional Master of Laws, Innovation, Law and Technology program.
    Kenrick’s background in Information Technology combined with his Law Enforcement experience has uniquely positioned him as an investigator, instructor and presenter on technology, information security and cyber investigations.

  • speaker photo
    Tim O'Connor
    Manager of Knowledge Services, Cadre Information Security

    Tim O’Connor works for Cadre Information Security as the lead of knowledge services and vCISO team member. He is a professional public speaker, has been working in IT for 20+ years and holds a number of certifications including PCI-QSA, CISA, CISSP, CTT+, MCSE, CISSO, CWNE, Security+ and CISSM. Tim has authored over a dozen books, has written for a number of publications and is certified as a commercial rotorcraft pilot and flight instructor. His principle hobbies include antique motorcycles, astrophotography, mentalism, and doing science outreach.

  • speaker photo
    Svetla Yankova
    Head of Customer Experience Engineering, Chronicle
  • speaker photo
    Ansh Patnaik
    Head of Product Marketing, Google Cloud Security

    Ansh Patnaik, former Chief Product Officer for Chronicle, is now the head of product marketing for Google Cloud Security. Previously, he was VP of Product Management at Oracle where he defined and launched their Security Analytics Cloud service. Over the last 20 years, Ansh has held product management, marketing and sales engineering roles at several cybersecurity and data segment market leaders including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec). He holds an MS in Operations Research from Columbia University and an MBA from the University of California, Berkeley.

  • speaker photo
    William J. Malik, CISA
    VP, Infrastructure Strategies, Trend Micro

    William Malik helps clients structure their IT environments to minimize the loss, alternation, or inadvertent exposure of sensitive information. His information technology career spans over four decades. Prior to Trend Micro, he worked at Gartner for twelve years where he led the information security strategies service and the application integration and middleware strategies service. Before Gartner, William was CTO of Waveset, an identity management vendor. He also co-authored the Cobit version 3 standard. In addition, he spent 12 years at IBM, where he worked in MVS development, testing, and business planning. William is a Certified Information Systems Auditor (CISA).

  • speaker photo
    Grant Asplund
    Chief Cyber Security Evangelist, Check Point Software Technologies

    For more than 20 years, Grant Asplund has been sharing his insights on how businesses can best protect themselves from sophisticated cyber attacks in an increasingly complex world. As Check Point’s chief evangelist he travels the world enthralling audiences with his passionate and relational storytelling at conferences like RSA and Next100 CIOs and numerous media interviews. Grant’s wide range of cyber security experience informs his talks, having served in diverse roles ranging from sales, marketing, business development and senior management for Dome 9, Blue Coat Systems, Neustar and Altor Networks. As CEO of MetalInfo he led its acquisition by Neustar. Grant is the host of the TalkingCloud podcast (www.talkingcloud.podbean.com) on Cloud security.

  • speaker photo
    Mike Lloyd
    CTO, RedSeal Networks

    Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.

    Dr. Mike Lloyd holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.

  • speaker photo
    Ryan Archer
    Sr. Sales Engineer, Arctic Wolf Networks
  • speaker photo
    Chase Massar
    Professional Sales Engineer, Alert Logic
  • speaker photo
    Joshua Cloud
    Director of Information Security, NFI

    Joshua Cloud is currently serving as the director of information security for NFI. He has over 20 years of infrastructure and security leadership experience spanning professional services, manufacturing, retail, and logistics industries in countries all over the world. Cloud is a transformational security leader with a business focus who evangelizes the value of pragmatic cyber risk management and executive alignment. He currently leads a team of security professionals at the new NFI headquarters on the Camden, NJ, waterfront.

  • speaker photo
    Mitchell Parker
    Executive Director, Information Security & Compliance, Indiana University Health
  • speaker photo
    Eric Skinner
    VP, Market Strategy, Trend Micro

    Eric Skinner is VP of Market Strategy at Trend Micro, helping shape Trend’s solution offerings, growth plans and go-to-market approach. Previously at Trend Micro, Eric has been responsible for global product marketing. Prior to Trend Micro, Eric held senior management positions in a health care mobile startup and at digital identity solutions provider Entrust (where he was CTO and VP Product Management). Eric’s experience covers advanced threat detection, endpoint and mobile security, detection & response approaches, machine learning as applied to cyber-security, and identity / authentication technologies. Eric is based in Ottawa, Canada.

  • speaker photo
    Imran Ahmad
    Partner/ Attorney, Blake, Cassels & Graydon LLP

    Imran has a business law practice with a specialization in technology, cybersecurity, and privacy law. As part of his cybersecurity practice, Imran works closely with clients to develop and implement practical strategies related to cyber threats and data breaches. He advises on legal risk assessments, compliance, due diligence and risk allocation advice, security, and data breach incident preparedness and response. In addition, Imran acts as “breach counsel” in the event of a cybersecurity incident, such as a data or privacy breach. He also provides representation in the event of an investigation, an enforcement action, or a litigation.

    Imran has an active technology practice. He advises on licensing, outsourcing and service-provider arrangements, as well as on other commercial matters with respect to carrying on business over the internet, the cloud and the digital environment.
    In his privacy law practice, he advises clients on compliance with all Canadian federal and provincial privacy and data management laws. He has a particular focus on cross-border data transfer issues and enterprise-wide governance programs related to privacy and information governance.

    Imran is the author of Canada’s first legal incident preparation and response handbook titled "Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management" (LexisNexis, August 2017). He is fluent in English, French, and Hindi.

  • speaker photo
    Adel Danesh
    CISO, Analytics 4 Life

    Adel Danesh has over 20 years of experience in IT and information security. Over the course of his professional career, he has been holding information security leadership roles in various organizations and spearheaded mission critical security and infrastructure projects. In his current job, Adel is a CISO at Analytics For Life, a medical research firm that is developing an innovative medical device for diagnosis of cardiovascular diseases. He is leading the information security program which is aimed at implementing cybersecurity best practices in the design and operation of the medical device as well as protecting the organization against cyberattacks . Adel is the first elected president of (ISC)2 Toronto Chapter. The chapter has grown exponentially since it’s inception in 2012 and now has over 1500 members. Adel also has written articles that are published in a renowned information security magazine.

  • speaker photo
    Sandy Silk
    Director, Information Security Education & Consulting, Harvard University

    Sandy Silk is the Director of Information Security Education and Consulting at Harvard University, Founder of Cyber Risk and Resilience Consulting, and a member of the Board of Advisors for the MS in Information Security Leadership at Brandeis University. She excels at bringing together executive leaders, business teams, and IT professionals to align cyber risk management with strategic priorities and culture, risk tolerance levels, and positive customer experience. Sandy is also involved in several WIT organizations and programs. Her prior information security career included positions with Fidelity Investments, Bose Corporation, and Wellington Management Company.

  • speaker photo
    James Goepel
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body

    James Goepel is Treasurer and Member, Board of Directors for the CMMC-AB. He is also an adjunct professor of Cybersecurity at Drexel University and CEO of Fathom Cyber, a trusted agent for senior management and developer of defensible cybersecurity strategies. Jim earned his BSECE from Drexel and his JD and LLM degrees from George Mason University. He worked in the IT and security industries for nearly two decades, including as a Network Administrator for the US House of Representatives and as a lawyer and technologist for a wide range of cybersecurity companies, including system developers, research institutions, and software vendors.

  • speaker photo
    Shane Harsch
    Cyber Defense Solution Specialist, RSA

    Shane Harsch is an Information Security professional with over 25 years of experience ranging from military to manufacturing to security consulting and professional services. He has managed and architected SOCs for the military and managed service providers and is a commissioned officer in the US Army, Military Intelligence. Shane holds degrees in business (MBA) and computational linguistics (BA), and maintains the following certifications: Intrusion Analyst (GCIA), Incident Handling (GCIH), Enterprise Defense (GCED), Information Security (CISSP), and Threat Intelligence Analyst (CTIA). In addition to his responsibilities as an Cyber Defense Solutions Specialist at RSA, Shane fosters new professionals to information security as a SANS Instructor.

  • speaker photo
    Matt Hubbard
    Sr. Technical Product Manager, Armis
  • speaker photo
    Adam Gates
    Sr. Sales Engineer, Malwarebytes

    With over 20 years of experience in technology, Adam Gates serves as a senior technical member of Malwarebytes Field Sales Team providing support for customers in North America. Prior to Malwarebytes, Adam has held various senior system engineering positions and consulting roles at Dell, Microsoft, IBM, Atos, and Mimecast. Adam lives in Dallas, TX with his teenage son.

  • speaker photo
    Julia Voo
    Cyber Fellow, Harvard Kennedy School, Belfer Center for Science and International Affairs

    Julia Voo is a Cyber Fellow and leads the team behind Belfer's National Cyber Power Index. She was formerly the Research Director for the China Cyber Policy Initiative.

    Her areas of research concern geotech strategy including the Digital Silk Road, industrial policy, and technical standards for strategic technologies.

    Voo has research affiliations with the Future of Humanity Institute (Oxford), the Hague Program for Cyber Norms (Leiden) and the China-Africa Research Initiative (Johns Hopkins).

    A 2019 graduate of Harvard Kennedy School's mid-career Master in Public Administration program, Julia served earlier at the British Embassy in Beijing where she covered China's cyber and artificial intelligence policy from a commercial perspective, technical standards, and other trade policy issues. She lived in Beijing for seven years with stints at the EU Delegation to China, Carnegie-Tsinghua Centre for Global Policy, and she has spent time at the UK's Cabinet Office.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store