Open Sessions
Conference Pass
SecureWorld Plus
VIP / Exclusive
- Thursday, June 10, 202110:00 amAdvisory Council RoundtableDiscussion topic to be announcedRegistration Level:
VIP / Exclusive
10:00 am - 6:50 pmThis session is for SecureWorld Advisory Council members by invite only.
10:15 amAssociation Chapter MeetingsRegistration Level:Open Sessions
10:15 am - 10:50 amParticipating professional associations and details to be announced.
10:30 amExhibit Hall OpenRegistration Level:Open Sessions
10:30 am - 11:00 amLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes.
11:00 amOpening KeynoteRegistration Level:Open Sessions
11:00 am - 11:45 am11:45 amNetworking BreakRegistration Level:Open Sessions
11:45 am - 12:00 pmLocation / Room: Exhibitor FloorVisit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.
12:00 pmDeveloping an Effective Security Awareness ProgramRegistration Level:Open Sessions
12:00 pm - 12:30 pmSecurity Awareness is well known for being the “best bang for the buck” out of all the risk mitigation techniques, but is it really? For Security Awareness to be effective, it must change the behaviors of employees and ideally lead to a mature security culture in your organization. Many programs that do not use adult education techniques and neuroscience fail to achieve behavior change—and can even make things worse. Once employees start to have a negative impression about information security, feel helpless, or begin to consider remediation as punitive, great damage has been done to the security culture and this can be difficult to reverse.
This fun presentation will help you to gain an understanding about effective Security Awareness program creation and implementation, as well as to build buy-in for a mature security culture.
12:00 pmI.A.M. What I Am: Building a Strong Identity and Access Management ProgramRegistration Level:Open Sessions
12:00 pm - 12:30 pmIdentity and Access Management has risen from a necessary evil to the “new perimeter” as applications migrate to the cloud. Having the right people aligned to your business processes with sound technology will propel your IAM program from the back office to business enabling function. This presentation will guide you on how to mature your existing identity and access management program, pitfalls to avoid, and tips to get your stakeholders on board.
12:00 pmPractical Considerations When Verifying Your Vendors' Cybersecurity ControlsRegistration Level:Open Sessions
12:00 pm - 12:30 pmAs businesses grow, it becomes increasingly cheaper, more convenient, and more efficient to rely on third parties to take on certain business functions. However, the security of your organization’s assets is only as strong as the weakest link in your vendor chain.
Embracing the “trust-but-verify” approach, this session offers helpful tips and areas to focus on when validating your vendors’ cybersecurity controls.
Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)
12:30 pmNetworking BreakRegistration Level:Open Sessions
12:30 pm - 12:45 pmVisit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.
12:45 pmInsider Threats: A Multi-Pronged Approach to Protecting Your OrganizationRegistration Level:Open Sessions
12:45 pm - 1:15 pmInsider threats are a real danger and cannot be overlooked. While deploying the latest secure system to fight against cyber threats is a decent strategy, you must also implement an effective insider threat system for an overall cybersecurity solution. An insider threat program cannot be brought off the shelf, but is a continuous process to identify and detect an incident as it occurs. Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)
12:45 pmLeveraging Culture to Optimize Information SecurityRegistration Level:Open Sessions
12:45 pm - 1:15 pmTo build a culture that optimizes security, an organization needs to set information security leadership appropriately. Strategically, it needs to understand the organization’s risk tolerance, codify it as policy, and communicate it. Based on risk tolerance, it needs to create a roadmap that moves the organization from ad hoc and compliance-based cultures to one that’s risk-based. Tactically, security management needs to regularly drive buy-in for risk tolerance and policy. In addition, management needs to foster a culture that learns from incidents and failures rather than a culture that focuses on assigning blame.
12:45 pmBuilding Blocks to Achieve Cloud SecurityRegistration Level:Open Sessions
12:45 pm - 1:15 pmCloud computing has entered its second decade, and its prevalence is increasing, as “cloud first” is gaining more popularity than ever. Despite its prolonged existence, cloud computing still suffers from confusion and hype over how to secure the cloud. Also, longstanding concerns such as cloud governance continue to muddle the opinions and approaches of CIOs, CISOs, architects, and IT leaders. This session is aimed to demystify the myth of cloud being insecure and will emphasize how to build the security blocks around cloud while using varied service and deployments of cloud computing.
1:15 pmNetworking BreakRegistration Level:Open Sessions
1:15 pm - 1:30 pmVisit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.
1:30 pmAre You Ready for the Convergence of IIoT, OT, and IT Security?Registration Level:Open Sessions
1:30 pm - 2:00 pmBusiness transformation and drive for smart factory initiatives has placed demands on business leaders to leverage relevant technologies to achieve the desire end goal of operational excellence. The technologies such as industrial internet of things (IIoT) are being layered on top of manufacturing floor machinery to provide that needed insight into business operations and productivity. These improvement and perceived operational excellence have come with cyber security risks which were not a common place in manufacturing space previously. It for this reason that there is now a convergence between operation technology (OT), Industrial internet of things (IIoT) and IT. This intersection is becoming very evident in manufactural, supply chain and traditional production organization or companies.
Most of these manufacturing machineries were never directly connected to the ethernet networks and as such the risk was very minimal. In some cases, these organizations had organized security based on perimeter controls such as data center firewalls, site firewalls, floor firewalls that provide segmentation or microsegment between corporate IT and manufacturing operation technology (OT space). However, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network — even if there is a secure communication link. There are many ways to run into problems on the OT/IoT front if companies are not careful in their network design security implementation. These increase the risk and a re-thinking of how to architect security appropriately to meet the ever-evolving threat landscape with relevant implications to OT/IIoT and larger enterprise network.
Presentation Level:
GENERAL (InfoSec best practices, trends, solutions, etc.)1:30 pmRansomware Incident Command and Lessons Learned for ManagersRegistration Level:Open Sessions
1:30 pm - 2:00 pmThis presentation presents a practical approach to incident command for managers at all levels, irrelevant of cyber expertise. Managers of all types are asked to take charge in critical situations and can benefit from leveraging proven crisis management processes during ransomware response.
1:30 pmNew Remote Workforce: Privacy and Security Risks and MitigationsRegistration Level:Open Sessions
1:30 pm - 2:00 pmThe sudden growth in the remote workforce exposed critical cybersecurity and privacy concerns that should be considered. This presentation will provide an overview of key legal considerations with remote work when it comes to privacy and security, as well as discuss some solutions to help mitigate risk as your employees work from home.
2:00 pmNetworking BreakRegistration Level:Open Sessions
2:00 pm - 2:15 pmVisit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.
2:15 pmHey, Information Security: Be Part of the Digital Transformation or Be Left Behind!Registration Level:Open Sessions
2:15 pm - 3:00 pm“Digital transformation” (Dx) as a buzzword may be approaching the end of its life, but the fundamental concept—continuously improving the use of technology and data to provide value to customers—is real and critical to the survival of businesses. If information security teams don’t evolve to deliver the same Dx value and benefits to our organizations, then we risk losing our “customers” to intentional circumvention or preference for shadow IT providers. Make sure your information security team provides the core Dx attributes to your organization to cultivate value, loyalty, and trust. Join this session to learn how you can:
• Embed security into your culture, technologies and processes
• Empower innovation and expedite time-to-market through consistent security risk governance
• Assess the impacts, goals and methods of likely cyber attacks and incidents
• Align IT and security professionals with business objectives and risk tolerance
• Prepare now for effective detection and response to reduce business impacts of incidentsPresentation level: MANAGERIAL (security and business leaders)
2:15 pmLeveraging the Three Lines of Defense to Improve Your Security PositionRegistration Level:Open Sessions
2:15 pm - 3:00 pmDepending on your role, a three lines of defense risk management model can be your best friend or worst enemy. No matter your view, the data produced through these channels can help you better understand your weaknesses, work more effectively with senior management, and respond to a variety of scenarios.
Presentation Level: MANAGERIAL (security and business leaders)2:15 pm[Panel] Addressing Weakness: Vulnerability ManagementRegistration Level:Open Sessions
2:15 pm - 3:00 pmNIST defines vulnerabilities as, “Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.” This panel will discuss current vulnerabilities and risk management through proper controls and best practices.
2:15 pm[Panel] Identity and Access Management: Zero Trust for the Win?Registration Level:Open Sessions
2:15 pm - 3:00 pmAuthentication used to be a discreet decision with the purpose of securing a single access point. Today, the ability to utilize many different types of authentication—from passwordless authentication, to certificate-based authentication, to adaptive and multi-factor authentication—is the foundation of a robust access management framework. With all the terms flying around out there—MFA, 2FA, Zero Trust, IAM, etc.—it’s hard to keep track of what is supposed to be working. Our experts will help demystify the jargon, provide best practices, and steer you away from common missteps.
2:15 pmExecutive RoundtableRegistration Level:VIP / Exclusive
2:15 pm - 3:00 pmDiscussion forum for executive leaders and SecureWorld Advisory Council members (10-15, invite only). Moderated by a CISO/CSO.
3:00 pmNetworking BreakRegistration Level:Open Sessions
3:00 pm - 3:15 pmVisit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.
3:15 pmMoving from Individual Contributor to Cybersecurity LeaderRegistration Level:Open Sessions
3:15 pm - 4:00 pmAre you feeling the call towards cybersecurity leadership? Just being a good technologist is no guarantee you will be a good leader. There are many things that good leaders need to know that have nothing to do with technical knowledge.
Join in this conversation about the path from the Information Security technical role to an Information Security leadership role. Learn the right knowledge that will be powerful in helping advance your career up the ranks of security leadership!
3:15 pmEthical Hacking and Cyber Ecosystems: Anticipating the PredatorsRegistration Level:Open Sessions
3:15 pm - 4:00 pmIn an ever-evolving digital landscape with cloud computing, mobility and IoT systems, more sophisticated approaches to vulnerability assessment are necessary. One of the central tools used in vulnerability testing is penetration testing, along with other techniques that are more broadly classified as ethical hacking. This discussion includes highlights from three case studies of ethical hacking in different settings. Highlights include approaches to ethical hacking and specific penetration techniques relevant to cloud computing and network security. Topics will also include challenges faced in ethical hacking within cybersecurity ecosystems and a discussion of a robust, integrative multi-layered used in ethical hacking.
Presentation Level: TECHNICAL (deeper dive including TTPs)3:15 pm[Panel] Threat Landscape in Flux: Emerging ThreatsRegistration Level:Open Sessions
3:15 pm - 4:00 pmThe attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.
3:15 pm[Panel] No Perimeter: Security in the CloudRegistration Level:Open Sessions
3:15 pm - 4:00 pmWorldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.
3:15 pmExecutive RoundtableRegistration Level:VIP / Exclusive
3:15 pm - 4:00 pmDiscussion forum for executive leaders and SecureWorld Advisory Council members (10-15, invite only). Moderated by a CISO/CSO.
4:00 pmNetworking BreakRegistration Level:Open Sessions
4:00 pm - 4:15 pmVisit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.
4:15 pmClosing KeynoteRegistration Level:Open Sessions
4:15 pm - 5:00 pm
- OktaBooth:
Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.
- Rapid7Booth:
Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.
- SecureLinkBooth:
SecureLink is a leader in managing secure third-party access and remote support for both enterprise companies and technology providers. SecureLink serves over 400 customers and 30,000 organizations worldwide. World-class companies across multiple industries including healthcare, financial services, legal, gaming and retail rely on SecureLink’s secure, purpose-built platform.
- SentinelOneBooth:
SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.
- Panel Discussion
- Panel Discussion
- Panel Discussion
- Panel Discussion

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Join your InfoSec peers for high-quality training and collaboration. Sign up today!
