- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, May 16, 20189:00 amSecureWorld PLUS - Using the NIST Cybersecurity Framework to Build and Mature an Information Security Program9 a.m. - 3 p.m. - Earn 12 CPEs!CISO, Uplight; Co-Host, Colorado = Security podcastRegistration Level:
9:00 am - 3:00 pmLocation / Room: Pecan
- SecureWorld Plus
Managing a successful Information Security Program requires a plan. In this hands-on workshop, participants will leverage the NIST Cybersecurity Framework as a guide to create or mature their security program. Regardless of industry, the framework provides an ideal platform for planning, communicating and validating your security approach.
- Thursday, May 17, 20187:00 amRegistration openRegistration Level:
7:00 am - 3:00 pmLocation / Room: Registration Desk
- Open Sessions
Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.8:00 amExhibitor Hall openRegistration Level:
8:00 am - 3:00 pmLocation / Room: Exhibitor Floor
- Open Sessions
Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.8:30 amISACA Chapter Meeting: Light Breakfast and Guest Presentation - Open to all AttendeesPresenting: Cybersecurity Introspection - how focused pre-breach assessment helps you see around the cornerManaging Director, UHY Advisors TAP, Inc.Registration Level:
8:30 am - 9:15 amLocation / Room: Magnolia Keynote Theater
- Open Sessions
Interested in your local associations? Join ISACA for a chapter meeting, light breakfast and guest presentation. This session is open to all attendees.
There are numerous cybersecurity products, architectures, and cyber risk management best practices to help harden your enterprise perimeter, improve preventive and detective controls, and mature overall cybersecurity posture. Yet data breaches continue. Could it happen to your business? Would you know it was happening? A pre-breach assessment may provide a quicker answer on a regular basis.
Like the business environment, cybersecurity risk management is complicated. There are multiple variables changing subtly throughout the year. Similarly, expenditures on security skilled people, security related processes, and security technologies are subject to entropy and may lose potency as your company’s cybersecurity risk profile changes. Legacy security activities can lose focus of adapting to emerging security risks in favor of automating routine security activities.
In this session you’ll learn:
8:30 amNyotron: State of Endpoint Security – Past, Present and FutureRegistration Level:
- Assurance is not absolute;
- Annual penetration test is security theater;
- Change management is your cybersecurity achilles heel;
- Agile companies fight FUD with fact;
- SecDevOps is your friend
8:30 am - 9:15 amLocation / Room: Elm
- Open Sessions
Ponemon Institute estimates an average breach cost of $3.5 million in 2017, with a 27% probability that a U.S. company will experience a breach in the next 24 months. Just in one recent example, shipping company Maersk lost over $300 million when ransomware infected its systems. Malware is winning with a never ending supply of new attack vectors, previously unseen methods and malware variants. Why, after companies have invested billions of dollars in endpoint security, are they still so vulnerable?
This interactive presentation will discuss the reasons behind the vulnerable state of endpoint security, along with the evolution of traditional Antivirus (AV), and the rise of Next-Generation Antivirus (NGAV) products powered by Machine Learning and Endpoint Detection and Response (EDR) solutions. It will then look into the latest endpoint security trends that promise to increase efficacy, lower TCO and deliver a more robust feature set without requiring organizations to rip and replace their existing security stack.
This presentation will include a demo of the infamous Rubber Ducky that remains practically unstoppable by today’s endpoint security products.8:30 amWhiteHouse.gov to WhiteHouse.com and Everything In-betweenProtecting and preparing our youth for their cyber futureInfoSec Advisor, Fort Bend ISDRegistration Level:
8:30 am - 9:15 amLocation / Room: Live Oak B
- Open Sessions
What is harmful versus what is educational spans a broad spectrum from external actors (trying to steal staff and student PII) to internal actors (trying to change their Texas History grades) and even well intentioned school admins (unintentionally exposing sensitive information). Balancing the security needs of the organization against the core business requirements is always a challenge, tackling the same challenge with users who are under 13 presents additional unique challenges. Navigating Federal and State laws, content filters, consent, training, bullying, contracts, lunch money, audits, etc., does your K-12 have an InfoSec Advisor?8:30 amQuantum Computing & Quantum Cryptography: The Current State of the ArtRegistration Level:
8:30 am - 9:15 amLocation / Room: Pecan
- Conference Pass
This presentation will provide an overview of quantum computing and what that implies for cryptography. The current state of both quantum computing and post-quantum cryptography will be presented.9:30 amOPENING KEYNOTE: IoT and Smart Home Security Trends: Reducing the Fear FactorRegistration Level:
9:30 am - 10:15 amLocation / Room: Magnolia Keynote Theater
- Open Sessions
This presentation will provide an overview of the trends in IoT and Smart Home technology. Understanding the growing number of connected products in homes, what does it means for consumers to evaluate risks vs. benefits? At the same time, this presentation will also educate the security industry on how to promote consumerization and reduce the fear factor. Finally, we will also look at the responsibilities of product companies towards the consumers.10:15 amConference Break / Exhibitor Product DemonstrationRegistration Level:
10:15 am - 11:15 amLocation / Room: Exhibitor Floor
- Open Sessions
Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.11:00 amAdvisory Council Roundtable - (VIP / Invite Only)Topic: Prioritizing Risk in an Ever Changing ThreatscapeRegistration Level:
11:00 am - 12:00 pmLocation / Room: Live Oak A
- VIP / Exclusive
This roundtable is for our Advisory Council Members only.11:15 am[Radware] Cybersecurity Pushed to the LimitRegistration Level:
11:15 am - 12:00 pmLocation / Room: Pecan
- Open Sessions
Throughout 2018 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.
Join the session to learn more about:
• The threat landscape deep dive—the who, what and why of attacks
• Potential impact on your business, including associated costs of different cyber-attacks
• Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
• Emerging threats and how to protect against them
• A look ahead – predictions and what to prepare for11:15 amLather, Rinse, Repeat: Reality Cyber Hygiene in a Healthcare Company to Clean the Cyber DirtRegistration Level:
11:15 am - 12:00 pmLocation / Room: Elm
- Open Sessions
Starting from scratch, this presentation will lay bare the structure and framework of a modern healthcare company’s Cyber Hygiene program; high level policies, actual real-life, nuts and bolts technical standards, real life CE/medical device reviews, how configuration drift is detected, reported and actioned. Nobody likes “cyber dirty” new systems going live, so why not clean them first? How? With a step-by-step tour of a go-live technical security assessment to clean systems prior to moving any new platform, system, infrastructure or application into production. Layer in “hygiene hunting” to detect and clean between the cracks. The session will incorporate “it happened here” stories detailing how the Cyber Hygiene program held GE, Phillips, EMC, Cerner and Cisco accountable to implement net new systems with proper security postures.
At the end of this session, participants will be able to:
(1) Establish and/or grow their cyber hygiene program using real-live example policies and technical standards
(2) Implement in their own company a technical go-live assessment process that is a valuable and influential pillar of remediating security vulnerabilities
(3) Experience a new paradigm in cyber hygiene practices – witness the ease and value of “hygiene hunting”11:15 amNavigating the Alternative Facts of Malware PreventionRegistration Level:
11:15 am - 12:00 pmLocation / Room: Live Oak B
- Conference Pass
This presentation, given by an individual not linked to any anti-malware vendor, is the result of over two years of research covering several dozen tools in the anti-malware space, in an effort to find the ideal tool for our corporate environment. It is intended to be an in-depth focus on the evolution of the space, the tools, and the technologies behind them, with a “no holds barred” approach to presenting our evaluation methodology and results.11:15 amClimbing the Information Security Program Mount EverestThe mountaineer will learn...CEO, Riskceptional StrategiesRegistration Level:
11:15 am - 12:00 pmLocation / Room: Magnolia Keynote Theater
- Conference Pass
Implementing and operating an information security program is a lot like leading a mountain climbing expedition. Each control in the program is like a group of a climbers: a collection of people, processes and technologies each striving to be capable of reaching a point on the mountain. The CISO, as expedition leader, is trying to help each climber group increase in capability in order to reach higher points on the mountain, with the goal of reaching the peak. Like the expedition, the security program needs a strategy, planning, logistics, and execution. The expedition will have groups (controls) at varying points along the mountain, all needing support, structure, and guidance. The information security program, like the expedition on the mountain, faces condition that are unpredictable and treacherous. When the summit is approached, the sky darkens, the winds increase, and the mountain’s sheer face of rock and ice certainly seem impossible to approach.
What the mountaineer can expect to learn:
• Every expedition has a trek in requiring an evaluation and analysis of current state, strategy for the expedition and a plan to get things moving. Security framework applications for assessment, gap analysis, and objectives-oriented program goals.
• Planning for the full expedition – finite resources are precious; learn how to obtain and use them wisely. Strategic planning for developing program maturity to meet risk-oriented priorities.
• When climbing the mountain, sometimes you have to retrace your steps, revert, and try again. Regrouping strategies for when things bog down and for those beginning the climb after the expedition is underway.
• Approaching the security program like a business will help the CISO and help the organization. Key outcomes include:
◦ Operations expense vs. capital investment for program enablement
◦ Services vs. in-house expertise for program operations
◦ Activity based costing for program activities
◦ Business case for progress and risk management for decision making12:00 pmAdvisory Council Lunch Roundtable – (VIP / Invite Only)Topic: Responsibilities: Should the CISO Bear it All?Registration Level:
12:00 pm - 1:00 pmLocation / Room: Live Oak A
- VIP / Exclusive
This lunch roundtable is for our Advisory Council members only.12:15 pmLUNCH KEYNOTE: Trend Micro - Digital Extortion: Ransomware and Tools of ChoiceRegistration Level:
12:15 pm - 1:00 pmLocation / Room: Magnolia Keynote
- Open Sessions
Digital extortion is one of the most lucrative ways cybercriminals can profit in today’s threat landscape. Many have fallen victim to this particular scheme and been bilked of their money — from ordinary users to big enterprises. Everyone is a potential target, which is why being informed about what digital extortion is, how it’s carried out and how to protect against it is critical. This is especially relevant in 2018, where we predict that digital extortion efforts will involve other methods besides the tried and tested ransomware attack.1:15 pmCloudy Days Ahead: Security Implications of the Expansion of IIoT/IoT in Industrial Control EnvironmentsRegistration Level:
1:15 pm - 2:15 pmLocation / Room: Pecan
- Conference Pass
In recent years, business drivers requiring access to more near real time or real time data has compelled organizations to increase connectivity within their industrial control environments. That connectivity is not only to enterprise networks, however, as there has been an expansion of IIoT (Industrial Internet of Things) capability within these control environments, and a subsequent movement of data into the cloud for further enrichment. What does this mean for a domain that already has significant security challenges? This presentation will examine some of those challenges and what implications there are as IIoT continues to expand.1:15 pmCheck Point: Preparing for the Next Wave of Cybersecurity ThreatsRegistration Level:
1:15 pm - 2:15 pmLocation / Room: Magnolia
- Open Sessions
The year 2017 was pivotal in the cyber security industry. From the resurgence of destructive ransomware, IoT botnets, data breaches and mobile malware to full-scale nation state cyber-attacks, it is clear we are at an inflection point: The 5th generation of cyber-attacks is now increasing the risks of data breaches and costly disruptions for organizations like yours.
– How your organization is at risk from 5th generation cyber attacks
– How to avoid the cyber threat trends occurring in your industry
– What Gen V (5th generation) security is and why you need it now1:15 pmPanel: Building a Better Mouse Trap (Emerging Threats)Registration Level:
1:15 pm - 2:15 pmLocation / Room: Elm
- Open Sessions
To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say, but how? By taking a look at the capabilities of the threats we see today, we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing and hoping.
Michael Gough, IMF Security
Loyd McBride, Keysight
Paul Brager, Baker Hughes GE
Eugene Kesselman, Tapjets
Paul Berryman, Deloitte
David O’Neil, Kudelski Security
Moderator: John Jorgensen, ABS Advanced Solutions1:15 pmTrend Micro: Adapting to Security in the CloudRegistration Level:
1:15 pm - 2:15 pmLocation / Room: Live Oak B
- Open Sessions
The speed of change in the data center with virtualization was unprecedented. The promise that virtualization would only lower costs and drive consolidation didn’t end up that way… virtualization has changed the mentality of the IT organization to a point where there are now more servers than ever, all in support of new business initiatives. Because of this unimaginable environment, the idea of simply using legacy security in the data center and cloud simply doesn’t work.2:15 pmConference Break / Exhibitor Product DemonstrationRegistration Level:
2:15 pm - 3:00 pmLocation / Room: Exhibitor Floor
- Open Sessions
Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.2:30 pmNetworking Break — Dash for Prizes and CyberHunt winners announcedRegistration Level:
2:30 pm - 2:45 pmLocation / Room: Exhibitor Floor
- Open Sessions
Be sure to have your badge scanned with participating exhibitors throughout the day. Past prizes have included Kindles, Bose wireless headphones, gift cards, iPads, drones, and more! *Must be present to win.3:00 pmInformation Security PlansRegistration Level:
3:00 pm - 3:45 pmLocation / Room: Elm
- Conference Pass
The presentation examines the need for policies, objectives, controls, processes and procedures to help companies manage the risk, threats, and vulnerabilities that can cause loss as a result of a cyber breach or loss of confidential/proprietary information. It examines organizational responsibilities, key steps in forging and executing an Information Security Plan, and what you can do to better protect yourself from loss.3:00 pmWhen the “IT” Hits the Fan, Stick to the Plan: Incident Response Plan ManagementRegistration Level:
3:00 pm - 3:45 pmLocation / Room: Pecan
- Conference Pass
Incident Response is a critical process for any organization. The effectiveness of the incident response plan can determine whether or not an organization can sustain and recover from a cyber attack. As with any process within the organization, the incident response plan needs continuous testing and review to ensure it remains effective for the organization.3:00 pmLessons Learned in IT/OT ConvergenceRegistration Level:
3:00 pm - 3:45 pmLocation / Room: Live Oak B
- Conference Pass
As more cyber maturity is driven in the OT environments leveraging existing IT tools, many organizations are facing the challenge of whether to converge IT and OT into a shared purpose organization that can govern and operate in both environments.
This presentation will discuss current cyber trends seen in IT and OT across industries, what we have seen work well in organizations when implementing a company-wide cybersecurity program for IT and OT environments, and challenges / lessons learned from IT/OT convergence initiatives at companies of different sizes and industries.3:00 pmWhite-Collar Crime: The Challenges and Moral Dilemma of JusticeDon't let the white-collar criminals off the morality hook with the the advancement of cyberlife in the cloud.Investigative Auditor, State of TexasRegistration Level:
3:00 pm - 3:45 pmLocation / Room: Magnolia Theater
- Conference Pass
Diane Glick’s presentation will cover the following topics:
> A brief history of the term “white-collar crime” coined by Edwin Sutherland, and his forward-looking perspective
> The characteristics of a white-collar criminal, and the common motives of those criminals
> Social responsibility for holding white-collar criminals accountable
> Examples of white-collar criminal cases over the past 100 years
> The importance of continuing the fight against white-collar crime and holding criminals fully accountable (stiff prison sentences and restitution)
- ACFE HoustonBooth: 580
We are the world’s largest anti-fraud organization and premier provider of anti-fraud training and education. The mission of the ACFE Foundation is to increase the body of anti-fraud knowledge by supporting future anti-fraud professionals worldwide through the funding of the Ritchie-Jennings Memorial Scholarship Program. The scholarship program provides an opportunity for men and women of all ages, races, religions and income levels to advance their education. Many of these outstanding and deserving students go on to become Certified Fraud Examiners.
- Arctic Wolf NetworksBooth: 260
Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.
- Arista NetworksBooth: 660
Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments. Arista’s award-winning platforms, ranging in Ethernet speeds from 10 to 100 gigabits per second, redefine scalability, agility and resilience. Arista has shipped more than 15 million cloud networking ports worldwide with CloudVision and EOS, an advanced network operating system. Committed to open standards, Arista is a founding member of the 25/50GbE consortium. Arista Networks products are available worldwide directly and through partners.
- Armis, IncBooth: 540
Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.
- Bay Pay ForumBooth:
The BayPay Forum, a Silicon Valley-based international network composed of over 14,000 payment and commerce executives, entrepreneurs and investors from thousands of different companies, serves as a forum to connect members in identifying and understanding the emerging trends and innovations in the industry.
- Binary DefenseBooth: 240
Binary Defense is a managed security services provider and software developer with leading cybersecurity solutions that include SOC-as-a-Service, Managed Detection & Response, Security Information & Event Management, Threat Hunting and Counterintelligence. Binary Defense believes its unique approach resolves infosec’s biggest challenges such as limited in-house security expertise, lack of innovative resources and the significant budgetary and time investment required to ensure protection from today’s threats.
- Check Point Software TechnologiesBooth: 100
Check Point Software Technologies is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.
CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIOReview is an excellent platform for the enterprise to showcase their innovative solutions.
- CloudPost NetworksBooth: 220
Our mission is to empower organizations to reduce risk by classifying, managing, and safeguarding business IoT systems.
- Comodo CybersecurityBooth: 150
In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.
- CylanceBooth: 120
Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.
International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.
- FortinetBooth: 340
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.
- Global Cyber AllianceBooth:
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org
- InfraGard HoustonBooth: 460
The Houston Chapter of InfraGard provides members of the Critical Infrastructure community a means to share information to prevent, protect, and defend against hostile acts against Critical Infrastructure and Key Resources (CIKR). InfraGard is designed to address the need for private and public-sector information-sharing mechanisms at both the national and local levels. It is our goal to improve and extend information sharing between private industry and the government, particularly the FBI, when it comes to critical national infrastructures.
- iRobotBooth: 600
iRobot, the leading global consumer robot company, designs and builds robots that empower people to do more both inside and outside of the home. iRobot’s products, including the award-winning Roomba® Vacuuming Robot and the Braava® family of mopping robots, have been welcomed into millions of homes around the world and are hard at work every day helping people to get more done.
- ISACA HoustonBooth: 360
Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the area. We conduct chapter meetings the third Thursday of the month that typically includes a morning or afternoon training along with a luncheon meeting/training. We also sponsor SIG group meetings on the same day. Local seminars are held in the spring and fall that include topics of high relevance to our membership community. Certification training is scheduled before each ISACA exam date based on interest level.
- Ixia, a Keysight BusinessBooth: 320
We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.
- KasperskyBooth: 440
We’re an independent global cybersecurity company that empowers people to make the most of technology and the endless opportunities it brings. Backed by our deep threat intelligence, security and training expertise, we give businesses the power to stay safe—and the confidence to accelerate their own success. With insights gained from our unique international reach, we secure consumers, governments and more than 270,000 organizations. We’re proud to be the world’s most tested and awarded cybersecurity, and we look forward to keeping your business safe. Bring on the future.
- Kudelski SecurityBooth: 340
Kudelski Security is the premier cybersecurity innovator for Fortune 500 organizations. Our approach continuously evaluates customer’s security posture to reduce risk, maintain compliance and increase security effectiveness. Our partner, Wombat Security Technologies provides awareness and training to teach secure behavior. Wombat’s solutions reduce phishing attacks and malware infections up to 90%.
- NyotronBooth: 200
Nyotron provides the industry’s first OS-Centric Positive Security to strengthen laptop, desktop, and server protection. Unlike all other approaches, our patented technology does not care about the type of threat or the attack vector, allowing us to provide ultimate protection by stopping the intended damage.
Founded in 2012, Nyotron is headquartered in Santa Clara, CA with R&D in Israel. Nyotron has earned a top score of 5 stars from SC Magazine in its review of Endpoint Security Platforms, won GOLD in the 2017 IT World Awards for Endpoint Security and was designated as the 2017 HOT COMPANY in Endpoint Security by Cyber Defense Magazine.
- RadwareBooth: 300
Radware® (NASDAQ: RDWR) is a global leader of cybersecurity and application delivery solutions for physical, cloud and software-defined data centers (SDDC). Our award-winning solutions portfolio secures the digital experience by providing infrastructure, application and corporate IT protection, and availability services to enterprises globally. Our solutions are deployed by, among others, enterprise customers, carriers, and cloud service providers.
- RedSealBooth: 140
By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.
- Secure Data SolutionsBooth: 260
Secure Data Solutions is a Texas based Security Partner providing comprehensive results to our clients and giving them confidence in their security strategy. Using fundamental and leading-edge security technologies, Secure Data Solutions delivers expertise and visibility in all aspects of Network and Cyber-Security.
- SecuronixBooth: 380
Securonix is redefining threat detection and response for today’s hybrid cloud, data-driven enterprise. Securonix Next-Gen SIEM and XDR are powered by the most advanced analytics and built on a scalable, flexible cloud native architecture. Securonix leverages behavioral analytics technology that pioneered the UEBA category to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats.
- Skyhigh NetworksBooth: 640
Enterprises are responsible for how they use cloud services. But today’s security is designed for the network and devices, not the cloud. Skyhigh gives enterprises the tools they need to protect data and users in real time across all cloud services without introducing any friction to the user experience. With total control over their data and activities, enterprises can confidently leverage cloud to accelerate their business. It’s security that accelerates business.
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- Trend MicroBooth: 400
Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.
- TrustedSecBooth: 240
TrustedSec is a leader in attack intelligence and security advisory services. Our team of highly talented, skilled, senior consultants sets us apart from other commodity-service security companies. We form partnerships with our number one goal to help you holistically improve your security program. You’ll find that working with us amounts to more than “just another engagement”—it’s establishing an understanding with your organization, and working to make you more secure, and better as a whole.
- Moderator: Alex WoodCISO, Uplight; Co-Host, Colorado = Security podcast
Alex Wood is currently the CISO for Uplight and has over 18 years of experience in information security. Previously he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has a MAS in Information Security from the University of Denver.
- Norman ComstockManaging Director, UHY Advisors TAP, Inc.
Norman is President and Managing Director of UHY Advisors TAP, Inc., a subsidiary of UHY Advisors, bringing over 25 years of experience in strategic consulting services. Norman advises clients on enterprise risk management, IT assurance and governance, and cybersecurity. He is also an Instructor for courses in Business Ethics, and Governance, Risk, and Compliance at the C.T. Bauer School of Business at the University of Houston. Norman served as VP of Technology for IIA Houston 2011-2014, and served as President of the ISACA Houston Chapter 2012-2016. He maintains several certifications in security and assurance, including: CISSP, QSA, CISA, CGEIT, CIA, CRMA, and CCSA.
- Rene KolgaSr. Director of Product Management, Nyotron
Rene Kolga, CISSP, heads Product Management and Business Development for North America at Nyotron. Prior to working at Nyotron, Rene was Head of Product at ThinAir. Rene also spent eight years at Symantec where he managed multiple enterprise security product lines in the areas of encryption and endpoint security. Additionally, Rene led dozens of endpoint management, backup and business intelligence product teams at SolarCity, Citrix and Altiris. Earlier in his career, Rene run Customer Support and QA teams. Rene earned his Computer Science degree from Tallinn University of Technology. He also received an MBA from University of Utah.
- Christopher KarInfoSec Advisor, Fort Bend ISD
Mr. Kar is the Information Security Advisor for Fort Bend ISD, the 7th largest school district in TX with ~74,500 students, ~11,000 employees and contractors spanning 80+ educational and administrative campuses. Chris has previously held leadership roles at both public and private sector organizations including Memorial Hermann, the U.S. House of Representatives, the State of Michigan and Michigan State Univerity (where he also graduated). He is the Houston InfraGard Education SIG Chief, is a CISSP (since 2002) and expects to complete a Master's in Information Security and Assurance later this year.
- Chuck EasttomComputer Scientist, Northcentral University
Dr. Easttom is the author of 26 computer science books and over 40 research papers, as well as an inventor with 14 patents. He is a frequent speaker at computer science and security conferences, and is a Distinguished Speaker of the ACM (Association of Computing Machinery). He holds a Doctor of Science in cyber security and three masters degrees.
- Ravi ThatavarthyVP & CISO, BJ's Wholesale Club
Ravi Thatavarthy brings 20+ years of experience in Information Security to his role with a strong background in Security Architecture and building Security programs from ground up. His approach to Information Security is unique and well-balanced with a focus on ‘Business Value’ and ‘User Delight’. He recently appeared in ‘Profiles in Confidence’ as a Security leader running confident Security program. He spoke and served as a panelist in multiple conferences. Before joining BJ's, he was the Head of Information Security at iRobot, and previously led the Security, Policy & Compliance programs at Haemonetics where he worked as Director of Global Security & Policy.
- Ron WinwardSecurity Evangelist, North America, Radware
As a Security Evangelist at Radware, Mr. Winward is responsible for developing, managing, and increasing the company’s security business in North America.
Ron’s entire career has been deeply rooted in internet and cybersecurity. For over 20 years, Ron has helped design complex solutions for carriers, enterprises, and cybersecurity providers around the world.
Ron is an industry-recognized expert in the Mirai IoT botnet and its modern variants. Ron conducted the industry’s first complete analysis of the Mirai attack vectors, producing forensic examples for public distribution of each attack and the specific impact each attack had on networks. His work on IoT attack analysis has been presented at conferences worldwide and has been referenced by NIST.
Prior to joining Radware, Ron was Director of Network Engineering for a global datacenter provider and ISP. In this role, Ron oversaw the growth and development of a global network infrastructure that delivered services to other ISPs, hosting providers, and enterprises around the world. During this time, Ron assisted some of the world’s top businesses in mitigating cyberattacks on their infrastructure, cultivating an extensive knowledge in DDoS attack methodologies.
Ron holds a Bachelor of Science degree in Business and has earned many technical certifications throughout his engineering-focused career. Ron acutely understands the impact of technology and security on business and is enthusiastic about their interrelation.
- Gregg BrauntonBanking, Insider Threat Operations
A strategic security partner blended with deep operational, architecture, and compliance expertise. Innovative, strategic, and tactical security leadership utilizing "business aligned" and "data-driven" cybersecurity models and frameworks. Gregg has 20+ years extensive cyber expertise leading and delivering cybersecurity operations, architecture, and security risk life-cycle management in highly compliant driven risk frameworks: HIPAA, FISMA, NIST, HiTrust. TOP SECRET CLEARANCE.
- Josh SokolInformation Security Program Owner, National Instruments
Josh Sokol, CISSP, graduated from the University of Texas at Austin with a BS in Computer Science in 2002. Since that time, he has worked for several large companies, including AMD and BearingPoint, spent some time as a military contractor, and is currently employed as the Information Security Program Owner at National Instruments. In his current role, Sokol manages all compliance, security architecture, risk management, and vulnerability management activities for NI. Sokol created the free and open source risk management tool named SimpleRisk, has spoken on dozens of security topics including the much-hyped “HTTPS Can Byte Me” talk at Black Hat 2010, and recently finished four years serving as a Director of the OWASP Foundation.
- Brian EngleCEO, Riskceptional Strategies
Brian A. Engle, CISSP, CISA Founder and CEO Riskceptional Strategies Brian Engle is an experienced security and risk management professional who works with business leaders to create and implement successful strategies for implementing sustainable risk-based information security programs. Prior to founding Riskceptional, Brian led the Retail Cyber Intelligence Sharing Center (R-CISC) from inception to significant membership levels sharing threat intelligence and cybersecurity strategies. Brian has been a CISO and executive leader for over 25 years in a variety of industries. Roles include leading the cybersecurity efforts for the State of Texas, the Texas Health and Human Services Commission, Temple-Inland, and Guaranty Bank as well as various information security community volunteer leadership.
- Brian MorovitzDirector of Sales Engineering, Trend Micro
For the past 10 years, Brian has helped organizations deploy and operationalize enterprise security solutions. With a background in customer success management, he built Trend Micro’s centralized premium support center of excellence in Las Colinas, Texas. Prior to Trend Micro, Brian led product launch, organizational change, process improvement, and marketing initiatives in the financial services sector.
- Paul BragerTechnical Product Security Leader, Digital Technology, BHGE (Baker Hughes, a GE Company)
Paul W. Brager, Jr has been a contributing member of the cyber security community for over twenty-three (23) years, with expert level knowledge of security architecture and defense-in-depth design, critical infrastructure/industrial cyber, IoT, and IIoT. He has extensive cyber experience in the oil and gas, manufacturing, power utility, chemical, banking and telecommunications sector. In his current capacity as a Technical Product Security Leader, Digital Technology with Baker Hughes, a GE Company, Paul works closely with oil and gas, energy, and internal clients to integrate cyber security capabilities and strategies into their critical manufacturing and operating infrastructure lifecycles. His efforts enable customers and internal clients to weave defense-in-depth cyber strategies into the overall design of products and solutions, thereby contributing to the oil and gas industry’s ability to have a more defensible posture against some of the world’s most complex adversaries.
- Richard DeveraSecurity Architect, Check Point Software Technologies, Inc
Richard Devera is the Security Architect at Check Point Software Technologies, Inc.. His background includes 20+ years of industry security experience. Richard is involved in providing best practices security strategies for all areas in networking. He is considered on of the thought leaders within the company providing strategic and technology direction. Richard has held several successful positions at Check Point from a Security Engineer, Area SE Manager, to Regional SE Director. Prior to Check Point he held the position as a network engineer providing support for the Mission Control Center and other Space Operations Centers in across the world.
- Charles WilliamsSolutions Architect, Trend Micro
With over 17 years in security and compliance, Charles is a technology evangelist enabling customers globally from a pre-sales and post-sales perspective to ensure proper deployment and configuration of endpoint, gateway, and datacenter security solutions.
- James FarwellCounsel, Elkins PLC; Associate Fellow, Kings College, University of London
James counsels clients in the areas of Cybersecurity and Privacy Protection. He has a CIPP/US certification from the International Association of Privacy Professionals. James advised the U.S. Department of Defense and U.S. Special Operations Command on cybersecurity and strategic communication. He served as consultant to the U.S. Department of Defense. Non-resident Senior Fellow, Middle East Institute, Washington, D.C.
- Levone CampbellCyber Team Lead / Incident Coordinator, Aramco Services
Levone Campbell is the Cyber Security Lead / Incident Coordinator for his organization. Levone holds two Bachelor degrees in Management and Marketing from North Carolina A&T State University, a Masters in Business Administration from Walden University, and a Masters in Technology Management from Georgetown University. He also holds numerous certifications.
- Tauseef GhaziPrincipal, RSM US LLP
Ghazi currently serves as a principal in RSM’s security, privacy, and risk practice with more than 15 years of infrastructure security, system implementation and application security review experience. He leads RSM’s security, privacy and risk practice for the Central Region and leads RSM’s critical infrastructure practice nationally. In his role Ghazi leads teams that help our client build, operate or transform cyber security programs ranging from tactical initiatives to large-scale cyber program implementations both in IT and Operational Technology environments.
- Diane GlickInvestigative Auditor, State of Texas
30+ years experience in auditing and investigating white-collar crimes. Currently employed by Texas Office of Attorney General Medicaid Fraud Control Unit. Assisted Harris County DA in successfully prosecuting a case of cash theft of $150,000. Hold ACFE, CIA, and CGFM certifications. Past President of Houston Chapter, ACFE. Business Administration in Accounting from Oklahoma State University, and Masters of Liberal Studies from Rice University.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Don't miss out! Join your InfoSec peers for high-quality, affordable training and networking. Sign up today.