Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, May 8, 2018
    9:00 am
    [SecureWorld PLUS] Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: Courtyard 2

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    9:00 am
    SecureWorld PLUS Course – Big Data and IoT: Wonderful, Terrible, Inevitable
    • session level icon
    9 a.m. - 3 p.m. - Earn 12 CPEs!
    speaker photo
    CISSP, President, O'Leary Management Education
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: Courtyard 3

    Join us the day before the conference for 6 additional CPE credits (12 total when attending the PLUS course and the conference).

    Big Data and the Internet of Things are revolutionizing virtually every industry. We’re told of pinpoint accurate medical records and diagnostics, all-encompassing analytics, mastery of industrial processes, effortless control of our static and moving environments and complete connectivity and communication with anything and everything we might ever imagine being useful. Wonderful!

    But SecureWorld attendees and others who’ve been in IT Security for any appreciable time have an internal red flag that goes up upon hearing “It’s gonna be great!” Then those euphoria-deflating security questions start multiplying and running through our somewhat addled brains. Where is all this Big Data coming from? Where will it reside? Who controls it? Who grants access? On what basis? How do we know it’s accurate, relevant? Is it complete enough for life and death medical decisions? What about analytics system administration; data monitoring and correction procedures; incompatible security architectures? Oh yeah, and privacy?

    What kind of security is built into all these Internet-connected devices? How easy is it to control access? Is the data they trade and store encrypted? Who’s liable if they fail or give erroneous signals?

    Big Data and IoT are neither fads nor merely trends, they constitute a revolution. There’s no going back. Join us as we look from a security perspective at both the bright and dark sides.

  • Wednesday, May 9, 2018
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    Location / Room: Courtyard 7

    This session is for our Advisory Council members only.

    8:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    8:30 am
    Are You Spending Your InfoSec Dollars in the Right Place?
    • session level icon
    speaker photo
    VP of Information Security, Veterans United Home Loans
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Courtyard 5

    Are you allocating your Infosec budget properly? This presentation will discuss how to evaluate whether you are increasing your security posture with your spending.

    8:30 am
    InfraGard Meeting: Light Breakfast and Guest Presentation - Open to all Attendees
    • session level icon
    Presenting: Threat Intelligence Panel
    speaker photo
    Special Agent, FBI Kansas City Division
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Interested in your local associations? Join InfraGard for a chapter meeting, light breakfast, and guest presentation. This session is open to all attendees.
    Guest Presentation:
    Threat Intelligence Panel

    8:30 am
    ISACA Meeting: Light Breakfast and Guest Presentation - Open to all Attendees
    • session level icon
    Presenting: How Effective is Your Cybersecurity Awareness and Training Program?
    speaker photo
    Security Risk and Compliance Analyst, Johnson County (KS) Government
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Courtyard 4

    Interested in your local associations? Join ISACA for a chapter meeting, light breakfast and guest presentation. This session is open to all attendees. Guest Presentation:
    Traditionally, training & awareness programs have been measured by completion rates, test scores and number of incidents but is that the best way to measure the effectiveness of your program? Even with training and awareness programs, companies will have incidents with phishing emails, unpatched systems, weak passwords, or improper use of admin.

    This presentation will cover common issues organizations face, provide an overview of common compliance requirements and frameworks, provides guidance on ways to enhance programs and define better measurements to promote an effective learning strategy to your organization

    8:30 am
    Information Security – A Global Perspective
    • session level icon
    speaker photo
    Global CISO, Black & Veatch
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Courtyard 6

    A look at the differences and nuances for Information Security for a global company. Managing the differences in Information Security and Cyber Threats between countries and regions

    9:30 am
    OPENING KEYNOTE: Department of Homeland Security Cybersecurity Overview
    • session level icon
    speaker photo
    Cybersecurity Advisor, Department of Homeland Security
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    The Department of Homeland Security (DHS) employs a risk-informed, all-hazards approach to safeguarding critical infrastructure in cyberspace that emphasizes protections for privacy and civil liberties, transparent and accessible security processes, and domestic and international partnerships that further collective action.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:15 am
    Do You Have a Security Doctrine? Going from Compliance Frameworks to Defense
    • session level icon
    speaker photo
    CISO, Blue Cross and Blue Shield of Kansas City
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Courtyard 4

    The questions that every security leader struggles to answer are “How secure are we?” and “What do I do first?”. In addition, security leaders are under a lot of pressure to show quick wins while knowing full well that everything they do will be heavily scrutinized and challenged, and ultimately, they will pay the price for things that are not under their control. To that end many security leaders take the approach of checking the compliance frameworks boxes frameworks (NIST, ISO, etc.), and while this approach may provide a blanket to cover one’s back side it is ineffective against real world adversaries.

    In this session, Yaron Levi, CISO of Blue Cross and Blue Shield of Kansas City, will share his company’s vision and approach for building a security practice that is based on defense against real adversaries not just compliance.

    11:15 am
    Wombat: End-User Cybersecurity Behaviors: The Importance of Training Beyond the Phish
    • session level icon
    speaker photo
    Chief Architect, Wombat Security, a division of Proofpoint
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Courtyard 3

    Phishing has long been a headline threat for infosec teams — but email is just one entry point for cybercriminals. Attendees will learn why it’s important to assess and train their end users about cybersecurity threats beyond email-based social engineering, and see how data insights from knowledge assessments and training activities differ from those related to simulated phishing attacks.

    11:15 am
    Cisco: One Social Profile to Rule Them All - Social Media Exploitation
    • session level icon
    Phishing may be old news, yet it's still a very popular method...
    speaker photo
    Cisco, Security Architect
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Courtyard 5

    If you have been on the internet the last 10 years, then you likely are using some form of social media. You probably have heard of phishing however, could social media be used for phishing and what potential danger could occur from social media sources? Find the answer to those and other phishing related questions based on a real penetration test that leveraged phishing as a means to deliver advanced exploitation. The speaker is the author of various penetration testing, forensics and SOC best practices titles giving his real world experience with social media exploitation.

    11:15 am
    The Building Blocks of Security
    • session level icon
    How to effectively deliver your message of security and the top 5 items you should focus on.
    speaker photo
    Director, Information Security, AMC Theatres
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Courtyard 6

    As security professionals, we often struggle with the availability of knowledgeable security talent and getting executives to buy into our security programs. We are responsible for providing the best security with limited assets and resources. With so many new threat vectors and new security events appearing in the media everyday, what factors will provide us the most protection?

    In this session, Britney Hommertzheim will briefly review how to effectively deliver your message of security and the top 5 items you should focus on. You will also gain an appreciation on why your ability to influence will determine your security program’s success.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: Courtyard 7

    This session is for Advisory Council members only.

    12:15 pm
    LUNCH KEYNOTE: Smart Cities: Safe, Secure, and Citizen-Centric
    • session level icon
    speaker photo
    Founder & Managing Director, KC Digital Drive
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Smart Cities is currently a buzzword that means 101 things to 100 people. While industry leaders each twist the term to meet business models and technology tools, city residents frequently focus more on how the city provides water, services, and public safety in an efficient manner. In Kansas City, the city and regional leadership are trying to focus more on what the city does and “smartifying” it before applying a technology solution. When tech solutions are needed, they are tailored, scaled, and deployed in a manner that makes a resident or visitor’s experience consistent with how they live the rest of their lives.

    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.
    Panelists
    Sean Griesheimer, RSA
    Scott Hamann, One Identity
    Heeyoung Sim, Darktrace
    Justin Sharples,Core First Bank & Trust
    Rich Keith, SailPoint
    Moderator: John Godfrey, CISO, University of Kansas Medical Center

    1:15 pm
    Panel: Cloudy with a Chance of Breach
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Courtyard 3

    Everything old is new again. Migrating to the cloud certainly is not a new thing. It is for some smaller companies that are just now able to afford making the move to the cloud. Cloud boasts a secure, disaster proof option for companies to store their data offsite with access to that data from practically anywhere. So, who’s fault is it when the data is compromised? What if your information is stolen from the cloud because another user’s data was at fault? At the end of the day, isn’t the cloud just someone else’s computer? Join this panel discussion as they guide you through the pros and cons in migrating to the cloud.
    Panelists
    Ronald Pipkins, Alert Logic
    Brandon Bradshaw, Trend Micro
    Ron Shuck, CURO Financial Technologies Corp.
    Kevin Augspurger, Unite Private Networks
    Moderator: Florian Yanez, Helzberg Diamonds

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    Cybersecurity Threat Intelligence and the Dark Web
    • session level icon
    speaker photo
    Director of Cybersecurity, BKD CPAs & Advisors
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Courtyard 4

    This session will cover current threats and trends in cybersecurity. Discuss options for cyber threat intelligence by understanding the extent of PII, PHI, credit card information, and intellectual property stolen from organizations that are now available through the dark web.

    3:00 pm
    Comodo Cybersecurity — World Map of Malware: The Geography of Hostile Code
    • session level icon
    speaker photo
    Senior Fellow, Atlantic Council
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Courtyard 6
    Every nation and economic vertical has its own unique malware fingerprint. Using geographic and network visualization tools, this presentation shows that cyber defenders can benefit from spending more time on strategic cyber defense analysis, which provides actionable intelligence to network security specialists at the tactical level. This research plots a wide range of malware types on world maps and trendlines, including trojans, worms, viruses, backdoors, packed malware and malicious applications. It shows how cities, countries, and geopolitical events each have their own malware profiles that help to make sense of malicious code on any enterprise network.

     

    3:00 pm
    Active Defense – Attacking the Attacker
    • session level icon
    speaker photo
    CISO, Cboe Global Markets
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Courtyard 5
    Penetration testing, vulnerability scanning and internal audit may discover vulnerabilities, misconfigurations and inadequate documentation but how do you know what you don’t know? Through four simple techniques, your security team will have the ability to not only discover zero days but proactively predict when and where adversaries will attack next.
    3:00 pm
    Executive Leadership Panel: Building a Career in Cybersecurity
    • session level icon
    speaker photo
    CISO, Blue Cross and Blue Shield of Kansas City
    speaker photo
    CISO, UMB Bank
    speaker photo
    Vice President, Chief Security Officer, MedeAnalytics
    speaker photo
    Sr. Director of Cybersecurity and IT Infrastructure, Kansas City Power & Light
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Courtyard 3

    Every security leader has a different and sometimes unique story about how they got to where they are. In many cases, they didn’t imagine that one day they will end up in security.
    Moreover, security is relatively new practice, it is done differently in every organization, and is a target that is moving constantly.

    In this panel we will hear from our panelists about:
    1. How do you develop your career in Security?
    2. What skills do you need to have?
    3. How do you keep yourself up to date?
    4. Stories from the front lines and a-ha moments

Exhibitors
  • Bay Pay Forum
    Booth: TBD

    The BayPay Forum, a Silicon Valley-based international network composed of over 14,000 payment and commerce executives, entrepreneurs and investors from thousands of different companies, serves as a forum to connect members in identifying and understanding the emerging trends and innovations in the industry.

  • Bitdefender
    Booth: 104

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures – Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • Carbon Black
    Booth: 211

    Carbon Black is Transforming Security Through Big Data and Analytics in the Cloud Growing trends in mobility and cloud have made the endpoint the new perimeter. New and emerging attacks are beating traditional defenses, and security teams are too reactive and held back by their technologies. Carbon Black is leveraging the power of big data and analytics to solve the challenges surrounding endpoint security. With the Cb Predictive Security Cloud platform, we are transforming cybersecurity to deliver a new generation of cloud-delivered security solutions designed to protect against the most advanced threats.

     

  • Check Point Security
    Booth: 203

    Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

  • CIOReview
    Booth: TBD

    CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIOReview is an excellent platform for the enterprise to showcase their innovative solutions.

  • Cisco
    Booth: 145

    Cisco builds truly effective security solutions that are simple, open and automated. Drawing on unparalleled network presence as well as the industry’s broadest and deepest technology and talent, Cisco delivers ultimate visibility and responsiveness to detect more threats and remediate them faster. With Cisco, companies are poised to securely take advantage of a new world of digital business opportunities.

  • Comodo Cybersecurity
    Booth: 126

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • Critical Start
    Booth: 201

    Critical Start is a cybersecurity company with a holistic, customer-focused approach. We work with our customers to understand the impact of IT on their business and determine the associated risks. Using this risk profile, we can offer big-picture guidance on the strategies and controls that will enable them to effectively manage risk and improve security. Critical Start is 100% employee owned by a team of experts who are passionate about security, quality and service. For more information on what sets us apart, visit criticalstart.com.

  • CyberArk Software
    Booth: 101

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Cyberbit
    Booth: 133

    Cyberbit provides a consolidated detection and response platform that protects an organization’s entire attack surface across IT, OT and IoT networks. Cyberbit products have been forged in the toughest environments on the globe and include: behavioral threat detection, incident response automation and orchestration, ICS/SCADA security, and the world’s leading cyber range. Since founded in mid-2015 Cyberbit’s products were rapidly adopted by enterprises, governments, academic institutions and MSSPs around the world. Cyberbit is a subsidiary of Elbit Systems (NASDAQ: ESLT) and has offices in Israel, the US, Europe, and Asia.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Friends University
    Booth: 300

    Friends University, a Christian University of Quaker heritage, equips students to honor God and serve others by integrating their intellectual, spiritual and professional lives.

    As searchers and learners, we support curiosity and research, and assign great value to diversity of experience. As people who value such diversity and openness, we approach new situations and people with good will and humility. We believe in equity and in the dignity of all people.

    As a community, we accept and cherish our responsibility to care for one another in our learning and working relationships. We understand that a part of that care must be to become better stewards of what we have been given. We take care of the future as if we already are there.

  • Global Cyber Alliance
    Booth: TBD

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • GuidePoint Security LLC
    Booth: 108

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

  • IBM Resilient
    Booth: 213

    In an industry focused on building walls, IBM Security is focused on creating an open, connected security ecosystem that leverages AI, cloud, orchestration and collaboration to help clients improve compliance, stop threats and grow their businesses securely. Our strategy reflects our belief that today’s defenses will not suffice tomorrow. It challenges us to approach our work, support our clients and lead the industry, allowing you to be fearless in the face of cyber uncertainty.

  • InfraGard Kansas City
    Booth: TBD

    InfraGard Kansas City Members Alliance (IMA) is a non-profit organization serving as a public-private partnership among U.S. businesses, individuals involved in the protection and resilience of U.S. critical infrastructures, and the Federal Bureau of Investigation.

    The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States and has thousands of members. The FBI leads the U.S. Government side of InfraGard. The private sector side of InfraGard is led by a non-profit corporation, the InfraGard National Members Alliance, which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “Chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together. “InfraGard” is a registered service mark of the FBI.

  • ISACA Kansas City
    Booth: TBD

    Welcome to the local Kansas City Chapter of ISACA® (ISACA KC Chapter). The ISACA KC Chapter was founded in 1984 and continues to promote the education of individuals relating to the auditing of, management consulting in, or direct management of the fields of IT governance, IS audit, security, control and assurance.

  • (ISC)2 Kansas City Chapter
    Booth: TBD

    The mission of (ISC)² Kansas City (KC) Chapter is to advance the Information Security Profession by leveraging our shared body of knowledge to better our communities, groom the next generation of security professionals by delivering solutions to real-world security problems and issues that our members face.

    “We” began as a few security-minded friends that worked together.  We decided to quit talking about launching a local (ISC)² chapter in Kansas City or worse yet, wait around for someone else to do it for us.  We stepped up and took the initiative.  We have been growing as others hear about our group and join with us.

  • ISSA Kansas City
    Booth: TBD

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

  • Ixia, a Keysight Business
    Booth: 228

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Kansas City ECTF
    Booth: TBD

    The USSS ECTF aims to increase the resources, skills and vision by which state, local, and federal law enforcement agencies team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. The common purpose is the prevention, detection, mitigation, and aggressive investigation of attacks on the nation’s financial and critical infrastructures.

  • KC Tech Council
    Booth: TBD

    The KC Tech Council represents Kansas City’s tech industry, a diverse ecosystem anchored by multinational corporations and driven by innovative entrepreneurs, with industry footholds in Healthcare IT, Telecommunications, Digital Media, and more.

    In conjunction with strategic partners, active stakeholders and unique cultural and lifestyle advantages, the KC Tech Council elevates Kansas City as a leading technology hub.

    The KC Tech Council’s work helps to attract, retain and grow technology companies and highly skilled tech talent in Kansas City, ensuring the sustained competitiveness of our region into the future.

    The KC Tech Council is the operator of ChuteKC.com, an online-portal for tech candidates and employers to connect.

  • KnowBe4
    Booth: 113

    We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.

    KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

    The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.

    Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.

  • KU – Edwards Campus
    Booth: TBD

    The University of Kansas holds a tradition of excellence over a century old. In the 1970s, it shared that tradition with Greater Kansas City by providing courses to working professionals. In 1993 the university opened another location, the KU Edwards Campus, to provide permanent growth and education in the Kansas City community. In the past two decades, it has contributed more than $400 million to the Johnson County economy. In 2008, the Edwards Campus became proud partners in the Johnson County Education Research Triangle.

  • SailPoint
    Booth: 101

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • SecKC
    Booth: TBD

    For those of you in Kansas City who find yourselves doing information security work as part of the day-to-day (be it consulting, penetration testing, internal compliance or just being the netadmin or sysadmin that has to mind the patches, firewalls and whatnot), I suggest trying to make it to SecKC.

  • Securonix
    Booth: 225

    Securonix is redefining the next generation of cyber-threat detection using the power of machine learning and big data. Our purpose-built security analytics platform uses machine learning to track and create baselines of user, account, and system behavior and detects the most advanced insider threats, cyber threats, and fraud activities in real time. Built on a Hadoop platform, the Securonix solution provides an open platform with unlimited scalability. Securonix provides incident orchestration capabilities with playbooks that enable automated incident response. Globally, customers use Securonix to address their insider threat, cyber threat, cloud security, fraud, and application security monitoring requirements. Visit www.securonix.com.

  • SentinelOne
    Booth: 100

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • Skyhigh Networks
    Booth: 209

    Enterprises are responsible for how they use cloud services. But today’s security is designed for the network and devices, not the cloud. Skyhigh gives enterprises the tools they need to protect data and users in real time across all cloud services without introducing any friction to the user experience. With total control over their data and activities, enterprises can confidently leverage cloud to accelerate their business. It’s security that accelerates business.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tufin
    Booth: 221

    As the market leader of award-winning Security Policy Orchestration solutions, Tufin provides enterprises with the ability to streamline the management of security policies across complex, heterogeneous environments. With more than 2,000 customers, Tufin automatically designs, provisions, analyzes and audits network security configuration changes – from the application layer down to the network layer – accurately and securely. It assures business continuity with a tight security posture, rapid service delivery and regulatory compliance across physical, private, public and hybrid cloud environments.

  • Wombat Security Technologies
    Booth: 208

    Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%.

  • Women in Security – Kansas City
    Booth: TBD

    Here at Women in Security – Kansas City, our mission is to provide a focus for women in Information Security through peer mentoring, workshops, and networking opportunities. Our vision for Women in Security – Kansas City is to inspire and support women at all career levels in Information Security.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    John O'Leary
    CISSP, President, O'Leary Management Education

    John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John is the recipient of the 2004 COSAC award, the 2006 EuroSec Prix de Fidelite, and the 2011 ISC2 Lifetime Achievement Award

  • speaker photo
    Randy Raw
    VP of Information Security, Veterans United Home Loans

    Randy Raw is Director of Information Security, serving as the Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has 25 years of experience in both public entities and private industry, having built three Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community and the Central Missouri InfraGard chapter. He has spoken at SecureWorld on many technical topics and this years turns his focus towards helping others move from the technical trenches to a leadership role.

  • speaker photo
    Ryan Ewing
    Special Agent, FBI Kansas City Division

    Special Agent Ryan Ewing has been with the FBI for over 8 years with assignments within Cyber Task Forces in the Miami Field Office, Columbia Field Office and Kansas City Field Office. He has had investigative cases for Cyber Criminal matters as well as Cyber National Security matters. Through the FBI continuing education program, he has held certifications through the SANS institute to include GCIH, GCFE, GCFA.

  • speaker photo
    Donna Vieira
    Security Risk and Compliance Analyst, Johnson County (KS) Government

    Donna Vieira , CRISC, has been an Information Security Awareness Professional for since 1999. She is a Certified Risk and Information Systems Control (CRISC) through ISACA, which is designed for IT professional with hands-on experience with risk identification, assessment, evaluation, response and monitoring.

  • speaker photo
    James Waters
    Global CISO, Black & Veatch

    Currently the Global CISO for Black & Veatch and responsible for the security of all things digital/cyber within the enterprise. Previously the Chief IT Strategist and Security Director for HNTB, and prior to that as Senior IT Architect for the Federal Reserve.

  • speaker photo
    Geoff Jenista
    Cybersecurity Advisor, Department of Homeland Security

    Mr. Jenista serves as the Region VII, (MO, KS, NE, IA), Cyber Security Advisor within the U.S. Department of Homeland Security’s Office of Cybersecurity & Communications (CS&C). His program coordinates cyber preparedness, risk mitigation and incident response, and provides cyber security resources, including assessments, to the nation’s sixteen critical infrastructure sectors and state, local, tribal, and territorial government entities.

  • speaker photo
    Yaron Levi
    CISO, Blue Cross and Blue Shield of Kansas City

    Yaron Levi is the CISO for Blue Cross and Blue Shield of Kansas City (Blue KC), Prior to joining Blue KC, Yaron was a Director of Information Security for Cerner Corporation; an Information Security Business Partner for Intuit; an Information Security Architect and Product Manager for eBay; and a Director of Cloud Security for ANX. Yaron is a Research Fellow for the Cloud Security Alliance, serves as an advisory board member for several information security companies and is the co-founder of the Kansas City CISO forum. In 2018, Yaron graduated from the FBI CISO academy and is currently serves on the board of InfraGard KC

  • speaker photo
    Kurt Wescoe
    Chief Architect, Wombat Security, a division of Proofpoint

    As Chief Architect at Wombat Security, Kurt is responsible for ensuring Wombat's software and systems are built on a sound foundation. He brings over 10 years of experience in engineering, across multiple industries. He also serves as a faculty member in the School of Computer Science’s master’s program in e-Business at Carnegie Mellon University. Kurt earned his M.Sc. in E-Commerce from CMU, and a B.S. in Computer Engineering from the University of Pittsburgh.

  • speaker photo
    Joseph Muniz
    Cisco, Security Architect

    Joseph Muniz is an architect at Cisco Systems and security researcher. He has extensive experience in designing security solutions and architectures for the top Fortune 500 corporations and US Government. Joseph runs thesecurityblogger website, a popular resource for security and product implementation. He is the author and contributor of several publications including titles on building security operations centers (SOC)s, CCNA cyber ops certification, web penetration testing and hacking with raspberry pi. Joseph's next title, Digital Forensics for Network Engineers released on Cisco Press was released late February 2018. Follow Joseph at www.thesecurityblogger.com and @SecureBlogger.

  • speaker photo
    Britney Hommertzheim
    Director, Information Security, AMC Theatres

    Britney began the first decade of her security career in the US Army where she managed over 90 teams and traveled internationally to assess the security of international government partners. She now oversees the Information Security Department for AMC Theatres. She is responsible for the development and implementation of the global strategy, oversees all security personnel, and ensures executive-level concerns are addressed. Britney is a certified CISSP, CISM, PMP, and holds certifications for CompTIA S+, CCSK, and IT Business Management. She holds a BS in Applied & Discrete Mathematics, and an MS in Cybersecurity. She was also named an IT Security Power Player by SC Magazine.

  • speaker photo
    Aaron Deacon
    Founder & Managing Director, KC Digital Drive

    Aaron Deacon is the founder and managing director of KC Digital Drive, a nonprofit civic organization with a mission to make Kansas City a digital leader and help cities adapt to disruptive technology change. He works with mayors, entrepreneurs and civic leaders in Kansas City and around the world to help build ecosystems that connect infrastructure, emerging technology and social impact. He combines a high-level strategic approach with boots-on-the-ground project implementation and management in smart cities, civic tech, digital inclusion, digital health, and education.

    Through KC Digital Drive, Aaron helps to lead the Code for KC Brigade, the Health Innovation Team, and the KC Coalition for Digital Inclusion. Aaron is a founder and producer of the Gigabit City Summit, an annual conference on how cities build value on technology infrastructure. He also leads Kansas City’s participation in a number of global initiatives including US Ignite, NIST’s Global City Teams Challenge, the IEEE Smart City Initiative and the MetroLab Network.

    Aaron’s work in cities and technology began as an instrumental leader in helping Kansas City prepare to be the first market for Google Fiber. He created and led a variety of community engagement initiatives around broadband deployment, including Building the Gigabit City and Give Us a Gig. He continues to help cities develop community playbooks to take advantage of ultra high-speed broadband.

    Prior to working in the civic sphere, Aaron honed his skills in innovation management, design thinking product development, strategic planning and qualitative and quantitative research as a consultant and project director for a variety of Fortune 500 clients. He is the founder and principal of the research and strategic planning firm Curiolab. He earned a master’s degree in social science from the University of Chicago and a bachelor’s degree in history from the University of Dallas, and taught high school Latin for two years in between.

  • speaker photo
    Rex Johnson
    Director of Cybersecurity, BKD CPAs & Advisors

    Rex is a strategic and technical leader with more than 25 years of experience in security and privacy, enterprise risk management, security management and operations, IT governance, application development, internal and external audit, regulatory compliance, and controls assurance. He has served as the lead executive with responsibility for planning, budgeting, execution and delivery of cybersecurity assessments, process control assessments, enterprise security roadmaps, incident response, IT governance, IT performance, IT risk assessment, penetration testing and diagnostics. Rex is a retired Army Lieutenant Colonel with the following certifications: CISSP, CISA, CIPT, PCI QSA, and PMP.

  • speaker photo
    Kenneth Geers
    Senior Fellow, Atlantic Council

    Kenneth Geers (PhD, CISSP): NATO Cyber Centre Ambassador, Atlantic Council Senior Fellow, Digital Society Institute-Berlin Affiliate, TSN University of Kyiv Professor, Ukraine. 20 years US Government (US Army, NSA, NCIS, NATO); FireEye Senior Global Threat Analyst. Author “Strategic Cyber Security”, Editor “Cyber War in Perspective”, Editor “The Virtual Battlefield”, Technical Expert “Tallinn Manual”, many articles and chapters on international and cyber security.

  • speaker photo
    Aaron Weissenfluh
    CISO, Cboe Global Markets

    Aaron Weissenfluh currently serves as the Chief Information Security Officer of one of the largest stock exchanges in the world. He has presented internationally and leads the charge to forever end the metrics based approach to security.

  • speaker photo
    Moderator: Yaron Levi
    CISO, Blue Cross and Blue Shield of Kansas City

    Yaron Levi is the CISO for Blue Cross and Blue Shield of Kansas City, where he oversees both cyber and physical security.

  • speaker photo
    Sara Flores
    CISO, UMB Bank

    Sara serves as Senior Vice President and Chief Information Security Officer for UMB Financial Corporation (UMB), overseeing UMB’s information security and privacy programs. A 15+ year veteran in information technology and information security, Sara has worked with a wide range of financial services firms to enhance their security posture. Her industry certifications include Certified Information Security Manager, Certified Information Privacy Professional, and Certified Information Systems Auditor. Sara is also a member of a number of industry organizations including the Investment Company Institute CISO Advisory Council, International Association of Privacy Professionals, Mid-size Bank Coalition of America CISO Group, ISACA (previously Information Security Audit and Controls Association), Information Systems Security Association, and the Financial Services Information Sharing and Analysis Center.

  • speaker photo
    Cindi Carter
    Vice President, Chief Security Officer, MedeAnalytics

    As Vice President, Chief Security Officer (CSO) at MedeAnalytics, Cindi oversees global enterprise security. Her mission encompasses creating a culture that places high value on securing and protecting MedeAnalytics and the clients’ information entrusted to them. Cindi has built and matured both cyber and physical security practices at The University of Michigan Health System and Cerner Corporation. More recently, Cindi served as the Deputy Chief Information Security Officer at Blue Cross and Blue Shield of Kansas City. Cindi is the founding President of Women in Security-Kansas City, a non-profit organization with the mission to support women at all career levels in Information Security, and serves as an Advisory Board member within the security industry.

  • speaker photo
    Gary Johnson
    Sr. Director of Cybersecurity and IT Infrastructure, Kansas City Power & Light

    Gary Johnson is a US Army veteran who has over 30 years of IT experience. He is the Sr. Director of Cybersecurity and IT Infrastructure for Kansas City Power & Light. Prior to that he spent 10 years at Cerner Corporation helping build their IT Infrastructure for the first five years and then led their security program the last five. He has a demonstrated history of working in Cybersecurity, Enterprise Architecture, IT Strategy, Data Center Operations, Networking, and Professional Services.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store