Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, May 7, 2019
    9:00 am
    SecureWorld PLUS - Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    9:00 am
    SecureWorld PLUS — Privacy Impact Assessments and Privacy Frameworks: Effective Tools to Identify and Mitigate Security and Privacy Risks
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CEO, The Privacy Professor, President, SIMBUS, LLC
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    This course will provide an overview of privacy frameworks and techniques to support a privacy program and to perform a privacy impact assessment (PIA):

    • Provide an overview of most widely used privacy frameworks, along with an update on the NIST privacy framework currently under development (Rebecca is a member of the NIST Privacy Framework core team)
    • Explain how to recognize, and distinguish between, privacy risks and privacy harms
    • Identify tools and methods to mitigate privacy risks and privacy harms that also support legal requirements for personal information protection
    • Provide an overview of how to perform a privacy impact assessment (PIA), and to identify the associated risk and harm mitigation actions
    • Walk through case studies for performing a PIA.
    9:00 am
    SecureWorld PLUS - Cyber Defense Ineffectiveness and What We Can Do About It
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    CEO, Alpine Security
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    Despite all the Next-Gen tools, latest products, compliance requirements, etc., breaches still happen daily. Why is this, and what can we do about it? This session uses data gathered from penetration tests, audits, and incident responses to focus on the current state of cyber defense. Solutions are emphasized to address common issues such as how most organizations focus on the wrong items, how egos get in the way, how compliance doesn’t really help, how risk is rarely assessed, and how cloud migrations can actually make security worse. This session includes group exercises.

  • Wednesday, May 8, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    7:30 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    8:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    8:30 am
    Present the Security Strategy to the Board for a Budget
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    We will share the strategy of how the VP of IT at APi Group presented the Security Strategy to the Board for budget approval.

    8:30 am
    IoT Defense: A Holistic Approach
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Reviewing the current state of IoT devices, their cloud endpoints and the connection between them to understand the threat landscape and where our focus needs to be in the years ahead.

    8:30 am
    Privacy Impact Assessments and Emerging Technologies
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Privacy laws and regulations continue to evolve rapidly in the U.S. at the federal and state levels. Combined with the European Union GDPR, these emerging standards underline the need for businesses to manage data as a regulated asset. The risks are heightened when developing or implementing emerging technologies, such as artificial intelligence, blockchain and biometric technologies. A key part of governance, both to reduce risk and to enable new innovations, is to perform impact assessments when implementing new technologies into the business, and as part of any new product development or innovation operations. This presentation will focus on privacy regulatory issues associated with emerging technologies, trends in structuring impact assessments, approaches to and objectives of PIAs, and ways in which to integrate PIA processes into the business.
    8:30 am
    Data Breach Digest – Perspective is Reality
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Data breaches are complex affairs. Response activities are proportionately complex involving various stakeholders with slightly different perspective. This presentation covers the 2017 “Data Breach Digest – Perspective is Reality”; a compendium of data breach scenarios told from different stakeholder points of view covering their decisions, actions and crucial lessons learned.

    9:30 am
    OPENING KEYNOTE — The Nation-State, the Corporation, and You: Cybersecurity in the Cyber Age
    • session level icon
    speaker photo
    CNN Military Analyst; USAF (Ret.), CEO, Cedric Leighton Associates
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:15 am
    Hacking Back: What Are the Legalities and Implications?
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Courtyard 4

    Numerous governments are now considering introducing legislation to make hacking back more legal, to open up a new collection of tools for defenders. The issue is in attributing an attack to the right source, understanding the attacker’s intent, and developing the right red team skills.

    11:15 am
    GDPR – End-to-End Impact
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Review of how GDPR will impact day-to-day operations and the support service. Direct impact to our ability to process in the EU.

    11:15 am
    IoT and Blockchain in Healthcare
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Tens of billions of connected devices will form the smart homes, cities and user experience of the future. The “Internet of Things” is a rich opportunity for IT Leaders but also presents some headaches, particularly when we think of medical and consumer devices in Healthcare. Hear the unique perspective from one of the nations largest healthcare providers on how they plan to step up to the challenge and how one notorious upstart technology, the “Blockchain”, can potentially benefit the “Smart Hospital.”

    11:15 am
    A Shared Leadership Approach to IT/Security
    • session level icon
    It's time to deputize everyone as IT/Security agents!
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    IT/Security is a company-wide responsibility, with company-wide exposure. Our IT/Security teams CAN’T do this alone. I provide tools, templates, visuals, on-boarding procedures, and new job descriptions—all easily implemented to provide a Shared Leadership Approach to IT/Security. We don’t have to pay outside vendors to secure our data when we can do it ourselves, internally! I will be providing a fast-moving, 30-slide presentation with handouts to take back to your company to begin the transformation right now.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    12:15 pm
    LUNCH KEYNOTE: Prevent Nightmares in the IoT
    • session level icon
    speaker photo
    CEO, The Privacy Professor, President, SIMBUS, LLC
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.

    1:15 pm
    Panel: Phishing and Social Engineering Scams
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes and CyberHunt Winners Announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win.

    3:00 pm
    The Dark Web, Cyber Crimes, and Cyber Intelligence
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    In this presentation we will learn about trends in cyber fraud tactics and attacks, how dark web markets and forums fuel cyber crime, and how they can be investigated for threat intelligence. In addition, we will learn how cyber criminals utilize digital currencies, and how these transactions can intersect with the formal financial sector. In addition we will discuss cyber awareness and cyber literacy as well as an introduction to Cyber Intelligence.

    3:00 pm
    Navigating the Alternative Facts of Malware Prevention
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    This presentation, given by an individual not linked to any anti-malware vendor, is the result of over two years of research covering several dozen tools in the anti-malware space, in an effort to find the ideal tool for our corporate environment. It is intended to be an in-depth focus on the evolution of the space, the tools, and the technologies behind them, with a “no holds barred” approach to presenting our evaluation methodology and results.

    3:00 pm
    Let's Stop Admiring the Human Factor Problem in Cybersecurity
    • session level icon
    speaker photo
    Cybersecurity Policy Fellow, New America Think Tank, New America
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Ninety-five percent of all cyber-attacks are human enabled. Organizations continue to fail at addressing human factors in cybersecurity due to a lack of education and appreciation for human factors as a science. With the increasing spending on technology to safeguard organizations’ critical networks, systems, and data, cybercriminals are circumventing defense-in-depth architectures to target humans, the weakest link. An existing fallacy is that technology will prevent data breaches, ransomware attacks, or cyber-attacks. In fact, integrating new technology creates unintended consequences that increase vulnerabilities. These technologically-induced vulnerabilities are human-enabled highlighting a lack of appreciation for human factors in cybersecurity–let’s reduce human-enable errors
Exhibitors
  • Alert Logic
    Booth: TBD

    Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

  • Alpine Security
    Booth: TBD

    Alpine Security is a Service Disabled Veteran owned Small Business. We have extensive experience with security audits, regulatory compliance audits, vulnerability assessments, penetration testing (network, application, web application, and physical), social engineering, incident response, digital forensics, and user awareness & technical training.  Our team members are Industry Certified, bring vast project experience, highly educated, trusted, and experienced.  We have been on United States government red teams and have experience with military cyber operations – offensive and defensive.  Our team is also well-versed and experienced with commercial security assessments, audits, penetration testing, risk assessments, and incident response.  We have performed penetration tests and assessments for numerous industries, including aerospace & defense, education, healthcare, financial, energy, and oil & gas.  Our extensive experience in high-risk and complex environments ensures we are prepared to test your environment, regardless of the risk-level or complexity.  We’ve been tested under fire.

  • Bitdefender
    Booth: 104

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures – Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • BlueAlly
    Booth: TBD

    We are a well-established and seasoned provider of Staffing and Managed Staffing Services. We have a range of offerings in this line that help our clients better access and better utilize contingent IT workers.

    We are experts in addressing contingent workforce needs of clients, and are set up to run comprehensive programs, from requirements-based staffing, Recruitment Process Outsourcing, and Vendor Management System engagements.

  • Comodo Cybersecurity
    Booth: TBD

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Global Cyber Alliance
    Booth: TBD

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • InfoSec-Conferences.com
    Booth: n/a

    We’re the InfoSec Community’s #1 ‘Go To’ resource for Cybersecurity Conferences. Since 2012 we’ve provided Cybersecurity Professionals with accurate event listings that are manually checked and updated every day.

  • InfraGard Kansas City
    Booth: TBD

    InfraGard Kansas City Members Alliance (IMA) is a non-profit organization serving as a public-private partnership among U.S. businesses, individuals involved in the protection and resilience of U.S. critical infrastructures, and the Federal Bureau of Investigation.

    The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States and has thousands of members. The FBI leads the U.S. Government side of InfraGard. The private sector side of InfraGard is led by a non-profit corporation, the InfraGard National Members Alliance, which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “Chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together. “InfraGard” is a registered service mark of the FBI.

  • ISACA Kansas City
    Booth: TBD

    Welcome to the local Kansas City Chapter of ISACA® (ISACA KC Chapter). The ISACA KC Chapter was founded in 1984 and continues to promote the education of individuals relating to the auditing of, management consulting in, or direct management of the fields of IT governance, IS audit, security, control and assurance.

  • (ISC)2 Kansas City Chapter
    Booth: TBD

    The mission of (ISC)² Kansas City (KC) Chapter is to advance the Information Security Profession by leveraging our shared body of knowledge to better our communities, groom the next generation of security professionals by delivering solutions to real-world security problems and issues that our members face.

    “We” began as a few security-minded friends that worked together.  We decided to quit talking about launching a local (ISC)² chapter in Kansas City or worse yet, wait around for someone else to do it for us.  We stepped up and took the initiative.  We have been growing as others hear about our group and join with us.

  • ISSA Central Plains Chapter
    Booth: TBD

    The Information Systems Security Association (ISSA) ® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.
    MEETINGS
    General Meetings are held monthly on the first Friday of the month. These meetings may have some type of formal presentation. In the absense of a presentation, the meeting will focus on a roundtable discussion based on the 8 domains of the CISSP CBK.

    Location: Friends University Business & Technology Bld 
    Corner of Hiram & Maple, Wichita, KS 67213
  • ISSA Kansas City
    Booth: TBD

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.

  • Ixia, a Keysight Business
    Booth: TBD

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Kansas City ECTF
    Booth: TBD

    The USSS ECTF aims to increase the resources, skills and vision by which state, local, and federal law enforcement agencies team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. The common purpose is the prevention, detection, mitigation, and aggressive investigation of attacks on the nation’s financial and critical infrastructures.

  • KC Tech Council
    Booth: TBD

    The KC Tech Council represents Kansas City’s tech industry, a diverse ecosystem anchored by multinational corporations and driven by innovative entrepreneurs, with industry footholds in Healthcare IT, Telecommunications, Digital Media, and more.

    In conjunction with strategic partners, active stakeholders and unique cultural and lifestyle advantages, the KC Tech Council elevates Kansas City as a leading technology hub.

    The KC Tech Council’s work helps to attract, retain and grow technology companies and highly skilled tech talent in Kansas City, ensuring the sustained competitiveness of our region into the future.

    The KC Tech Council is the operator of ChuteKC.com, an online-portal for tech candidates and employers to connect.

  • KnowBe4
    Booth: 113

    We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.

    KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

    The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.

    Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.

  • KU – Edwards Campus
    Booth: TBD

    The University of Kansas holds a tradition of excellence over a century old. In the 1970s, it shared that tradition with Greater Kansas City by providing courses to working professionals. In 1993 the university opened another location, the KU Edwards Campus, to provide permanent growth and education in the Kansas City community. In the past two decades, it has contributed more than $400 million to the Johnson County economy. In 2008, the Edwards Campus became proud partners in the Johnson County Education Research Triangle.

  • SailPoint
    Booth: TBD

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • SecKC
    Booth: TBD

    For those of you in Kansas City who find yourselves doing information security work as part of the day-to-day (be it consulting, penetration testing, internal compliance or just being the netadmin or sysadmin that has to mind the patches, firewalls and whatnot), I suggest trying to make it to SecKC.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Trend Micro
    Booth: TBD

    As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With more than 20 years of experience, we’re recognized as the market leader in server security for delivering top-ranked client, server, and cloud-based security solutions that stop threats faster and protect data in physical, virtualized, and cloud environments.

  • Women in Security – Kansas City
    Booth: TBD

    Here at Women in Security – Kansas City, our mission is to provide a focus for women in Information Security through peer mentoring, workshops, and networking opportunities. Our vision for Women in Security – Kansas City is to inspire and support women at all career levels in Information Security.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Rebecca Herold
    CEO, The Privacy Professor, President, SIMBUS, LLC

    Rebecca is CEO of The Privacy Professor® consultancy and President of SIMBUS, LLC, an infosec, privacy, technology, and compliance management cloud service. Rebecca has over 25 years of experience, has authored 19 books and hundreds of book chapters and published articles, and serves as an expert witness for information security, privacy, and compliance issues. Rebecca appears regularly on the KCWI23 morning television show and is based in Des Moines, Iowa.

  • speaker photo
    Christian Espinosa
    CEO, Alpine Security

    Christian Espinosa is Alpine Security's CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

  • speaker photo
    Col. Cedric Leighton
    CNN Military Analyst; USAF (Ret.), CEO, Cedric Leighton Associates

    Founder of a strategic risk consultancy after serving 26 years in the US Air Force, Cedric Leighton oversaw numerous critical intelligence missions throughout his career. He served at US Special Operations Command, the Joint Staff and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star.

    Currently, Cedric advises multinational businesses on cyber attacks and the management of complex global strategies to reduce risk and unpredictability.

  • speaker photo
    Rebecca Herold
    CEO, The Privacy Professor, President, SIMBUS, LLC

    Rebecca is CEO of The Privacy Professor® consultancy and President of SIMBUS, LLC, an infosec, privacy, technology, and compliance management cloud service. Rebecca has over 25 years of experience, has authored 19 books and hundreds of book chapters and published articles, and serves as an expert witness for information security, privacy, and compliance issues. Rebecca appears regularly on the KCWI23 morning television show and is based in Des Moines, Iowa.

  • speaker photo
    Calvin Nobles
    Cybersecurity Policy Fellow, New America Think Tank, New America

    Dr. Nobles is a Cybersecurity Scientist and practitioner with more than 25 years of experience. He teaches cybersecurity at several universities. He recently retired from the Navy and is currently employed in the Financial and Services Industry. Dr. Nobles is a Cybersecurity Policy Fellow with the New America Think Tank. He authored a book on the integration of technologically advanced aircraft in general aviation. His personal story is featured in the book, Black Men Changing the Narrative Through Education. Dr. Nobles serves as Chairman, of a Cybersecurity Technology Advisory Board and on the Intelligence and National Security Alliance Cyber Council. He has fulfilled various executive-level positions as a cybersecurity professional.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!