- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Tuesday, May 7, 20199:00 am[SecureWorld PLUS] Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework9 a.m. - 3 p.m. • Earn 12 CPEs!Sr. Cybersecurity Consultant, Wilson CyberRegistration Level:
- SecureWorld Plus
9:00 am - 3:00 pmLocation / Room: Courtyard 7The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.
This innovative education and training program includes the following key elements:
- An introduction to the key components of the NIST Cybersecurity Framework
- How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
- An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
- How to use the Framework to protect critical information assets
- A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
- A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report
The class will help individuals and organizations acquire knowledge, skills, and abilities to:
- Develop a strategy to apply the NIST Cybersecurity Framework to their environment
- Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
- Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
- Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
- Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
- Identify required workforce skills and develop career pathways for improving skills and experience
About the instructor:
- Larry Wilson is the CISO for UMass President’s Office since 2009.
- Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
- Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
- Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.
The program and its author have won the following industry awards:
- Security Magazine’s Most Influential People in Security, 2016
- SANS People Who Made a Difference in Cybersecurity Award, 2013
- Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
9:00 am[SecureWorld PLUS] Cyber Defense Ineffectiveness and What We Can Do About It9 a.m. - 3 p.m. • Earn 12 CPEs!CEO, Blue Goat CyberRegistration Level:- SecureWorld Plus
9:00 am - 3:00 pmLocation / Room: Courtyard 6Alpine Security CEO, Christian Espinosa, a bronze sponsor of SecureWorld Chicago, hosts SecureWorld Plus training session on Cyber Defense Ineffectiveness and What We Can Do About It. Attendees will be exposed to data gathered from real-world penetration tests, audits, and incident responses, bringing attention to the current state of cyber defense. Attendees will become familiar with the top 5 trending cybersecurity misconceptions and learn actionable solutions and tools to approach cyber defense and to create a more secure world. Upon completion of this 6-hour training session, attendees will be eligible to receive 12 CPE’s.
“Ransomware & cyber extortion are effective because organizations blindly implement controls without a risk-based strategy, have poor cybersecurity awareness, and have difficulty determining the validity of ‘incriminating data’ used for cyber extortion.” -Christian Espinosa
Throughout this training session, Christian Espinosa will candidly discuss the following key elements:
- Despite all the Next-Gen tools, latest products, compliance requirements, etc., breaches still happen daily. Why is this, and what can we do about it?
- Data gathered from real-world penetration tests, audits, and incident responses to focus on the current state of cyber defense.
- Motivations, breaches, and primary tactics used by attackers.
- Opportunities and solutions to address common issues such as how more organizations focus on the wrong items, how egos get in the way, how compliance doesn’t really help, how risk is rarely assessed, and how cloud migrations can actually make security worse.
During this training session, you can expect to participate in group activities and discussions. Be open to new ideas and approaches. We can learn from each other.
Meet the Trainer:
Christian Espinosa is Alpine Security’s CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons. - Wednesday, May 8, 20197:00 amRegistration openRegistration Level:
- Open Sessions
7:00 am - 3:00 pmLocation / Room: Registration DeskCome to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
7:30 amAdvisory Council Breakfast – (VIP / INVITE ONLY)CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCRegistration Level:- VIP / Exclusive
7:30 am - 8:30 amLocation / Room: Courtyard 7This session is for our Advisory Council members only.
8:00 amExhibitor Hall openRegistration Level:- Open Sessions
8:00 am - 3:00 pmLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:30 amWord on the Street Is: A Lil' Bit of Awareness Will Make It SecureProgram Manager, Security Learning & Awareness, MetaRegistration Level:- Conference Pass
8:30 am - 9:15 amLocation / Room: Courtyard 5Security awareness is often viewed as this intangible part of information security that is always “too” something—too costly, too much effort, too difficult to qualify. But word on the street is that a little bit of awareness is worth its weight in salt, so why are there so many varying perspectives on precisely “how” to implement a security awareness program? The answer is simple: If the streets are talking, shouldn’t someone be listening? 8:30 am7 Ways to Boost InfoSec’s Influence (and Yours) by Communicating DifferentlyDirector of Media & Content, Podcast Host, SecureWorldRegistration Level:- Conference Pass
8:30 am - 9:15 amLocation / Room: Courtyard 3Grow your personal influence, your leadership possibilities and move your InfoSec objectives forward (faster) by thinking differently about how you communicate. Whether your audience is the board, your team, or any part of the business, this session will help you and your communication stand out. Lead by a long-time TV reporter turned cybersecurity journalist who shares a framework for powerful communication you can implement immediately.
8:30 amInfraGard Meeting: Light Breakfast and Guest Presentation - Open to all AttendeesPresenting: Threat Intelligence PanelDirector, Solutions Engineering, @RISK Technologies, Inc.Supervisory Special Agent, Cyber Crime Task Force , Federal Bureau of InvestigationIntelligence Analyst, FBIRegistration Level:- Open Sessions
8:30 am - 9:15 amLocation / Room: Keynote TheaterInterested in your local associations? Join InfraGard for a chapter meeting, light breakfast, and guest presentation. This session is open to all attendees.
Guest Presentation:
Threat Intelligence Panel9:30 amOPENING KEYNOTE — The Nation-State, the Corporation, and You: Cybersecurity in the Cyber AgeCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCRegistration Level:- Open Sessions
9:30 am - 10:15 amLocation / Room: Keynote Theater10:15 amConference Break / Exhibitor Product DemonstrationRegistration Level:- Open Sessions
10:15 am - 11:15 amLocation / Room: Exhibitor FloorReboot with coffee and infused water while visiting exhibitors on the exhibitor floor.
11:15 amThe Four Horsemen of the Security ApocalypseCISO, Dolby LaboratoriesRegistration Level:- Conference Pass
11:15 am - 12:00 pmLocation / Room: Courtyard 5Machine Learning, AI, IoT, Block Chain …. The new gold rush for digital transformation is taking everyone by storm. From market analysts, to expert consultants and other technology gurus, organizations are bombarded by articles, reports and predictions that warn them to get onboard the digital bandwagon or die.
In this perfect storm CISOs are often threatened that if they stand in the way of the business gold miners they will be bypassed or worse eliminated.
In this talk, I will explore the pressures and the challenges of the modern CISO, what they can do to survive in this harsh environment and how to enable the business through defense and not just compliance.
11:15 amThe United States Secret Service’s Cyber Threat Answer: The Electronic Crimes Task ForceSenior Special Agent, United States Secret ServiceRegistration Level:- Conference Pass
11:15 am - 12:00 pmLocation / Room: Courtyard 4Learn how the United States Secret Service responds to the emerging cyber threat by partnering with state and local law enforcement, academia, and the private sector through their Electronic Crimes Task Force (ECTF). The ECTF investigates everything from business email compromises, romance schemes, network intrusions, financial fraud, and much more.
11:15 am[Trend Micro] Threat Predictions: Mapping the FutureSales Engineer, Trend MicroRegistration Level:- Open Sessions
11:15 am - 12:00 pmLocation / Room: Courtyard 3This presentation will discuss and present what we have seen in the industry and the changes to the global threat landscape, but will also go over the newest emerging threats and our predictions for the near future. 12:00 pmAdvisory Council Lunch Roundtable – (VIP / Invite Only)Manager, Information Security, Helzberg DiamondsRegistration Level:- VIP / Exclusive
12:00 pm - 1:00 pmLocation / Room: Courtyard 7This session is for Advisory Council members only.
12:15 pmLUNCH KEYNOTE: Prevent Nightmares in the IoTThe Privacy Professor; CEO, Privacy & Security BrainiacsRegistration Level:- Open Sessions
12:15 pm - 1:00 pmLocation / Room: Keynote Theater1:15 pmPanel: Building a Better Mouse Trap (Emerging Threats)Registration Level:- Open Sessions
1:15 pm - 2:15 pmLocation / Room: Keynote TheaterTo be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.
Panelists
Sean Griesheimer, RSA
Scott Hamann, One Identity
Heeyoung Sim, Darktrace
Justin Sharples,Core First Bank & Trust
Rich Keith, SailPoint
Moderator: John Godfrey, CISO, University of Kansas Medical Center1:15 pmPanel: Cloudy with a Chance of BreachRegistration Level:- Open Sessions
1:15 pm - 2:15 pmLocation / Room: Courtyard 3Everything old is new again. Migrating to the cloud certainly is not a new thing. It is for some smaller companies that are just now able to afford making the move to the cloud. Cloud boasts a secure, disaster proof option for companies to store their data offsite with access to that data from practically anywhere. So, who’s fault is it when the data is compromised? What if your information is stolen from the cloud because another user’s data was at fault? At the end of the day, isn’t the cloud just someone else’s computer? Join this panel discussion as they guide you through the pros and cons in migrating to the cloud.
Panelists
Ronald Pipkins, Alert Logic
Brandon Bradshaw, Trend Micro
Ron Shuck, CURO Financial Technologies Corp.
Kevin Augspurger, Unite Private Networks
Moderator: Florian Yanez, Helzberg Diamonds2:15 pmConference Break / Exhibitor Product DemonstrationRegistration Level:- Open Sessions
2:15 pm - 3:00 pmLocation / Room: Exhibitor FloorReboot with coffee and infused water while visiting exhibitors on the exhibitor floor.
2:30 pmNetworking Break — Dash for Prizes and CyberHunt winners announcedRegistration Level:2:30 pm - 2:45 pmLocation / Room: Exhibitor FloorBe sure to have your badge scanned with participating exhibitors throughout the day. Past prizes have included Kindles, Bose wireless headphones, gift cards, iPads, drones, and more! *Must be present to win.
3:00 pm[Panel] Knowledge Is Power: Women in CybersecuritySales Director, OnspringCISO & C-Suite Advisor, Check Point Software TechnologiesGlobal BISO & Director of Business Partnership, Cardinal HealthSr. Manager, InfoSec Ops, Kansas City Power & LightSr. Director, Cybersecurity, Clinical Reference Laboratory, Inc.Registration Level:- Open Sessions
3:00 pm - 3:45 pmLocation / Room: Courtyard 3It is often said that true knowledge must be gained through experience; either through one’s own life or through others. Join this opportunity to hear from women who bring perspectives from diverse industries (retail, financial, healthcare, utilities) as they share their different experiences as women living the information security career journey.
3:00 pmRecent Developments in U.S. and Global Privacy and Security LawsPrincipal, Fey LLCRegistration Level:- Conference Pass
3:00 pm - 3:45 pmLocation / Room: Courtyard 5Throughout the world, legislators regularly update privacy and security laws in an (arguably futile) attempt to keep pace with changes in technology. In this presentation, Laura Clark Fey (KU Law School graduate and Privacy Law Specialist (IAPP), CIPP/US, CIPP/E, CIPM, FIP) of Fey LLC, a boutique global data privacy law firm, will discuss significant developments in privacy and security laws in the U.S. and abroad. She will explain the impact of these developments, project future trends, and provide recommendations for complying with challenging and ever-changing privacy and security laws. 3:00 pmLet's Stop Admiring the Human Factor Problem in CybersecurityCybersecurity Policy Fellow, New America Think Tank, New AmericaRegistration Level:- Conference Pass
3:00 pm - 3:45 pmLocation / Room: Courtyard 4Ninety-five percent of all cyber-attacks are human enabled. Organizations continue to fail at addressing human factors in cybersecurity due to a lack of education and appreciation for human factors as a science. With the increasing spending on technology to safeguard organizations’ critical networks, systems, and data, cybercriminals are circumventing defense-in-depth architectures to target humans, the weakest link. An existing fallacy is that technology will prevent data breaches, ransomware attacks, or cyber-attacks. In fact, integrating new technology creates unintended consequences that increase vulnerabilities. These technologically-induced vulnerabilities are human-enabled highlighting a lack of appreciation for human factors in cybersecurity–let’s reduce human-enable errors
- Alert LogicBooth: 210
Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.
- Alpine SecurityBooth: 228
Alpine Security is a Service Disabled Veteran owned Small Business. We have extensive experience with security audits, regulatory compliance audits, vulnerability assessments, penetration testing (network, application, web application, and physical), social engineering, incident response, digital forensics, and user awareness & technical training. Our team members are Industry Certified, bring vast project experience, highly educated, trusted, and experienced. We have been on United States government red teams and have experience with military cyber operations – offensive and defensive. Our team is also well-versed and experienced with commercial security assessments, audits, penetration testing, risk assessments, and incident response. We have performed penetration tests and assessments for numerous industries, including aerospace & defense, education, healthcare, financial, energy, and oil & gas. Our extensive experience in high-risk and complex environments ensures we are prepared to test your environment, regardless of the risk-level or complexity. We’ve been tested under fire.
- BlueAllyBooth: 209
BlueAlly’s state of the art software platform provides Security Intelligence across any Security, non-security, Hosts, Databases, Proxy events, Threat feeds, DeepWeb, DarkNet and more. Our managed security services delivers SIEM, Log Management, Vulnerability Monitoring, DeepWeeb/DarkNet decoding, Real-time / Behavior analysis, User Entity Analysis and more.
- Comodo CybersecurityBooth: 101
In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.
- DarktraceBooth: 500
Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.
The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.
- EC-CouncilBooth: TBD
International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.
- Erkios SystemsBooth: Start Up
Erkios has developed an enterprise cyber security product called FortiFi™ that enables organizations to safeguard their technology infrastructure from insider threats. We were founded with the intention of bringing innovation to the information security world so your internal data can be protected.
- GemaltoBooth: 120
Today’s enterprises depend on the cloud, data and software to make decisive decisions. That’s why the most respected brands and largest organizations in the world rely on Thales to help them protect their most sensitive information and software wherever it is created, accessed or stored – from the cloud and data centers to devices and across networks. As the global leader in cloud and data protection, our solutions enable organizations to move to the cloud securely, achieve compliance with confidence, and create more value from their software in the devices and services used by millions of consumers every day.
- Global Cyber AllianceBooth: TBD
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org
- GuidePoint Security LLCBooth: 120
GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com
- InfoSec-Conferences.comBooth: n/a
We’re the InfoSec community’s #1 ‘Go To’ resource for cybersecurity conference listings. Since 2012 we’ve provided cybersecurity professionals with accurate event listings that are manually checked and updated every day.
- InfraGard Kansas CityBooth: TBD
InfraGard Kansas City Members Alliance (IMA) is a non-profit organization serving as a public-private partnership among U.S. businesses, individuals involved in the protection and resilience of U.S. critical infrastructures, and the Federal Bureau of Investigation.
The InfraGard program is a public/private cooperative effort dedicated to improving our national security. InfraGard consists of Chapters throughout the United States and has thousands of members. The FBI leads the U.S. Government side of InfraGard. The private sector side of InfraGard is led by a non-profit corporation, the InfraGard National Members Alliance, which consists of local InfraGard Members Alliances (IMAs) throughout the country. An InfraGard “Chapter” refers to the local FBI, the local IMA, and the local InfraGard members working together. “InfraGard” is a registered service mark of the FBI.
- ISACA Kansas CityBooth: TBD
Welcome to the local Kansas City Chapter of ISACA® (ISACA KC Chapter). The ISACA KC Chapter was founded in 1984 and continues to promote the education of individuals relating to the auditing of, management consulting in, or direct management of the fields of IT governance, IS audit, security, control and assurance.
- ISC2 Kansas City ChapterBooth: TBD
The mission of ISC2 Kansas City (KC) Chapter is to advance the Information Security Profession by leveraging our shared body of knowledge to better our communities, groom the next generation of security professionals by delivering solutions to real-world security problems and issues that our members face.
“We” began as a few security-minded friends that worked together. We decided to quit talking about launching a local ISC2 chapter in Kansas City or worse yet, wait around for someone else to do it for us. We stepped up and took the initiative. We have been growing as others hear about our group and join with us.
- ISSA Central Plains ChapterBooth: TBD
The Information Systems Security Association (ISSA) ® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.
MEETINGS
General Meetings are held monthly on the first Friday of the month. These meetings may have some type of formal presentation. In the absense of a presentation, the meeting will focus on a roundtable discussion based on the 8 domains of the CISSP CBK.Location: Friends University Business & Technology Bld
Corner of Hiram & Maple, Wichita, KS 67213 - ISSA Kansas CityBooth: TBD
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. Through its membership, ISSA – Kansas City helps security professionals in the Kansas City area learn of information security issues and trends, which promote education, collaboration, and leadership, and further the information security profession.
- Ixia, a Keysight BusinessBooth: 103
We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.
- Kansas City ECTFBooth: TBD
The USSS ECTF aims to increase the resources, skills and vision by which state, local, and federal law enforcement agencies team with prosecutors, private industry and academia to fully maximize what each has to offer in an effort to combat criminal activity. The common purpose is the prevention, detection, mitigation, and aggressive investigation of attacks on the nation’s financial and critical infrastructures.
- KC Tech CouncilBooth: TBD
The KC Tech Council represents Kansas City’s tech industry, a diverse ecosystem anchored by multinational corporations and driven by innovative entrepreneurs, with industry footholds in Healthcare IT, Telecommunications, Digital Media, and more.
In conjunction with strategic partners, active stakeholders and unique cultural and lifestyle advantages, the KC Tech Council elevates Kansas City as a leading technology hub.
The KC Tech Council’s work helps to attract, retain and grow technology companies and highly skilled tech talent in Kansas City, ensuring the sustained competitiveness of our region into the future.
The KC Tech Council is the operator of ChuteKC.com, an online-portal for tech candidates and employers to connect.
- KU – Edwards CampusBooth: TBD
The University of Kansas holds a tradition of excellence over a century old. In the 1970s, it shared that tradition with Greater Kansas City by providing courses to working professionals. In 1993 the university opened another location, the KU Edwards Campus, to provide permanent growth and education in the Kansas City community. In the past two decades, it has contributed more than $400 million to the Johnson County economy. In 2008, the Edwards Campus became proud partners in the Johnson County Education Research Triangle.
- MimecastBooth: 113
Mimecast empowers our customers to help mitigate risk and manage complexities across a threat landscape driven by cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today.
- NetskopeBooth: 120
The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.
- <Booth: 119
- RSA a Dell Technologies CompanyBooth: 126
RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.
- SailPointBooth: 111
SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.
- SecKCBooth: TBD
For those of you in Kansas City who find yourselves doing information security work as part of the day-to-day (be it consulting, penetration testing, internal compliance or just being the netadmin or sysadmin that has to mind the patches, firewalls and whatnot), I suggest trying to make it to SecKC.
- SOFTwarfareBooth: 211
Organizations today must account for, secure, and evaluate their protections for system-to-system communications often crossing the different boundaries they establish for their technical infrastructure. SOFTwarfare is a comprehensive product platform partner who solves the integration headaches that most Our customers face, one integration at a time. The KillerAppz™ Platform delivers to customers one common methodology for architecture-driven, cloud hybrid-integrated environments and will help the broader cybersecurity industry to make changes to the way they integrate cyber systems.
- SymantecBooth: 120
Symantec is the world’s leading cyber security company. Organizations worldwide look to Symantec for strategic, integrated solutions to defend against sophisticated attacks, and more than 50 million people rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home. For more information, please visit www.symantec.com.
- TechTargetBooth: TBD
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- TenableBooth: 120
Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.
- Trend MicroBooth: 208
Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.
- Women in Security – Kansas CityBooth: TBD
Here at Women in Security – Kansas City, our mission is to provide a focus for women in Information Security through peer mentoring, workshops, and networking opportunities. Our vision for Women in Security – Kansas City is to inspire and support women at all career levels in Information Security.
- Larry Wilson, CISSP, CISA, InstructorSr. Cybersecurity Consultant, Wilson Cyber
Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.
- Christian EspinosaCEO, Blue Goat Cyber
Christian Espinosa is the CEO & Founder of Blue Goat Cyber and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a U.S. Air Force veteran with a BS in Engineering from the U.S. Air Force Academy and an MBA from Webster University. He holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
- Dominick FrazierProgram Manager, Security Learning & Awareness, Meta
Dominick Frazier is a security professional with over 13 years of security experience with his current role being in Information Technology/Cyber-Security. In his current role he serves as the Security Awareness & Communication Manager responsible for the conversation around security between technical and non-technical teams, which extends to both employees and clients. Given his tenure in security, he has robust knowledge of the information technology and physical security sector including applicable regulations and frameworks.
- Bruce SussmanDirector of Media & Content, Podcast Host, SecureWorld
Emmy-winning journalist Bruce Sussman spent more than 20 years on TV screens in Portland, Oregon. During his "second career," he became fascinated by cybersecurity while working with CISOs at Gartner. He joined SecureWorld in 2017 to help grow its media division. Currently, he hosts the Remote Sessions daily web conference series and SecureWorld podcast published each Tuesday, and oversees news content for secureworldexpo.com. Sussman graduated from the University of Missouri School of Journalism back in the dark ages. Message him on LinkedIn if you'd like to connect!
- Jeff WheatDirector, Solutions Engineering, @RISK Technologies, Inc.
Jeff is the Director of Solutions Engineering at @RISK Technologies as a Technical Director sitting at the nexus of Sales, Deployment, Operations, and Product Development. Interacting directly with customer C-Suite and Technical Staff to drive sales, customer satisfaction, and innovation back into the platform. Jeff provides operational and cybersecurity analytical guidance, both externally and internally. He is a national security leadership professional and data scientist with hands-on leadership, technical and systems engineering background in Security Operations Center (SOC) design and management, big data architectures, large scale multi-million dollar project management, big data analysis, cyber analysis, network architecture, network security, wireless technologies, telecom and software development.
As a Vice President he organized and led a global deployment organization in the Telco industry. Jeff has provided strategic planning and execution in a number of his leadership roles. He also has extensive and recent hands-on experience in IBM platforms (QRadar, Netezza, Connections, IBM Content Analytics, Cognos) and holds a number of certifications in Big Data.
Jeff was recently Director of Cyber Operations worldwide for Qualitest, managing and building cybersecurity services to support QualiTest's Application and Cyber testing. He drove global development supporting onsite, near shore, and offshore testing in the U.S., Europe, Asia, and the Middle East. In that role he was on contract acting as the Sr. Security Strategist at the world’s largest beverage company’s Next Generation SOC in Bangalore, India. He was in charge of technical and operational leadership, recruitment and hiring of key personnel, as well as guiding the automation and threat analytics team. Recently, he provided both architectural and operational consulting to multiple large health care organizations in both the advancement of the SOC through data analytics and optimization of SIEM platforms, as well as the development of threat intelligence cells to provide proactive (Shift Left) response to pending threats.
- George SchultzeSupervisory Special Agent, Cyber Crime Task Force , Federal Bureau of Investigation
Special Agent George Schultzel entered on duty in July of 2010 and was assigned to the New York Field Office. Over the course of his career, SA Schultzel has investigated complex criminal computer intrusions, nation state adversarial action, and cyber terrorism. SA Schultzel is currently serving as the Supervisory Special Agent of the Cyber Crime Task Force in the Kansas City Field Office.
- Cody JohnsonIntelligence Analyst, FBI
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
- Yaron LeviCISO, Dolby Laboratories
Yaron Levi is the CISO for Dolby Laboratories. Prior to joining Blue KC, he was CISO of Blue Cross and Blue Shield of Kansas City; a Director of Information Security for Cerner Corporation; an Information Security Business Partner for Intuit; an Information Security Architect and Product Manager for eBay; and a Director of Cloud Security for ANX. Yaron is a Research Fellow for the Cloud Security Alliance, serves as an advisory board member for several information security companies, and is co-founder of the Kansas City CISO forum. He graduated from the FBI CISO academy in 2018, and currently serves on the board of InfraGard KC.
- Andrew MatushekSenior Special Agent, United States Secret Service
Andrew Matushek is a Senior Special Agent (SSA) with the United States Secret Service. He is also the Assistant Director of the Kansas City Electronic Crimes Task Force (ECTF) and has over 19 years of experience. He has previously served in Arizona, California, and Washington, DC, prior to landing in Kansas City. SSA Matushek is current active in the United States Secret Service Electronic Crimes Special Agent Program (ECSAP) and Critical Systems Protection (CSP) Program
- Brandon BradshawSales Engineer, Trend Micro
Brandon has been with Trend Micro for three plus years, and has been in the IT Industry since the late 1990s. As a Sales Engineer, it's his passion to be the technical bridge between sales and customers.
- Jim Pointer, ModeratorManager, Information Security, Helzberg Diamonds
- Rebecca HeroldThe Privacy Professor; CEO, Privacy & Security Brainiacs
Rebecca Herold has more than 30 years of security, privacy, and compliance experience. She is founder of The Privacy Professor Consultancy (2004) and of Privacy & Security Brainiacs SaaS services (2021) and has helped hundreds of clients throughout the years. Rebecca has been a subject matter expert (SME) for the National Institute of Standards and Technology (NIST) on a wide range of projects since 2009, including: seven and a half years leading the smart grid privacy standards creation initiative, and co-authoring those informative references and standards; two years being a co-author of and a SME member of the team that created the Privacy Framework (PF) and associated documents; and three years as a SME team member, and co-author of the Internet of Things (IoT) technical and non-technical standards and associated informative references; and performing throughout the years proof of concept (PoC) tests for a variety of technologies, such as field electricity solar inverters, PMU reclosers, and associated sensors. Rebecca has served as an expert witness for cases covering HIPAA, privacy compliance, criminals using IoT devices to track their victims, stolen personal data of retirement housing residents, tracking apps and website users via Meta Pixels and other tracking tech, and social engineering using AI. Rebecca has authored 22 books, and was adjunct professor for nine and a half years for the Norwich University MSISA program. Since early 2018, Rebecca has hosted the Voice America podcast/radio show, Data Security & Privacy with the Privacy Professor. Rebecca is based in Des Moines, Iowa, USA. www.privacysecuritybrainiacs.com
- Moderator: Beth StrobelSales Director, Onspring
Beth Strobel began her career at a global aerospace and defense company, maintaining responsibility for the ethics and legal compliance training and awareness programs. She's since worked in both technical and sales roles at technology companies providing solutions for cybersecurity and governance, risk and compliance. Beth currently serves as treasurer for Women In Security - Kansas City (WIS-KC).
- Cindi CarterCISO & C-Suite Advisor, Check Point Software Technologies
Cindi Carter is a global, multi-industry Cybersecurity and Information Technology Executive who consistently seeks the optimal outcome for any endeavor. As a transformational leader from startups to enterprises, she excels at building cybersecurity practices in highly-regulated industries, turning strategic goals into actionable outcomes, and highly collaborative engagement across the organization for managing cyber risk.
At Check Point Software Technologies, Cindi is a Chief Information Security Officer in the Office of the CISO, leading Check Point's Healthcare Center of Excellence where human safety is essential to care.
Cindi is the founding President of Women in Security - Kansas City, was honored in SC Media magazine’s “Women to Watch in Cyber Security," and was also featured in Cybersecurity Venture’s book, “Women Know Cyber: 100 Fascinating Females Fighting Cybercrime.” She presents at conferences worldwide, holds several recognized IT, security, and project management certifications, and has a Master of Science degree in Information Technology.
- Britney KennedyGlobal BISO & Director of Business Partnership, Cardinal Health
Britney began the first decade of her security career in the U.S. Army where she managed over 90 teams and traveled to assess the security of international government partners. She oversaw the Information Security Department for AMC Theatres where she was responsible for the development and implementation of the global strategy. She has since transitioned to Cardinal Health, initially leading Cyber Operations and now performing as the Director of Information Security Business Partnerships, providing Business Support, Security Awareness, and Compliance Operations across the Globe. Britney is a certified CISSP, CISM, PMP, SSAP. and holds certifications for CompTIA S+, CCSK, and IT Business Management. She holds a BS in Applied & Discrete Mathematics and an MS in Cybersecurity. Britney was also named an IT Security Power Player by SC Magazine and named as the Security Professional of the Year by ASIS Kansas City Chapter in 2020.
- Kristen EllisSr. Director, Cybersecurity, Clinical Reference Laboratory, Inc.
Kristen Ellis is the Security Officer for Clinical Reference Laboratory, Inc. in Lenexa, KS. She obtained her Certified Information Systems Security Professional (CISSP) designation in 2012 and has over 23 years of Information Technology experience, twelve years focused in security. Mrs. Ellis has been instrumental in the development of the security program for 3 companies in the finance and medical industries, with focus on the NIST Cybersecurity Framework and 800-53 Security and Privacy Controls.
Mrs. Ellis maintains memberships with InfraGard, ISC2, ISSA, ISACA and PMI; additionally she holds a top-secret security clearance. Prior to joining Clinical Reference Laboratory, Inc., Mrs. Ellis achieved multiple Department of Defense DIACAP Authorizations to Operate (ATO) for TMA, MHS/JTF, Air Force, Army, and Navy for a pharmaceutical automation company. She’s managed projects worth $90,000,000 in revenue retention and $6,800,000 in new revenue and consulted on many distressed projects to guide them toward successful completion. - Laura FeyPrincipal, Fey LLC
Laura Clark Fey, Esq., PLS, CIPP/US, CIPP/E, CIPM, FIP: Laura Clark Fey, one of the first twenty-seven U.S. attorneys recognized as Privacy Law Specialists by the International Association of Privacy Professionals (IAPP) (ABA-accredited), leads Fey LLC, a global data privacy and information governance law firm. She and her team help organizations develop and implement practical solutions to their unique data privacy and information governance challenges. Laura is a member of the inaugural class of IAPP Fellows of Information Privacy (FIP), a Certified U.S. and European Information Privacy Professional (CIPP/US/E), and a Certified Information Privacy Manager (CIPM). The U.S. Department of Commerce and the European Commission have selected Laura as an arbitrator in connection with the EU-U.S. Privacy Shield Framework Binding Arbitration Program. Laura has been selected into Baylor Law School’s Brain Trust as a data privacy thought leader for its LLM in Litigation Management Program. She teaches Global Data Protection and Privacy Law at the University of Kansas School of Law.
- Calvin NoblesCybersecurity Policy Fellow, New America Think Tank, New America
Dr. Nobles is a Cybersecurity Scientist and practitioner with more than 25 years of experience. He teaches cybersecurity at several universities. He recently retired from the Navy and is currently employed in the Financial and Services Industry. Dr. Nobles is a Cybersecurity Policy Fellow with the New America Think Tank. He authored a book on the integration of technologically advanced aircraft in general aviation. His personal story is featured in the book, Black Men Changing the Narrative Through Education. Dr. Nobles serves as Chairman, of a Cybersecurity Technology Advisory Board and on the Intelligence and National Security Alliance Cyber Council. He has fulfilled various executive-level positions as a cybersecurity professional.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes