Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, July 29, 2020
    8:00 am
    Executive Roundtable [VIP invite only]
    • session level icon
    Topic to be announced
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This session is for Advisory Council members only.

    8:30 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:00 am
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:00 am
    [Opening Keynote] People, Processes, and Tech Strategies: Recruit, Train, and Retain for Success!
    • session level icon
    speaker photo
    VP, Chief Information Security and Privacy Officer, Health Partners Plans
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    While most security teams leverage these key resources to reduce risk in our programs, how you leverage these resources will ultimately determine your effectiveness and success.  Come join a leading security practitioner in a collaborative discussion on tips and landmines to avoid

    9:45 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor
    10:00 am
    Incident Response in a Work from Home World
    • session level icon
    speaker photo
    vCISO, Salem Medical Center
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Chris Shull, vCISO of Salem Medical Center and long-time Information Security consultant, will talk about how incident response has changed when so many people are working from home, so you’re ready for when it happens to you.

    This presentation will highlight the most critical preparations companies need to ensure they are up to the challenges of an incident when everyone is WFH.

    • How can you preparing to detect and respond to incidents using the 1-10-60 rule?
    • Who do you need to include in your Incident Response Team?
    • How do you prepare your IR Team for the incidents and breaches?
    • How do you prioritize between different kinds of incidents?
    • What to do if you can’t get interest, attention or resources?

    Common-sense processes and best-practices (to the extent they are known) will be discussed.

    Who should attend:
    Professionals looking to grow, build or enhance their organization’s readiness to respond to and handle cyber incidents.

    10:00 am
    [Darktrace] Offensive AI vs. Defensive AI: Battle of the Algorithms
    • session level icon
    speaker photo
    Cybersecurity Manager, Darktrace
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyber-attacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyber-attacks leveraged at scale. To protect against Offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.
    In this session, learn about: 

    • Paradigm shifts in the cyber landscape
    • Advancements in offensive AI attack techniques
    • The Immune System Approach to cyber security and defensive, Autonomous Response capabilities
    • Real-world examples of emerging threats that were stopped with Cyber AI

    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

     

    10:00 am
    New Remote Workforce: Privacy and Cybersecurity Legal Pitfalls and Risk Mitigation
    • session level icon
    speaker photo
    Managing Partner, XPAN Law Group, LLC
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    Location / Room: 103

    The sudden growth in the remote workforce exposed critical cybersecurity and privacy concerns that should be considered. This presentation will provide an overview of key legal considerations with remote work when it comes to privacy and security, as well as discuss some solutions to help mitigate risk as your employees work from home.

    10:30 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am
    10:45 am
    Insider Threats: A Multi-Pronged Approach to Protecting Your Organization
    • session level icon
    speaker photo
    CISO & CPO, Cooper University Health Care
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am
    Insider threats are a real danger and cannot be overlooked. While deploying the latest secure system to fight against cyberthreats is a decent strategy, you must also implement an effective insider threat system for an overall cybersecurity soloution. An insider threat program cannot be brought off the shelf, but is a continuous process to identify an detect an incident as it occurs.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
    10:45 am
    [Panel] Women & Cyber: An Insider's Guide to Building a Successful Network
    • session level icon
    speaker photo
    Founder & President, Philadelphia Women and Cyber Security
    speaker photo
    IT Security and Risk Manager, Chatham Financial
    speaker photo
    Digital Forensic Examiner, TransPerfect Legal Solutions
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am
    Join Philadelphia Women & Cyber Security for a panel discussion with some of our board members, where we will discuss how to build a successful network and why it is important in this industry to have strong mentors. Q&A to follow.
    Presentation Level: GENERAL (InfoSec best practices, trends, solutions)
    10:45 am
    Security For, From, and With Machine Learning and Artificial Intelligence Technologies
    • session level icon
    speaker photo
    Director of Information Security, NFI
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    As companies look to increase their operational efficiencies and competitive advantage, many are turning to machine learning (ML) and artificial intelligence (AI) to make better decisions faster. With this shift comes new challenges for businesses and security professionals to ensure these technologies remain effective, safe, unbiased, and ethical. Additionally, as AI and ML become more accessible to the masses, there is a growing risk that these technologies could be leveraged to launch sophisticated attacks. In this presentation, we will explore emerging threats related to AI and ML, as well as how security leaders can utilize these emerging technologies to better defend their organizations and respond to sophisticated attacks.
    Presentation Level: MANAGERIAL (security and business leaders)

    10:45 am
    [Panel] No Perimeter: Security in the Cloud
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Worldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.

    11:15 am
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am
    11:30 am
    Mid-Day Keynote
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm
    12:15 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 12:30 pm
    12:30 pm
    Cloud Security Career Planning and Certification
    • session level icon
    speaker photo
    Cloud Security Architect, The Vanguard Group
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    Do you cringe when you hear the word ‘Cloud’? Is your security team trying to catch up with the SaaS, PaaS, IaaS platforms your IT and business already started to use? Do you want to jump on the cloud bandwagon (or copter) but don’t know where to start? Then join this discovery session.

    12:30 pm
    How Deception Technology Works to Level the Playing Field
    • session level icon
    speaker photo
    Chief Risk and Innovation Officer, MRS BPO, LLC
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    The greatest threat to an enterprise is the length of time it takes to uncover an attack and then discover what has breached. Deception Technology provides a unique way to find, identify and enable a quick response to hacking without delays. This technology provides an early warning system that can function at multiple levels to serve as a sophisticated trip wire, which helps mitigate or prevent theft of data and associated damage. Discover how using this technology allows the tables to be turned on the attackers, so that they can be watched, their behavior analyzed and their targets identified.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    12:30 pm
    VIPR Report: The Verizon Incident Preparedness and Response Report – Taming the Data Breach
    • session level icon
    speaker photo
    Head of Research, Development, Innovation, Verizon Threat Research Advisory Center
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    Preparing for and responding to data breaches and cybersecurity incidents is never easy. It takes knowledge of your environment and its unique threats, effective teamwork, and just as importantly, a rigorous Incident Response (IR) Plan. The VIPR Report is a data and scenario-driven approach to incident preparedness and response; it’s based on three years of Verizon’s IR Plan readiness assessments, and our data breach simulation recommendations. John will present findings with the six phases of incident and in doing so, cover five data breach scenarios illustrating the need for that phase of an IR Plan and its underlying components.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    12:30 pm
    [Panel] Addressing Weakness: Vulnerability Management
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    NIST defines vulnerabilities as, “Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.” This panel will discuss current vulnerabilities and risk management through proper controls and best practices.

    1:00 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm
    1:15 pm
    Ransomware and Digital Extortion: Legal Issues and Practical Responses
    • session level icon
    speaker photo
    Partner, BakerHostetler
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    Ransomware incidents increased sharply in 2019 due to organizations’ existing security weaknesses and the development of increasingly sophisticated attack mechanisms specifically designed to exploit those weaknesses.

    This presentation will examine case studies of how ransomware is evolving, how organizations should prepare and respond to ransomware, and the legal issues surrounding payment of ransom demands, the compromise of sensitive information, and how to recover from an attack.
    Presentation Level: MANAGERIAL (security and business leaders)

    1:15 pm
    [Mimecast] The Cyber Resilience Imperative and the Role of Pervasive Email Security 3.0
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm
    Security breaches, data leaks, and email-based attacks are a real threat to your organization. How can you provide your organization with a defense in depth security strategy around email. Your organization can no longer just rely on protecting what’s yours or your partners’. You must be cognizant of everything that lives in the cybersphere. In this session, Justin will cover how your organization can secure your perimeter, inside your perimeter and beyond the perimeter.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
    1:15 pm
    The DoD’s Cybersecurity Maturity Model Certification (CMMC) Is Coming – Are You Ready?
    • session level icon
    speaker photo
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm
    To achieve better security across the US DIB supply chain, the DoD is developing the Cybersecurity Maturity Model Certification (CMMC). Companies will be required to acquire a CMMC Certification Level ranging from basic hygiene to “State-of-the-Art”. A required CMMC level will be contained in each contract and will be a “go/no-go decision”.
    The model architects will present:
    • The call to action for the development of CMMC
    • A look at included sources and standards
    • A detailed explanation of the maturity aspect of CMMC, both technical capability and process institutionalization
    • A look at current references available to DIB contractors on CMMCPresentation Level: MANAGERIAL (security and business leaders)
    1:15 pm
    [Panel] Threat Landscape in Flux: Emerging Threats
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.

    1:45 pm
    Networking Break
    • session level icon
    Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:00 pm
    Location / Room: Exhibitor Floor
    2:00 pm
    [Closing Keynote] CISO Panel: What Our Security Team Learned Going Through COVID-19
    • session level icon
    speaker photo
    VP & CISO, Federal Reserve Bank of Philadelphia
    speaker photo
    CISO, Christiana Care Health System
    speaker photo
    SVP & CISO, Radian Group
    speaker photo
    CISO, Versum Materials
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    This panel features honest dialogue about securing an organization through the pandemic, so far. What changed at an organizational level that required security to pivot? What kind of immediate impacts did the security team face and how were those overcome? How did security maintain adequate communication and controls in the midst of this rapid change? What are the greatest lessons for security coming out of COVID-19? Where do we go from here?

Exhibitors
  • Arctic Wolf Networks
    Booth: https://www.engagez.net/arctic-wolf-networks

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOCTMservice is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.

  • Armis, Inc
    Booth: https://www.engagez.net/armis-nyc-phl

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • ASIS Greater Philadelphia
    Booth: N/a

    ASIS International is the preeminent organization for security professionals, with more than 38,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests.

  • BlackBerry Cylance
    Booth: https://www.engagez.net/blackberry-cylance-nyc-phl

    BlackBerry Cylance develops artificial intelligence to deliver prevention-first, predictive security products and smart, simple, secure solutions that change how organizations approach endpoint security. BlackBerry Cylance provides full spectrum predictive threat prevention and visibility across the enterprise to combat the most notorious and advanced cybersecurity attacks. With AI-based malware prevention, threat hunting, automated detection and response, and expert security services, BlackBerry Cylance protects the endpoint without increasing staff workload or costs. We call it the Science of Safe. Learn more at www.cylance.com.

  • Cloud Security Alliance – Delaware Valley Chapter
    Booth: N/a
  • Cobalt.io
    Booth: https://www.engagez.net/cobaltio-nyc-phl

    Cobalt’s Pentest as a Service (PtaaS) Platform transforms traditional pentesting into a data-driven vulnerability management engine. Fueled by a global talent pool of certified freelancers, our modern pentest platform delivers actionable results that empowers agile teams to pinpoint, track, and remediate vulnerabilities.

  • Critical Infrastructure Association of America (CIAOA)
    Booth: N/a
    The Critical Infrastructure Association of America, Inc. (CIAOA) is a 501(c)6 not for profit shining lights into the dark places of security.

    Critical infrastructure describes the physical and cyber systems and assets that are so vital to the United States that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety.  The nation’s critical infrastructure provides the essential services that underpin American society.

    In order to succeed in our mission we need to:

    • Facilitate a secure technology member and provider marketplace.
    • Increase awareness and education across the ecosystem
    • Promote innovation at the edge of the network to prevent, detect, and mitigate automated, and targetted attacks.
    • Collaborate with technical communities domestically and globally.
  • CREST
    Booth: N/a

    CREST is an international not-for-profit accreditation and certification body that represents and supports the technical information security market. CREST provides internationally recognised accreditations for organisations and professional level certifications for individuals providing penetration testing, cyber incident response, threat intelligence and Security Operations Centre (SOC) services.

  • CyberArk Software
    Booth: https://www.engagez.net/cyberark

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Darktrace
    Booth: https://www.engagez.net/ darktrace-nyc-phl

    Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,000 organizations to protect against threats to the cloud, email, IoT, networks and industrial systems.

    The company has over 1000 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

  • Delta Risk
    Booth: https://www.engagez.net/delta-risk

    Delta Risk is breaking the mold for managed security, delivering Security Operations Center (SOC)-as-a-Service and security services that bridge the gap to a modern security approach. We enable any size organization to leverage our expert security operations team and respond to endpoint, network, and cloud security threats 24×7. ActiveEye, our proprietary platform, uses Security Orchestration Automation and Response (SOAR) to cut through the noise and address the most critical threats faster. The ActiveEye Portal is the cornerstone of our customer-centric approach, providing clients a transparent view into SOC activities and Key Performance Indicators (KPIs) that demonstrate the value of our co-managed security approach.

  • DeSales University Cyber Security Program
    Booth: https://www.engagez.net/desales

    DeSales University offers an exciting digital forensics certificate program, composed of four courses, that teaches students how to recover evidence from various types of electronic devices. Students receive hands-on experience with popular forensic tools and are prepared to address the legal and investigative issues involved with seizing and handling digital evidence. Graduates of the certificate program can add more courses toward a master’s degree in criminal justice or information systems. All courses are online, allowing students with busy schedules greater flexibility.

  • Digital Shadows
    Booth: https://www.engagez.net/digital-shadows

    Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation.

  • Eurofins Cybersecurity
    Booth: https://www.engagez.net/eurofins

    Eurofins Scientific through its subsidiaries (hereinafter sometimes “Eurofins” or “the Group”) believes it is the world leader in food, environment and pharmaceutical products testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, advanced material sciences and for supporting clinical studies. In addition, Eurofins is one of the key emerging players in specialty clinical diagnostic testing in Europe and the USA. With about 45,000 staff in more than 800 laboratories across 47 countries, Eurofins offers a portfolio of over 200,000 analytical methods for evaluating the safety, identity, composition, authenticity, origin and purity of biological substances and products, as well as for innovative clinical diagnostic. The Group objective is to provide its customers with high-quality services, accurate results on time and expert advice by its highly qualified staff.

  • EC-Council
    Booth: N/a

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ECTF
    Booth: N/a

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • F5
    Booth: https://www.engagez.net/f5

    F5 provides solutions for an application world. F5 helps organizations seamlessly scale cloud, data center, telecommunications, and software defined networking (SDN) deployments to successfully deliver applications and services to anyone, anywhere, at any time. F5 solutions broaden the reach of IT through an open, extensible framework and a rich partner ecosystem of leading technology and orchestration vendors. This approach lets customers pursue the infrastructure model that best fits their needs over time. The world’s largest businesses, service providers, government entities, and consumer brands rely on F5 to stay ahead of cloud, security, and mobility trends

  • ForeScout Technologies, Inc.
    Booth: https://www.engagez.net/forescout

    ForeScout Technologies, Inc. has pioneered an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT). We offer a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of today’s vast array of physical and virtual devices the instant they connect to the network. Our technology continuously assesses, remediates and monitors devices and works with disparate security tools to help accelerate incident response, break down silos, automate workflows and optimize existing investments. As of June 30, 2018, more than 2,900 customers in over 80 countries improve their network security and compliance posture with ForeScout solutions.

  • Gigamon
    Booth: https://www.engagez.net/gigamon-sw

    Gigamon is leading the convergence of network and security operations to reduce complexity and increase efficiency of security stacks. Our GigaSECURE® Security Delivery Platform is a next generation network packet broker that makes threats more visible – across cloud, hybrid and on-premises environments, deploy resources faster and maximize the performance of security tools.

  • HTCIA
    Booth: N/a

    Investigators on the Leading Edge of Technology

    The High Technology Crime Investigation Association (HTCIA) was formed to provide education and collaboration to our global members for the prevention and investigation of high tech crimes. As such, we are an organization that aspires to help all those in the high technology field by providing extensive information, education, collective partnerships, mutual member benefits, astute board leadership and professional management. Association Mission: Provide education and collaboration to our global members for the prevention and investigation of high tech crimes.

  • InfraGard New York Metro
    Booth: N/a

    The New York City Metro InfraGard Members Alliance (NYM-IMA) is a local program of the INMA. The New York Metro InfraGard Chapter holds regular meetings and provides members with a forum for information sharing within a secure environment, while focusing on protecting the critical infrastructure of New York City and surrounding areas.

    Member’s alliance are part of a national network of FBI-vetted volunteers who are critical infrastructure SME in one or more sectors. It provides a trusted forum for the real-time exchange of information, training and expertise related to the protection of critical infrastructure and key resources from both physical and cyber threats.

  • InfraGard Philadelphia
    Booth: N/a

    InfraGard is a partnership between the FBI and the private sector. It is an association of people from businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Philadelphia InfraGard Members Alliance (IMA) provides a forum for the exchange of information between the government, the owners and operators of the national infrastructure, and others concerned with the protection of the national infrastructure. Philadelphia IMA supports eastern Pennsylvania and southern New Jersey. Membership is free and new members are welcome.

  • Insight’s Cloud + Data Center
    Booth: https://www.engagez.net/insight

    Insight’s Cloud + Data Center Transformation is a complete IT services and solution provider that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. As a client-focused integrator, we’re free to recommend the most appropriate solutions — across cloud, IT transformation, next-generation technology, and security.

  • ISACA New York Metropolitan Chapter
    Booth: N/a

    Our Mission: As a leading ISACA chapter, our mission is to serve our membership by providing world-class training, networking opportunities, and guidance while contributing to the profession both locally and internationally. Today, ISACA is a worldwide organization with over 200 chapters and the New York Metropolitan Chapter has grown to be one of the largest ISACA chapters in the world.

    Our Membership: The New York Metropolitan Chapter has over 3,800 members, from the information systems audit/assurance, information security, IT risk management, and governance professions. Our members represent a wide array of industries including financial services, accounting and consulting, legal services, education, entertainment, health care, retail, public utilities, and government/regulatory entities – and hold positions ranging from entry level staff to senior management.

  • ISACA Philadelphia
    Booth: N/a

    The Philadelphia Chapter of ISACA has a membership base of more than 1,600 individuals primarily located in the Philadelphia and the surrounding suburbs, extending into Delaware and Southern New Jersey. The membership of the Chapter includes professionals working in various industries and capacities. From students through experienced C-level executives, the Philadelphia Chapter provides, training, networking and social events to this diverse group who share the common goal of providing expertise in IT audit, security, risk, and governance topics to their colleagues. The Chapter conducts events on a monthly basis led by an active, vibrant and dedicated group of volunteers and is actively seeking business partners to help provide value and knowledge to its members.

  • (ISC)2
    Booth: N/a

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • (ISC)2 New York
    Booth: N/a

    (ISC)² is based out of Palm Harbor, Florida and consists of over 80,000 members worldwide.  Our chapter program provides members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security.  We also provide our members with access to a variety of industry resource and educational programs to keep our members informed of the latest advances in technology and techniques.

    Membership
    Our members consist of (ISC)² credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification. Our chapter program is focused on sharing knowledge and exchanging ideas among security professionals in the local area.  Ultimately, we want to advance the field of information security by educating practitioners and the public at large on how to protect and defend against security threats.  Learn more about the benefits of becoming a Chapter Member, visit our Membershippage.

  • ISSA Delaware Valley
    Booth: N/a

    Our chapter serves the Delaware Valley and Mid-Atlantic region. This is comprised of Eastern Pennsylvania, Northern Maryland, Southern New Jersey, and Delaware.
    We are making history as we continue to grow the chapter with your membership, and bring exciting programs to you. If you have not already been involved in the membership meetings, we encourage you to do so. Hopefully, you will walk away with more ideas to take back to your organizations, or you may come away with a sense of – “Hey, we had that same problem”, or “Our company is not alone in dealing with these issues.”

  • Mimecast
    Booth: https://www.engagez.net/mimecast-nyc-phl

    Mimecast Is Making Email Safer For Business.

    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • Okta
    Booth: https://www.engagez.net/okta

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • Optiv
    Booth: https://www.engagez.net/optiv-nyc-phl

    The world’s most trusted and reputable security solutions integrator, Optiv enables its clients to realize stronger, simpler and less costly cyber security programs. The company combines decades of real-world business, security strategy and technical experiences with in-depth security products knowledge to bring order to the cyber security chaos.

  • OWASP
    Booth: N/a

    The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

  • OWASP – New York City | Northern New Jersey Chapter
    Booth: N/a

    OWASP Foundation is a 501(c)3 Not for Profit association with local and global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button.

  • PACT
    Booth: N/a

    Philadelphia Alliance for Capital and Technologies (PACT)’s vision is to be the go-to resource for fast growing companies, and a driver of entrepreneurship and innovation in the Philadelphia region. PACT provides its members with valuable content and connections to capital, coaching, and customers that will accelerate their growth and success, and to collaborate with other organizations to drive innovation and entrepreneurship in the region. Visit www.philadelphiapact.com for more information.

  • Philadelphia Women in Cybersecurity Group
    Booth: N/a

    Women make up only 11% of the cyber security workforce. With such low representation, it is essential that we advocate for and assist women as they navigate through the cyber security industry.
    Philadelphia Women & Cyber Security’s Mission:
    To provide opportunities to advance careers for professionals in Cyber Security through education, mentoring, and networking. A Supportive community for women in cyber security that works to promote and encourage women to develop their careers. We are open to any support for our mission from any gender.
    Come to the next Philadelphia Women and Cyber Security’s event to get to know other like-minded, female cyber security professionals in the area. We will discuss industry best practices, the latest security trends and solutions, and share lessons we’ve learned over the years.

  • Proofpoint
    Booth: https://www.engagez.net/proofpoint-nyc-phl

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Rapid7
    Booth: https://www.engagez.net/rapid7-nyc-phl

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • RedSeal
    Booth: https://www.engagez.net/redseal-nyc-phl

    At RedSeal, our vision is to become the essential analytics and decision-making platform for building digitally resilient organizations people can trust. We do this by becoming the measure by which every organization can quantify its digital resilience. As thought leaders on resilience, we envision every organization starting the security discussion with the question “What’s our Digital Resilience Score?” Founded in 2004, RedSeal is headquartered in Sunnyvale, California.

  • ReliaQuest
    Booth: https://www.engagez.net/reliaquest-nyc-phl

    ReliaQuest fortifies the world’s most trusted brands against cyber threats with its platform for proactive security model management. Acting as a force multiplier on an organization’s existing cybersecurity investments, only ReliaQuest’s GreyMatter integrates disparate technologies to provide a unified, actionable view that fills the gaps in enterprise security programs.

  • SailPoint
    Booth: https://www.engagez.net/sailpoint

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Spirion
    Booth: https://www.engagez.net/spirion

    Spirion is a leading enterprise data management software solution that provides high-precision searches and automated classification of unstructured and structured data with unparalleled accuracy.  Spirion helps businesses reduce their sensitive data footprint and proactively minimize risks, costs and reputational damage of cyberattacks by discovering, classifying, monitoring and protecting sensitive data.

  • Synopsys
    Booth: https://www.engagez.net/synopsys

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth: N/a

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tevora
    Booth: https://www.engagez.net/tevora-nyc-phl

    Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats. For more information visit https://www.tevora.com.com/.

  • Trend Micro
    Booth: https://www.engagez.net/trend-micro-nyc-phl

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • Women in CyberSecurity (WiCyS)
    Booth: N/a

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Mark Eggleston
    VP, Chief Information Security and Privacy Officer, Health Partners Plans
  • speaker photo
    Chris Shull
    vCISO, Salem Medical Center

    Chris Shull (CISSP, CIPP/E, CIPP/US, CIPM, FIP) is the vCISO for Salem Medical Center, vCISO and vDPO for several other organizations, and an Information Security and Privacy consultant and advisor.

    With over 35 years in IT, information security, and privacy, Chris specializes in Keeping Information Security Simple so businesses can understand and manage their real-world risks. He has a B.A. in Economics and Mathematics from the University of Pennsylvania, and an M.A. in Operations and Information Management from the Wharton School.

    In his free time, Chris is redecorating his office, gardening, trying to stay fit, volunteering on community non-profit boards, and reading science fiction, fantasy, and westerns. He is looking forward to us all getting past or on top of COVID-19 so he can resume playing and refereeing soccer, practicing Shotokan Karate and Jujitsu, and taking square dancing lessons.

  • speaker photo
    Will Mishra
    Cybersecurity Manager, Darktrace

    Will Mishra is a Cyber Security Manager at Darktrace, the world’s leading machine learning company for cyber defense. He has worked extensively with clients across numerous industry verticals, from financial services to healthcare, helping them deploy Darktrace’s Enterprise Immune System, the only AI technology capable of detecting and autonomously responding to early-stage cyber-threats. Will graduated with a bachelor’s degree from Washington University in St. Louis and is based out of Darktrace’s New York, NY office.

  • speaker photo
    Jordan Fischer
    Managing Partner, XPAN Law Group, LLC

    Jordan L. Fischer is co-founder and managing partner of XPAN Law Group, LLC, a boutique international cybersecurity and data privacy law firm, and certified Women-Owned. She focuses her practice on international data privacy and cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations, the GDPR, and the CCPA. Jordan has extensive experience in the intersection of law and technology. She is also an Assistant Professor of Law at the Thomas R. Kline School of Law at Drexel University.

  • speaker photo
    Phil Curran
    CISO & CPO, Cooper University Health Care

    Phil Curran has more than 25 years of experience in information security and privacy in the military, government and private sectors. As the Chief Information Assurance Officer and Chief Privacy Officer at Cooper University Health Care in Camden NJ, he is responsible for managing governance and regulatory compliance, risk assessment and management, threat intelligence and vulnerability assessment, privacy and security investigations, business continuity, and awareness and training. He has served on the Health Information Trust Alliance (HITRUST) task force to integrate privacy controls in the Common Security Framework and the development of the ISC2 Health Care Information Security and Privacy Practitioner. Phil serves on the Executive Committee for Secure World – Philadelphia and the Philadelphia and New Jersey Chapters of the CISO Executive Network. He has spoken on Information Security and Privacy issues at Secure World and HIMSS Privacy and Security.

  • speaker photo
    Moderator: Rosemary Christian
    Founder & President, Philadelphia Women and Cyber Security

    Rosemary Christian is the founder and president of the Philadelphia Women & Cyber Security. She has worked in the cybersecurity industry for the last 3 years at AccessIT Group assisting customers with evaluations of their current cybersecurity programs to help them mature their overall security posture. She has a demonstrated passion, knowledge and proven ability to engage others in the emerging market needs for cyber security initiatives.

  • speaker photo
    Christina Griffin
    IT Security and Risk Manager, Chatham Financial

    Cybersecurity professional specializing in risk management and information security. She holds an MBA, a master’s in information technology leadership, and also has a CISSP certification. She has professional experience working in both higher education and finance industries and is currently employed as an IT Risk and Security Manager at Chatham Financial. As a member of the Philadelphia Women in Cybersecurity, she is currently on the board as the communications chair.

  • speaker photo
    Devon Campbell
    Digital Forensic Examiner, TransPerfect Legal Solutions

    Devon Campbell is a Digital Forensic Examiner at TransPerfect Legal Solutions in the Forensic Technology and Consulting division. Devon has experience conducting forensic examinations of mobile devices, computers, social media data, cloud-based data, and email data. Prior to joining TransPerfect Legal Solutions, Devon earned her Master's degree in Digital Forensics from DeSales University, then went on to work as a Digital Forensic Examiner with the Philadelphia District Attorney’s Office and the Lehigh County District Attorney’s Office. In these roles, Devon actively analyzed and investigated digital devices of evidentiary value related to active investigations and cases held for court. Devon is considered an expert witness in matters relating to digital forensics. She has testified in numerous court cases involving digital evidence.Devon instructed various digital forensics courses at the graduate and undergraduate level at DeSales University. Now, Devon brings her experience to her role as a member of the TransPerfect Forensic Technology and Consulting team.

  • speaker photo
    Joshua Cloud
    Director of Information Security, NFI

    Joshua Cloud is currently serving as the director of information security for NFI. He has over 20 years of infrastructure and security leadership experience spanning professional services, manufacturing, retail, and logistics industries in countries all over the world. Cloud is a transformational security leader with a business focus who evangelizes the value of pragmatic cyber risk management and executive alignment. He currently leads a team of security professionals at the new NFI headquarters on the Camden, NJ, waterfront.

  • speaker photo
    Vana Khurana
    Cloud Security Architect, The Vanguard Group

    Vana Khurana, Cloud Security Architect, The Vanguard Group, CISSP, AWS Certified Architect (A), CCSP, CCSK, GSEC and TOGAF certified. Director of Training and Board Member of Cloud Security Alliance Delaware Valley Chapter. Also, an Adjunct Faculty at Temple University, Philadelphia.

  • speaker photo
    Michael Meyer
    Chief Risk and Innovation Officer, MRS BPO, LLC

    Michael Meyer, MPSTM, CISSP, CIPP/US, CIPM, FIP, CISM, CRVPM II, CRISC, CISA, is the Chief Risk and Innovation Officer of MRS BPO. He is responsible for overseeing the company’s enterprise innovation, risk management and security initiatives for its Fortune clients. Michael has been with MRS for over 20 years and previously served in the Chief Security and Chief Information Officer roles. He has a Master’s degree in Technology Management from Georgetown University and a Bachelor’s degree in Computer Science from Rutgers University. Prior to MRS, he owned a consulting company, taught secure government systems globally and was in Military Intelligence.

  • speaker photo
    John Grim
    Head of Research, Development, Innovation, Verizon Threat Research Advisory Center

    John has over 17 years of experience investigating, and leading teams investigating, data breaches and cybersecurity incidents within the government and civilian security sectors. Currently, John heads the Verizon Threat Research Advisory Center (VTRAC) research, development, and innovation effort. In this role, he focuses on researching cybersecurity incidents, performing digital forensic examinations, advising on data breach containment and eradication efforts, and creating data breach response preparedness training and breach simulation exercises for customers worldwide. Prior to joining Verizon, John served 12 years with the U.S. Army investigating security-related incidents with eight years specifically focused on network intrusion investigations and forensic examinations.

  • speaker photo
    Daniel Pepper
    Partner, BakerHostetler

    Dan Pepper is a partner on BakerHostetler's Privacy and Data Protection team. Utilizing 25 years of comprehensive experience in information technology, data privacy, and cybersecurity law, Dan advises clients on proactive data security practices, data breach incident response, and regulatory compliance. He frequently handles security incidents and has interacted with federal and state agencies and forensic service providers, overseen investigations, and designed post-incident response notification and remediation plans.

  • speaker photo
    James Goepel
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body

    James Goepel is Treasurer and Member, Board of Directors for the CMMC-AB. He is also an adjunct professor of Cybersecurity at Drexel University and CEO of Fathom Cyber, a trusted agent for senior management and developer of defensible cybersecurity strategies. Jim earned his BSECE from Drexel and his JD and LLM degrees from George Mason University. He worked in the IT and security industries for nearly two decades, including as a Network Administrator for the US House of Representatives and as a lawyer and technologist for a wide range of cybersecurity companies, including system developers, research institutions, and software vendors.

  • speaker photo
    Moderator: Nancy Hunter
    VP & CISO, Federal Reserve Bank of Philadelphia

    Nancy Hunter is the VP, CISO and Data Privacy Security Officer at the Federal Reserve Bank of Philadelphia. With more than 25 years of experience in technology including 15 years in Information Security, Nancy joined the Federal Reserve Bank in 2017 where is accountable for Information Security Operations and Consulting, Information Risk Management, Records Management, and guides the implementation of the Bank’s data and system privacy program and serves as Bank representative in System data privacy policy setting. Nancy is certified in Risk and Information Systems Controls (CRISC) and holds a B.A. in Mathematics from Temple University.

  • speaker photo
    Anahi Santiago
    CISO, Christiana Care Health System

    Anahi Santiago is the Chief Information Security Officer at Christiana Care Health System, the largest healthcare provider in the state of Delaware. Prior CCHS, she spent over 10 years as the Information Security and Privacy Officer at Einstein Healthcare Network. In her role as CISO she has overall responsibility for the organization's cybersecurity and assurance program. Santiago leads a team of information security professionals in supporting CCHS's strategic initiatives by collaborating with clinical and business leaders, managing cybersecurity risks, implementing policies and controls, generating overall awareness and fostering a culture of security and safety.

  • speaker photo
    Donna Ross
    SVP & CISO, Radian Group
  • speaker photo
    Tammy Klotz
    CISO, Versum Materials

    Tammy Klotz is the Chief Information Security Officer for Versum Materials. She is responsible for the Cyber Security Program at Versum which includes Information Risk Management, Plant Cyber Security as well as IT Security, Risk & Compliance activities.
    Ms. Klotz has been with Versum since their start-up in October 2016 and was responsible for standing up all security services required for the new company as part of their spin-off from Air Products & Chemicals. Versum is a $1.3B global electronic materials company with manufacturing operations in 14 facilities across North American & Asia. Prior to her role at Versum, Tammy worked at Air Products & Chemicals for 25 years in a variety of leadership roles. Highlights of her Air Products career include IT Communications, Service & Business Relationship Management, global leadership of multiple IT support teams and IT Audit Manager.
    Ms. Klotz is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and is also Certified in Risk and Information Systems Control (CRISC). She is a Governing Body Member of the Philadelphia Chapter of Evanta, participates in Delaware Valley Cloud Security Alliance activities and is involved with the Philadelphia Women & Cyber Security group. Tammy is also a 2019 Nominee for T.E.N Information Security Executive® of the Year.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Invest in yourself

Join your InfoSec peers for high-quality, affordable training and collaboration. Sign up today!