Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, March 28, 2018
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    speaker photo
    VP of Security Strategies, IDC
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    Location / Room: Strafford
    8:00 am
    SecureWorld PLUS Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Berwyn

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:00 am
    SecureWorld PLUS Part 1 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Devon

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    8:00 am
    SecureWorld PLUS Part 1 - Cyber Crimes, Threat Intelligence, and the Dark Web – Hands-On Workshop
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Former Major in Israeli Intelligence Forces, CEO and President, Cybint Solutions/BARBRI
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Ardmore

    This practical workshop will reveal the secrets of the dark-web and cybercriminals. Attendees will acquire knowledge, skills and tools to search the dark-web and analyze cyber threat intelligence. Additionally, attendees will explore how to leverage cyber intelligence on the web to proactively approach complex processes as due diligence and litigation.

    8:30 am
    Crime in a Box – Revisited
    • session level icon
    How technology changed the landscape of cyber crime and predicting future attack vectors
    speaker photo
    Owner, TJM Professional Services, LLC
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Villanova

    Twenty years ago I read an article titled “Crime in a Box.” It was a futuristic vision of how cyber crime could evolve to be the perfect crime. This session will compare and contrast the scenario described in that article to the data breach, spear-phishing, and ransomware attacks that have become our reality in the 21st century.

    8:30 am
    Featured Session: Effective 2FA – Part 1: The Technical Stuff
    • session level icon
    speaker photo
    Editor in Chief, All Things Auth, Founder, Two Factor Buddy (2FB)
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Malvern

    Two-factor authentication (2FA) is the most straightforward way for companies to drastically improve the security of their user authentication process. However, not all 2FA implementations are created equal. Thinking of quickly throwing together a workflow using SMS and calling it a day? Think again! Though popular, 2FA via SMS has many security issues and was actually deprecated by NIST in 2017. We will dive into the technical details of the most common 2FA implementations and highlight security and usability trade-offs. You will leave equipped to develop a 2FA implementation strategy that will best serve your users.

    8:30 am
    E.U.-U.S. Privacy Shield: Benefits, Challenges, and Impact of the GDPR
    • session level icon
    speaker photo
    Partner, Park Legal LLC
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Wayne

    The E.U.-U.S. Privacy Shield framework, which replaces the invalidated Safe Harbor framework, has been available to organizations since August 2016. Learn how the Privacy Shield can help your organization comply with the strict E.U. cross-border data transfer requirements for transfers to the U.S., as well as the challenges and questions about compliance with that framework that have come about as a result of the E.U. General Data Protection Regulation.

    8:30 am
    Agile Patching
    • session level icon
    A new approach to security updates and patching following Agile and NIST methodology
    speaker photo
    Security Leader, Independent Consultant
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Haverford

    Patch Management is one of the biggest security and compliance challenges for organizations to sustain. History reveals that many of the large data breaches were successful because of a missing critical security update. Further, the frequency and scope of patching continues to grow with WannaCry, Spectre, and Meltdown. This presentation offers a new approach to patching blending Agile and NIST methodologies.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: First, Know Thyself - A Cybersecurity Message from the Federal Reserve
    • session level icon
    The Applicability of This Ancient Proverb in Battling Tomorrow’s Cyber Threats
    speaker photo
    Executive Vice President and System CISO, Federal Reserve System
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable (VIP / Invite Only)
    • session level icon
    speaker photo
    Senior Manager, TD Ameritrade
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: Strafford
    11:15 am
    baramundi — Innovative Endpoint Management: A Holistic Approach to Vulnerability Management, Patching, OS Upgrades, and Software Distribution
    • session level icon
    speaker photo
    Executive Manager, baramundi software USA, Inc.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Wayne
    Windows Fall Anniversary Update, Office 365 Migration, Vulnerability and Patch Management: Are any of these three topics causing your blood pressure to rise? This session will show you how you can automate OS migrations, software deployment projects, and effective security exploit management all from one easy to use Endpoint Management Suite. No university degree or nerd glasses required—buckle up!

     

    11:15 am
    Vetting Your Vendors
    • session level icon
    Understanding the “Chain of Control” of Data, Security Pitfalls in Third-Party Contracts and Service Agreements
    speaker photo
    Co-Founder and Managing Partner, XPAN Law Group
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Haverford

    One of the most important considerations in cybersecurity does not involve your own direct network security; it involves your partners and vendors. In the world of cybersecurity, you are only as strong as the weakest link in your vendor chain. The ease, convenience and cost effectiveness of outsourcing certain business functions frequently overshadows the potential pitfalls lurking in using outside third-parties and vendors. This presentation will discuss the steps your organization needs to take to ensure that any partners or vendors with access to your network systems or company data are meeting (at least) a minimum level of security requirements.

    11:15 am
    Limitations For Computers Controlling/Tabulating Voting
    • session level icon
    Can we trust our election results in the future?
    speaker photo
    Asst. Professor, Drexel University
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Villanova

    It is well understood and documented that the Russians influenced the 2016 voting results in the presidential elections via social medial. However, what are the risks associated with the computers and automation during elections. This presentation will review technology risks with voting. Is there anything that can be done to address these risks?

    11:15 am
    Wombat: State of the Phish 2018 – What Your Peers Are Doing to Reduce Successful Phishing Attacks
    • session level icon
    speaker photo
    Account Executive, Wombat Security
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Malvern

    Join Wombat Security Technologies’ Chief Architect, Kurt Wescoe, as he discusses key findings from the 2018 State of the Phish™ Report. In this session you will gain insight into current vulnerabilities, industry-specific phishing metrics, and emerging threats. This collection of data is taken from tens of millions of simulated phishing attacks sent through Wombat’s Security Education Platform over a 12-month period, responses from quarterly survey’s, and an international survey of working adults who were queried about social engineering threats and their cybersecurity behaviors.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    speaker photo
    Senior Manager, TD Ameritrade
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: Strafford
    12:15 pm
    LUNCH KEYNOTE: Building and Nurturing Your Modern Cybersecurity Risk Programs
    • session level icon
    speaker photo
    3-time former CISO (vArmour, Sears, Silver Trail Systems), Founder and IT Security Strategist, Blue Lava Consulting
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    In this presentation, Demetrios Lazarikos (Laz) will explore topics that are top of mind for Fortune 1000 Executives, Board of Directors, and practitioners that have direct involvement in building and assessing modern cybersecurity strategies and programs. Additionally, Laz will provide real world examples and best practices to effectively create, support, and evaluate the lifecycle of cybersecurity programs—a pragmatic session that is not to be missed.

    1:15 pm
    Panel: Incident Response-What's In Your Plan?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: Phish On! - Phishing and Social Engineering Scams
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Villanova
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Governance and the Dreaded D Word… Documentation
    • session level icon
    speaker photo
    Director, EisnerAmper LLP
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Haverford

    We’re all caught up in the day-to-day and putting out fires, so who has time for documentation? However, one of the fundamental building blocks to a cybersecurity program is good documentation. Having the proactive thought to document policy, standards, and processes can increase consistency and effectiveness and help guide in times of panic. This discussion will go over key points of proper documentation, when and why, and leave you with key tools to get started.

    3:00 pm
    Security Breach Notification and Enforcement: A Challenging Landscape Becomes Even More Challenging
    • session level icon
    speaker photo
    Partner, Park Legal LLC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Wayne

    As of May 25, 2018, as part of the EU General Data Protection Regulation (GDPR), all EU member states will require breach notification to the relevant supervisory authority (or authorities) within 72 hours. At the same time, the US breach notification laws are being updated to require notification in additional situations, and many new countries around the world are adopting notification laws. Given the short time frames for notification, the varying requirements for notifying individuals as well as a whole host of regulators, the likelihood of adverse media attention, and the potential for lawsuits, well-meaning organizations sometimes create additional risks for themselves when a breach occurs, based upon their lack of preparation, knowledge and training in this area. This presentation will discuss the GDPR breach notification requirements including the expectations of the European Commission and member states, as well as the growing assortment of other notification obligations across the US and world, and will include tips and recommendations for minimizing your organization’s risk.

    3:00 pm
    Tackling Medical Device Security
    • session level icon
    Preventing Connected Devices From Becoming Your Weakest Security Link
    speaker photo
    Director of Clinical Engineering, Christiana Health Care System
    speaker photo
    Associate, Meditology Services
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Malvern

    The high-profile breach events and ransomware outbreaks of 2017 have brought much needed attention to the cybersecurity of connected medical devices. Cyber criminals and hackers often take advantage of easily exploited vulnerabilities within these medical devices to gain unauthorized access to patient data and clinical networks. This session will cover the following topics:
    • Discussion on why medical devices and equipment are especially vulnerable to cyber attacks
    • Explanation on how insecure medical devices can impact patient safety and lead to large-scale data breach events
    • Specific strategic and innovative steps that leading organizations can take to protect against the security issues introduced by medical devices

    3:00 pm
    GDPR and the SMB World
    • session level icon
    Controlled concern is more productive than pure panic.
    speaker photo
    VP, Security, OnSolve
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Villanova

    The European Union’s General Data Protection Regulation (GDPR) will go into effect on May 25, 2018. Think GDPR doesn’t apply to your organization? Think again. There are very few businesses that the GDPR will not apply to. The scope is expansive and affects businesses regardless of where they are globally located. If any part of your business touches a person in the EU – be ready! Just like the Y2K era, companies small and large have a lot of work to do in preparation. For businesses that already have a strong security and privacy program, there may be changes required to achieve full compliance. Unfortunately, SMBs are finding that there is a lot more work to do before the deadline arrives. In this session, we will cover this topic and explain how the harmonizing of privacy laws will impact your business.

    3:00 pm
    SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: Berwyn

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    3:00 pm
    SecureWorld PLUS Part 2 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: Devon

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    3:00 pm
    SecureWorld PLUS Part 2 - Cyber Crimes, Threat Intelligence, and the Dark Web – Hands-On Workshop
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Former Major in Israeli Intelligence Forces, CEO and President, Cybint Solutions/BARBRI
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: Ardmore

    This practical workshop will reveal the secrets of the dark-web and cybercriminals. Attendees will acquire knowledge, skills and tools to search the dark-web and analyze cyber threat intelligence. Additionally, attendees will explore how to leverage cyber intelligence on the web to proactively approach complex processes as due diligence and litigation.

    3:30 pm
    Happy Hour Reception
    • session level icon
    Join Sumo Logic in the Prefunction Ballroom of the venue for post SecureWorld Social Hour
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 5:00 pm
    Location / Room: Prefunction Grand Ballroom

    Come discuss the day’s events, network with security peers, and enjoy beverages and hors d’oeuvres compliments of Sumo Logic.

    Location: Prefunction Grand Ballroom of the Sheraton Valley Forge Hotel

  • Thursday, March 29, 2018
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Berwyn

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:00 am
    SecureWorld PLUS Part 3 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Devon

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    8:00 am
    SecureWorld PLUS Part 3 - Cyber Crimes, Threat Intelligence, and the Dark Web – Hands-On Workshop
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Former Major in Israeli Intelligence Forces, CEO and President, Cybint Solutions/BARBRI
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: Ardmore

    This practical workshop will reveal the secrets of the dark-web and cybercriminals. Attendees will acquire knowledge, skills and tools to search the dark-web and analyze cyber threat intelligence. Additionally, attendees will explore how to leverage cyber intelligence on the web to proactively approach complex processes as due diligence and litigation.

    8:30 am
    Up Close and Personal Cryptography
    • session level icon
    speaker photo
    Information Security Officer, DLL Group
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Haverford

    We trust cryptography but do we really know it? In most of today’s operations we rely on cryptography to ensure confidentiality, but sometimes we blindly trust the tools and processes who use it, even if they don’t differentiate strong from weak cryptographic methods. Cryptography in general is a well-established solution, but as always, the devil is in the details. Knowing in a deeper level how cryptography works has become an important topic and something that cybersecurity professionals must pay attention to.

    8:30 am
    Threat Analysis Using Cyber Table Tops
    • session level icon
    speaker photo
    Cybersecurity Fellow, Lockheed Martin
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Villanova

    As we move towards securing our systems using tools and checklists, we need to step back and look at the holistic picture. The Cyber Table Top process brings in all stakeholders and looks at all aspects of security from traditional computers and networks, to human intelligence, to maintenance, to supply chain. Unless you have the complete picture, you can’t develop a comprehensive security plan.

    8:30 am
    The Blockchain Threat Model
    • session level icon
    speaker photo
    VP of Security Strategies, IDC
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Wayne

    Blockchain technology is being touted as the Next Big Thing, seemingly capable of great feats of strength and perhaps even curing the common cold. But what exactly is it and how could it contribute to a security program? Perhaps more importantly, what are its inherent weaknesses? This session will delve into the technology, use cases, and threat model of distributed ledger technologies.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: Meet Your New Board Member – Mr. Robot
    • session level icon
    speaker photo
    Director, Cyber Information Security Practices at ISACA and DoD Instructor
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    Artificial Intelligence learns from previous situations to guide, and in some cases, automate data-informed decisions. In fact, AI and Decision Making was named as one of the Deep Shift Technology Tipping Points and Society Impact findings of the 2015 WEF Survey Report. The first AI machine on a corporate board of directors is expected in 2026.

    At the same time, ISACA Sr. Manager Frank Downs believes that many corporate boards would benefit from expanding their definition of and commitment to governing business technology opportunity and responsibility. In the spirit of better governance, does the board of the future need to make room for an AI machine? If the best corporate leaders choose to surround themselves with the smartest minds—individuals who bring expertise beyond their own—then what is the role of AI on corporate boards? In this strategic and entertaining session, Downs will share his views on AI and its potential for boards and governance.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable (VIP / Invite Only)
    • session level icon
    speaker photo
    Information Security & Incident Response Team Lead, Wawa Inc.
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: Strafford
    11:15 am
    (ISC)2 Meet and Greet
    • session level icon
    Open to All Attendees
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Interested in your local associations? Join (ISC)2 for a social meet & greet and chapter news.

    11:15 am
    How to Build an Effective Security Awareness Program
    • session level icon
    speaker photo
    VP, Threat & Vulnerability Management Officer, The Bancorp
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Malvern

    How to build an effective security awareness program and help your team recognize phishing and BEC.

    11:15 am
    The Impact of the GDPR on Cross-Border Data Management and Cybersecurity
    • session level icon
    Walking the Tightrope of Compliance and Business Efficiency
    speaker photo
    Managing Partner & Co-Founder, XPAN Law Group, LLC
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Villanova

    Principles of data privacy, technology, and cybersecurity converge when organizations exchange, transfer and process information. With the forthcoming European Union’s General Data Protection Regulation (GDPR), the intersection of data, technology, business and law is poised to become increasingly complex. And each of these complications will have a huge impact on a company’s operations, network infrastructure, and legal relationships with third-parties. This presentation will explore the impact of the GDPR on cross-border data management, its intersection with domestic data obligations and its effect on creating efficient and secure data management practices that meet the needs of the business.

    11:15 am
    Radware: Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Wayne

    Throughout 2017 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    Trend Micro: Preparing Your Business for GDPR Compliance
    • session level icon
    speaker photo
    VP, Infrastructure Strategies, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: Haverford

    The EU General Data Protection Regulation will soon be in effect for all businesses with access to the personal data of EU citizens. Join William Malik as he explores the concept of privacy and how its evolution has been spurred by technological disruptions throughout modern history. Examine key highlights in the journey of GDPR preparation – including assessing organizational risks, tackling high-volume data sources, designing a remediation strategy and leveraging your successes to build your brand and reputation. Special attention must be paid to the implications of GDPR on blockchain deployments, as well.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    speaker photo
    Manager, Information Security, Health Partners Plans
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: Strafford
    12:15 pm
    LUNCH KEYNOTE: Successfully Innovating for the 21st Century: Now That We've Learned About Thinking Inside-the-Box, Can We Succeed at Thinking Outside-the-Box?
    • session level icon
    speaker photo
    Asst. Professor of Systems Engineering, U.S. Military Academy, Research Scientist, Army Cyber Institute
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    LTC Wong has given a number of talks introducing a systematic framework to distinguish between four different types of innovation: sustaining and incremental ones that tend to originate reactively, and breakthrough and revolutionary ones that have the greatest chances to proactively reshape the future. In this talk, he builds on his “inside-the-box” framework for increasing the odds of coming up with the next wave of successful innovations for winning in cyber warfare by getting us all to be better at thinking “outside-the-box.”

    1:15 pm
    Panel: The Future Threatscape – Ransomware and Beyond
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Villanova
    1:15 pm
    Panel: What's Next? Emerging Threats
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater
    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Don’t Get Run Over by the DevOps Train
    • session level icon
    speaker photo
    Platform Security Architect, Vanguard
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Haverford

    The freight train of DevOps is speeding, and security folks are likely to be run over by it or left behind. In the world of automation through APIs and infrastructure as a code, security is blindsided and trying to catch up. This session will provide some tips and tools for DevSecOps.

    3:00 pm
    Security Awareness: Reality vs Requirements
    • session level icon
    speaker photo
    CISO, The Bancorp
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Wayne

    Security awareness training is a required piece of an Information Security Program. However, the requirements do not always translate to secure practices in the real world. This session is designed to show how to meet regulatory requirements and have a meaningful security awareness program.

    3:00 pm
    OSINT/Social Engineering – Weaponizing Psychology and Sociology for Better Phishing
    • session level icon
    speaker photo
    Partner, DFDR Consulting.com
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Villanova

    Identifying Social Engineering threats to an organization is a critical function of security. With SE being the #1 vector of attack for threats, managing risk and exposures through advanced analysis and threat modeling is critical. This session will outline advanced tactics, psychological profiling methods, tradecraft and open source investigation methods not previously explored which can be used to both attack and defend a company.

Exhibitors
  • AccessIT Group Partnering with Check Point
    Booth: 104

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • APM Systems Inc.
    Booth: 402

    APM Systems is one of the Philadelphia Region’s leading IT Security focused solution providers, for 16 years. Applying practical and effective IT security solutions, APM has helps secure businesses of all sizes from external and internal data security threats. The threat landscape in the past several years has changed in exceptional ways. At SecureWorld  Philadelphia, APM presents Sonicwall Security Solutions that help us fight the cyberwar battles facing us on daily basis. APM has nearly 20 years of experience working with Sonicwall technologies and enjoys bringing technology expertise to companies in Philadelphia and nationwide. Rapidly improve your security infrastructure and solve critical security challenges with Sonicwall and APM Systems.

  • ASIS
    Booth: TBD

    ASIS International is the world’s largest membership association for security professionals. With hundreds of chapters across the globe, ASIS is recognized as the premier source for learning, networking, standards, and research. ASIS ensures its members and the security community have access to the intelligence and resources necessary to protect their people, property, and information assets. www.asisonline.org

  • baramundi software USA, Inc.
    Booth: 316

    baramundi software USA, Inc. provides companies and organizations with efficient, secure, and cross-platform management of workstation environments. Around the world, over 2,000 customers of all sizes and from every sector benefit from the independent German manufacturer’s many years of experience and outstanding products. These are compiled into an integrated, future-orientated unified endpoint management approach in the baramundi Management Suite: endpoint management, mobile device management, and endpoint security are provided via a shared interface, using a single database, and according to global standards.

  • Barkly
    Booth: 308

    Barkly is advancing endpoint security with the strongest, smartest protection delivered with simplicity. The Barkly Endpoint Protection Platform provides multi-vector attack blocking for exploits, scripts, executables, ransomware, and more, and has visibility into all levels of the system, including the CPU. Barkly is formed by an elite team of security and SaaS experts from IBM, Cisco, and Intel, backed by investors NEA and Sigma Prime, and independently certified for anti-virus replacement, HIPAA, PCI DSS & NIST. Learn more by visiting us at www.barkly.com, or follow us on Twitter @BarklyProtects.

  • Bay Pay Forum
    Booth: TBD

    The BayPay Forum, a Silicon Valley-based international network composed of over 14,000 payment and commerce executives, entrepreneurs and investors from thousands of different companies, serves as a forum to connect members in identifying and understanding the emerging trends and innovations in the industry.

  • Bromium
    Booth: 106

    Bromium was founded in 2010 with a mission to restore trust in computing. The company’s founders, Ian Pratt and Simon Crosby have a long and deep history of innovation in virtualization and security. Inspired by the isolation principles of traditional virtualization, the Bromium team has created a game-changing new technology called micro-virtualization to provide powerful enterprise by protecting end users against advanced malware. Bromium has its headquarters in Cupertino, California and an R&D center in Cambridge, UK. The company is backed by top-tier investors, including Andreessen Horowitz, Ignition Capital, Highland Capital Partners, Intel Capital, Meritech Capital and Lightspeed Venture Partners.

  • Carbon Black
    Booth: 210

    Carbon Black is Transforming Security Through Big Data and Analytics in the Cloud Growing trends in mobility and cloud have made the endpoint the new perimeter. New and emerging attacks are beating traditional defenses, and security teams are too reactive and held back by their technologies. Carbon Black is leveraging the power of big data and analytics to solve the challenges surrounding endpoint security. With the Cb Predictive Security Cloud platform, we are transforming cybersecurity to deliver a new generation of cloud-delivered security solutions designed to protect against the most advanced threats.

     

  • CIOReview
    Booth: TBD

    CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIOReview is an excellent platform for the enterprise to showcase their innovative solutions.

  • Critical Design Associates, Inc.
    Booth: 106

    An Information Technology consulting firm dedicated to improving our customers business through the use of technology. We are committed to the needs of our clients. Through integrity, dedication, and teamwork we provide our customers the highest quality of service. Our success is only measured by the success of our clients.

  • Cylance
    Booth: 212

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • Darktrace
    Booth: 304

    Darktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.

  • Delta Risk
    Booth: 100

    Delta Risk was founded in 2007 from a vision of strategic and operational effectiveness to assist private sector and government organizations in understanding their current cyber security posture and building advanced cyber defense and risk management capabilities. We are a global provider of strategic, operational, and advisory solutions, including managed security services and security consulting services. Delta Risk is a Chertoff Group company.

  • DeSales University Cyber Security Program
    Booth: 110

    DeSales University offers an exciting digital forensics certificate program, composed of four courses, that teaches students how to recover evidence from various types of electronic devices. Students receive hands-on experience with popular forensic tools and are prepared to address the legal and investigative issues involved with seizing and handling digital evidence. Graduates of the certificate program can add more courses toward a master’s degree in criminal justice or information systems. All courses are online, allowing students with busy schedules greater flexibility.

  • Digital Guardian
    Booth: 200

    Digital Guardian provides the industry’s only threat aware data protection platform that is purpose built to stop data theft from insiders and outside adversaries. The Digital Guardian platform performs across the corporate network, traditional endpoints, mobile devices and cloud applications and is buttressed by a big data security analytics cloud service, to make it easier to see and block all threats to sensitive information.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Electronic Crimes Task Force
    Booth:

    The role of the U.S. Secret Service has gradually evolved since the agency’s 1865 inception, from its initial mandate — suppressing the counterfeiting of U.S. currency — to protecting the integrity of the nation’s financial payment systems. During this time, as methods of payment have evolved, so has the scope of the Secret Service’s mission. Computers and other chip devices are now the facilitators of criminal activity or the target of such, compelling the involvement of the Secret Service in combating cyber crime. The perpetrators involved in the exploitation of such technology range from traditional fraud artists to violent criminals – all of whom recognize new opportunities to expand and diversify their criminal portfolio.

  • enSilo
    Booth: 300

    enSilo is a cyber-security company that offers a real-time data protection platform against advanced attacks. The company was founded on the recognition that external threat actors cannot be prevented from infiltrating networks, and instead focuses on preventing the theft and tampering of critical data in the event of a cyber-attack. enSilo enables organizations to continue running their business operations securely and without interruption, even during investigation and remediation of attacks, by blocking in real-time any data-related malicious activity. enSilo’s platform requires no prior knowledge or configuration of users or data.

  • ExtraHop
    Booth: 114

    ExtraHop is a force multiplier for IT teams struggling with increasing complexity. With the ExtraHop platform, organizations can regain control over the security and performance of their applications and infrastructure, and capitalize on their data analytics opportunity to improve business operations and results. Learn more at www.extrahop.com

  • Global Cyber Alliance
    Booth: TBD

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • GuidePoint Security LLC
    Booth: 200

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

  • Gigamon
    Booth: 200

    Gigamon is leading the convergence of network and security operations to reduce complexity and increase efficiency of security stacks. Our GigaSECURE® Security Delivery Platform is a next generation network packet broker that makes threats more visible – across cloud, hybrid and on-premises environments, deploy resources faster and maximize the performance of security tools.

  • HTCIA Delaware Valley Chapter
    Booth:

    The High Technology Crime Investigation Association (HTCIA) is designed to encourage, promote, aid and effect the voluntary interchange of data, information, experience, ideas and knowledge, about methods, processes, and techniques relating to investigation and security in advanced technologies among its membership.

    By becoming a member of the HTCIA you will affiliate yourself with a professional organization which will help you fully understand and address issues associated with investigations, apprehensions and methodologies associated with the newest breed of high tech criminals. With the explosion in use of computers and the Internet, there is an uprising in criminal activities that utilize these powerful tools. From computer viruses to data processing fraud, there are many growing threats that expose our society to a new kind of criminal activity.

  • InfraGard Philadelphia
    Booth:

    InfraGard is a partnership between the FBI and the private sector. It is an association of people from businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Philadelphia InfraGard Members Alliance (IMA) provides a forum for the exchange of information between the government, the owners and operators of the national infrastructure, and others concerned with the protection of the national infrastructure. Philadelphia IMA supports eastern Pennsylvania and southern New Jersey. Membership is free and new members are welcome.

  • iovation
    Booth: 208

    iovation protects online businesses and their end users against fraud and abuse, and identifies trustworthy customers through a combination of advanced device identification, shared device reputation, device-based authentication and real-time risk evaluation. More than 3,500 fraud managers representing global retail, financial services, insurance, social network, gaming and other companies leverage iovation’s database of billions of Internet devices and the relationships between them to determine the level of risk associated with online transactions. The company’s device reputation database is the world’s largest, used to protect 15 million transactions and stop an average of 300,000 fraudulent activities every day. The world’s foremost fraud experts share intelligence, cybercrime tips and online fraud prevention techniques in iovation’s Fraud Force Community, an exclusive virtual crime-fighting network.

  • ISACA Philadelphia
    Booth:

    The Philadelphia Chapter of ISACA has a membership base of more than 1,600 individuals primarily located in the Philadelphia and the surrounding suburbs, extending into Delaware and Southern New Jersey. The membership of the Chapter includes professionals working in various industries and capacities. From students through experienced C-level executives, the Philadelphia Chapter provides, training, networking and social events to this diverse group who share the common goal of providing expertise in IT audit, security, risk, and governance topics to their colleagues. The Chapter conducts events on a monthly basis led by an active, vibrant and dedicated group of volunteers and is actively seeking business partners to help provide value and knowledge to its members.

  • (ISC)2
    Booth: TBD

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA Delaware Valley
    Booth:

    Our chapter serves the Delaware Valley and Mid-Atlantic region. This is comprised of Eastern Pennsylvania, Northern Maryland, Southern New Jersey, and Delaware.
    We are making history as we continue to grow the chapter with your membership, and bring exciting programs to you. If you have not already been involved in the membership meetings, we encourage you to do so. Hopefully, you will walk away with more ideas to take back to your organizations, or you may come away with a sense of – “Hey, we had that same problem”, or “Our company is not alone in dealing with these issues.”

  • Ixia, a Keysight Business
    Booth: 102

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • NetSkope
    Booth: 200

    Netskope offers the industry’s only all-mode architecture that supports any use case. This starts with the option of being deployed 100 percent in the cloud, as an on-premises appliance, or via a hybrid configuration that includes both. When it comes to traffic steering, Netskope supports every possible out-of-band and inline mode, including forward and reverse proxy, secure TAP, API, and log-based discovery. These modes are often used in parallel to cover customers’ multiple use cases.

  • Okta
    Booth: 200

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • OWASP
    Booth:

    The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

  • PACT
    Booth:

    Philadelphia Alliance for Capital and Technologies (PACT)’s vision is to be the go-to resource for fast growing companies, and a driver of entrepreneurship and innovation in the Philadelphia region. PACT provides its members with valuable content and connections to capital, coaching, and customers that will accelerate their growth and success, and to collaborate with other organizations to drive innovation and entrepreneurship in the region. Visit www.philadelphiapact.com for more information.

  • Palo Alto Networks
    Booth: 112

    Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 20Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. Most recently, Palo Alto Networks has enabled enterprises to extend this same network security to remote users with the release of GlobalProtect™ and to combat targeted malware with its WildFire™ service. For more information, visit www.paloaltonetworks.com.

  • Radware
    Booth: 314

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • Rapid7
    Booth: 218

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • SailPoint
    Booth: 108

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Securonix
    Booth: 322

    Securonix is redefining the next generation of cyber-threat detection using the power of machine learning and big data. Our purpose-built security analytics platform uses machine learning to track and create baselines of user, account, and system behavior and detects the most advanced insider threats, cyber threats, and fraud activities in real time. Built on a Hadoop platform, the Securonix solution provides an open platform with unlimited scalability. Securonix provides incident orchestration capabilities with playbooks that enable automated incident response. Globally, customers use Securonix to address their insider threat, cyber threat, cloud security, fraud, and application security monitoring requirements. Visit www.securonix.com.

  • SentinelOne
    Booth: 312

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • Skybox Security
    Booth: 200

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • Splunk
    Booth: 200

    You see servers and devices, apps and logs, traffic and clouds. We see data—everywhere. Splunk® offers the leading platform for Operational Intelligence. It enables the curious to look closely at what others ignore—machine data—and find what others never see: insights that can help make your company more productive, profitable, competitive and secure. What can you do with Splunk?
    Just ask.

  • Sumo Logic
    Booth: 302

    Sumo Logic was founded in 2010 by experts in log management, scalable systems, big data, and security. Today, our purpose-built, cloud-native service analyzes more than 100 petabytes of data, more than 16 million searches, and delivers 10s of millions of insights daily – positioning Sumo among the most powerful machine data analytics services in the world.

  • Synopsys
    Booth: 216

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • Tanium
    Booth: 112

    Tanium was founded to deliver a new and innovative approach to endpoint management and security that delivers instant visibility and responsiveness that does not slow down as the enterprise environment scales. Tanium is empowering the largest enterprises in the world to gather critical information globally from every endpoint and drive remediating action in seconds, including the distribution of patches, applications, and tools – all from a single server.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • ThinAir
    Booth: 310

    ThinAir simplifies information visibility and security, and enables insider threat and information leak investigation in 90 seconds. ThinAir has built the world’s first insider detection and investigation platform that answers sophisticated questions about information creation, consumption, and communication, empowering security and IT professionals to have instant data-element level visibility in real time and historically. To learn more visit thinair.com and connect with us on Twitter @thinairlabs and LinkedIn.

  • Trend Micro
    Booth: 306

    As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With more than 20 years of experience, we’re recognized as the market leader in server security for delivering top-ranked client, server, and cloud-based security solutions that stop threats faster and protect data in physical, virtualized, and cloud environments.

  • Varonis
    Booth: 200

    Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.

  • WatchGuard
    Booth: 214

    Seattle-based WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises. Recognizing an unmet need for a security solution that addresses the rapidly evolving threat landscape, WatchGuard architected its high-throughput, highly scalable, and flexible Fireware® operating system to form the backbone of its products. This platform yields dramatically higher performance at a much lower cost than competitors in environments where multiple security engines are enabled.

  • Wombat Security Technologies
    Booth: 318

    Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%.

  • Xton Technologies
    Booth: 322

    XTAM is a privileged account management software which includes Web based password vault with password rotation, discovery, workflow controlled access, high trust login, session and keystroke recording with instant playback, full audit trail, elevated script automation, alerting and extensive analytics. XTAM integrates with AD/LDAP, SIEM, multi factor authentication providers and ticketing systems. XTAM is an agentless, scalable solution for on premises, hybrid and cloud deployments. Download a free trial now at www.xtontech.com.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Pete Lindstrom
    VP of Security Strategies, IDC

    Pete Lindstrom is VP of Security Strategies for IDC, where he conducts research on digital trust, cybersecurity economics, and new security technologies.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Roy Zur
    Former Major in Israeli Intelligence Forces, CEO and President, Cybint Solutions/BARBRI

    Roy Zur is a cyber intelligence expert, an attorney, and the founder and CEO of Cybint Solutions, a cyber education company. Roy has over a decade of experience in cyber and intelligence operations from the Israeli security forces (Retired Major), and has developed cyber education programs and technological solutions for companies, educational institutions, and government agencies around the world.

  • speaker photo
    John Kveragas
    Owner, TJM Professional Services, LLC

    John E. Kveragas, Jr., CPA, CISA, is a seasoned Internal Audit Executive with over 20 years’ experience in IT, operational, financial, and compliance auditing in multiple industries. John has extensive expertise with building effective internal audit functions, training and development, and managing regulatory exams with positive outcomes for financial institutions ranging from FinTech startups to Top 10 banks. He is the founder and owner of TJM Professional Services which is a cybersecurity consulting and training firm focused on small businesses. John is a frequent speaker for ISACA, The Institute of Internal Auditors, and SecureWorld on the topics of Internal Audit, Information Security, and Compliance.

  • speaker photo
    Conor Gilsenan
    Editor in Chief, All Things Auth, Founder, Two Factor Buddy (2FB)

    Conor Gilsenan is a software engineer who has spent the past eight years focusing on security. He has worn many hats, including: programmer, architect, specification author, and UX contributor. He believes that UX is a critical and historically discounted component of any security solution, and is passionate about putting users first. He is the Editor in Chief at All Things Auth and the Founder of Two Factor Buddy (2FB).

  • speaker photo
    Joan Antokol
    Partner, Park Legal LLC

    Joan Antokol is internationally recognized for her work in data protection. She is the founder and managing partner of Park Legal LLC, a data protection law firm with offices in Indianapolis and New Jersey. Joan is a member of the International Working Group on Data Protection in Telecommunications, a data protection regulator group chaired by the Berlin Data Protection Commissioner, and is also a Privacy by Design Ambassador appointed by the former Ontario, Canada Privacy Commissioner. Previously, Joan was a partner at and chaired the privacy and security practice group at an international law firm and also served as Vice President and Global Privacy Officer for a Fortune 100 pharmaceutical company for 7 years.

  • speaker photo
    Michael Hoehl
    Security Leader, Independent Consultant

    Security Leader with experience in Health, Manufacturing, Financial Services, and Retail Industries.

  • speaker photo
    Devon Bryan
    Executive Vice President and System CISO, Federal Reserve System

    Devon Bryan is Executive Vice President and Chief Information Security Officer (CISO) for the Federal Reserve System. As CISO, Devon oversees information security, including incident response, for the enterprise, ensuring information security architecture, standards, policies, and programs remain effective and efficient. Devon was appointed System CISO in February 2016.

    Devon came to the Federal Reserve from Fortune 500 payroll and human resources provider ADP, where he served as Global CISO. Devon led ADP’s information security strategy, collaborating across the company’s geographically dispersed business operations to ensure coordination, consensus, and effective execution across global operations. Prior to joining ADP in 2011, he served as the Deputy CISO for the Internal Revenue Service (IRS) after directing the IRS’s FISMA-compliant information security program and leading the IRS’s incident response team.

    His information security career began in the U.S. Air Force, where he served as a Captain and lead engineer working on systems and programs to protect the critical network and communications tools of the Air Force’s Air Combat Command.

    Devon is Co-Founder and immediate past president of ICMCP (International Consortium of Minority Cybersecurity Professionals), which he launched in an attempt to bridge the "great minority cyber divide" by providing academic scholarships, innovative outreach, mentoring, and networking programs targeting minority cybersecurity professionals worldwide and by promoting academic and technical excellence in our tradecraft.

    Devon received a Bachelor of Science, Applied Mathematics from South Dakota Technological University and a Master of Science, Computer Science from Colorado Technological University, graduating Summa Cum Laude. He holds multiple certifications: CISSP, CIPP/US, CIPP/EU, and CISA. He participates in several industry forums, and is a sought after speaker and writer on emerging cybersecurity trends and issues.

  • speaker photo
    Louise O’Donnell
    Senior Manager, TD Ameritrade
  • speaker photo
    Jonathan Lange
    Executive Manager, baramundi software USA, Inc.

    Jonathan Lange is sales manager for baramundi software USA, Inc. in the US market. Having advised customers in various countries from small businesses to global enterprises, he is well aware of the challenges IT departments face today in order to keep their infrastructure up-to-date, safe and efficient.

  • speaker photo
    Rebecca Rakoski
    Co-Founder and Managing Partner, XPAN Law Group

    Rebecca Rakoski is co-founder and managing partner at XPAN Law Group, a certified Women Owned boutique law firm. Rebecca focuses her practice exclusively on cybersecurity and data privacy. She has extensive experience in all aspects of cybersecurity, data privacy and cross border data transfer issues. Rebecca performs in-depth cybersecurity assessments and audits in accordance with regulatory requirements. Rebecca counsels clients through a breach by navigating the complexities of different state and federal regulations. Rebecca also performs cybersecurity and data privacy due diligence in M&A transactions, protecting intellectual property, and even transition and succession planning.

  • speaker photo
    Robert McKosky
    Asst. Professor, Drexel University

    Dr. Robert McKosky served as the Director of Information Security at MBNA America and was the Technical Program Director for the Network Infrastructure Laboratory at GTE. He has organized and participated in various simulated attacks (Tiger Teams) to identify weaknesses in security systems. Mac has consulted to the CTIA, NSA, Secret Service, FBI, CIA, Scotland Yard, the Royal Canadian Mounted Police, and various state and local law enforcement organizations. Mac is a Certified Secure Software Lifecycle Professional (CSSLP) and a Certified Information System Security Professional (CISSP) and was one of the authors of the original certification exam.

  • speaker photo
    Chris Thielet
    Account Executive, Wombat Security

    Chris has over 15 years' experience in training program development. For over two years at Wombat he has worked with security professionals in over 22 countries to plan, develop, and implement successful cybersecurity education programs. These programs have focused on phishing simulations, training methodologies, and engaging end users to reduce risk.

  • speaker photo
    Louise O’Donnell
    Senior Manager, TD Ameritrade
  • speaker photo
    Demetrios Lazarikos
    3-time former CISO (vArmour, Sears, Silver Trail Systems), Founder and IT Security Strategist, Blue Lava Consulting

    Demetrios Lazarikos (Laz), a recognized visionary for building Information Security, fraud, and big data analytics solutions, is the Founder and IT Security Strategist for Blue Lava Consulting.

    Laz has more than 30 years' experience in building and supporting some of the largest InfoSec programs for financial services, retail, hospitality, and transportation verticals. Some of his past roles include: CISO at vArmour, CISO at Sears, CISO at Silver Tail Systems (acquired by RSA/EMC), VP of Strategic Initiatives at ReddShell Corporation (acquired by TrustWave), and a former PCI QSA.

    Laz is an Adjunct Professor at Pepperdine University's Graziadio School of Business and Management. He holds a Master’s in Computer Information Security from the University of Denver and an MBA from Pepperdine University, and has earned several security and compliance certifications.

  • speaker photo
    Lena Licata
    Director, EisnerAmper LLP

    Lena Licata is a Director in the Consulting Services Group, at EisnerAmper LLP, with over 10 years of experience including public accounting and private industry. She assists clients primarily in the financial services, providing a host of IT audit and risk services including identity and access management remediation, vendor risk and internal audit engagements.

  • speaker photo
    Joan Antokol
    Partner, Park Legal LLC

    Joan Antokol is internationally recognized for her work in data protection. She is the founder and managing partner of Park Legal LLC, a data protection law firm with offices in Indianapolis and New Jersey. Joan is a member of the International Working Group on Data Protection in Telecommunications, a data protection regulator group chaired by the Berlin Data Protection Commissioner, and is also a Privacy by Design Ambassador appointed by the former Ontario, Canada Privacy Commissioner. Previously, Joan was a partner at and chaired the privacy and security practice group at an international law firm and also served as Vice President and Global Privacy Officer for a Fortune 100 pharmaceutical company for 7 years.

  • speaker photo
    Blake Collins
    Director of Clinical Engineering, Christiana Health Care System

    Blake Collins has been in the Health Technology field for over 27 years and the health care industry for over 34 years. He retired from the United States Navy after 21 years in 2004. He received his basic and advanced BMET training in Aurora, Co. at the United States Army Medical Equipment and Optical School. After retirement, he became a Regional Director for a large health system in Knoxville, TN before joining TriMedx in 2006 as a Regional Director of Service operations. In 2012 he joined Christiana Care in Newark, Delaware, as the Director of Clinical Engineering.

    Blake received his BSOE in Biomedical Technology from Wayland Baptist University, has an MBA, and is a certified BMET, Healthcare Technology Manager and Fellow at the Advisory Board Company.

  • speaker photo
    Akshay Finney
    Associate, Meditology Services

    Akshay Finney is an IT Risk Management Associate who specializes in Security risk assessments and Medical Device Security. As an Associate, he works closely with the Risk Management Team to assess and identify the client’s risks, and guide them in mitigating the identified risks. He also specializes in security and network operations to provide actionable intelligence to clients. He has developed and helped execute strategic security programs for various clients. He has experience with various regulatory frameworks such as HIPAA, HITRUST and SOC-2. He is a Master’s graduate in Cybersecurity and is a security researcher on cyber physical systems and Internet of Things.

  • speaker photo
    Cheryl Carmel
    VP, Security, OnSolve

    Cheryl Carmel, CISSP, CIPT, is the Vice President of Security for OnSolve. Her responsibilities include all domains of the Security Program for the company. Her background includes many years in various roles in the security and technology field, in industries including business continuity and financial software.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Roy Zur
    Former Major in Israeli Intelligence Forces, CEO and President, Cybint Solutions/BARBRI

    Roy Zur is a cyber intelligence expert, an attorney, and the founder and CEO of Cybint Solutions, a cyber education company. Roy has over a decade of experience in cyber and intelligence operations from the Israeli security forces (Retired Major), and has developed cyber education programs and technological solutions for companies, educational institutions, and government agencies around the world.

  • speaker photo
    Happy Hour
  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Roy Zur
    Former Major in Israeli Intelligence Forces, CEO and President, Cybint Solutions/BARBRI

    Roy Zur is a cyber intelligence expert, an attorney, and the founder and CEO of Cybint Solutions, a cyber education company. Roy has over a decade of experience in cyber and intelligence operations from the Israeli security forces (Retired Major), and has developed cyber education programs and technological solutions for companies, educational institutions, and government agencies around the world.

  • speaker photo
    Alejandro Languren
    Information Security Officer, DLL Group

    Alejandro is a cybersecurity professional, experienced in Information Security, IT Infrastructure, and Software Development areas—with working experience in multinational organizations covering positions in the United States and Latin America. Currently working in a world class financial organization, with continuous collaboration with diverse and multicultural teams worldwide. He holds a bachelor’s degree in Communications and Electronics and a master’s degree in Computer Sciences from Mexico’s National Polytechnic Institute; as well as CISSP, CISSM, CISA, CRISC, CEH and CSM certifications.

  • speaker photo
    Tom Plummer
    Cybersecurity Fellow, Lockheed Martin

    Cybersecurity Fellow to provide architecture guidance across products and programs. BS Computer Engineering. CISSP.

  • speaker photo
    Pete Lindstrom
    VP of Security Strategies, IDC

    Pete Lindstrom is VP of Security Strategies for IDC, where he conducts research on digital trust, cybersecurity economics, and new security technologies.

  • speaker photo
    Frank Downs
    Director, Cyber Information Security Practices at ISACA and DoD Instructor

    Downs, an 11-year cybersecurity specialist, graduated with a bachelor’s degree in English from the University of Maryland, after which he promptly joined the US Department of Defense as a subject matter expert, working with computer networks on a daily basis. Realizing that English and cybersecurity were two very different concepts, Frank proceeded to obtain a master’s degree in cybersecurity from UMBC, after a pit stop at Johns Hopkins to obtain a master’s degree in Government. Eventually, he decided to ease the learning process for individuals transitioning from non-technical backgrounds into cybersecurity by becoming a full-time Intelligence and Operations Consultant for multiple federal law enforcement and intelligence agencies. He is now Senior Manager, Cyber Information Security Practices at ISACA, sharing the good news about ISACA’s Cybersecurity Nexus (CSX) platform.

  • speaker photo
    David Ruess
    Information Security & Incident Response Team Lead, Wawa Inc.
  • speaker photo
    Peter Iancic
    VP, Threat & Vulnerability Management Officer, The Bancorp

    Peter has over 10 years of experience in cybersecurity, working for financial industry companies such as JP Morgan Chase and The Bancorp. He holds multiple certifications, including CISSP, CEH, and CHFI.

  • speaker photo
    Jordan Fischer
    Managing Partner & Co-Founder, XPAN Law Group, LLC

    Jordan is a co-founder and managing partner of XPAN Law Group, LLC, a certified Women-Owned Enterprise law firm. She focuses her practice on international data privacy, cybersecurity and cross-border data management, with a special emphasis in European Union data privacy regulations and the forthcoming GDPR. She has extensive experience in the intersection of law and technology. With a global perspective, Jordan works with clients to create cost-effective and business oriented approaches to cybersecurity and data privacy compliance. Jordan is also an adjunct law professor at the Thomas R. Kline School of Law, where she teaches a variety of legal courses.

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    William J. Malik, CISA
    VP, Infrastructure Strategies, Trend Micro

    William Malik is VP of Infrastructure Strategies at Trend Micro. As a founder of Gartner’s Information Security Strategies service in the mid-1990s, Bill has deep expertise in information security matters. He has spoken on information security, identity management, privacy, business continuity, and enterprise architecture. During his IBM career he guided the mainframe operating system zOS (then MVS) through the process leading to a NIST/NSA B1-level security rating. He taught a graduate class on Information Security Policy at Georgia Tech and authored the chapter “Information Security Policy in the US National Context” for the text “Information Security: Policy, Processes, and Practices."

  • speaker photo
    Daniel Reither
    Manager, Information Security, Health Partners Plans
  • speaker photo
    Lieutenant Colonel Ernest Wong
    Asst. Professor of Systems Engineering, U.S. Military Academy, Research Scientist, Army Cyber Institute

    Ernest Wong is a Research Scientist at the Army Cyber Institute and a United States Military Academy Assistant Professor of Systems Engineering.

  • speaker photo
    Vana Khurana
    Platform Security Architect, Vanguard

    Vana Khurana, CISSP, CCSP, CCSK and Certified AWS Architect Associate, a security practitioner for 10+ years, currently working as Platform Security Architect for a financial firm. Vana is also board member for the Delaware Valley chapter of Cloud Security Alliance, and an adjunct faculty of Computers Sciences at Temple University.

  • speaker photo
    Anthony Meholic
    CISO, The Bancorp

    Anthony is currently Director of Cybersecurity, Chief Security Officer at The Bancorp Inc. in Wilmington, Delaware. He has worked extensively with application development including creation of simulation software for emergency medical providers, work with local government agencies on EMS trending and metrics and customized user interfaces for medical diagnostic software. His experience in Information Security at The Bancorp, JPMorgan Chase, Citibank and Republic Bank in Philadelphia included detailed work on encryption key management, security reviews, risk assessments and security testing for financial institutions. He has been responsible for the creation and implementation of numerous information security programs such as: Mapping of the Cybersecurity program to the NIST Cybersecurity Framework and FFIEC Self-Assessment Tool, Vendor Management, project security reviews, customized encryption key management, establishment of an internal penetration testing program, comprehensive risk assessment, and vulnerability management. Anthony is a graduate of Michigan State University and has over 20 years of IT experience. He is a regular speaker at international information security conferences and is a frequent trainer for a variety of federal agencies. Anthony has authored numerous articles for Tech Target, Information Security Magazine and Hackin9 Magazine.

  • speaker photo
    Ken Pyle
    Partner, DFDR Consulting.com

    Ken Pyle is a partner of DFDR Consulting specializing in Information Security, Computer Forensics, Enterprise Virtualization and Network Engineering. Ken has an extensive background in Network Penetration and Remediation, Compliance and Secure Design. Prior to joining DFDR, he served as a Security and Network Engineer for several Information Technology companies and as the IT Director/Security Engineer of a large accounting firm. Ken has consulted with financial institutions, banks, government defense contractors and other highly secure facilities on issues of Information Security, Computer Forensics and Secure Network Design.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
15th Annual Conference

Don't miss out! Join your InfoSec peers for high-quality, affordable training and networking. Sign up today.