googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, March 23, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Counter / Lobby

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Topic: Security Awareness After the Pandemic
    speaker photo
    Owner, Carmel Consulting LLC
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:20 am
    Location / Room: Revolution Chophouse (Mezzanine)

    This roundtable discussion is for our Advisory Council members only. Discussion will be moderated by Cheryl Carmel.

    7:30 am
    [PLUS Course] Privacy & Security by Design & Default: Understanding the Convergence of Law, Policy & Technology
    • session level icon
    Part 1: Trends in the Law: An Overview of the Regulatory & Legal Landscape
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 8:30 am
    Location / Room: Magnolia

    Attendees are eligible to receive 18 CPE credits (including 12 CPEs from the Conference Pass).

    Increasingly, each country, and even each state, is providing unique legal solutions to data privacy and security. For businesses that cross borders, both national and domestic, this creates distinct challenges to building effective solutions. These evolving privacy, security and technology requirements are impacting the growth and innovation within companies, requiring strategic decisions regarding risk, legal liability, and strategic planning.

    Often, the concepts of security and privacy by design and by default are built into these legal requirements. But, understanding the requirements of the law, and translating those requirements into technological solutions can be challenging. This workshop will provide in-depth understanding of those legal requirements, and provide a framework to help the industry incorporate these core concepts of design within technology.

    The course will start with an overview of general privacy and security legal and policy principles, and then will focus on two key laws that are pushing the privacy and security laws: the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”). Using these laws, we will discuss case studies, and how to communicate, plan, and strategize on products and solutions that incorporate privacy and security requirements.

    The course will include both lecture and hands-on exercises. The goal is for attendees to take away tools and strategies to bring this conversation to their teams and departments.

    7:30 am
    [PLUS Course] Hands-on Introduction to Digital Forensics
    • session level icon
    Part 1: Electronic Evidence
    speaker photo
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 8:30 am
    Location / Room: Maple

    Attendees will learn how to properly seize and analyze electronic evidence. The course will cover protecting the integrity of digital evidence, maintaining the chain of custody, creating forensic images, analyzing evidence, and reporting relevant findings. Students will have the opportunity to participate in practical exercises to gain hands-on experience with handling electronic evidence and using digital forensics tools. Attendees will be provided with resources that they can use when handling incidents that involve electronic evidence.

    Part 1: Electronic Evidence

    • Crimes involving electronic devices
    • Introduction to electronic evidence
    • Introduction to digital forensics
    • Differences in digital forensics involving criminal cases, civil cases, and administrative issues

    Part 2: Preparing to Conduct Forensic Examinations

    • Hardware requirements
    • Digital forensics software tools
    • Open source tools vs. commercial tools
    • Setting up a forensic lab

    Part 3: Acquiring Forensic Evidence

    • Techniques for properly seizing electronic evidence
    • Managing chain of custody
    • Maintaining the integrity of evidence and preventing evidence destruction
    • Creating a forensic image
    • Forensic imaging tools
    • Capturing volatile memory

    Part 4: Analyzing Forensic Evidence

    • Analyzing evidence
    • Recovering deleted files
    • Useful forensic artifacts
    • Creating forensic reports
    • Testifying in court
    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:30 am
    [Opening Keynote] Three CISOs Walk into a Bar
    • session level icon
    speaker photo
    VP, CISO, TE Connectivity
    speaker photo
    CISO, ChristianaCare Health System
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Let’s face it, cyber is tough and the need to be always on is, well, always on. However, come pull up a chair and join in on the conversation as three local CISOs across three verticals discuss best practices across a wide range of topics to include personal branding, executive messaging, tech implementation tips, and more.

    9:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:15 am - 9:45 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:45 am
    How to Remediate at Scale with Zero Impact on Your Configuration Security Gaps
    • session level icon
    speaker photo
    Director of Security Services, Novacost
    speaker photo
    Co-Founder & CEO, CISO, Gytpol
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am
    Location / Room: Laurel East

    Your endpoints are the entry points for threat actors.  How to implement a Configuration Security Management platform which automatically remediates with zero impact your misconfigurations and human errors.  Finally, maintaining better cyber hygiene is no longer a costly  or timely chore.

    9:45 am
    Building a Better Team
    • session level icon
    speaker photo
    Director of Information Security, ChristianaCare
    Registration Level:
    • session level iconConference Pass
    9:45 am - 10:30 am
    Location / Room: Laurel West

    Key take-away:
    An understanding of what it takes to create an excellent information security team.

    Presentation Level:
    MANAGERIAL (security and business leaders)

    9:45 am
    A Floppy Disk, the Internet, and a Threat Hunter
    • session level icon
    speaker photo
    Sr. Sales Engineer Manager, Gigamon
    speaker photo
    Sr. Manager, Customer Success Security Team, Gigamon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am
    Location / Room: Parkview Ballroom

    A brief overview of the history of ransomware, going from one of the first initial known attacks to modern day. Giving you an understanding how the model has changed from an opportunistic smash and grab method to a low and slow targeted approach, to include ransomware-as-a-service. Discussing assets that are needed by the threat hunter in the organization to identify and resolve the threat in an environment before and after an organization is targeted by a ransomware organization.

    10:40 am
    Social Media & Security: What Are the Risks for Security Staff?
    • session level icon
    speaker photo
    Chief Risk and Innovation Officer, MRS BPO, LLC
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am
    Location / Room: Laurel East
    10:40 am
    Continuous Security Compliance
    • session level icon
    speaker photo
    Director of Cloud Security, Financial Services
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am
    Location / Room: Parkview Ballroom

    One of the least exciting tasks in security is providing compliance evidence to auditors and periodically validating security controls manually. Surely we can do better than taking screenshots and uploading evidence to a compliance portal. This talk focuses on using an open source tool that utilizes drag and drop API integration to automate common security compliance tasks. There will be a demo and link to integrations with common security tools so that you can start automating your compliance tasks today.

    10:40 am
    PCI 4.0: What Is Coming?
    • session level icon
    speaker photo
    Director, Audit and Compliance, CipherTechs, Inc.
    Registration Level:
    • session level iconOpen Sessions
    10:40 am - 11:25 am
    Location / Room: Laurel West

    PCI 4.0 is coming out at the end of first quarter 2022. There are many changes that are involved with wording, testing, and the forms for submission. This session will talk about some of the changes that may affect you for the SAQs and the ROCs, such as what additional documentation and activities you will need prior to having PCI 4.0 implemented by the end of 2024 going into 2025.

    11:30 am
    [Lunch Fireside Chat] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Assistant to the Special Agent in Charge, United States Secret Service
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    speaker photo
    Assistant to the Special Agent in Charge, New York Field Office, U.S. Secret Service
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:30 pm
    Location / Room: Keynote Theater
    11:30 am
    Advisory Council Lunch Roundtable (VIP / Invite Only)
    • session level icon
    Topic: Evaluating Today's Threats and Security Controls
    speaker photo
    Sr. Security Architect, SecureWorks
    Registration Level:
    • session level iconVIP / Exclusive
    11:30 am - 12:30 pm
    Location / Room: Revolution Chophouse (Mezzanine)

    This roundtable discussion is for our Advisory Council members only. Discussion will be moderated by Phread Cichowski.

    Generously supported by:

    12:30 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:00 pm
    [Panel] Cloud: Doing More with Less
    • session level icon
    speaker photo
    Senior Sales Engineer, Open Systems
    speaker photo
    Global Director, Channel Solutions Engineering, CyberArk
    speaker photo
    Sr. Sales Engineer, Orca Security
    speaker photo
    Security Engineering Manager, Check Point
    speaker photo
    Sr. Solutions Architect, Securonix
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm
    Location / Room: Laurel East

    The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

    1:00 pm
    [Panel] The Current Threat Landscape
    • session level icon
    speaker photo
    Area Vice President, Security Strategy, Deepwatch
    speaker photo
    Sr. Account Executive, Hoxhunt
    speaker photo
    Director, Solutions Engineering and Alliances, Automox
    speaker photo
    Principal Security Engineer, Salt Security
    speaker photo
    Head of Security Operations, Abnormal Security
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm
    Location / Room: Keynote Theater

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    2:00 pm
    Cloud Security Alliance Member Meeting
    • session level icon
    Topic: Cloud Security Certification | Open to all attendees
    speaker photo
    Sr. Solutions Architect, Security Specialist, Cloud Security Alliance Delaware Valley
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm
    Location / Room: Parkview Ballroom

    Special presentation on Cloud Security Certification by Vana Khurana, Board Member and Director of Training for CSA Delaware Valley Chapter

    2:00 pm
    Benchmarking Your Cybersecurity Program
    • session level icon
    speaker photo
    Leader in Cybersecurity Strategy, Innovation, and Economics
    Registration Level:
    • session level iconConference Pass
    2:00 pm - 2:45 pm
    Location / Room: Laurel West

    Key take-away:
    The audience will learn how to measure the benefits and costs of its cybersecurity program.

    For years, enterprises have recognized the need for a cybersecurity program, but it can be very difficult to measure its value. Implementing “best practices” is often an exercise in futility, compliance audits are too general and subjective, and everybody seems to have their own notion of what works. Using data from the audience, this session will review the ways an organization can benchmark its security program to gain deeper insight into its functional costs and benefits.

    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    2:00 pm
    MITRE ATT&CK Framework
    • session level icon
    speaker photo
    CISO, Flagship Credit Acceptance
    Registration Level:
    • session level iconConference Pass
    2:00 pm - 2:45 pm
    Location / Room: Laurel East

    This powerful tool provides a language to define, track, and categorize attacker tactics, techniques, and procedures (TTPs). It can also be used to gain a deeper understanding of how, why, and when attackers may abuse a technique. By combining threat actor intelligence with the ATT&CK “dictionary,” you can add critical context to your detections to increase the effectiveness of your security controls tests and the fidelity of your results.

    2:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:45 pm - 3:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    3:15 pm
    AccessIT - How Does Your Crisis Management Playbook Stack up During a Real-World Conflict?
    • session level icon
    speaker photo
    CISO, Afiniti
    speaker photo
    VP, Professional Services, AccessIT Group
    speaker photo
    VP, CISO, TE Connectivity
    speaker photo
    President, The Palatin Group LTD
    speaker photo
    Managing Director, Palatin Group SK
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 4:00 pm
    Location / Room: Keynote Theater

    With the threat of cyberwarfare looming stateside, is your company prepared for the possible digital infrastructure and data attacks against them? Hear Andrew Smeaton, CISO for DataRobot, share his experiences of executing a crisis management plan in the midst of real-time warfare. Andy will be joining us to share what he has witnessed happen on the ground in Ukraine and discuss with fellow CISO panelists how InfoSec executives are pivoting their cyber skills to aid in humanitarian efforts and why your organization should be reviewing your crisis management playbook to adapt to conflict in real-time.

    Sponsored by:

    3:15 pm
    ISACA Philadelphia Chapter Meeting
    • session level icon
    Open to all attendees
    speaker photo
    CEO, SEVN-X
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 4:00 pm
    Location / Room: Parkview Ballroom
    Come join chapter members to network, learn about ISACA, and meet your local chapter board members.
    3:15 pm
    [PLUS Course] Privacy & Security by Design & Default: Understanding the Convergence of Law, Policy & Technology
    • session level icon
    Part 2: Privacy by Design & by Default: The Legal & Policy Requirements
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconSecureWorld Plus
    3:15 pm - 4:30 pm
    Location / Room: Magnolia

    Increasingly, each country, and even each state, is providing unique legal solutions to data privacy and security. For businesses that cross borders, both national and domestic, this creates distinct challenges to building effective solutions. These evolving privacy, security and technology requirements are impacting the growth and innovation within companies, requiring strategic decisions regarding risk, legal liability, and strategic planning.

    Often, the concepts of security and privacy by design and by default are built into these legal requirements. But, understanding the requirements of the law, and translating those requirements into technological solutions can be challenging. This workshop will provide in-depth understanding of those legal requirements, and provide a framework to help the industry incorporate these core concepts of design within technology.

    The course will start with an overview of general privacy and security legal and policy principles, and then will focus on two key laws that are pushing the privacy and security laws: the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”). Using these laws, we will discuss case studies, and how to communicate, plan, and strategize on products and solutions that incorporate privacy and security requirements.

    The course will include both lecture and hands-on exercises. The goal is for attendees to take away tools and strategies to bring this conversation to their teams and departments.

    3:15 pm
    [PLUS Course] Hands-on Introduction to Digital Forensics
    • session level icon
    Part 2: Preparing to Conduct Forensic Examinations
    speaker photo
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University
    Registration Level:
    • session level iconSecureWorld Plus
    3:15 pm - 4:30 pm
    Location / Room: Maple

    Attendees will learn how to properly seize and analyze electronic evidence. The course will cover protecting the integrity of digital evidence, maintaining the chain of custody, creating forensic images, analyzing evidence, and reporting relevant findings. Students will have the opportunity to participate in practical exercises to gain hands-on experience with handling electronic evidence and using digital forensics tools. Attendees will be provided with resources that they can use when handling incidents that involve electronic evidence.

    Part 2: Preparing to Conduct Forensic Examinations

    • Hardware requirements
    • Digital forensics software tools
    • Open source tools vs. commercial tools
    • Setting up a forensic lab
    4:00 pm
    Happy Hour
    • session level icon
    Sponsored by AccessIT Group
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 5:00 pm

    Come by the AccessIT Partner Pavilion on the Exhibitor Floor to pick up your drink ticket. The onsite location will be announced during the lunch keynote.

    Join your peers for complimentary hors d’oeuvres, beverages, and conversation following the first day of SecureWorld. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    Generously sponsored by:

  • Thursday, March 24, 2022
    7:00 am
    Registration open
    Registration Level:
    7:00 am - 3:00 pm
    Location / Room: Registration Counter / Lobby

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    InfraGard Chapter Meeting
    • session level icon
    Open to all attendees
    speaker photo
    Retired U.S. Army, former member of the Intelligence Community
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 8:20 am
    Location / Room: Parkview Ballroom

    Delbert Roll will provide a preview of the session he will be delivering at the Philadelphia InfraGard all-day training event in June 2022. At that session, Mr. Roll will discuss how the intelligence community supports national security, the protection of U.S. critical infrastructure, and how partnerships are invaluable to the mission of the intelligence community.

    7:30 am
    [PLUS Course] Privacy & Security by Design & Default: Understanding the Convergence of Law, Policy & Technology
    • session level icon
    Part 3: Operationalizing Privacy by Design & by Default
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 8:30 am
    Location / Room: Magnolia

    Increasingly, each country, and even each state, is providing unique legal solutions to data privacy and security. For businesses that cross borders, both national and domestic, this creates distinct challenges to building effective solutions. These evolving privacy, security and technology requirements are impacting the growth and innovation within companies, requiring strategic decisions regarding risk, legal liability, and strategic planning.

    Often, the concepts of security and privacy by design and by default are built into these legal requirements. But, understanding the requirements of the law, and translating those requirements into technological solutions can be challenging. This workshop will provide in-depth understanding of those legal requirements, and provide a framework to help the industry incorporate these core concepts of design within technology.

    The course will start with an overview of general privacy and security legal and policy principles, and then will focus on two key laws that are pushing the privacy and security laws: the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”). Using these laws, we will discuss case studies, and how to communicate, plan, and strategize on products and solutions that incorporate privacy and security requirements.

    The course will include both lecture and hands-on exercises. The goal is for attendees to take away tools and strategies to bring this conversation to their teams and departments.

    7:30 am
    [PLUS Course] Hands-on Introduction to Digital Forensics
    • session level icon
    Part 3: Acquiring Forensic Evidence
    speaker photo
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 8:30 am
    Location / Room: Maple

    Attendees will learn how to properly seize and analyze electronic evidence. The course will cover protecting the integrity of digital evidence, maintaining the chain of custody, creating forensic images, analyzing evidence, and reporting relevant findings. Students will have the opportunity to participate in practical exercises to gain hands-on experience with handling electronic evidence and using digital forensics tools. Attendees will be provided with resources that they can use when handling incidents that involve electronic evidence.

    Part 3: Acquiring Forensic Evidence

    • Techniques for properly seizing electronic evidence
    • Managing chain of custody
    • Maintaining the integrity of evidence and preventing evidence destruction
    • Creating a forensic image
    • Forensic imaging tools
    • Capturing volatile memory
    8:00 am
    Exhibitor Hall open
    Registration Level:
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:30 am
    [Opening Keynote] Demystifying the Partnership with the FBI
    • session level icon
    speaker photo
    Special Agent, FBI
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater
    9:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:15 am - 9:45 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:45 am
    Product Security at Scale: Lessons from Comcast
    • session level icon
    speaker photo
    VP, Product Security and Privacy, Comcast
    Registration Level:
    • session level iconConference Pass
    9:45 am - 10:30 am
    Location / Room: Laurel West

    Product security programs are intense;running a successful program at a large-scale organization like Comcast is complexity at the next level. This deep dive into the nuances of the program at Comcast will describe how tools, experts and gamification enable secure development at the scale of a Fortune 50 organization.

    Attendees will hear about Comcast’s implementation of a robust product security framework and lessons learned, which are applicable to organizations of various sizes and with a range of people, process and technology challenges.

    9:45 am
    Seize the Breach with Automation and ML-Driven Analytics
    • session level icon
    speaker photo
    Principal Security Engineer, Exabeam
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am
    Location / Room: Laurel East

    Breaches happen and 2021 was a record-breaking year for them. According to Identity Theft Resource Center (ITRC) research, there were 1,291 breaches publicly reported in 2021 as of Sept. 2021 compared to 1,108 breaches in 2020;that’s a 17% year-over-year increase. Meanwhile, millions are spent on security operations centers that aren’t stopping the breaches from happening.

    In this session, you will learn:

    • Why SOC and security teams are way too limited by legacy SIEM
    • How Exabeam machine learning-driven analytics and automation technologies provide unmatched threat detection, investigation, and response (TDIR) capabilities so security teams can respond more quickly and accurately to seize the breach and mitigate damage
    • What to do to make security operations more successful using a simple maturity model based on outcomes and use cases
    9:45 am
    Remediating Critical Vulnerabilities in 12 Hours or Less: Lessons Learned from Log4j
    • session level icon
    speaker photo
    Regional Vice President, Qualys
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am
    Location / Room: Parkview Ballroom
    10:40 am
    Incident Response: Look Who's Talking
    • session level icon
    speaker photo
    Americas Lead for Human Cyber Risk and Education, EY
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am
    Location / Room: Laurel West

    Key Takeaway:
    Learn the essential elements of crisis communications and reputation control for the cybersecurity team and the elements not exercised in most Incident Response plans.

    The ability to control the narrative during a cyber event will shape public perception of the company’s preparedness for a cyber event. In a cyber crisis, for everyone outside of the technical teams, perception is reality, and that reality may affect the company’s reputation long after the incident is over. Businesses have a significant reliance on technology; a breach of customer trust can be just as devastating as a network breach. Employees who are unsure of the circumstances will not hesitate to share on social media. Does the Incident Response plan account for reputation control? How will the company handle crisis communications during a cyber incident?

    10:40 am
    Driving Business Strategy and Growth Using Cybersecurity
    • session level icon
    speaker photo
    Sr. Demand and Delivery Director, Data Protection
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am
    Location / Room: Parkview Ballroom
    Traditionally, cybersecurity is often viewed as a means to reducing risks to an organization, thwarting the attacks of threat actors and securing company assets and infrastructure. When we examine the strategic goals and objectives that organizations undertake to promote their growth and success, we can often identify the interlinkage between business objectives and the services cybersecurity provides. By shifting the focus on how cybersecurity could enable an organization to bring products to market faster, make it easier for customers to conduct business with the company, create an environment to attract and retain employees and become the vendor of choice to our customers, we can strengthen our relationship with executive leadership and board of directors, become a trusted partner to the business, serve as a trusted advisor to line of business owners and shift the paradigm of cybersecurity from risk reduction cost center to a business enablement service line.
    10:40 am
    Developing Cybersecurity Programs with Framework & Architecture Considerations
    • session level icon
    speaker photo
    Managing Principal - Security Services, Insight
    Registration Level:
    • session level iconOpen Sessions
    10:40 am - 11:25 am
    Location / Room: Laurel East

    Insight’s Darren Carroll offers critical perspective on today’s most important cybersecurity concerns. He explains how organizations can begin to build a measurable, monitorable, repeatable approach to a preventive security posture with respect to both framework and architecture. Learn how an all-in approach to enterprise risk management can prevent your organization from being caught off guard—and mitigate the risks, costs, and chaos of pivoting cybersecurity on the fly.

    11:30 am
    [Lunch Keynote] Suing the CISO and Beyond
    • session level icon
    What's Next? And How Worried Should C-Suite Executives Be?
    speaker photo
    Co-Founder & Managing Partner, XPAN Law Partners
    speaker photo
    Chief Security Officer & Technology Lead, Trexin Group
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:30 pm
    Location / Room: Keynote Theater

    Starting at the end of 2020, the information security sector saw what could fairly be characterized as a seismic shift in the world of data privacy and cybersecurity as a result of the SolarWinds hacking incident. While cybersecurity and data privacy professionals hoped this would signal a change in the way organizations view that part of their business operations, it appears something different happened instead. A lawsuit arguably had been brewing for years in the industry, waiting for the right circumstances, and was finally filed against the C-Suite of SolarWinds, notably the Chief Information Security Officer (CISO). The complaint specifically, and maybe predictably, alleged in very direct language that the C-Suite intended to deceive investors into believing that SolarWinds was impenetrable against cyberattacks. The reality, we now know, is somewhat different but could nonetheless dramatically alter the way companies, and their appointed officers, view and react to assigned liability. So, there are several immediate and overarching questions currently idling, perhaps loudly, at the starting gate. Is it fair? Is this the future of cybersecurity litigation? How unpredictable will this terrain now be for information security leaders? Or better yet, for how long?

    This keynote will unpack the ramifications of the SolarWinds lawsuit—along with other litigation involving the C-Suite—will have on the entire information security community, who will see long-reaching consequences to already-established practices and possibly unsettling legal fallout. We will discuss the diverse internal CISO versus outside attorney perspectives, contrasting what is fact versus fiction and hype. Lastly, we will also discuss how both organizations and industry leaders can prepare themselves to mitigate risks not related to a cyberattack while being diligent in addressing potential new liabilities wrapped with increased litigation worries in the legal sphere.

    11:30 am
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:30 am - 12:30 pm
    Location / Room: Revolution Chophouse (Mezzanine)

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:30 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:00 pm
    [Panel] The Battle to Control the Endpoints
    • session level icon
    speaker photo
    Sr. Sales Engineer Manager, Gigamon
    speaker photo
    Sales Engineer, Armis
    speaker photo
    VP, Professional Services, AccessIT Group
    speaker photo
    Security Principal, Insight
    speaker photo
    CISO, UGI Corporation
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm
    Location / Room: Laurel East

    In a recent survey, the SecureWorld media team uncovered that a whopping 30% of IT professionals admitted they didn’t actually know if they had visibility on all the endpoints within their organizations! With close to a thousand endpoints (in the majority of those surveyed) that included: servers, office PCs, printers, employee-owned devices, smart watches, IoT—the list goes on and on. What does the cloud do to impact this count? What was missed? Join our experts as they help us gain better visibility into the battle to control ALL the endpoints.

    1:00 pm
    [Panel] Prioritizing the Threats
    • session level icon
    speaker photo
    Director, Cyber Evangelist, Cymulate
    speaker photo
    Cloud Systems Engineer, Fortinet
    speaker photo
    Platform Marketing & Strategy Director, Recorded Future
    speaker photo
    Head of Product, Checkmarx
    speaker photo
    Principal Architect, Sales Engineering, Imperva
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm
    Location / Room: Keynote Theater

    Ransomware, Business emails compromise, Cloud mis-configurations, Social Engineering, Insider Threats… the list goes on and on. The threats are everywhere. Some are new but the old ones work just as well. How do you decide which ones are of the most concern to your organization? Do you report all of these to the board? How do you provide the resources necessary to minimize the risks and still enable the business? Join our experts as they tackle how to prioritize the threats.

    2:00 pm
    The Intersection of Cyber Crime + Cyber Defense and What IT Practitioners Can Do
    • session level icon
    speaker photo
    Board President/Strategic Development Committee Chair, Philadelphia InfraGard
    Registration Level:
    • session level iconConference Pass
    2:00 pm - 2:45 pm
    Location / Room: Parkview Ballroom

    IT practitioners and cybersecurity professionals contend with cyber incidents daily. On occasion, these incidents rise to the level where they become criminal acts that require intervention over and above standard defensive measures. As part of this session, Chris Quintanilla will explore four real-life examples of criminal acts, how cybersecurity intervention either foiled the crime or identified the perpetrators, lessons that were learned, and what issues still need to be addressed by service providers and lawmakers.

    2:00 pm
    [Panel] Cyber Resiliency in Today's Ever-Changing Threat Landscape
    • session level icon
    speaker photo
    DevSecOps Engineering Coach, Comcast
    speaker photo
    Board President, WiCyS Delaware Valley Affiliate
    speaker photo
    CISO, United Musculoskeletal Partners
    speaker photo
    Sr. Consultant, North America, CSC
    speaker photo
    National Sales Executive, BTB Security, LLC
    speaker photo
    Enterprise Cloud Security — Product Lead, UnitedHealth Group
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm
    Location / Room: Keynote Theater

    Key Takeaway: Different approaches and perspectives to cyber resilience

    This panel will discuss cyber resilience best practices. Why is building a cyber resilient organization important? How do you assess an organization’s cyber resilience?

    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    2:45 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:45 pm - 3:15 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:15 pm
    Understanding and Managing the Risk of Emerging Technology
    • session level icon
    speaker photo
    President, ISSA Delaware Valley Chapter
    Registration Level:
    • session level iconConference Pass
    3:15 pm - 4:00 pm
    Location / Room: Parkview Ballroom

    Technology is evolving at a record pace and continuing to speed up. Emerging technology such as Artificial Intelligence (AI), Robotic Process Automation (RPA), Blockchain, Internet of Things (IoT), and Quantum computing are enabling efficiency gains and business value never before imagined. More and more frequently these technologies sit on a cloud foundation which enables a considerable level of scalability and resiliency. These new technological capabilities also carry unique risks which are still being uncovered and subsequently understood. Many of these technologies require new control models while a lack of standards present the challenge of where to look for guidance.

    The session will explore the risks presented by emerging technologies, as well as controls that can be employed to manage the risks, while still harnessing the unique benefits of these technological advances.

    3:15 pm
    [PLUS Course] Privacy & Security by Design & Default: Understanding the Convergence of Law, Policy & Technology
    • session level icon
    Part 4
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconSecureWorld Plus
    3:15 pm - 4:30 pm
    Location / Room: Magnolia

    Increasingly, each country, and even each state, is providing unique legal solutions to data privacy and security. For businesses that cross borders, both national and domestic, this creates distinct challenges to building effective solutions. These evolving privacy, security and technology requirements are impacting the growth and innovation within companies, requiring strategic decisions regarding risk, legal liability, and strategic planning.

    Often, the concepts of security and privacy by design and by default are built into these legal requirements. But, understanding the requirements of the law, and translating those requirements into technological solutions can be challenging. This workshop will provide in-depth understanding of those legal requirements, and provide a framework to help the industry incorporate these core concepts of design within technology.

    The course will start with an overview of general privacy and security legal and policy principles, and then will focus on two key laws that are pushing the privacy and security laws: the European Union’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”). Using these laws, we will discuss case studies, and how to communicate, plan, and strategize on products and solutions that incorporate privacy and security requirements.

    The course will include both lecture and hands-on exercises. The goal is for attendees to take away tools and strategies to bring this conversation to their teams and departments.

    3:15 pm
    [PLUS Course] Hands-on Introduction to Digital Forensics
    • session level icon
    Part 4: Analyzing Forensic Evidence
    speaker photo
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University
    Registration Level:
    • session level iconSecureWorld Plus
    3:15 pm - 4:30 pm
    Location / Room: Maple

    Attendees will learn how to properly seize and analyze electronic evidence. The course will cover protecting the integrity of digital evidence, maintaining the chain of custody, creating forensic images, analyzing evidence, and reporting relevant findings. Students will have the opportunity to participate in practical exercises to gain hands-on experience with handling electronic evidence and using digital forensics tools. Attendees will be provided with resources that they can use when handling incidents that involve electronic evidence.

    Part 4: Analyzing Forensic Evidence

    • Analyzing evidence
    • Recovering deleted files
    • Useful forensic artifacts
    • Creating forensic reports
    • Testifying in court
Exhibitors
  • Abnormal Security
    Booth: 218

    Abnormal is the most precise human behavior security engine for blocking all email attacks, including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail.
    Secure email gateways and built-in Microsoft and Google security struggle to block email attacks that pass reputation checks, have no URLs or attachments, and appear to come from trusted sources.

    Only Abnormal uses behavioral AI to profile known good behavior and analyzes over 45,000 signals to detect anomalies that deviate from these baselines, delivering maximum protection for global enterprises.

  • AccessIT Group
    Booth: 220

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • ASIS Greater Philadelphia
    Booth: n/a

    ASIS International is the preeminent organization for security professionals, with more than 38,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests.

  • Armis, Inc
    Booth: 260

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Authomize
    Booth: 330

    Authomize continuously monitors your identities, access privileges, assets, and activities, in order to secure all your apps and cloud services. Our granular visibility across IaaS, SaaS, and various data services enables organizations to ensure effective control over their access privileges and the security of their assets.

  • Automox
    Booth: 336

    Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.

  • Check Point Software Technologies
    Booth: 205

    Check Point Software Technologies is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Checkmarx Inc.
    Booth: 311

    Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

  • Cloud Security Alliance Delaware Valley Chapter (CSA-DV)
    Booth: 236

    Cloud Security Alliance Delaware Valley Chapter (CSA-DV) is a not-for-profit organization for people interested in education, training and possible certification in cloud security. We seek to improve the understanding of cloud security and to promote the interaction of both professionals and students in order to discuss current trends and topics within the industry.

    OUR PURPOSE:

    To promote cloud security best practices within the Greater Philadelphia region, to educate about cloud computing, identify its risks, methods to secure it, and to continually provide opportunities for the development of cloud security professionals.

  • Contrast Security
    Booth: 220

    Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast’s patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.

  • Corelight
    Booth: 245

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • Cyber Fraud Task Force – U.S. Secret Service
    Booth: 105

    Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.

  • CyberArk Software
    Booth: 220

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Cybercrime Support Network
    Booth: N/A

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Cymulate
    Booth: 235

    Cymulate SaaS-based continuous security validation makes it simple to measure and improve your security posture across the full attack kill-chain. Every assessment is scored and includes actionable remediation guidance to mitigate risk and optimize security control effectiveness. Cymulate enables you to take data-driven decisions and manage your security resources efficiently.

  • Cynet
    Booth: 155

    Cynet 360 is the world’s first autonomous breach protection platform. Cynet eliminates the need of complex multi-product stacks, making robust breach protection within reach for any organization.

  • deepwatch
    Booth: 242

    deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry. Designed to be different, deepwatch provides customers with world-class managed security services and unrivaled value by extending their cybersecurity teams, curating leading technologies into deepwatch’s cloud SecOps platform, and proactively driving their SecOps maturity.

  • DeSales University Cyber Security Program
    Booth: 135

    DeSales University offers an exciting digital forensics certificate program, composed of four courses, that teaches students how to recover evidence from various types of electronic devices. Students receive hands-on experience with popular forensic tools and are prepared to address the legal and investigative issues involved with seizing and handling digital evidence. Graduates of the certificate program can add more courses toward a master’s degree in criminal justice or information systems. All courses are online, allowing students with busy schedules greater flexibility.

  • Exabeam
    Booth: 200

    Exabeam is a global cybersecurity leader that adds intelligence to every IT and security stack. The leader in Next-gen SIEM and XDR, Exabeam is reinventing the way security teams use analytics and automation to solve Threat Detection, Investigation, and Response (TDIR), from common security threats to the most critical that are difficult to identify. Exabeam offers a comprehensive cloud-delivered solution that leverages machine learning and automation using a prescriptive, outcomes-based approach to TDIR. We design and build products to help security teams detect external threats, compromised users and malicious adversaries, minimize false positives and best protect their organizations.

  • Fortinet
    Booth: 265

    Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

  • WithSecure
    Booth: 331

    WithSecure™ (formerly F-Secure Business) is cybersecurity’s reliable partner. IT service providers, MSSPs and businesses—along with the largest financial institutions, manufacturers, and thousands of the world’s most advanced communications and technology providers—trust us for outcome-based cybersecurity that protects and enables their operations. Our AI-driven protection secures endpoints and cloud collaboration, and our intelligent detection and response are powered by experts who identify business risks by proactively hunting for threats and confronting live attacks. Our consultants partner with enterprises and tech challengers to build resilience through evidence-based security advice. WithSecure™ is part of F-Secure Corporation, founded in 1988, and listed on NASDAQ OMX Helsinki Ltd.

  • Gigamon
    Booth: 300

    Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realize the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, nine of the 10 largest mobile network providers, and hundreds of governments and educational organizations worldwide. To learn more, please visit gigamon.com. 

  • HTCIA Delaware Valley Chapter
    Booth: n/a

    The High Technology Crime Investigation Association (HTCIA) is designed to encourage, promote, aid and effect the voluntary interchange of data, information, experience, ideas and knowledge, about methods, processes, and techniques relating to investigation and security in advanced technologies among its membership.

    By becoming a member of the HTCIA you will affiliate yourself with a professional organization which will help you fully understand and address issues associated with investigations, apprehensions and methodologies associated with the newest breed of high tech criminals. With the explosion in use of computers and the Internet, there is an uprising in criminal activities that utilize these powerful tools. From computer viruses to data processing fraud, there are many growing threats that expose our society to a new kind of criminal activity.

  • Imperva
    Booth: 220

    Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.

  • Philadelphia InfraGard Members Alliance
    Booth: 142

    InfraGard is a partnership between the FBI and the private sector. It is an association of people from businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Philadelphia InfraGard Members Alliance (IMA) provides a forum for the exchange of information between the government, the owners and operators of the national infrastructure, and others concerned with the protection of the national infrastructure. Philadelphia IMA supports eastern Pennsylvania and southern New Jersey. Membership is free and new members are welcome.

  • Insight
    Booth: 342

    Insight is a comprehensive solutions integrator that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. With a client-focused approach to delivery, we recommend the most appropriate solutions to drive digital transformation and modernization for innovation. As clients look for ways to optimize data for better business, empower speed and scale of service, and drive next-gen security, Insight delivers expertise that is grounded, unbiased, and refreshingly straightforward.

  • ISACA Philadelphia
    Booth: 175

    The Philadelphia Chapter of ISACA has a membership base of more than 1,600 individuals primarily located in the Philadelphia and the surrounding suburbs, extending into Delaware and Southern New Jersey. The membership of the Chapter includes professionals working in various industries and capacities. From students through experienced C-level executives, the Philadelphia Chapter provides, training, networking and social events to this diverse group who share the common goal of providing expertise in IT audit, security, risk, and governance topics to their colleagues. The Chapter conducts events on a monthly basis led by an active, vibrant and dedicated group of volunteers and is actively seeking business partners to help provide value and knowledge to its members.

  • ISC2
    Booth: 124

    ISC2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, ISC2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation, The Center for Cyber Safety and Education™.

  • ISSA Delaware Valley
    Booth: 118

    Our chapter serves the Delaware Valley and Mid-Atlantic region. This is comprised of Eastern Pennsylvania, Northern Maryland, Southern New Jersey, and Delaware.
    We are making history as we continue to grow the chapter with your membership, and bring exciting programs to you. If you have not already been involved in the membership meetings, we encourage you to do so. Hopefully, you will walk away with more ideas to take back to your organizations, or you may come away with a sense of – “Hey, we had that same problem”, or “Our company is not alone in dealing with these issues.”

  • Myota
    Booth: 145

    Myota intelligently equips each file to be resilient and achieve Zero Trust-grade protection. Withstand ransomware and data breach attacks. Reduce data restoration time and effort.

  • Netskope
    Booth: 325

    The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

  • Novacoast
    Booth: 212

    A uniquely positioned IT services and solutions company, Novacoast is less defined by our broad range of expertise and services than by a perspective rooted in our cooperative environment of adaptable problem solving.

    Beyond security specialists, software developers or network engineers, we are guides, allies, and problem solvers.

    From implementation services, license fulfillment and technical training to software development, staffing services and custom or emerging solutions, Novacoast is an experienced and comprehensive IT business resource empowered on every level by our flexible and fearless perspective.

  • Okta
    Booth: 148

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Open Systems
    Booth: 125

    The escalated threat level, the cyber talent shortage, and the sheer complexity of deploying and managing a multitude of security solutions, are the perfect storm for security and IT teams. We are deeply passionate about protecting organizations from that storm.

    We provide a set of AI-based, cloud-delivered security solutions that are simple to deploy and manage, and provide the highest level of protection. And Mission Control, our integrated NOC and SOC, is staffed by experts, not only in threat hunting and cyber hygiene, but also in the proper configuration and maintenance of the Microsoft security stack. So we can leverage what you already own.

    The combination is changing the lives of our customers, giving them security traditionally reserved for only the largest organizations. We give them “shelter from the storm”. That is our passion.

  • Orca Security
    Booth: 220

    We’re on a mission to make it fast, easy, and cost effective for organizations to address the critical security issues in their AWS, Azure, and GCP estates so that they can operate in the cloud with confidence.

  • OWASP
    Booth: n/a

    The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

  • PACT
    Booth: n/a

    Philadelphia Alliance for Capital and Technologies (PACT)’s vision is to be the go-to resource for fast growing companies, and a driver of entrepreneurship and innovation in the Philadelphia region. PACT provides its members with valuable content and connections to capital, coaching, and customers that will accelerate their growth and success, and to collaborate with other organizations to drive innovation and entrepreneurship in the region. Visit www.philadelphiapact.com for more information.

  • Qualys, Inc.
    Booth: 335

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • Recorded Future
    Booth: 315

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth: 100

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • Salt Security
    Booth: 375

    Salt Security delivers an API Threat Protection solution focused on securing the ubiquitous APIs connecting everything from web and mobile applications to microservices and IoT devices. These are the APIs that you develop and own and are at the core of connecting your applications and data.

    Salt Security was founded in 2016 by alumni of the Israeli Defense Forces (IDF) to deliver the first, patented API Protection platform to secure APIs. Salt Security deploys in minutes, automatically learns your unique APIs, and requires no configuration or customization to help you protect and improve your API security.

  • Securonix
    Booth: 230

    Securonix is redefining threat detection and response for today’s hybrid cloud, data-driven enterprise. Securonix Next-Gen SIEM and XDR are powered by the most advanced analytics and built on a scalable, flexible cloud native architecture. Securonix leverages behavioral analytics technology that pioneered the UEBA category to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats.

  • Secureworks
    Booth: 355

    Dell Secureworks is a global provider of intelligence-driven information security solutions exclusively focused on protecting its clients from cyberattacks. Dell SecureWorks’ solutions enable organizations to fortify their cyber defenses to prevent security breaches, detect malicious activity in real time, prioritize and respond rapidly to security breaches and predict emerging threats.

  • SentinelOne
    Booth: 106

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • WiCyS Delaware Valley
    Booth: 112

    Women make up only 11% of the cyber security workforce. With such low representation, it is essential that we advocate for and assist women as they navigate through the cyber security industry.

    Philadelphia Women & Cyber Security’s Mission: To provide opportunities to advance careers for professionals in Cyber Security through education, mentoring, and networking. A Supportive community for women in cyber security that works to promote and encourage women to develop their careers. We are open to any support for our mission from any gender. Come to the next Philadelphia Women and Cyber Security’s event to get to know other like-minded, female cyber security professionals in the area. We will discuss industry best practices, the latest security trends and solutions, and share lessons we’ve learned over the years. For more information, contact wicysdelawarevalley@wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Cheryl Carmel, Moderator
    Owner, Carmel Consulting LLC

    Ms. Carmel is a member of (ISC)2 where she holds her CISSP, and IAPP where she holds her CIPT. She is a member of InfraGard and has been on the Advisory Council for SecureWorld for many years.

    Ms. Carmel began her career in technology with experience in application development, infrastructure operations, technical support, and teaching. She pivoted to focus on security in 1999. Her most recent role was VP of Security, Privacy, and Compliance at OnSolve where she was responsible for maturing the program to enable successfully implement security controls to meet the rigors of FedRAMP, while maintaining the controls for ISO 27001, HIPAA, and privacy laws. Before that, she was the BISO at FIS (SunGard Financial Systems).

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Moderator: Joe Walsh
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University

    Joe Walsh teaches digital forensics and computer security at DeSales University. He previously worked as a senior security consultant where he performed security assessments, conducted penetration testing, and responded to computer security incidents. He has been a police officer for 13 years and is a former member of the ICAC Task Force and the FBI Child Exploitation Task Force, where he was responsible for conducting online undercover investigations and digital forensic examinations. Joe has a bachelor's degree in Information Systems, a master's degree in Criminal Justice/Digital Forensics, a master's degree in Information Systems/Cybersecurity, and is currently pursuing a Ph.D. in Information Systems with a concentration in Cybersecurity.

  • speaker photo
    Mark Eggleston, CISSP, GSEC, CHPS
    CISO, CSC

    Mark Eggleston is the chief information security officer (CISO) for CSC, responsible for the global security and privacy program design, operations and continual maturation. As a senior executive specializing in security and privacy program development and management, Mark’s unique background and expertise in information technology, program, and people management have positioned him as a thought leader and frequent industry speaker.

    Mark started his career as a program manager and psychotherapist at a hospital serving children and adolescents. Later, Mr. Eggleston helped develop an internal compliance approach—complete with policies and tools—ensuring a geographically dispersed health care provider organization (across 19 states) complied with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Mr. Eggleston then transitioned to applying his HIPAA expertise at an HMO where he has implemented many successful security controls and technologies, including single sign-on (SSO), Identity and Access Management (IAM), Cloud Access security broker (CASB), and a vulnerability assessment program.

    Mark received his Bachelor of Science in psychology from Radford University. Later, Mark received both his Master of social work and his post-baccalaureate certificate in management information systems from Virginia Commonwealth University. In addition, Mark holds CHPS, CHPS, and CISSP certifications.

  • speaker photo
    Tammy Klotz, Moderator
    CISO, Trinseo

    Tammy Klotz is a vibrant and accomplished executive with over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. She offers keen expertise in navigating mergers, acquisitions, and divestitures within both publicly-traded and privately-held companies and is seasoned in security, risk, and compliance leadership. Tammy brings a dynamic and positive approach to problem solving, excelling in simplifying intricate IT and cybersecurity concepts and facilitating pragmatic, non-technical dialogues that resonate with business executives. She is recognized as a strong, knowledgeable, thoughtful security executive who excels in public speaking and thought leadership, striving to empower others through knowledge sharing.

  • speaker photo
    Todd Bearman
    VP, CISO, TE Connectivity

    Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

    Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
    Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

    Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

  • speaker photo
    Anahi Santiago
    CISO, ChristianaCare Health System

    Anahi Santiago is the Chief Information Security Officer at ChristianaCare Health System, the largest healthcare provider in the state of Delaware. Prior to CCHS, she spent over 10 years as the Information Security and Privacy Officer at Einstein Healthcare Network. In her role as CISO, Anahi has overall responsibility for the organization's cybersecurity and assurance program. She leads a team of information security professionals in supporting CCHS's strategic initiatives by collaborating with clinical and business leaders, managing cybersecurity risks, implementing policies and controls, generating overall awareness, and fostering a culture of security and safety.

  • speaker photo
    Michael Howden
    Director of Security Services, Novacost

    Michael Howden brings broad and deep experience in technology, strategy, and security with almost 30 years of experience focusing on global upgrades, migrations, and consolidations for several hundred large enterprises. He is a transformational change agent, leading teams of top tier consultants, building world-class cybersecurity programs for high-profile global companies throughout a wide range of industries. In addition to becoming a leading expert in the field for Microsoft on-premises and cloud security, Michael has developed a passion for safeguarding data, leading massive projects, helping companies mature their data privacy and protection programs into a well-managed and automated state.

  • speaker photo
    Tal Kollender
    Co-Founder & CEO, CISO, Gytpol

    Tal is the CEO and co-founder of Gytpol. In her teenage years, she was a professional hacker, always on the hunt to crack open what seemed impossible, always on the lookout for IT challenges. As part of her army service, she was recruited to the Israel Air-Force having her sights set on becoming a fighter pilot. Later, the IDF re-assigned her to the IT Corp Cyber Security-Systems Division, where she served as an ICT cyber specialist. Her professional career took her to Dell EMC where she was cyber expert and System Security Architect before creating Gytpol with her co-founders.

  • speaker photo
    Vince Fitzpatrick
    Director of Information Security, ChristianaCare

    Vince Fitzpatrick is a 20-year information security professional in the fields of healthcare and finance. Currently, he is the Director of Information Security at Christiana Care Health System (CCHS), one of the largest healthcare providers in the mid-Atlantic region, serving all of Delaware and parts of PA, MD, and NJ.

  • speaker photo
    Peter Steyaert
    Sr. Sales Engineer Manager, Gigamon
  • speaker photo
    George Sandford
    Sr. Manager, Customer Success Security Team, Gigamon
  • speaker photo
    Michael Meyer
    Chief Risk and Innovation Officer, MRS BPO, LLC

    Michael Meyer, MPSTM, CISSP, CIPP/US, CIPM, FIP, CISM, CRVPM II, CRISC, CISA, is the Chief Risk and Innovation Officer of MRS BPO. He is responsible for overseeing the company’s enterprise innovation, risk management and security initiatives for its Fortune clients. Michael has been with MRS for over 20 years and previously served in the Chief Security and Chief Information Officer roles. He has a Master’s degree in Technology Management from Georgetown University and a Bachelor’s degree in Computer Science from Rutgers University. Prior to MRS, he owned a consulting company, taught secure government systems globally and was in Military Intelligence.

  • speaker photo
    Aaron Weaver
    Director of Cloud Security, Financial Services

    Aaron Weaver has over 20 years' experience specializing in application and cloud security and providing training sessions at various international industry events. His work includes security consulting, penetration testing, threat modeling, and code reviews. Aaron also enjoys honey bees and recently has been experimenting with hive designs.

  • speaker photo
    Sandy Bacik
    Director, Audit and Compliance, CipherTechs, Inc.

    Sandy Bacik, CISSP, ISSMP, CGEIT, CISA, CDPSE, PCI QSA, is CipherTechs’ Director Audit & Compliance, has over 20 years’ direct information security and operational experience in the areas of IT Audit and Compliance, BCP/DR, Incident Response, Physical security, Privacy, Regulatory Compliance and Audit, Policies/Procedures, Operations, and Management and is a former CISO. With an additional 15 years in Information Technology Operations. Ms. Bacik has been heavily involved with local, national, and international security industry events. Ms. Bacik is the author of Building an Effective Security Policy Architecture and a contributing author to the past years of Information Security Management Handbook.

  • speaker photo
    Hazel Cerra
    Assistant to the Special Agent in Charge, United States Secret Service

    Assistant to the Special Agent in Charge (ATSAIC) Hazel Cerra is a twenty-two year veteran with the United States Secret Service. ATSAIC Cerra was assigned to the Former President William Clinton Protective Detail in Chappaqua, NY, where she spent four years traveling around the world in support of the Clinton Global Initiative (CGI).

    ATSAIC Cerra serves as a supervisor in the Philadelphia Field Office, Financial Crimes Squad, where she is responsible for leading a team of Special Agents in the latest trends in cyber fraud investigations.

    She earned a Bachelor of Science in Criminal Justice from New Jersey City University and she has also earned her MBA in Finance from Johns Hopkins University.

    Lastly, ATSAIC Cerra volunteers her time coaching a CyberPatriot team in the Civil Air Patrol, where she is also the Aerospace Education Officer.

  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Casey McGee
    Assistant to the Special Agent in Charge, New York Field Office, U.S. Secret Service

    Casey McGee is an Assistant to the Special Agent in Charge in the New York Field Office of the U.S. Secret Service. He leads efforts to increase public and private partnership in the investigation of complex transnational criminal investigations involving the use of digital assets. In an executive developmental role, ATSAIC McGee served as the Advisor to the Vice President of Global Intelligence at Coinbase where he identified opportunities for joint USSS/Coinbase initiatives and partnered with various leaders across both organizations to implement cross functional programs. He holds a Juris Doctor from Vermont Law School and a Bachelor of Science from the University of Notre Dame.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Moderator: Phread Cichowski
    Sr. Security Architect, SecureWorks

    Phread Cichowski has over 35 years of experience ranging from software development to data center management. Having worked for some of the leading technology companies in the world, his broad range of experience allows him to provide a well-balanced perspective leveraging bleeding-edge technology in critical high-availability IT environments. Currently focused on protecting his clients with threat intelligence-driven software and related services that Secureworks has developed over its 23 years of helping customers protect their corporate data.

  • speaker photo
    Michael Meltz
    Senior Sales Engineer, Open Systems

    Mike Meltz has worked in the IT Security and infrastructure space for over 25 years and he specializes in the design and implementation of enterprise-level Cybersecurity technologies and business process improvements. His goal is to remain focused on creating a secure and quality-driven user experience while helping the organization grow and thrive. In his current role, Mike continues to help our clients manage and secure their organizations by designing SASE and MDR systems that meet the complex challenges of today's enterprise organizations.

    Before joining Open Systems as a Senior Sales Engineer, Mike held various technology and strategy leadership roles at companies throughout the United States managing enterprise Infrastructure and Security teams as well as multiple roles as the designated CISO.

  • speaker photo
    Nick Dulavitz
    Global Director, Channel Solutions Engineering, CyberArk

    Nick Dulavitz, Global Director of Channel Solutions Engineering, has been with CyberArk for the past 8 years. Nick has worked with some of the largest global organizations helping them to achieve their identity security goals. In his current role, he is responsible for leading a global team that focuses on technical go to market enablement for the CyberArk partner network. This includes building and leading a team of regionally focused channel solutions engineers, advocating for partner specific technical solutions, developing and delivering partner focused technical sales certifications and trainings, and enabling partners on new solution offerings.

  • speaker photo
    Mike Roman
    Sr. Sales Engineer, Orca Security

    Mike is a Senior Sales Engineer at Orca Security who is responsible for helping organizations identify risks in their cloud environments and enhance their cloud security posture. Prior to joining Orca, Mike spent five years at Splunk where he partnered with organizations on their cloud journey in areas that included Security and Observability strategy. Outside of tinkering in the Clouds, Mike enjoys golfing with friends and playing guitar.

  • speaker photo
    Winston Lalgee
    Security Engineering Manager, Check Point

    Winston has almost 20 years of experience in the ICT industry; designing and implementing network security solutions for large enterprise environments. Today, he is a Security Engineering Manager with Check Point Software and is currently supporting a unique set of strategic accounts. He provides thought leadership; helping his customers understand the changing threat landscape and finding solutions to manage risk and mitigate security breaches.

  • speaker photo
    Daniel Reardon
    Sr. Solutions Architect, Securonix
  • speaker photo
    Chris Gray
    Area Vice President, Security Strategy, Deepwatch
  • speaker photo
    Sean Raffetto
    Sr. Account Executive, Hoxhunt

    Sean works with organizations across the globe partnering with them to provide tailored Consulting security services enabling security teams to keep up with the rapid pace of change in the cyber threat landscape. With over a decade of experience working with enterprise level solutions, Sean specializes in implementing proactive and defense cyber programs across finance, media, and critical national infrastructure. Sean is a lifelong soccer fan and enjoys staying active by hiking and snowboarding.

  • speaker photo
    Katherine Chipdey
    Director, Solutions Engineering and Alliances, Automox

    Katherine Chipdey has spent her career in Cybersecurity, consulting on how to simplify our understanding of the threat landscape and building programs for thousands of customers around EDR, SOAR, and MDR. At Automox, she helped build out the Solutions Engineer Team, where she focused on automating IT operations, reducing risk, and bridging that gap between security and IT for prospects and customers alike. Katherine now manages the technical channel relationships, enabling other IT and Security experts on how to use Automox in order to help their customers meet business needs and critical security goals like never before. Katherine has most enjoyed the opportunity to use her background and experiences in the the field to meet security/ IT teams, and enable them to be as successful as possible with their initiatives - where a relationship can be made, she will try, as those meaningful interactions and the growth, learning, and connection they bring are invaluable to her. Outside of work, she could spend forever talking about her travels, archery, and pups.

  • speaker photo
    Sean Boulter
    Principal Security Engineer, Salt Security

    Sean Boulter is a technical leader with Salt Security where he helps his customers protect their APIs from abuse and keep their customers’ data secure. His career in IT and consulting spans three decades and covers a wide variety of infrastructure platforms and several industries including fintech, finserv, insurance, healthcare, medtech, and retail. He lives in the Minneapolis area with his wife, and shares a passion for bicycling and wilderness expeditions with his two grown children.

  • speaker photo
    Mick Leach
    Head of Security Operations, Abnormal Security

    Mick Leach is the Head of Security Operations at Abnormal Security. Prior to joining Abnormal, he held several security positions with Fortune 500 organizations, including Alliance Data and Nationwide Insurance and served in the United States Army for over 8 years.

    Mick is a seasoned IT security leader with an extensive background in managing high-performing teams tasked with enterprise risk reduction through the engineering, implementation, and operations of industry-leading information security solutions. He is certified by GIAC in multiple areas and a standing member of the GIAC Advisory Council.

  • speaker photo
    Vana Khurana
    Sr. Solutions Architect, Security Specialist, Cloud Security Alliance Delaware Valley

    Vana Khurana is CISSP, AWS Certified Architect (A), CCSP, CCSK, GSEC, and TOGAF certified. Vana serves as Director of Training and a Board Member of Cloud Security Alliance Delaware Valley Chapter. She is also an Adjunct Faculty at Temple University, Philadelphia. Vana has authored the book "IT Process Management," available on Amazon.

  • speaker photo
    Pete Lindstrom, Instructor
    Leader in Cybersecurity Strategy, Innovation, and Economics

    Pete Lindstrom has an extensive expertise in cybersecurity but is best known as an authority on strategic cybersecurity topics such as metrics, estimating risk, and measuring the benefit of security programs. He focuses on applying these core economic and risk management principles to new cybersecurity architectures and platforms. Pete has over 25 years of industry experience as an IT auditor (PwC), IT security practitioner (Wyeth), and industry analyst (IDC). Pete served as an officer in the U.S. Marine Corps and received a bachelor's degree in Business Administration (Finance) from the University of Notre Dame.

  • speaker photo
    Bryan Bechard
    CISO, Flagship Credit Acceptance

    Bryan is a 20+ year InfoSec career professional currently serving as CISO for an auto finance company and teaching the next generation of InfoSec pros.

  • speaker photo
    Andrew Smeaton
    CISO, Afiniti

    Andrew holds over 22 years of experience in the banking, financial services, and healthcare industries. He is experienced in all facets of IT/IS Security & Risk Management including acquisitions and disaffiliations, and has a track record of developing and implementing security strategies from inception through execution. In addition to his corporate experience, Andrew has also served on the executive boards for international conferences and advised government agencies on information security subjects. Andrew’s regulatory compliance experience includes FSA, PRA, FDIC, ISO 27K, COBIT, HIPAA, PCI-DSS, GLBA, Mass 201 CMR 17.00, SOX 404.SAMA, and NYDFS.

  • speaker photo
    Jim Bearce
    VP, Professional Services, AccessIT Group

    James Bearce is Vice President of Professional Services at AccessIT Group. Jim brings more than 20 years of information technology and cybersecurity development, operations and leadership experience in the financial services industry, and in cybersecurity advisory and managed services.

    Prior to joining AccessIT Group, Jim was responsible for leading client engagements to build global security capabilities, served as an Interim Chief Information Security Officer for clients across multiple industries, and advised client Boards of Directors regarding technology and security challenges facing their organizations.

    Jim has built and led security teams distributed across North & South America, Europe and the Asia/Pacific regions focused on the detection of cyberthreats, investigation of cybersecurity incidents, and reduction of attack vectors in complex organizations. In a previous role with Vigilant, Inc., he was responsible for the development of security managed services capabilities that contributed to the acquisition of Vigilant by Deloitte & Touche LLP.

    Jim holds a Master of Science degree in Information Security & Assurance from Norwich University as well as multiple information security certifications

  • speaker photo
    Todd Bearman
    VP, CISO, TE Connectivity

    Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

    Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
    Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

    Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

  • speaker photo
    Christopher Sanders
    President, The Palatin Group LTD

    Mr. Sanders is currently the President of The Palatin Group LTD, an intelligence and corporate security advisory headquartered in Arlington, VA with offices in Bratislava, Slovakia and Zurich, Switzerland with partner offices around the globe. A seasoned security management consultant and executive with over 25 years of domestic and international management and consulting experience across a broad spectrum of professional disciplines in both the public and private sectors. Mr. Sanders primary responsibility at The Palatin Group is to lead diverse teams of technology, security and corporate professionals supporting clients in the functional areas of Corporate Security; Business Intelligence; Security Technology Integration; Professional Services and Management Consulting; Global Investigations; Diligence; Risk Management, Policy Development and Vulnerability Assessments.

    As a member of the firm’s senior leadership team, Mr. Sanders directs the development, implementation and execution of strategic solutions and corporate strategy, global business development, and compliance.

    Mr. Sanders’ government experience includes over 15 years providing Senior Operations and Program Management consultant services to the US Government across numerous national and international programs. Served as a US Department of Defense senior advisor/mentor to Iraqi Ministry of Interior and Defense Joint Chiefs of Staff, managing technology acquisition and integration in support of international military, intelligence, and law enforcement efforts. These efforts supported countering insurgent networks internally and trans-nationally utilizing specialized methods and technologies to effectively integrate information sharing amongst direct action units. Mr. Sanders also advised senior leadership of the US Customs and Border Protection (CBP) Border Patrol in Tucson, Arizona on program management of border control issues involving technology integration in support of counter-smuggling and counter-terrorism operations.

    Mr. Sanders is a retired Lieutenant from the Metropolitan Police Department (MPD) in Washington DC. His duties included commander of Special Operations units to include criminal intelligence unit dealing with recruitment of human sources, As a member of the international efforts in Kosovo, Iraq, Afghanistan, East Timor and Kuwait, designed and managed implementation of complex criminal intelligence gathering, counter intelligence, anti-smuggling and crime prevention programs with UN and NATO and host nation government clients, as well as directing design and execution of adult learning management systems and programs for local and international forces.

    In the private sector, Mr. Sanders served in international management consulting and advisory capacities for clients in the banking, finance, energy, legal, hospitality and technology industries to include Credit Suisse, St. James Place Bank, Gaylord Entertainment, Saudia Airlines, DynCorp International, Sargent & Lundy, and numerous other SMBs and NGOs internationally.

    Mr. Sanders has an MBA in Business Management and BSBA in International Business Finance from the American University in Washington, DC and studied abroad at the University of North London and London School of Economics. He is a Project Management Institute (PMI) certified Project Management Professional (PMP) while being experienced in best practices of program and project management. Previous public sector clients have included the United Nations, NATO, US Departments of State, Justice, Defense, Homeland Security, Energy and the National Nuclear Security Administration.

    Fluent in English, Conversant in Spanish and Slovak.

  • speaker photo
    Nick Wormser
    Managing Director, Palatin Group SK

    Mr. Wormser has over 20 years of military and international security experience. He spent a decade in the French military where he was deployed to a host of foreign countries, serving as a team leader of a long-range reconnaissance and patrol unit (LRRP), conducting counter-narcotics and anti-terrorism operations, and training of host-country personal. Following which, he entered the private sector consulting for various international law enforcement agencies and military units. Mr. Wormser has also acted as a senior advisor to the CEOs of several multinational corporations as well as high net-worth individuals on security issues and risk management. Mr. Wormser is fluent in English, German, and French.

  • speaker photo
    Matt Barnett
    CEO, SEVN-X

    Matt is the Chief Executive Officer at SEVN-X. As a certified forensic analyst, former Law Enforcement Officer, and expert field operator, Matt lead's SEVN-X's Incident Response, Forensics, and Physical Security practices.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Moderator: Joe Walsh
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University

    Joe Walsh teaches digital forensics and computer security at DeSales University. He previously worked as a senior security consultant where he performed security assessments, conducted penetration testing, and responded to computer security incidents. He has been a police officer for 13 years and is a former member of the ICAC Task Force and the FBI Child Exploitation Task Force, where he was responsible for conducting online undercover investigations and digital forensic examinations. Joe has a bachelor's degree in Information Systems, a master's degree in Criminal Justice/Digital Forensics, a master's degree in Information Systems/Cybersecurity, and is currently pursuing a Ph.D. in Information Systems with a concentration in Cybersecurity.

  • speaker photo
    Happy Hour
  • speaker photo
    Delbert A. Roll
    Retired U.S. Army, former member of the Intelligence Community

    Del is a recently retired, senior leader with 20 years of Federal Government service having served in Washington, D.C. and internationally. Concurrently, he served 23 years as a commissioned Army officer in austere and hostile environments around the globe. Command assignments in both conventional and special operations forces. He is recognized for consistently achieving results against strategic objectives in challenging conditions and dynamic environments. He leads and develops high-impact teams through empathy-centric, servant leadership and is adept in securing partnerships with various stakeholders, developing medium- and long-term strategies, and mentoring teams. He has extensive experience managing complex multi-organizational programs with global reach.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Moderator: Joe Walsh
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University

    Joe Walsh teaches digital forensics and computer security at DeSales University. He previously worked as a senior security consultant where he performed security assessments, conducted penetration testing, and responded to computer security incidents. He has been a police officer for 13 years and is a former member of the ICAC Task Force and the FBI Child Exploitation Task Force, where he was responsible for conducting online undercover investigations and digital forensic examinations. Joe has a bachelor's degree in Information Systems, a master's degree in Criminal Justice/Digital Forensics, a master's degree in Information Systems/Cybersecurity, and is currently pursuing a Ph.D. in Information Systems with a concentration in Cybersecurity.

  • speaker photo
    Cerena Coughlin
    Special Agent, FBI

    FBI Special Agent Cerena Coughlin is the Employment Recruiter and Applicant Coordinator for the Philadelphia Field Office and local Private Sector Coordinator overseeing InfraGard, a public/private partnership between the FBI and representatives of critical infrastructure. She was a member of the Los Angeles Innocent Images SAFE Team, where she participated in investigations of child exploitation, and was assigned to Counterterrorism squads in Los Angeles and Baltimore and Cyber in Philadelphia. Prior to joining the FBI in March 2001, Coughlin served as Director of Operations for an LA-based non-profit supporting students and educational institutions across the United States.

  • speaker photo
    Sandra Cavazos
    VP, Product Security and Privacy, Comcast

    Sandra Cavazos serves as VP, Product Security and Privacy at Comcast. She leads Secure Development Lifecycle (SDL), including threat modeling, pen testing, SDL coaching, DevSecOps tooling, security developer training, and executive reporting. Sandra began her career as an engineer at Intel’s largest wafer manufacturing facility, improving quality and yield for Pentium 3 and Pentium 4 chips. She transitioned to leading cybersecurity initiatives for Intel’s manufacturing sites. Prior to her current role, she served as Business Information Security Officer for Comcast. Sandra earned a Bachelor of Science from Duke University with a triple major in Biomedical Engineering, Electrical Engineering and German, as well as a Master of Science from Stanford University in Electrical Engineering.

  • speaker photo
    Abel Morales
    Principal Security Engineer, Exabeam

    Abel Morales is a Senior Security Engineer based in Atlanta, GA. Prior to Exabeam, Abel has over ten years of experience in information security in companies such as Verizon, Syniverse, McKesson and InterContinental Exchange (NYSE). In his previous role, he was responsible for managing incidents, performing technical analysis, and communicating with audiences of various levels. He received a B.S. degree in Information Technology and an MBA from Kennesaw State University. He is passionate about threat hunting, digital forensics, and incident response. He holds industry certifications such as CISSP, GCIH, and MCSA.

  • speaker photo
    Carlton Jones
    Regional Vice President, Qualys

    Carlton Jones is Vice President of Northeast Enterprise Field Team. Over 20 years of Security leadership experience, in Fusion Centers, Incident Response, Insider Threat, and Attack Surface Management. Carlton designs solutions at scale for the largest brands and technology providers in the world. His background as a practitioner and consultant in the industry provides a unique take on the intersection of People, Process and Technology.

    At Qualys, Carlton serves to support Enterprise customers on the expanding attack surface journey.

  • speaker photo
    Alexandra Panaretos
    Americas Lead for Human Cyber Risk and Education, EY

    With a background in broadcasting and operational security, Alex specializes in secure communications and education, awareness program development, the psychology of social engineering, human-based risk mitigation, and behavior analytics. She has over 12 years of experience developing and implementing security awareness, communication, and education strategies in Fortune 50/100 companies and other global enterprises. Alex is OPSEC Manager II Certified by the U.S. Army and the Joint Information Operations Warfare Center (JIOWC). She volunteers with local law enforcement agencies educating parents, community groups, and youth organizations on information security and social media safety in her free time.

  • speaker photo
    Toby Zimmerer
    Sr. Demand and Delivery Director, Data Protection

    Toby Zimmerer is a Senior Demand and Delivery Director in Optiv’s Data Governance, Privacy, and Protection practice, where he assists organizations with building programs and implementing solutions focused on protecting high value information and assets. He has more than 24 years of professional experience developing information security strategies, designing information security programs, developing information security solutions and leading teams with deploying and operating information security programs. Toby has an MBA, a BS in electrical engineering, a CISSP certification, a CCSK from the Cloud Security Alliance, and is a US Navy veteran.

  • speaker photo
    Darren Carroll
    Managing Principal - Security Services, Insight

    Darren is a risk management and information security leader with diverse global experience in operational, technical, management, and presales roles. He has had the pleasure to build and lead multiple diverse, dynamic, high-performing teams. Throughout his career, he has provided consultative thought leadership, strategic direction, and tactical response to multiple federal, state, and local agencies, many of the Fortune 100, and hundreds of mid-sized enterprises.

  • speaker photo
    Rebecca Rakoski
    Co-Founder & Managing Partner, XPAN Law Partners

    Rebecca L. Rakoski is the managing partner at XPAN Law Partners, LLC. Rebecca advises her clients on a proactive, multi jurisdictional approach to identify and address data privacy and cybersecurity compliance gaps and potential liabilities. She uses her extensive experience to work with her clients to create and tailor a security and privacy governance program that fits their specific needs in order to limit their regulatory exposure.

    Rebecca counsels and aggressively defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. As an experienced litigator, Rebecca has handled hundreds of matters in state and federal courts. Rebecca skillfully manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to minimize her client's litigation risks.

    Rebecca regularly negotiates complex contractual provisions that are impacted by domestic and international data privacy regulations including the California Consumer Privacy Act of 2018, and the European Union's General Data Protection Regulation. She understands how the nature of the data can affect the role her client plays in the data transaction and uses that knowledge to mitigate corporate liability.
    As a thought leader in the area of data privacy and cybersecurity, Rebecca serves on the New Jersey State Bar Association's Cyber Task Force. Rebecca is Vice-Chair Elect for the New Jersey State Bar Association's Bankruptcy Law Section.

    Rebecca has been appointed and served in multiple highly complex litigation matters by the New Jersey Superior Court as a Special Master in the areas of technology and eDiscovery. She also served on the Complex Business Litigation Committee that drafted and revised the New Jersey Court Rules involving electronic discovery. Rebecca was on the eDiscovery committee of her prior law firm and created its eDiscovery subgroup.

    Rebecca is on the Board of Governors for Temple University Health Systems and is also the Acting Dean of Online Learning and an adjunct professor at Drexel University’s Thomas R. Kline School of Law.

  • speaker photo
    Glenn Kapetansky
    Chief Security Officer & Technology Lead, Trexin Group

    Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.

    Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).

  • speaker photo
    Peter Steyaert
    Sr. Sales Engineer Manager, Gigamon
  • speaker photo
    Rick Rutledge
    Sales Engineer, Armis

    Rick Rutledge has been in the Security space for more than 15 years. He has moved from working in the N.O.C. of a fortune 500 company to designing network and security infrastructure of a fortune 20 company to selling security solutions to hundreds of companies across all verticals and sizes. His previous experience with both support and design of some of the largest networks in the world give him a unique insight to a majority of the problems we face today.

  • speaker photo
    Jim Bearce
    VP, Professional Services, AccessIT Group

    James Bearce is Vice President of Professional Services at AccessIT Group. Jim brings more than 20 years of information technology and cybersecurity development, operations and leadership experience in the financial services industry, and in cybersecurity advisory and managed services.

    Prior to joining AccessIT Group, Jim was responsible for leading client engagements to build global security capabilities, served as an Interim Chief Information Security Officer for clients across multiple industries, and advised client Boards of Directors regarding technology and security challenges facing their organizations.

    Jim has built and led security teams distributed across North & South America, Europe and the Asia/Pacific regions focused on the detection of cyberthreats, investigation of cybersecurity incidents, and reduction of attack vectors in complex organizations. In a previous role with Vigilant, Inc., he was responsible for the development of security managed services capabilities that contributed to the acquisition of Vigilant by Deloitte & Touche LLP.

    Jim holds a Master of Science degree in Information Security & Assurance from Norwich University as well as multiple information security certifications

  • speaker photo
    Scott Sweren
    Security Principal, Insight
  • speaker photo
    Moderator: Tracey Brand-Sanders
    CISO, UGI Corporation
  • speaker photo
    Dave Klein
    Director, Cyber Evangelist, Cymulate

    21+ year veteran high tech leader with a proven track record of revenue generation in sales and demand generation in marketing. Successful in creating and conveying solution messaging for business and technical decision makers, analysts and channel partners. Energized teacher for field enablement.

  • speaker photo
    Tony Allegrati
    Cloud Systems Engineer, Fortinet

    Tony Allegrati is an experienced Sales Engineer with over 15 years of sales in both medium and enterprise accounts. Specialties: Presales demonstrations, evaluation, installations, training and support of IT security technology. 3+ years of work experience with Cloud Technologies and security for Cloud.

  • speaker photo
    Jake Munroe
    Platform Marketing & Strategy Director, Recorded Future

    Jake has held various roles across the security space in consulting, marketing, and sales. Prior to joining the private sector, Jake served as a Navy Intelligence Analyst with an extensive background in counterterrorism, cyber threat intelligence, and open-source intelligence investigations.

  • speaker photo
    Steve Boone
    Head of Product, Checkmarx

    Over the last decade, Steve Boone has helped hundreds of global clients with their strategic adoption of secure DevOps best practices. A frequent speaker at DevOps Enterprise Summit, and DevOps World, Steve has shared his expertise on Secure Continuous Delivery, Value Stream Management, and Agile best practices. Today, Steve is the Head of Product Management at Checkmarx, where his focus is on helping customers solve modern application security challenges with Open Source, APIs, and Supply Chain.

  • speaker photo
    Luke Babarinde
    Principal Architect, Sales Engineering, Imperva

    Luke Babarinde is a Principal Solutions Architect at Imperva with over 15 years of experience in cybersecurity. He is passionate about building effective solutions to assist organizations seeking to holistically address data challenges of which security is critical.

  • speaker photo
    Chris A. Quintanilla, CISSP
    Board President/Strategic Development Committee Chair, Philadelphia InfraGard

    Chris has over 25 years’ experience in the IT field and is a Certified Information Systems Security Professional (CISSP). He has served as a senior project manager and engineer for several federal and municipal governments’ IT projects, as a network and systems engineer for IBM's Education and Training Division, and as an adjunct faculty member at the Pennsylvania Institute of Technology. Chris leverages his associations with federal law enforcement along with his IT background to advise clients on matters of information security, works with them to implement best practices to safeguard critical systems and sensitive information, and assists victims and law enforcement after malicious acts occur. Chris has been appointed by three different U.S. Presidents and two different Governors as a US Selective Service Board Member. He is also an information systems officer in the US Coast Guard Auxiliary.

  • speaker photo
    Rosemary Christian
    DevSecOps Engineering Coach, Comcast

    Rosemary Christian is Co-President for WiCyS Critical Infrastructure and a Board Member for WiCyS Delaware Valley. She has demonstrated passion, knowledge and proven ability to engage others in the emerging market needs for cybersecurity initiatives. She leverages her experience, communications skills and interpersonal savvy across all levels to facilitate multiple security control systems, encryption and authentication protocols. She has a deep understanding of the importance of protection and maintenance of information and data security protocols in collaborative team environments. At Comcast as a DevSecOps Transformation Coach she fosters continuous improvement and sustained adoption of Secure Development Lifecycle practices.

  • speaker photo
    Nancy Hunter, Moderator
    Board President, WiCyS Delaware Valley Affiliate

    Nancy Hunter is the VP, CISO and Data Privacy Security Officer at the Federal Reserve Bank of Philadelphia. With more than 25 years of experience in technology including 15 years in Information Security, Nancy joined the Federal Reserve Bank in 2017 where is accountable for Information Security Operations and Consulting, Information Risk Management, Records Management, and guides the implementation of the Bank’s data and system privacy program and serves as Bank representative in System data privacy policy setting. Nancy is certified in Risk and Information Systems Controls (CRISC) and holds a B.A. in Mathematics from Temple University.

  • speaker photo
    Krista Arndt
    CISO, United Musculoskeletal Partners

    Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

    Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

    Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

    Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

  • speaker photo
    Elizabeth Sylves
    Sr. Consultant, North America, CSC

    Elizabeth Sylve is Senior Business Consultant for Enterprise Businesses at CSC where she helps and advises Senior IT and Cyber Security Professionals mitigate risk in front of the firewall. She is also a speaker for Global Antifraud and Phishing Solutions, former 8-year VP of IT Technology consultant at FuturTech Consulting, LLC, and has 24 years of consulting businesses.

  • speaker photo
    Mike McKeown
    National Sales Executive, BTB Security, LLC

    A 1980 graduate of St. Joseph's University, Mike has a 30+ year career of marketing and selling technology goods and services to SMB and Fortune 500 clients. While resident in the Great Philadelphia area, Mike has sold services nationwide. After owning his own business for 18+ year in technology services, Mike has been selling incident response, penetration testing & assessments, CISO Advisory services and MDR services for BTB Security, a wholly owned subsidiary of Netrix, LLC.

  • speaker photo
    Vijaya Rao
    Enterprise Cloud Security — Product Lead, UnitedHealth Group

    Vijaya Rao is a Senior executive with over 25 plus years of experience in the Engineering and Cybersecurity space. She has worked for different fortune 100 companies such as CenturyLink, AOL, JP Morgan Chase, and Google. She also founded the last mile Technology enabled platform called DeliveryCircle, raised multiple rounds of funding and currently serves as the Chairman of the board. In her current role as the Product Leader at UnitedHealth Group, she leads Enterprise Cloud Security. Vijaya is also a Certified CISO.

    Vijaya is an expert at synergizing teams, by setting the vision for excellence and building out team alignment, while ensuring that members have the information, support, and tools necessary for success. She has steered technology organizations of over 200 people, maintaining team cohesion amid significant change while boosting performance and fostering a team culture of collaboration, innovation, and shared success. Vijaya’s core belief is that innovative technology-based solutions should be at the core of every business model. This helps companies achieve a strong ROI and leads to sustainable growth.

    Vijaya loves travelling and volunteering time mentoring young girls into STEM programs. She currently also serves as an advisor for technology start-ups at the University of Delaware (Horn Entrepreneurship program).

  • speaker photo
    Scott Laliberte, Moderator
    President, ISSA Delaware Valley Chapter

    Scott Laliberte, President of ISSA Delaware Valley Chapter for over 10 years, has grown the chapter significantly by creating a collaborative community for Cyber Security professionals to share their knowledge and experience and satisfy their CPE needs. Scott also leads Protiviti’s Emerging Technology practice where he enables clients to leverage emerging technologies to solve complex business problems and manage risk. His team specializes in many technology areas including Artificial Intelligence (AI) and Machine Learning, Internet of Things (IoT), Cloud, Blockchain, and Quantum Computing. In previous roles, Scott was the Global leader of Protiviti’s Cyber Security Practice.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Moderator: Joe Walsh
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University

    Joe Walsh teaches digital forensics and computer security at DeSales University. He previously worked as a senior security consultant where he performed security assessments, conducted penetration testing, and responded to computer security incidents. He has been a police officer for 13 years and is a former member of the ICAC Task Force and the FBI Child Exploitation Task Force, where he was responsible for conducting online undercover investigations and digital forensic examinations. Joe has a bachelor's degree in Information Systems, a master's degree in Criminal Justice/Digital Forensics, a master's degree in Information Systems/Cybersecurity, and is currently pursuing a Ph.D. in Information Systems with a concentration in Cybersecurity.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes