Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, April 19, 2023
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Cybersecurity and Risk Economics: Part 1
    • session level icon
    speaker photo
    Leader in Cybersecurity Strategy, Innovation, and Economics
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am
    This PLUS Course will cover cyber metrics; cyber risk quantification; efficacy (effectiveness) / efficiency ; resource allocation/management; and more.
    7:30 am
    [PLUS Course] Operationalizing Privacy Laws into Your Organization: Part 1
    • session level icon
    An Overview of US and Global Privacy Laws
    speaker photo
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    This SecureWorld PLUS course will focus on key privacy laws and concepts, and how to implement privacy into your organization. The main components that the course will cover include:

    1. Overview of US and Global Privacy Laws
    2. Building an Effective and Practical Privacy and Security compliance program
    3. Creating a process to respond to data subject rights
    4. Addressing key privacy concepts: data minimization, privacy by design, data protection impact assessments, responding to privacy breaches.

    Increasingly, each country, and even each state, is providing unique legal solutions to data privacy and information security. For businesses that cross borders, both national and domestic, this creates distinct challenges to building effective solutions that address legal requirements while also allowing a business to innovate and evolve. These changing privacy, security and technology requirements are impacting the growth and innovation within companies, requiring strategic decisions regarding risk, legal liability, and strategic planning.

    Often, understanding the requirements of the law, and translating those requirements into technological solutions can be challenging. However, companies that are operationalizing privacy and information security within their organizations are able to address these evolving legal requirements while balancing growth and new opportunities. This workshop will provide in-depth understanding of those legal requirements, and provide a framework to help the industry incorporate privacy and security within their operations so that the law can work hand-in-hand with the business, and not become a barrier for the businesses growth and evolution.

    The course will include both lecture and hands-on exercises. The goal is for attendees to take away tools and strategies to bring this conversation to their teams and departments.

    Session 1 of the course will start with an overview of general privacy and security legal and policy principles, and then will focus on the key laws and regulatory decisions that are pushing the privacy and security legal landscape, including the European Union’s General Data Protection Regulation (“GDPR”), the Federal Trade Commission (“FTC”) rules and regulations, the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), and the various U.S. state privacy laws. Using these laws, we will discuss case studies, and how to communicate, plan, and strategize on products and solutions that
    incorporate privacy and security requirements.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am

    Participating professional associations and details to be announced.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    speaker photo
    VP & CISO, Global Infrastructure and Security Solutions, TE Connectivity
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This roundtable discussion is for our Advisory Council members only.

    9:00 am
    [Opening Keynote] Threats to National Security in Cyberspace
    • session level icon
    speaker photo
    JIOC Commander, United States Cyber Command
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    As 2022 was a record-breaking year with the volume of cyberattacks, data breaches, and phishing scams on the rise, there was also an increase in state-sponsored hacktivism cases. In her keynote, Col. Candice Frost covers known hacking groups, their methods, motivations, and relationship to greater geopolitical developments. Col. Frost covers state-affiliated threats, while also touching other adjacent realms of the cyberthreat ecosystem, such as ransomware, DDoS attacks, and stolen information. In addition, she covers critical infrastructure, election security, and the security of local and state governments.
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    Incident Response: How to Triage Real and False Alarms
    • session level icon
    speaker photo
    CISO, ActBlue Technical Services
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Session description coming soon.

    10:15 am
    [SentinelOne] The Future of Cybersecurity Is Autonomous
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Session description coming soon.

    11:10 am
    [Panel] There’s a Bad Moon on the Rise – Are You Ready?
    • session level icon
    Identifying the Current Threat Landscape
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Like the main character in the 1981 horror movie, An American Werewolf in London, cybercriminals continue to morph into something evil, lurking in the night (and day) to cause harm to people, organizations, and governments. Cue the Creedence Clearwater Revival song, Bad Moon Rising.

    The cybersecurity community is smart and more than capable of thwarting bad actors, fangs and all. They have tools, technologies, partnerships across private and public entities, and solution vendors to help them along the way. Don’t forget about the consultants working hard to stay ahead of those wanting to do harm, as well.

    Hear our panelists’ views on the current threat landscape, solutions they have to offer, and ideas they have for turning a bad moon into a harvest moon.

    11:10 am
    Small but Mighty: Building the Next Generation of Cybersecurity Professionals with Limited Resources
    • session level icon
    speaker photo
    Founder & Executive Director, Cybersecurity Gatebreakers Foundation
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    There are simply not enough people in the field of information security. According to the U.S. Department of Commerce, there are over half a million unfilled cybersecurity jobs in the U.S. Around the world, that number swells to an estimated 3.5 million jobs unfilled.
    Unfortunately, business leaders are constrained in their investment in the next generation of security professionals; security is, ultimately, a cost center. How then, with our limited budgets, time, and energy, can leaders build the next generation of cybersecurity professionals? After all, the cybersecurity professionals that we hire and train today will be the grizzled veterans that we need in the future.
    This session tackles practical tips and industry-proven methods for finding, training, and benefiting from incredible junior-level cybersecurity professionals for your growing information security team.
    11:10 am
    BEC Attacks: The Stealthiest and Most Lucrative Threat
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    12:00 pm
    [Lunch Keynote] Transforming Information Security for Businesses of All Sizes
    • session level icon
    speaker photo
    CTO, Center for Internet Security
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    In order to combat cyber threats for organizations of all sizes and the supply chain, how information security is delivered and managed requires transformation. The burden of securing systems and networks has long been placed on the end organization, resulting in a distributed management requirement that does not scale. Requirements placed on the end organization exacerbate the burden, whereas “shift left,” setting requirements on the vendor, can alleviate it. Industry has a unique opportunity to aid a positive transformation to better scale security for solutions, with an aim towards improving the overall security posture and reducing the security professional deficit. Innovation to deploy security following scalable architectural patterns for security management is paramount.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Advisory Council – VIP / INVITE ONLY

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    [Panel] Hitting the Right Note with Your Network Security
    • session level icon
    Developing an Incident Response Plan
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    A new attack vector (or two or eight) is identified daily, and who knows what is coming down the pike from those with nefarious intentions. How do cybersecurity professionals keep up and strike the right note in their symphony of defenses? Cybersecurity teams must have solid Incident Response (IR) plans in place to mitigate these attacks.

    Our panel of experts reveals the instruments—tools, technologies, and systems—they have to offer so that cybersecurity band members are all playing the same tune on behalf of their organizations. They’ll identify current threats and solutions for each so public and private entities have an IR plan that balances defense and offense, creating a beautiful song.

    1:15 pm
    Benchmarking Your Cybersecurity Framework
    • session level icon
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm

    Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

    2:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 2:30 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:30 pm
    Post-Incident: What Would We Have Done Differently?
    • session level icon
    speaker photo
    CISO, Flagship Credit Acceptance
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Incidents don’t have to be major headline makers to significantly alter the security posture of an organization. Bryan Bechard will walk through how an attacker got into his company’s system, what they did while they were in, and he and his team’s reaction to it. Now with time to look back, Bechard reviews what the business would have done differently to reduce the impact and react faster.
    2:30 pm
    BarCode Podcast Recording: CISOs Riff on the Latest in Cybersecurity
    • session level icon
    speaker photo
    Founder, BarCode
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    Join this live recording of the BarCode podcast, a happy hour-style audio engagement that “sits at the intersection of cybersecurity and bar room banter.” Host and Founder Chris Glanden will interview SecureWorld Philadelphia speakers and guests throughout the session, and include Q&A from the audience, for a recording that will air the week following the conference.
    3:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    3:45 pm
    Cybersecurity as a Business Driver
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm

    Savvy would-be customers be research companies and typically prefer to do business with those who have good cyber hygiene. How can a strong security posture be a business driver for your organization?

    3:45 pm
    [PLUS Course] Cybersecurity and Risk Economics: Part 2
    • session level icon
    speaker photo
    Leader in Cybersecurity Strategy, Innovation, and Economics
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm
    This PLUS Course will cover cyber metrics; cyber risk quantification; efficacy (effectiveness) / efficiency ; resource allocation/management; and more.
    3:45 pm
    [PLUS Course] Operationalizing Privacy Laws into Your Organization: Part 2
    • session level icon
    Building an Effective and Practical Data Privacy and Information Security Program
    speaker photo
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Session 2 will focus on the key components of an effective and practical data privacy and information security compliance program. This session will include an overview of key compliance documentation, including policies, procedures, and supporting documentation. We will discuss how to build a program that addresses the regulatory and legal requirements, while also balancing your business’ unique infrastructure and organization.

  • Thursday, April 20, 2023
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:30 pm
    Location / Room: Registration Desk / Lobby

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Cybersecurity and Risk Economics: Part 3
    • session level icon
    speaker photo
    Leader in Cybersecurity Strategy, Innovation, and Economics
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am
    This PLUS Course will cover cyber metrics; cyber risk quantification; efficacy (effectiveness) / efficiency ; resource allocation/management; and more.
    7:30 am
    [PLUS Course] Operationalizing Privacy Laws into Your Organization: Part 3
    • session level icon
    Operationalizing Your Data Privacy and Information Security Program
    speaker photo
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    In Session 3 and 4, we will focus on operationalizing your Data Privacy and Information Security Program, making it actionable for the teams that will implement the requirements into the organization’s day-to-day operations. With hands-on exercises and discussion, these sessions will provide step-by-step approaches to implementing key areas of your Data Privacy and Information Security Program, including data subject rights, privacy breaches, data protection agreements, cross-border data transfers, data mapping, and data protection impact assessments.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am

    Participating professional associations and details to be announced.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This roundtable discussion is for our Advisory Council members only.

    9:00 am
    [Opening Keynote] Managing Through Transition: Merging People and Technologies
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    Session description coming soon.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    Understaffed and Under Pressure
    • session level icon
    speaker photo
    VP, Information Security, Penn Entertainment
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Staffing challenges continue to be a pain point for CISOs as they work to build – and keep – teams while staying on top of an ever growing threat landscape.

    The digital world continues to change and grow, companies continue to become more agile, and the speed of delivery continues to increase. Those are just the tip of the iceberg for security leaders when it comes to building and keeping security teams. Lets talk about those challenges and more as we walk through the different options we have as security leaders to build the best team possible.

    10:15 am
    Securing the Supply Chain
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    A discussion of managing third-party risk and how to manage expectations and contracts with vendors.

    11:10 am
    [Panel] Lucy in the Cloud with Diamonds
    • session level icon
    Securing Your Cloud Environment
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Can you “imagine” if The Beatles, when first starting out, had to deal with having their catalog of music hacked, stolen, and held for ransom simply because it was in an unsecure cloud setting? While it is possible for that to happen with their hit-laden collection of songs today, it’s merely a tiny example of how businesses operate at a minimum in a hybrid cloud environment—many in a cloud-only platform.

    With that comes security issues and another major area which cybersecurity professionals must work diligently to protect.

    Our panel of experts share the good, the bad, and the ugly of operating in a cloud environment, what it takes to make the move to hybrid or multi-cloud successful, how to protect data from insider and outsider threats, and what it takes to provide the support DevOps teams need.

    11:10 am
    [Panel] Protecting Against OT and IoT Threats
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Session description coming soon.

    11:10 am
    Securing Your Sensitive Assets in a Cloud-First World
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Key take-away: 
    How to rethink database security controls in a cloud-first world.

    For most organizations, data repositories hold our most sensitive, mission critical assets. As enterprises continue their digital transformation journeys, data repositories and the sensitive assets within are more exposed than ever before for several reasons, including a dramatic rise in the:

    • Amount of data created, collected, and stored
    • Number of repositories storing sensitive data across clouds
    • Number of users and applications that need access to data
    12:00 pm
    [Lunch Keynote] CISO Panel: Identifying the Next Transformation Cybersecurity Professionals Face and Remaining Resilient
    • session level icon
    speaker photo
    VP & CISO, Global Infrastructure and Security Solutions, TE Connectivity
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    Session description coming soon.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Advisory Council – VIP / INVITE ONLY

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    [Panel] I Can See Clearly Now, the Threats Are Gone
    • session level icon
    Threat Intelligence: The State of InfoSec Today
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Zero Trust is considered by many to be a marketing buzzword, but what it really alludes to is having good, basic cybersecurity hygiene. It’s what any cybersecurity professional worth their salt has been doing, and does, daily. Ransomware, phishing, and BEC grab the headlines, but your run-of-the-mill cyberattacks can’t be ignored because of the shiny new thing garnering all the attention.

    The CISO is like a musical conductor that must pay attention to all the resources at his or her disposal—be it people, tools, technologies, systems, and more. How is the organization handling security awareness training? What about staffing shortages affecting the organization, or even the vendors with which CISOs and their teams work?

    Join our expert panel as they provide insights and takeaways on the state of the information security profession today, including tips for seeing clearly and staying ahead of threats.

    1:15 pm
    Ransomware: How to Stay out off the Front Pages
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    2:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 2:30 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:30 pm
    Security Awareness: Engaging People and Tracking the Right Metrics
    • session level icon
    speaker photo
    Associate Director, Security Operations & Engineering, Spring Health
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm

    Session description coming soon.

    2:30 pm
    Best Practices for InfoSec Teams
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    Session description to come.

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    Transitioning from CISO to CIO: What Changes?
    • session level icon
    speaker photo
    CIO, Morgan, Lewis & Bockius LLP
    Registration Level:
    • session level iconConference Pass
    3:45 pm - 4:30 pm

    A talk with Steve Naphy, CIO of Morgan Lewis, about his move from head of InfoSec to Chief Information Officer.

    3:45 pm
    Going Passwordless: Authentication Fact or Fiction?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm

    Are your internal customers tired of passwords? Are you tired of easily breaking their passwords? Well, look no further. Passwordless authentication is upon us and can be achieved for multi-factor authentication (MFA), while making our internal customers happy. How is this possible? Come and listen with your colleagues as I share how we rolled it out, describe the lessons learned, and share who the players are.

    Passwords are one of the most loathed controls in the wild. If you can’t beat ’em, join ’em. Learn who the passwordless alphas are and the lessons learned to achieve a win-win strategy within your company.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    3:45 pm
    [PLUS Course] Cybersecurity and Risk Economics: Part 4
    • session level icon
    speaker photo
    Leader in Cybersecurity Strategy, Innovation, and Economics
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm
    This PLUS Course will cover cyber metrics; cyber risk quantification; efficacy (effectiveness) / efficiency ; resource allocation/management; and more.
    3:45 pm
    [PLUS Course] Operationalizing Privacy Laws into Your Organization: Part 4
    • session level icon
    Operationalizing Your Data Privacy and Information Security Program
    speaker photo
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    In Session 3 and 4, we will focus on operationalizing your Data Privacy and Information Security Program, making it actionable for the teams that will implement the requirements into the organization’s day-to-day operations. With hands-on exercises and discussion, these sessions will provide step-by-step approaches to implementing key areas of your Data Privacy and Information Security Program, including data subject rights, privacy breaches, data protection agreements, cross-border data transfers, data mapping, and data protection impact assessments.

Exhibitors
  • Critical Start
    Booth: TBD

    Critical Start is a cybersecurity company with a holistic, customer-focused approach. We work with our customers to understand the impact of IT on their business and determine the associated risks. Using this risk profile, we can offer big-picture guidance on the strategies and controls that will enable them to effectively manage risk and improve security. Critical Start is 100% employee owned by a team of experts who are passionate about security, quality and service. For more information on what sets us apart, visit criticalstart.com.

  • Qualys, Inc.
    Booth: TBD

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • ReliaQuest
    Booth: TBD

    ReliaQuest, the force multiplier of security operations, increases visibility, reduces complexity, and manages risk with its cloud native security operations platform, GreyMatter. ReliaQuest’s GreyMatter is built on an open XDR architecture and delivered as a service anywhere in the world, anytime of the day, by bringing together telemetry from tools and applications across cloud, on-premises and hybrid cloud architectures. Hundreds of Fortune 1000 organizations trust ReliaQuest to operationalize security investments, ensuring teams focus on the right problems while closing visibility and capability gaps to proactively manage risk and accelerate initiatives for the business. ReliaQuest is a private company headquartered in Tampa, Fla., with multiple global locations. For more information, visit www.reliaquest.com.

  • SentinelOne
    Booth: TBD

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • ThreatLocker
    Booth: TBD

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • WithSecure
    Booth: TBD

    WithSecure™ (formerly F-Secure Business) is cybersecurity’s reliable partner. IT service providers, MSSPs and businesses—along with the largest financial institutions, manufacturers, and thousands of the world’s most advanced communications and technology providers—trust us for outcome-based cybersecurity that protects and enables their operations. Our AI-driven protection secures endpoints and cloud collaboration, and our intelligent detection and response are powered by experts who identify business risks by proactively hunting for threats and confronting live attacks. Our consultants partner with enterprises and tech challengers to build resilience through evidence-based security advice. WithSecure™ is part of F-Secure Corporation, founded in 1988, and listed on NASDAQ OMX Helsinki Ltd.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Pete Lindstrom, Instructor
    Leader in Cybersecurity Strategy, Innovation, and Economics

    Pete Lindstrom has an extensive expertise in cybersecurity but is best known as an authority on strategic cybersecurity topics such as metrics, estimating risk, and measuring the benefit of security programs. He focuses on applying these core economic and risk management principles to new cybersecurity architectures and platforms. Pete has over 25 years of industry experience as an IT auditor (PwC), IT security practitioner (Wyeth), and industry analyst (IDC). Pete served as an officer in the U.S. Marine Corps and received a bachelor's degree in Business Administration (Finance) from the University of Notre Dame.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law

    Jordan Fischer leads Octillo Law's Global Privacy Team, where she represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Todd Bearman, Moderator
    VP & CISO, Global Infrastructure and Security Solutions, TE Connectivity

    Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

    Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
    Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

    Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

  • speaker photo
    Col. Candice E. Frost
    JIOC Commander, United States Cyber Command

    Candice E. Frost is the Joint Intelligence Operations Center Commander at the United States Cyber Command. As the commander, Colonel Frost leads over 200 employees from the Defense Intelligence Agency (DIA), National Security Agency, and Department of Defense, to provide and produce intelligence required to direct, operate, and secure Department of Defense networks, systems, and data; deter or defeat strategic threats to U.S. interests and infrastructure; and support achievement of Joint Force Commanders objectives.

    Before serving in her current role, Colonel Frost was the Director of Foreign Intelligence with the Headquarters of the Army Staff, G-2. She was responsible for daily briefings of the future strategic environment to the Secretary of the Army, Chief of Staff of the Army, Vice Chief of Staff of the Army, and the Army G2.

    Colonel Frost’s commitment to national security includes three decades of public service. Her career in intelligence and cyber, includes operational tours of duty in the Balkans, multiple deployments to Afghanistan, and currently, her work at Fort Meade. Candice was instrumental in the integration of women into combat arms and served close to half of her career in infantry divisions. Colonel Frost is an adjunct professor at Georgetown University teaching masters students in the Security Studies Program. She has spoken and instructed at colleges and universities to include Harvard, MIT, Columbia, Universities of Arizona, Florida, and Illinois. She also briefed the National Intelligence Council and spoke at conferences like RSA and the Billington Summit about technology and national security.

    A graduate of the United States Military Academy at West Point, Colonel Frost holds masters degrees from Central Michigan University and the United States Army School of Advance Military Studies. Her awards and decorations include the Bronze Star, Legion of Merit, and Combat Action Badge. She is also the recipient of the Billington Cybersecurity Workforce Development Award, Business Council for Peace Lifetime Mentorship Award, and the Lifetime Achievement Award in Muscatine, Iowa.

    She is a member of the Executive Advisory Council for AFCEA DC. COL Frost is the past recipient of numerous fellowships, including Seminar XXI at the Massachusetts Institute of Technology, the Army War College Fellowship with the Central Intelligence Agency, and the Foundation for Defense of Democracies Fellowship. Colonel Frost pivots in 2023 from the United States Army after more than twenty-five years of service.

  • speaker photo
    Will Rogers
    CISO, ActBlue Technical Services
  • speaker photo
    Panel Discussion
  • speaker photo
    Naomi Buckwalter
    Founder & Executive Director, Cybersecurity Gatebreakers Foundation

    Naomi Buckwalter, CISSP CISM, is the Director of Product Security for Contrast Security and author of the LinkedIn course: “Training today for tomorrow's solutions - Building the Next Generation of Cybersecurity Professionals”. She is also the founder and Executive Director of Cybersecurity Gatebreakers Foundation, a nonprofit dedicated to closing the demand gap in cybersecurity hiring. She has over 20 years' experience in IT and Security and has held roles in Software Engineering, Security Architecture, Security Engineering, and Security Executive Leadership. As a cybersecurity career adviser and mentor for people around the world, her passion is helping people, particularly women, get into cybersecurity. Naomi has two Masters degrees from Villanova University and a Bachelors of Engineering from Stevens Institute of Technology.

  • speaker photo
    Kathleen Moriarty
    CTO, Center for Internet Security

    Kathleen Moriarty, Chief Technology Officer, Center for Internet Security, has over two decades of experience. Formerly as the Security Innovations Principal in Dell Technologies Office of the CTO, Kathleen worked on ecosystems, standards, and strategy. During her tenure in the Dell EMC Office of the CTO, Kathleen had the honor of being appointed and serving two terms as the Internet Engineering Task Force (IETF) Security Area Director and as a member of the Internet Engineering Steering Group from March 2014-2018. Named in CyberSecurity Ventures, Top 100 Women Fighting Cybercrime. She is a 2020 Tropaia Award Winner, Outstanding Faculty, Georgetown SCS.

    Kathleen achieved over 20 years of experience driving positive outcomes across Information Technology Leadership, IT Strategy and Vision, Information Security, Risk Management, Incident Handling, Project Management, Large Teams, Process Improvement, and Operations Management in multiple roles with MIT Lincoln Laboratory, Hudson Williams, FactSet Research Systems, and PSINet.

    Kathleen holds a Master of Science Degree in Computer Science from Rensselaer Polytechnic Institute, as well as, a Bachelor of Science Degree in Mathematics from Siena College. Published work: "Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain," July 2020.

  • speaker photo
    Panel Discussion
  • speaker photo
    Bryan Bechard
    CISO, Flagship Credit Acceptance

    Bryan is a 20+ year InfoSec career professional currently serving as CISO for an auto finance company and teaching the next generation of InfoSec pros.

  • speaker photo
    Host: Chris Glanden
    Founder, BarCode

    Chris Glanden is a veteran cybersecurity professional who is passionate about Security Systems, breakthroughs, vulnerabilities, and their mitigation and risk management.

  • speaker photo
    Pete Lindstrom, Instructor
    Leader in Cybersecurity Strategy, Innovation, and Economics

    Pete Lindstrom has an extensive expertise in cybersecurity but is best known as an authority on strategic cybersecurity topics such as metrics, estimating risk, and measuring the benefit of security programs. He focuses on applying these core economic and risk management principles to new cybersecurity architectures and platforms. Pete has over 25 years of industry experience as an IT auditor (PwC), IT security practitioner (Wyeth), and industry analyst (IDC). Pete served as an officer in the U.S. Marine Corps and received a bachelor's degree in Business Administration (Finance) from the University of Notre Dame.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law

    Jordan Fischer leads Octillo Law's Global Privacy Team, where she represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Pete Lindstrom, Instructor
    Leader in Cybersecurity Strategy, Innovation, and Economics

    Pete Lindstrom has an extensive expertise in cybersecurity but is best known as an authority on strategic cybersecurity topics such as metrics, estimating risk, and measuring the benefit of security programs. He focuses on applying these core economic and risk management principles to new cybersecurity architectures and platforms. Pete has over 25 years of industry experience as an IT auditor (PwC), IT security practitioner (Wyeth), and industry analyst (IDC). Pete served as an officer in the U.S. Marine Corps and received a bachelor's degree in Business Administration (Finance) from the University of Notre Dame.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law

    Jordan Fischer leads Octillo Law's Global Privacy Team, where she represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Mark Eggleston, CISSP, GSEC, CHPS
    CISO, CSC

    Mark Eggleston is the chief information security officer (CISO) for CSC, responsible for the global security and privacy program design, operations and continual maturation. As a senior executive specializing in security and privacy program development and management, Mark’s unique background and expertise in information technology, program, and people management have positioned him as a thought leader and frequent industry speaker.

    Mark started his career as a program manager and psychotherapist at a hospital serving children and adolescents. Later, Mr. Eggleston helped develop an internal compliance approach—complete with policies and tools—ensuring a geographically dispersed health care provider organization (across 19 states) complied with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Mr. Eggleston then transitioned to applying his HIPAA expertise at an HMO where he has implemented many successful security controls and technologies, including single sign-on (SSO), Identity and Access Management (IAM), Cloud Access security broker (CASB), and a vulnerability assessment program.

    Mark received his Bachelor of Science in psychology from Radford University. Later, Mark received both his Master of social work and his post-baccalaureate certificate in management information systems from Virginia Commonwealth University. In addition, Mark holds CHPS, CHPS, and CISSP certifications.

  • speaker photo
    David Lingenfelter
    VP, Information Security, Penn Entertainment

    David Lingenfelter is the Vice President of Information Security at Penn Entertainment, responsible for ensuring the highest possible level of security for the rapidly changing risk landscape. David manages teams that oversee IT security and compliance for both the retail and digital aspects of the business. David believes that in order to implement a successful security program it’s important for everyone to understand the threats and risks that could adversely impact the business.

    Prior to joining Penn Entertainment, David oversaw security for the MaaS360 mobile device management platform at IBM. During his tenure at IBM, David helped onboard and integrate the team supporting MaaS360 as part of the acquisition of Fiberlink Communications into IBM. Prior to the acquisition by IBM, David was the Information Security Officer at Fiberlink Communications working as part of the team that designed and built an early Software as a Service cloud model for its MaaS360 platform. David also led the charge for getting MaaS360 to be the first mobile device management platform certified for use by the federal government under the FedRAMP program.

    As a member of the Cloud Security Alliance David was co-chair of the Mobile Working Group culminating in the publication of the “Security Guidance for Critical Areas of Mobile Computing”. David also gave input to early versions of the Cloud Control Matrix and other publications and is a former president of the Delaware Valley chapter of the Cloud Security Alliance. David’s career in IT security has always included a strong emphasis on awareness and understanding of the threats and risks associated with poor security. This passion for helping bring awareness to others and has lead David around the world giving presentations on multiple aspects of IT security and the overall impact on business and personal lives.

  • speaker photo
    Panel Discussion
  • speaker photo
    Tammy Klotz, Moderator
    CISO, Covanta

    Prior to Covanta, Tammy was responsible for the cybersecurity program at Versum Materials, which included Information Risk Management, Plant Cybersecurity, as well as IT Security, Risk & Compliance activities. She was with Versum since their start-up in October 2016 and was responsible for standing up all security services required for the new company as part of their spin-off from Air Products & Chemicals.

    Prior to her role at Versum, Tammy worked at Air Products & Chemicals for 25 years in a variety of leadership roles. Highlights of her Air Products career include IT Communications, Service & Business Relationship Management, global leadership of multiple IT support teams and IT Audit Manager.

    Tammy is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and is also Certified in Risk and Information Systems Control (CRISC). She is a Governing Body Member of the Philadelphia Chapter of Evanta, participates in Delaware Valley Cloud Security Alliance activities, and is involved with the Philadelphia Women & Cyber Security group. Tammy is also a 2019 Nominee for T.E.N Information Security Executive® of the Year.

  • speaker photo
    Panel Discussion
  • speaker photo
    Todd Bearman, Moderator
    VP & CISO, Global Infrastructure and Security Solutions, TE Connectivity

    Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

    Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
    Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

    Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

  • speaker photo
    Panel Discussion
  • speaker photo
    Panel Discussion
  • speaker photo
    Chris Guarino
    Associate Director, Security Operations & Engineering, Spring Health
  • speaker photo
    Steve Naphy
    CIO, Morgan, Lewis & Bockius LLP

    Steve Naphy serves as Morgan Lewis's Chief Information Officer. In his role, Steve concentrates on leveraging data analytics and process to drive efficiency and effectiveness in both business operations and the delivery of legal services. He has over 20 years of experience working in information technology (IT), including previously running information security at the firm for six years. Prior to joining Morgan Lewis, Steve held significant InfoSec roles in the retail and distribution industry. He holds an M.S. in information systems from Widener University and a B.S. from Drexel University.

  • speaker photo
    Pete Lindstrom, Instructor
    Leader in Cybersecurity Strategy, Innovation, and Economics

    Pete Lindstrom has an extensive expertise in cybersecurity but is best known as an authority on strategic cybersecurity topics such as metrics, estimating risk, and measuring the benefit of security programs. He focuses on applying these core economic and risk management principles to new cybersecurity architectures and platforms. Pete has over 25 years of industry experience as an IT auditor (PwC), IT security practitioner (Wyeth), and industry analyst (IDC). Pete served as an officer in the U.S. Marine Corps and received a bachelor's degree in Business Administration (Finance) from the University of Notre Dame.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Global Leader of Privacy Practice Group, Octillo Law

    Jordan Fischer leads Octillo Law's Global Privacy Team, where she represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Grow in person!

Join your cybersecurity community for learning and professional growth. Register today!