23rd Annual

SecureWorld Philadelphia

May 6-7, 2026 | Valley Forge Casino Resort Event Center

EVENT DETAILS

Click here to view registration types and pricing (PDF)

Download Now

Conference Agenda

Day 1
Day 2

Filter by registration level:

Open Sessions
Conference Pass
SecureWorld Plus
VIP / Exclusive

Wednesday, May 6, 2026
7:30 am
[PLUS Course] Securing & Enabling AI: Transform Chaos into Competitive Advantage - Part 1
Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
7:30 am - 9:00 am

Come join this interactive workshop — think hands-on working groups so you are an active participant…this is not 6 hours of being lectured at.

Learn how to secure AI while accelerating innovation—not blocking it. Transform from AI Firefighter to Strategic Business Enabler, with a 90-day roadmap for secure AI deployment in your organization.

Why this course? Imagine your CEO just asked about AI security. Do you have an answer?

While you’re counting vulnerabilities, your competitors are deploying AI at scale.

Every Monday, another department launches an AI tool. Marketing uses ChatGPT for campaigns. Sales deploys AI Sales Development Reps. Customer service automates with chatbots.

And your cybersecurity team? Still writing policies nobody reads.

You’ll master:

• The AIR-MAP Methodology™ — Your proven 90-day roadmap from AI chaos to governance

• Executive Translation — Turn technical AI risks into boardroom language

• NIST AI RMF Implementation — Practical application, not theory

• The $12M Question — Secure against deepfake fraud and AI-enabled attacks

• Shadow AI Discovery — Find and govern the AI already in your organization

• Business-First Security — Protect value, not just systems

Who should attend:

Perfect fit:

• CISOs facing board questions about AI

• Information Security Directors enabling digital transformation

• IT VPs without dedicated security teams

• Cybersecurity Consultants serving enterprise clients

• Risk Managers governing AI initiatives

• Aspiring decision makers and those reporting to one

Wrong course:

• Developers wanting to code AI models

• Analysts seeking technical certifications

• Anyone looking for hands-on hacking labs

This workshop is NOT about:

• Prompt injection techniques

• Model architecture security

• Technical vulnerability scanning

• Writing 200-page policies

This workshop IS about:

• Speaking profit-and-loss to executives

• Enabling your AI transformations

• Building cybersecurity into AI from day one

• Becoming the trusted AI advisor

You’ll leave with:

1. The Complete AIR-MAP Toolkit

• 90-day implementation roadmap

• Discovery templates and workflows

• Risk scoring calculators

• Executive presentation templates

2. Ready-to-Deploy Policies

• AI Acceptable Use Policy (customize in minutes)

• Vendor assessment questionnaires

• Incident Response playbooks

3. 30-Minute Strategy Session

Complementary private consultation to apply AIR-MAP to your specific situation.
7:30 am
[PLUS Course] Master the NIST Cybersecurity Framework v2.0 in Just Six Hours - Part 1
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
7:30 am - 9:00 am
This intensive, live workshop is your shortcut to cyber resilience mastery. In just one power-packed day, you’ll walk away with:

Complete mastery of NIST CSF 2.0 – Understand every component and why it matters to YOUR business

Your personalized Cyber Risk Map – Identify your organization’s exact vulnerabilities and blind spots

A step-by-step action plan – No more guessing what to do next

Real-world case studies – See how organizations just like yours have successfully implemented the framework

Expert-level confidence – Finally speak cybersecurity with authority and clarity

What makes this different?
This isn’t another theoretical lecture. You’ll spend most of your time actually BUILDING your organization’s cybersecurity roadmap using the proven Cyber Risk Management Action Plan (CR-MAP) methodology. You’ll leave with tools and know-how you can implement immediately.

Perfect for:

IT Directors and Managers

Cybersecurity Professionals

Business Leaders responsible for risk management

Compliance Officers

Anyone tasked with “figuring out cybersecurity”

Exclusive Bonus: Every attendee receives our comprehensive digital CR-MAP Online Workbook ($197 value), your step-by-step guide to:

Getting BUY-IN from your senior decision makers

Discovering your top five cyber risks

Creating a prioritized risk mitigation plan with implementation roadmap

A score card you can use to track progress

Warning: This live, in-person intensive has limited seating. Don’t let another cyber incident catch your organization unprepared.

Your organization’s cybersecurity can’t wait. Register now.
7:00 am
Registration open
Registration Level:
Open Sessions
7:00 am - 4:30 pm
Location / Room: Registration Desk / Lobby
Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
8:00 am
Networking Hall open
Registration Level:
Open Sessions
8:00 am - 4:30 pm
Location / Room: Networking Hall
Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible, as well as association chapters! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Also, look for “Cyber Connect” discussions on select topics and join the conversation.
8:00 am
Advisory Council Roundtable Breakfast (VIP / Invite only)
Registration Level:
VIP / Exclusive
8:00 am - 8:45 am
Moderated discussion for SecureWorld Advisory Council members. By invite only.
8:00 am
Association Chapter Meetings
Registration Level:
Open Sessions
8:00 am - 8:45 am
Participating professional associations and details to be announced.
8:00 am
Insider Threats: The Call Is Coming from Inside the House
Interest Tags: Insider Threats; Risk Quantification; User and Entity Behavior Analytics
Craig Stanland
Author, "Blank Canvas: How I Reinvented My Life After Prison"
Registration Level:
Open Sessions
8:00 am - 8:45 am
Most insider threats don’t begin with malicious intent. They begin with a human being under pressure. Fear. Scarcity. Insecurity. These emotional drivers create tiny rationalizations that bypass even the strongest controls: “They owe me.” “I’ll fix it before anyone notices.” “This isn’t a big deal.”

By the time a security system detects something unusual, the damage is already in motion, because insider threats are fundamentally human threats. And humans are always smarter than the system when they’re driven by need and fueled by rationalization.

In this gripping, first-person session, Craig Stanland, who committed and served time for an $800K fraud, exposes how rationalization quietly rewires judgment, overrides policy, and turns trusted employees into your most significant vulnerability. This session goes beyond frameworks and compliance.
8:45 am
Networking Break
Registration Level:
Open Sessions
8:45 am - 9:00 am
Location / Room: Networking Hall
Visit the Networking Hall to network with attendees and connect with our vendor sponsors and association partners.
9:00 am
[Opening Keynote] The State of Cybersecurity in 2026: Threats, Trends, and What Comes Next
Registration Level:
Open Sessions
9:00 am - 9:45 am
Location / Room: Keynote Theater
Session details to come.
9:45 am
Networking Break & Cyber Connect
AI in Cybersecurity: Game-Changer or Growing Threat?
Registration Level:
Open Sessions
9:45 am - 10:10 am
Location / Room: Networking Hall
Artificial intelligence rapidly redefines how we defend our networks—and how attackers target them. From threat detection to deepfakes, explore the double-edged nature of AI in cybersecurity and how it’s impacting your daily work.

Please join us in the Networking Hall to connect with peers over coffee and snacks and share real-world experiences, strategies, and concerns around AI’s growing role in security.
10:10 am
Quantum Readiness: Preparing Your Organization for a Post-Quantum Future
Registration Level:
Conference Pass
10:10 am - 10:45 am
Session details to come.
10:10 am
Laws, Logic, and Lines of Code: Synchronizing Privacy Ops with Legal Reality
Focus Areas: Data Privacy; GRC; Legal-Security Collaboration
Aaron Weismann
CISO, Main Line Health
Kevin Werner
Associate CISO, Main Line Health
Jordan Fischer, Moderator
Founding Partner & Owner, Fischer Law, LLC
Registration Level:
Conference Pass
10:10 am - 10:45 am
Privacy is no longer just a “legal checkbox”—it’s a high-stakes operational challenge. When a new privacy law hits the books, the legal team sees a mandate, while the security team sees a mountain of data mapping and architectural shifts. If these two sides aren’t speaking the same language, the resulting “compliance gap” becomes a massive liability.

This panel brings together the three key pillars of a resilient privacy program: the Cyber Attorney, the CISO, and the Associate CISO. Drawing on their experience in the high-pressure world of healthcare—where privacy is a matter of both law and life—our experts move beyond industry-specific silos to discuss the universal challenges of “Privacy Ops.” Attendees will gain insights into:

Translating Legalese into Logic: How to turn vague regulatory requirements like “reasonable security” into actionable technical controls and auditable workflows.

The Data Discovery Dilemma: Practical strategies for mapping data flows in complex environments without stalling business innovation.

Privilege vs. Protection: Navigating the delicate balance of attorney-client privilege during incident response and forensic investigations.

Building the “Privacy Bridge”: Establishing a recurring rhythm between legal and security teams to stay ahead of the rapidly evolving patchwork of state, federal, and international privacy laws.

Whether you are building a privacy program from scratch or refining an existing one, join us for a candid discussion on how to stop “doing compliance” and start operationalizing privacy as a strategic business asset.
10:10 am
Threat Hunting with AI: Turning Noise into Actionable Intelligence
Registration Level:
Open Sessions
10:10 am - 10:45 am
Session details to come
10:10 am
Modern Ransomware: Double Extortion, Data Destruction, and Targeted Campaigns
Registration Level:
Open Sessions
10:10 am - 10:45 am
Session details to come.
10:45 am
Networking Break & Cyber Connect
The Human Element in Cybersecurity
Registration Level:
Open Sessions
10:45 am - 11:10 am
Location / Room: Networking Hall
Despite all the tools and technology, people remain the most unpredictable variable in security. Whether insider threats, awareness training, or culture-building, human behavior is central to your cyber strategy.

Please join us in the Networking Hall to connect with peers over coffee and snacks and discuss how organizations are tackling the people side of cybersecurity.
11:10 am
Securing Cloud-Native Environments: Containers, Kubernetes, and Serverless
Registration Level:
Conference Pass
11:10 am - 11:45 am
Session details to come.
11:10 am
The Rise of AI Assistants: New Insider Threat and Data Exposure Challenges
Registration Level:
Conference Pass
11:10 am - 11:45 am
Session details to come.
11:10 am
Third-Party Risk: Managing Exposure Across Expanding Vendor Ecosystems
Registration Level:
Open Sessions
11:10 am - 11:45 am
Session details to come.
11:10 am
[Panel] Navigating the Evolving Digital Battlefield
Focus Areas: Identity-First Security; Attack Surface Management; Supply Chain & Fourth-Party Risk
Panel Discussion
Registration Level:
Open Sessions
11:10 am - 11:45 am
As organizational footprints expand across cloud, SaaS, OT/IoT, and dispersed workforces, defenders face a more complex and interconnected digital battlefield. This panel brings together experts to explore how today’s threat actors combine automation, social engineering, identity breaches, and software supply-chain attacks into highly coordinated assaults.

Panelists will examine the expanding importance of identity in the modern SOC, the emergence of AI-driven threats such as automated reconnaissance and deepfake-assisted breaches, and how fourth-party dependencies are changing risk visibility. The discussion also connects these trends to organizational resilience—showing how teams can improve detection, response, and business continuity across an evolving attack surface. This comprehensive session provides practical insights for any security leader seeking clarity amid converging threats.
11:45 am
Networking Break
Registration Level:
Open Sessions
11:45 am - 12:00 pm
Location / Room: Networking Hall
Visit the Networking Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pm
[Lunch Keynote] AI-Accelerated Attacks and Defenses: Preparing for Machine-Speed Threats
Registration Level:
Open Sessions
12:00 pm - 12:45 pm
Location / Room: Keynote Theater
Session details to come.
12:45 pm
Networking Break & Cyber Connect
Proactive by Design: Anticipating Threats Before They Strike
Registration Level:
Open Sessions
12:45 pm - 1:10 pm
Location / Room: Networking Hall
The days of reacting to alerts are over. From continuous monitoring to threat hunting, organizations are shifting to proactive security models that anticipate and prevent incidents before they happen.

Please join us in the Networking Hall to connect with peers over coffee and snacks and explore how to make proactive security a reality in your environment.
1:10 pm
Zero Trust in Practice: What Real-World Implementations Look Like Now
Registration Level:
Conference Pass
1:10 pm - 1:45 pm
Session details to come.
1:10 pm
Burnout in Cybersecurity: Recognizing, Preventing, and Managing Team Fatigue
Registration Level:
Conference Pass
1:10 pm - 1:45 pm
Session details to come.
1:10 pm
Threat Modeling for Modern Architectures: From Cloud to Edge
Registration Level:
Open Sessions
1:10 pm - 1:45 pm
Session details to come.
1:10 pm
[Panel] The Double-Edged Sword of AI in Cyber Defense
Focus Areas: AI-Powered SecOps; Adversarial AI & Synthetic Media; AI Governance & Assurance
Panel Discussion
Registration Level:
Open Sessions
1:10 pm - 1:45 pm
AI is revolutionizing cybersecurity at all levels, speeding up detection and enabling automated attacks on an unprecedented scale. This session examines AI’s dual role as both a powerful defensive tool and a new threat vector for attackers. Panelists will discuss how AI copilots enhance analyst workflows, triage, and anomaly detection, while also addressing emerging risks such as LLM data leakage, prompt injection, model poisoning, and hallucinations within high-trust SOC processes.

The discussion will cover AI governance and assurance frameworks, evolving regulatory expectations, and the impact of synthetic content—including deepfakes, audio spoofing, and hyper-personalized phishing—on social engineering defenses. Attendees will leave with a solid understanding of AI’s potential, the safety measures needed for responsible deployment, and practical steps for preparing teams and pipelines for an AI-driven threat environment.
1:45 pm
Networking Break & Cyber Connect
Cyber Talent Crisis: Recruiting, Retaining, and Reskilling Your Team
Registration Level:
Open Sessions
1:45 pm - 2:10 pm
Location / Room: Networking Hall
The cybersecurity workforce shortage is real—and growing. From finding skilled talent to reducing burnout and investing in upskilling, leaders are rethinking how to build resilient teams for the future.

Please join us in the Networking Hall to connect with peers over coffee and snacks and exchange ideas for navigating one of the industry’s most significant ongoing challenges.
2:10 pm
Hack the Bots: The Promise and Peril of Intelligent Machines
Focus Areas: Robotics & Drone Security; OT & IoT Convergence; Autonomous System Exploits
Lexie Thach
Founder, Ex Machina Parlor LLC
Registration Level:
Conference Pass
2:10 pm - 2:45 pm
This session explores how robots, drones, and IoT systems are becoming high-value cyber targets as they integrate with cloud services, AI, and enterprise networks. Using real-world exploits and case studies, this talk examines how attackers compromise autonomous systems—and how defenders can apply modern security principles to protect them. Attendees will gain insight into the risks, architectures, and defensive strategies shaping the future of cyber-physical security.
2:10 pm
Building Incident Response Plans for Highly Distributed Workforces
Registration Level:
Conference Pass
2:10 pm - 2:45 pm
Session details to come.
2:10 pm
Data Privacy in 2026: Navigating New Regulations and Compliance Pressures
Registration Level:
Open Sessions
2:10 pm - 2:25 pm
Session details to come.
2:10 pm
[Panel] Cloud Security & Multi-Cloud Defense: Securing the Modern Enterprise
Focus Areas: Multi-Cloud & SaaS Governance; Workload & Data Protection; Zero Trust & Edge Security
Panel Discussion
Registration Level:
Open Sessions
2:10 pm - 2:45 pm
Modern enterprises rely on a complex mix of cloud providers, SaaS platforms, APIs, and distributed identities—offering agility but also creating new control gaps. This panel gathers leaders in CSPM, workload protection, cloud identity, API security, and SaaS governance to explore the challenges of securing multi-cloud environments at scale.

Panelists will discuss AI-driven misconfigurations, rapid SaaS sprawl, and the persistent risk of API-related breaches, as well as how zero trust principles are applied to cloud entitlements and data flows. The conversation also covers DSPM-led visibility, cross-cloud identity governance, and the convergence of network and cloud security through SASE/SSE. Whether you’re cloud-mature or still early in the journey, this session provides strategies for protecting cloud workloads, identities, and data in environments where every misconfiguration can become a breach.
2:45 pm
Networking Break
Registration Level:
Open Sessions
2:45 pm - 3:15 pm
Location / Room: Networking Hall
Visit the Networking Hall to network with attendees and connect with our vendor sponsors and association partners.
3:15 pm
[Closing Keynote] Inside the Digital Mind: How Cyberpsychology Shapes Behavior, Risk, and the Cyber Landscape
Interest Tags: Psychology; Human Risk Management; Social Engineering
Krista Arndt
Associate CISO, St. Luke's University Health Network
Registration Level:
Open Sessions
3:15 pm - 4:00 pm
Location / Room: Keynote Theater
This keynote explores how human behavior in digital environments directly shapes modern cyber risk. Drawing from the research of forensic cyberpsychologist and author Mary Aiken, this talk reveals why people think, react, trust, click, overshare, and make decisions differently online—and how attackers exploit those predictable patterns. Participants will learn how digital psychology influences threat exposure, identity compromise, misinformation, social engineering, and organizational security culture. Attendees will walk away with practical, human-centered strategies for building safer digital environments and strengthening security programs by aligning controls with real human behavior.
4:00 pm
Happy Hour
Happy Hour
Registration Level:
Open Sessions
4:00 pm - 5:00 pm
Location / Room: Networking Hall
Join your peers for conversation and complimentary beverages. This is a great opportunity to network with other security professionals from the area and discuss the hot topics from the day.
4:00 pm
[PLUS Course] Securing & Enabling AI: Transform Chaos into Competitive Advantage - Part 2
Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
4:00 pm - 5:30 pm

Come join this interactive workshop — think hands-on working groups so you are an active participant…this is not 6 hours of being lectured at.

Learn how to secure AI while accelerating innovation—not blocking it. Transform from AI Firefighter to Strategic Business Enabler, with a 90-day roadmap for secure AI deployment in your organization.

Why this course? Imagine your CEO just asked about AI security. Do you have an answer?

While you’re counting vulnerabilities, your competitors are deploying AI at scale.

Every Monday, another department launches an AI tool. Marketing uses ChatGPT for campaigns. Sales deploys AI Sales Development Reps. Customer service automates with chatbots.

And your cybersecurity team? Still writing policies nobody reads.

You’ll master:

• The AIR-MAP Methodology™ — Your proven 90-day roadmap from AI chaos to governance

• Executive Translation — Turn technical AI risks into boardroom language

• NIST AI RMF Implementation — Practical application, not theory

• The $12M Question — Secure against deepfake fraud and AI-enabled attacks

• Shadow AI Discovery — Find and govern the AI already in your organization

• Business-First Security — Protect value, not just systems

Who should attend:

Perfect fit:

• CISOs facing board questions about AI

• Information Security Directors enabling digital transformation

• IT VPs without dedicated security teams

• Cybersecurity Consultants serving enterprise clients

• Risk Managers governing AI initiatives

• Aspiring decision makers and those reporting to one

Wrong course:

• Developers wanting to code AI models

• Analysts seeking technical certifications

• Anyone looking for hands-on hacking labs

This workshop is NOT about:

• Prompt injection techniques

• Model architecture security

• Technical vulnerability scanning

• Writing 200-page policies

This workshop IS about:

• Speaking profit-and-loss to executives

• Enabling your AI transformations

• Building cybersecurity into AI from day one

• Becoming the trusted AI advisor

You’ll leave with:

1. The Complete AIR-MAP Toolkit

• 90-day implementation roadmap

• Discovery templates and workflows

• Risk scoring calculators

• Executive presentation templates

2. Ready-to-Deploy Policies

• AI Acceptable Use Policy (customize in minutes)

• Vendor assessment questionnaires

• Incident Response playbooks

3. 30-Minute Strategy Session

Complementary private consultation to apply AIR-MAP to your specific situation.
4:00 pm
[PLUS Course] Master the NIST Cybersecurity Framework v2.0 in Just Six Hours - Part 2
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
4:00 pm - 5:30 pm
This intensive, live workshop is your shortcut to cyber resilience mastery. In just one power-packed day, you’ll walk away with:

Complete mastery of NIST CSF 2.0 – Understand every component and why it matters to YOUR business

Your personalized Cyber Risk Map – Identify your organization’s exact vulnerabilities and blind spots

A step-by-step action plan – No more guessing what to do next

Real-world case studies – See how organizations just like yours have successfully implemented the framework

Expert-level confidence – Finally speak cybersecurity with authority and clarity

What makes this different?
This isn’t another theoretical lecture. You’ll spend most of your time actually BUILDING your organization’s cybersecurity roadmap using the proven Cyber Risk Management Action Plan (CR-MAP) methodology. You’ll leave with tools and know-how you can implement immediately.

Perfect for:

IT Directors and Managers

Cybersecurity Professionals

Business Leaders responsible for risk management

Compliance Officers

Anyone tasked with “figuring out cybersecurity”

Exclusive Bonus: Every attendee receives our comprehensive digital CR-MAP Online Workbook ($197 value), your step-by-step guide to:

Getting BUY-IN from your senior decision makers

Discovering your top five cyber risks

Creating a prioritized risk mitigation plan with implementation roadmap

A score card you can use to track progress

Warning: This live, in-person intensive has limited seating. Don’t let another cyber incident catch your organization unprepared.

Your organization’s cybersecurity can’t wait. Register now.
Thursday, May 7, 2026
7:00 am
Registration open
Registration Level:
Open Sessions
7:00 am - 4:15 pm
Location / Room: Registration Desk
Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
7:30 am
[PLUS Course] Securing & Enabling AI: Transform Chaos into Competitive Advantage - Part 3
Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
7:30 am - 9:00 am

Come join this interactive workshop — think hands-on working groups so you are an active participant…this is not 6 hours of being lectured at.

Learn how to secure AI while accelerating innovation—not blocking it. Transform from AI Firefighter to Strategic Business Enabler, with a 90-day roadmap for secure AI deployment in your organization.

Why this course? Imagine your CEO just asked about AI security. Do you have an answer?

While you’re counting vulnerabilities, your competitors are deploying AI at scale.

Every Monday, another department launches an AI tool. Marketing uses ChatGPT for campaigns. Sales deploys AI Sales Development Reps. Customer service automates with chatbots.

And your cybersecurity team? Still writing policies nobody reads.

You’ll master:

• The AIR-MAP Methodology™ — Your proven 90-day roadmap from AI chaos to governance

• Executive Translation — Turn technical AI risks into boardroom language

• NIST AI RMF Implementation — Practical application, not theory

• The $12M Question — Secure against deepfake fraud and AI-enabled attacks

• Shadow AI Discovery — Find and govern the AI already in your organization

• Business-First Security — Protect value, not just systems

Who should attend:

Perfect fit:

• CISOs facing board questions about AI

• Information Security Directors enabling digital transformation

• IT VPs without dedicated security teams

• Cybersecurity Consultants serving enterprise clients

• Risk Managers governing AI initiatives

• Aspiring decision makers and those reporting to one

Wrong course:

• Developers wanting to code AI models

• Analysts seeking technical certifications

• Anyone looking for hands-on hacking labs

This workshop is NOT about:

• Prompt injection techniques

• Model architecture security

• Technical vulnerability scanning

• Writing 200-page policies

This workshop IS about:

• Speaking profit-and-loss to executives

• Enabling your AI transformations

• Building cybersecurity into AI from day one

• Becoming the trusted AI advisor

You’ll leave with:

1. The Complete AIR-MAP Toolkit

• 90-day implementation roadmap

• Discovery templates and workflows

• Risk scoring calculators

• Executive presentation templates

2. Ready-to-Deploy Policies

• AI Acceptable Use Policy (customize in minutes)

• Vendor assessment questionnaires

• Incident Response playbooks

3. 30-Minute Strategy Session

Complementary private consultation to apply AIR-MAP to your specific situation.
7:30 am
[PLUS Course] Master the NIST Cybersecurity Framework v2.0 in Just Six Hours - Part 3
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
7:30 am - 9:00 am
This intensive, live workshop is your shortcut to cyber resilience mastery. In just one power-packed day, you’ll walk away with:

Complete mastery of NIST CSF 2.0 – Understand every component and why it matters to YOUR business

Your personalized Cyber Risk Map – Identify your organization’s exact vulnerabilities and blind spots

A step-by-step action plan – No more guessing what to do next

Real-world case studies – See how organizations just like yours have successfully implemented the framework

Expert-level confidence – Finally speak cybersecurity with authority and clarity

What makes this different?
This isn’t another theoretical lecture. You’ll spend most of your time actually BUILDING your organization’s cybersecurity roadmap using the proven Cyber Risk Management Action Plan (CR-MAP) methodology. You’ll leave with tools and know-how you can implement immediately.

Perfect for:

IT Directors and Managers

Cybersecurity Professionals

Business Leaders responsible for risk management

Compliance Officers

Anyone tasked with “figuring out cybersecurity”

Exclusive Bonus: Every attendee receives our comprehensive digital CR-MAP Online Workbook ($197 value), your step-by-step guide to:

Getting BUY-IN from your senior decision makers

Discovering your top five cyber risks

Creating a prioritized risk mitigation plan with implementation roadmap

A score card you can use to track progress

Warning: This live, in-person intensive has limited seating. Don’t let another cyber incident catch your organization unprepared.

Your organization’s cybersecurity can’t wait. Register now.
8:00 am
Networking Hall open
Registration Level:
Open Sessions
8:00 am - 4:45 pm
Location / Room: Networking Hall
Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible, as well as association chapters! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Also, look for “Cyber Connect” discussions on select topics and join the conversation.
8:00 am
Advisory Council Roundtable Breakfast (VIP / Invite only)
Registration Level:
VIP / Exclusive
8:00 am - 8:45 am
Moderated discussion for SecureWorld Advisory Council members. By invite only.
8:00 am
Association Chapter Meetings
Registration Level:
Open Sessions
8:00 am - 8:45 am
Participating professional associations and details to be announced.
8:00 am
Security Awareness: How to Help Your Loved Ones Protect Themselves
Registration Level:
Open Sessions
8:00 am - 8:45 am
Session details to come.
8:45 am
Networking Break
Registration Level:
Open Sessions
8:45 am - 9:00 am
Location / Room: Networking Hall
Visit the Networking Hall to network with attendees and connect with our vendor sponsors and association partners.
9:00 am
[Opening Keynote] You Are Not a CISO, You Are a 'CO IS'
Focus Areas: Security Leadership; Executive Alignment; Career Development
Dr. Eric Cole, DPS
Cybersecurity Expert; Author of “Cyber Crisis”
Registration Level:
Open Sessions
9:00 am - 9:45 am
Location / Room: Keynote Theater
The term Chief Information Security Officer, or CISO, is one that is often defined incorrectly. Many people assume that a CISO is part of the career step, or stop, toward becoming a world-class security engineer. It’s often said the way you become a CISO is to be a security engineer for 10 years and get promoted—but that is all wrong. It is a broken model and why many companies struggle with defining the role of the CISO. A CISO is, by all definitions, a Chief Officer (CO) with a focus and obsession for Information Security (IS). Thus, a true CISO is a CO with an emphasis on IS.

In this talk, Dr. Eric Cole breaks down how we got here, why the old CISO model is broken, what we can do, and what you can do to become a better CO IS for yourself and your organization. Whatever your title, you will come away invigorated to rethink your role in security leadership!
9:45 am
Networking Break & Cyber Connect
Continue the Conversation with Opening Keynote Speaker Dr. Cole
Dr. Eric Cole, DPS
Cybersecurity Expert; Author of “Cyber Crisis”
Registration Level:
Open Sessions
9:45 am - 10:15 am
Location / Room: Networking Hall
Want to know more about why Dr. Eric Cole thinks the old CISO model is broken? Or how to be a better manager, leader, or team player? Or do you just want to chat more with the good doctor after his motivating keynote? Either way, come join this bonus session in the Networking Lounge immediately after his opening keynote.
10:15 am
From Alert Fatigue to Adaptive Defense: Operationalizing AI in the SOC
Registration Level:
Conference Pass
10:15 am - 10:50 am
Session details to come.
10:15 am
Ransomware Resilience: Building a True Immutable Backup Strategy
Registration Level:
Conference Pass
10:15 am - 10:50 am
Session details to come.
10:15 am
Securing the SaaS Jungle: Access Control and Shadow Data in the Cloud
Registration Level:
Open Sessions
10:15 am - 10:50 am
Session details to come.
10:15 am
Beyond the Signature: Advanced Endpoint Detection and Hardening
Registration Level:
Open Sessions
10:15 am - 10:50 am
Session details to come.
10:50 am
Networking Break & Cyber Connect
The Human Element in Cybersecurity
Registration Level:
Open Sessions
10:50 am - 11:10 am
Location / Room: Networking Hall
Despite all the tools and technology, people remain the most unpredictable variable in security. Whether insider threats, awareness training, or culture-building, human behavior is central to your cyber strategy.

Please join us in the Networking Hall to connect with peers over coffee and snacks and discuss how organizations are tackling the people side of cybersecurity.
11:10 am
Unpacking the New SEC Rules: Transitioning from Manual Reporting to Continuous Compliance
Registration Level:
Conference Pass
11:10 am - 11:45 am
Session details to come.
11:10 am
OT/ICS Security: Bridging the Air Gap and Achieving Visibility in Critical Infrastructure
Registration Level:
Conference Pass
11:10 am - 11:45 am
Session details to come.
11:10 am
The New Era of Phishing: Defending Against Deepfakes and AI-Driven Deception
Registration Level:
Open Sessions
11:10 am - 11:45 am
Session details to come.
11:10 am
[Panel] The Human Layer: Insider Risk, Social Engineering, and Behavioral Analytics
Focus Areas: Insider Risk & Behavioral Analytics; Social Engineering & AI Deception; Identity Security & Access Governance
Panel Discussion
Registration Level:
Open Sessions
11:10 am - 11:45 am
The human element remains the most targeted and least predictable part of every security program—now intensified by AI-powered social engineering. This panel examines how attackers weaponize synthetic voice and video deepfakes, personalized phishing, MFA fatigue, session hijacking, and multi-channel lures across email, mobile, chat, and collaboration apps.

Experts in insider risk, UEBA, identity security, and DLP will discuss how behavioral analytics detect subtle anomalies while maintaining privacy guardrails for employees. Panelists will also address how privileged access governance is evolving in cloud-heavy environments. Attendees will leave with practical guidance for reducing user friction, improving detection, countering AI-driven lures, and building a resilient workforce that remains the strongest defense against evolving attacker tactics.
11:45 am
Networking Break
Registration Level:
Open Sessions
11:45 am - 12:00 pm
Location / Room: Networking Hall
Visit the Networking Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pm
[Lunch Keynote] Resilience over Reaction: Securing Critical Functions in an Age of Systemic Risk
Registration Level:
Open Sessions
12:00 pm - 12:45 pm
Location / Room: Keynote Theater
Session details to come.
12:45 pm
Networking Break
Registration Level:
Open Sessions
12:45 pm - 1:10 pm
Location / Room: Networking Hall
Visit the Networking Hall to network with attendees and connect with our vendor sponsors and association partners.
1:10 pm
The Developer as a Defender: Integrating Security into CI/CD Pipelines
Registration Level:
Conference Pass
1:10 pm - 1:50 pm
Session details to come.
1:10 pm
Quantifying Security Debt: Communicating Risk and Driving Remediation with the CFO
Registration Level:
Conference Pass
1:10 pm - 1:50 pm
Session details to come.
1:10 pm
Data Minimization: Turning ROT Data into Risk Reduction and Savings
Registration Level:
Open Sessions
1:10 pm - 1:50 pm
Session details to come.
1:10 pm
[Panel] Resilience Engineering: Incident Response, Business Continuity, and Cyber Insurance
Focus Areas: Operational Resilience & BCP; Incident Response & Crisis Management; Cyber Insurance & Executive Reporting
Panel Discussion
Registration Level:
Open Sessions
1:10 pm - 1:50 pm
Resilience has shifted from a compliance task to a vital business skill. This panel explores how organizations prepare for disruptive cyber incidents involving multi-cloud setups, SaaS dependencies, supply chain issues, and rapid ransomware attacks. With experts in incident response, digital forensics, MDR, insurance, and crisis management, the panel emphasizes developing response playbooks that mirror current operational dependencies.

Panelists will explore insurer-driven requirements for identity security and MFA, lessons from major SaaS outages, and how to communicate effectively with executives and boards when downtime impacts revenue-critical operations. Attendees will gain a comprehensive understanding of how to engineer resilience—not just respond—and how to align IR, continuity planning, insurance, and business priorities into a unified, enterprise-wide strategy.
1:50 pm
Networking Break & Cyber Connect
Cyber Talent Crisis: Recruiting, Retaining, and Reskilling Your Team
Registration Level:
Open Sessions
1:50 pm - 2:10 pm
Location / Room: Networking Hall
The cybersecurity workforce shortage is real—and growing. From finding skilled talent to reducing burnout and investing in upskilling, leaders are rethinking how to build resilient teams for the future.

Please join us in the Networking Hall to connect with peers over coffee and snacks and exchange ideas for navigating one of the industry’s most significant ongoing challenges.
2:10 pm
Leveraging the CTI Ecosystem: Actionable Intelligence for Regional Threats
Registration Level:
Conference Pass
2:10 pm - 2:45 pm
Session details to come.
2:10 pm
The Talent Multiplier: Automation and Orchestration Strategies for Understaffed Teams
Registration Level:
Conference Pass
2:10 pm - 2:45 pm
Session details to come.
2:10 pm
OT/ICS Incident Response: Specialized Triage for Critical Infrastructure Breaches
Registration Level:
Open Sessions
2:10 pm - 2:45 pm
Session details to come.
2:10 pm
From Legacy SOC to Agentic Operations: A Practitioner's Path Forward
Nick Falzarano
Director, Information Security, TE Connectivity
Jason Mical
Global Field CTO, Strike48
Panel Discussion
Registration Level:
Open Sessions
2:10 pm - 2:45 pm
From Legacy SOC to Agentic Operations: A Practitioner’s Path Forward

Focus Areas: Agentic SOC; AI-Driven Threat Detection & Response; Modern SOC Architecture & Strategy

Legacy SOC architectures promised unified visibility and automated response. They delivered alert fatigue, fragmented workflows, and analysts buried in manual tasks. The tools changed, but the outcomes didn’t.

How can we finally break the cycle? Join this session hear one’s organization’s SOC rebuilding journey to:

Evaluate legacy SOC limitations

Update to an agentic SOC model

Avoid AI hype and pitfalls

Move from pilot to production for agentic phishing detection

Expect concrete examples, an honest look at what worked and what didn’t, and a framework for evaluating whether agentic capabilities are ready for your environment.
3:00 pm
Networking Break and Dash for Prizes
Registration Level:
Open Sessions
3:00 pm - 3:15 pm
Location / Room: Networking Hall
Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

Participating sponsors will announce their Dash for Prizes winners. Must be present to win.
3:15 pm
[PLUS Course] Securing & Enabling AI: Transform Chaos into Competitive Advantage - Part 4
Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
3:15 pm - 4:45 pm

Come join this interactive workshop — think hands-on working groups so you are an active participant…this is not 6 hours of being lectured at.

Learn how to secure AI while accelerating innovation—not blocking it. Transform from AI Firefighter to Strategic Business Enabler, with a 90-day roadmap for secure AI deployment in your organization.

Why this course? Imagine your CEO just asked about AI security. Do you have an answer?

While you’re counting vulnerabilities, your competitors are deploying AI at scale.

Every Monday, another department launches an AI tool. Marketing uses ChatGPT for campaigns. Sales deploys AI Sales Development Reps. Customer service automates with chatbots.

And your cybersecurity team? Still writing policies nobody reads.

You’ll master:

• The AIR-MAP Methodology™ — Your proven 90-day roadmap from AI chaos to governance

• Executive Translation — Turn technical AI risks into boardroom language

• NIST AI RMF Implementation — Practical application, not theory

• The $12M Question — Secure against deepfake fraud and AI-enabled attacks

• Shadow AI Discovery — Find and govern the AI already in your organization

• Business-First Security — Protect value, not just systems

Who should attend:

Perfect fit:

• CISOs facing board questions about AI

• Information Security Directors enabling digital transformation

• IT VPs without dedicated security teams

• Cybersecurity Consultants serving enterprise clients

• Risk Managers governing AI initiatives

• Aspiring decision makers and those reporting to one

Wrong course:

• Developers wanting to code AI models

• Analysts seeking technical certifications

• Anyone looking for hands-on hacking labs

This workshop is NOT about:

• Prompt injection techniques

• Model architecture security

• Technical vulnerability scanning

• Writing 200-page policies

This workshop IS about:

• Speaking profit-and-loss to executives

• Enabling your AI transformations

• Building cybersecurity into AI from day one

• Becoming the trusted AI advisor

You’ll leave with:

1. The Complete AIR-MAP Toolkit

• 90-day implementation roadmap

• Discovery templates and workflows

• Risk scoring calculators

• Executive presentation templates

2. Ready-to-Deploy Policies

• AI Acceptable Use Policy (customize in minutes)

• Vendor assessment questionnaires

• Incident Response playbooks

3. 30-Minute Strategy Session

Complementary private consultation to apply AIR-MAP to your specific situation.
3:15 pm
[PLUS Course] Master the NIST Cybersecurity Framework v2.0 in Just Six Hours - Part 4
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
Registration Level:
SecureWorld Plus
3:15 pm - 4:45 pm
This intensive, live workshop is your shortcut to cyber resilience mastery. In just one power-packed day, you’ll walk away with:

Complete mastery of NIST CSF 2.0 – Understand every component and why it matters to YOUR business

Your personalized Cyber Risk Map – Identify your organization’s exact vulnerabilities and blind spots

A step-by-step action plan – No more guessing what to do next

Real-world case studies – See how organizations just like yours have successfully implemented the framework

Expert-level confidence – Finally speak cybersecurity with authority and clarity

What makes this different?
This isn’t another theoretical lecture. You’ll spend most of your time actually BUILDING your organization’s cybersecurity roadmap using the proven Cyber Risk Management Action Plan (CR-MAP) methodology. You’ll leave with tools and know-how you can implement immediately.

Perfect for:

IT Directors and Managers

Cybersecurity Professionals

Business Leaders responsible for risk management

Compliance Officers

Anyone tasked with “figuring out cybersecurity”

Exclusive Bonus: Every attendee receives our comprehensive digital CR-MAP Online Workbook ($197 value), your step-by-step guide to:

Getting BUY-IN from your senior decision makers

Discovering your top five cyber risks

Creating a prioritized risk mitigation plan with implementation roadmap

A score card you can use to track progress

Warning: This live, in-person intensive has limited seating. Don’t let another cyber incident catch your organization unprepared.

Your organization’s cybersecurity can’t wait. Register now.

Keynote & Speaker Information

SecureWorld Philadelphia

May 6-7, 2026

Exhibitors

AccessIT Group
Booth: TBD
AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.
AppOmni
Booth: TBD
AppOmni SaaS security helps security and IT teams protect and monitor their entire SaaS environment, from each vendor to every end-user.
ASIS Greater Philadelphia
Booth: TBD
ASIS International is the preeminent organization for security professionals, with more than 38,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests.
Canary Trap
Booth: TBD
Canary Trap is a recognized industry leader in offensive security, security advisory and assessment services. Founded by ethical hackers and certified security experts who share in the common goal of protecting organizations from becoming a victim of the next cyber-attack.

Canary Trap combines human expertise with sophisticated tools and, where appropriate, threat intelligence to ensure a thorough, in-depth approach to all security testing and assessments.
Cloud Security Alliance Delaware Valley Chapter (CSA-DV)
Booth: TBD
Cloud Security Alliance Delaware Valley Chapter (CSA-DV) is a not-for-profit organization for people interested in education, training and possible certification in cloud security. We seek to improve the understanding of cloud security and to promote the interaction of both professionals and students in order to discuss current trends and topics within the industry.

OUR PURPOSE:

To promote cloud security best practices within the Greater Philadelphia region, to educate about cloud computing, identify its risks, methods to secure it, and to continually provide opportunities for the development of cloud security professionals.
Cloud Security Alliance Lehigh Valley Chapter
Booth: TBD
The Cloud Security Alliance is a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing, and provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is comprised of many subject matter experts from a wide variety disciplines, united in our objectives:
- Promote a common level of understanding between the consumers and providers of cloud computing regarding the necessary security requirements and attestation of assurance.
- Promote independent research into best practices for cloud computing security.
- Launch awareness campaigns and educational programs on the appropriate uses of cloud computing and cloud security solutions.
- Create consensus lists of issues and guidance for cloud security assurance.
Concentric AI
Booth: TBD
Concentric AI delivers data risk assessment, monitoring, and protection for corporate data.
Philadelphia InfraGard Members Alliance
Booth: TBD
InfraGard is a partnership between the FBI and the private sector. It is an association of people from businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Philadelphia InfraGard Members Alliance (IMA) provides a forum for the exchange of information between the government, the owners and operators of the national infrastructure, and others concerned with the protection of the national infrastructure. Philadelphia IMA supports eastern Pennsylvania and southern New Jersey. Membership is free and new members are welcome.
ISACA Philadelphia
Booth: TBD
The Philadelphia Chapter of ISACA has a membership base of more than 1,600 individuals primarily located in the Philadelphia and the surrounding suburbs, extending into Delaware and Southern New Jersey. The membership of the Chapter includes professionals working in various industries and capacities. From students through experienced C-level executives, the Philadelphia Chapter provides, training, networking and social events to this diverse group who share the common goal of providing expertise in IT audit, security, risk, and governance topics to their colleagues. The Chapter conducts events on a monthly basis led by an active, vibrant and dedicated group of volunteers and is actively seeking business partners to help provide value and knowledge to its members.
ISC2 Philadelphia Chapter
Booth: TBD
Welcome to the ISC2 Philadelphia Chapter, your trusted hub for cybersecurity excellence in the City of Brotherly Love. As a local chapter of the esteemed International Information System Security Certification Consortium (ISC2), we are dedicated to advancing the cybersecurity profession and building a robust community of security enthusiasts, professionals, and experts in the Greater Philadelphia area. We come from a wide range of industries but share a passion of promoting cybersecurity knowledge, facilitating professional growth, and fostering connections among individuals who share a passion for safeguarding our digital world.
Island
Booth: TBD
What if the enterprise had complete control over the browser? What would it mean for security, for productivity, for work itself? Introducing Island, the Enterprise Browser—the ideal enterprise workplace, where work flows freely while remaining fundamentally secure. With the core needs of the enterprise naturally embedded in the browser itself, Island gives organizations complete control, visibility, and governance over the last mile, while delivering the same smooth Chromium-based browser experience users expect. Led by experienced leaders in enterprise security and browser technology and backed by leading venture funds—Insight Partners, Sequoia Capital, Cyberstarts and Stripes Capital—Island is redefining the future of work for some of the largest, most respected enterprises in the world.
ISSA Delaware Valley
Booth: TBD
Our chapter serves the Delaware Valley and Mid-Atlantic region. This is comprised of Eastern Pennsylvania, Northern Maryland, Southern New Jersey, and Delaware.
We are making history as we continue to grow the chapter with your membership, and bring exciting programs to you. If you have not already been involved in the membership meetings, we encourage you to do so. Hopefully, you will walk away with more ideas to take back to your organizations, or you may come away with a sense of – “Hey, we had that same problem”, or “Our company is not alone in dealing with these issues.”
Keysight
Booth: TBD
Keysight’s portfolio of network security solutions simulate threats, eliminate blind spots, taking control of a rapidly-changing attack surface. Be a hero, not a headline, by proving your network is secure simulating attacks, exposing gaps early, and course correct with step-by-step fixes; protecting users and applications with increased the efficiency, performance, and reliability of your security systems; patrolling every packet eliminating vulnerable blind spots and decrypt threats hiding in SSL traffic; and practice your cyber skills enhancing your security and attack response skills against real-world threats.
Netskope
Booth: TBD
Netskope is a leader in modern security, networking, and analytics for the cloud and AI era. The unique architecture of its Netskope One platform enables real-time, context-based security for people, devices, and data wherever they go, and optimizes network performance—without trade-offs or sacrifices. Thousands of customers and partners trust the Netskope One platform, its patented Zero Trust Engine, and its powerful NewEdge Network to reduce risk, simplify converged infrastructure, and provide full visibility and control over cloud, AI, SaaS, web, and private application activity.
OWASP
Booth: TBD
The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. Our programming includes:
- Community-led open source projects including code, documentation, and standards
- Over 250+ local chapters worldwide
- Tens of thousands of members
- Industry-leading educational and training conferences
We are an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.
Pure Storage, Inc.
Booth: TBD
Pure Storage is pioneering a new class of enterprise storage that has been designed from the ground up to take full advantage of flash memory. The company’s products accelerate random I/O-intensive applications like server virtualization, desktop virtualization (VDI), database (OLTP, rich analytics/OLAP, SQL, NoSQL), and cloudcomputing.

Pure Storage makes it cost-effective to broadly deploy flash within the data center, enabling organizations to manage growth within existing power and space constraints. Launching later this year, the company’s products are in private beta with select customers. Pure Storage is funded by Greylock Partners and Sutter Hill Ventures.
Red Canary, a Zscaler company
Booth: TBD
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.
Seemplicity
Booth: TBD
Seemplicity offers a risk reduction and productivity platform that streamlines the way security teams manage risk reduction. By orchestrating, automating, and consolidating all remediation activities into a single workspace, Seemplicity is revolutionizing the way security teams drive and scale risk reduction efforts across organizations.Seemplicity streamlines and collaboratively transforms the remediation process for developers, DevOps, and IT across the organization, assisting them in achieving complete operational resilience and establishing a truly scalable security program.
SpyCloud
Booth: TBD
SpyCloud is the leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts worldwide. Our award-winning solutions proactively defeat fraud attempts and disrupt the criminals’ ability to profit from stolen information. Learn more & check your exposure at spycloud.com.
Strike48
Booth: TBD
Strike48’s core mission is to help you automate the extraction of business value from server logs. The Strike48 Prospector Studio is an AI Agent Creation and Management Suite that allows you to quickly start inspecting logs with AI agents. Use our Agent creation personas to help create Agents for your purposes or you can use our professionally pre-made Agents instead!
Sublime Security
Booth: TBD
Sublime is the new standard for email security. Not just another black box, our AI-powered detection engine detects and prevents email attacks, so security teams can spend less time on email-originated incidents.
Torq
Booth: TBD
Torq is your security product’s favorite security product. Torq Hyperautomation unifies and automates the entire security infrastructure to deliver unparalleled protection and productivity.
U.S. Secret Service – Cyber Fraud Task Force
Booth: TBD
Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.
WiCyS Delaware Valley
Booth: TBD
Women make up only 11% of the cyber security workforce. With such low representation, it is essential that we advocate for and assist women as they navigate through the cyber security industry.

Philadelphia Women & Cyber Security’s Mission: To provide opportunities to advance careers for professionals in Cyber Security through education, mentoring, and networking. A Supportive community for women in cyber security that works to promote and encourage women to develop their careers. We are open to any support for our mission from any gender. Come to the next Philadelphia Women and Cyber Security’s event to get to know other like-minded, female cyber security professionals in the area. We will discuss industry best practices, the latest security trends and solutions, and share lessons we’ve learned over the years. For more information, contact wicysdelawarevalley@wicys.org.
Zafran Security
Booth: TBD
The Zafran Threat Exposure Management Platform is the first and only consolidated platform that integrates with your security tools to reveal, remediate, and mitigate the risk of exposures across your entire infrastructure. Zafran uses an agentless approach to reveal what is truly exploitable, while reducing manual prioritization and remediation through automated response workflows.
Zscaler
Booth: TBD
Zscaler is universally recognized as the leader in zero trust. Leveraging the largest security cloud on the planet, Zscaler anticipates, secures, and simplifies the experience of doing business for the world’s most established companies.
ZeroFox
Booth: TBD
Using diverse data sources and artificial intelligence-based analysis, the ZeroFox Platform identifies and remediates targeted phishing attacks, credential compromise, data exfiltration, brand hijacking, executive and location threats and more. The patented ZeroFox SaaS technology processes and protects millions of posts, messages and accounts daily across the social and digital landscape, spanning LinkedIn, Facebook, Slack, Twitter, Instagram, Pastebin, YouTube, mobile app stores, the deep & dark web, domains, email and more.

Led by a team of information security and high-growth company veterans, ZeroFox has raised funding from NEA, Highland Capital, Intel Capital, Hercules Capital and others, and has collected top industry awards such as Red Herring Top 100 North America, the SINET16 Champion, Dark Reading’s Top Security Startups to Watch, Tech Council of Maryland’s Technology Company of the Year and the Security Tech Trailblazer of the Year.

Return to Agenda

Keynote Speakers

Speakers

Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/about-us/
Ahanu is a cyber risk analyst with Cyber Risk Opportunities who brings years of hands-on information security experience to the enterprise AI challenge. They lead cyber risk management initiatives for organizations of all sizes, translating complex security concepts into actionable strategies that business leaders can implement.

Since the emergence of generative AI, Ahanu has been at the forefront of enterprise AI security helping organizations safely integrate LLMs into their operations without sacrificing productivity or innovation. Their specialty lies in building secure AI workflows that actually work in practice, bridging the gap between cutting-edge technology and real-world business needs.

Ahanu’s approach centers on a core belief: effective security enables innovation rather than blocking it.
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/
Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.
Craig Stanland
Author, "Blank Canvas: How I Reinvented My Life After Prison"
Aaron Weismann
CISO, Main Line Health
Kevin Werner
Associate CISO, Main Line Health
Kevin is the Associate CISO, and the former System Director of Security Operations at Main Line Health, a mid-sized hospital system in Suburban Philadelphia, where his team oversees all non-GRC aspects of information security. He has more than a decade of information security experience and is a licensed attorney in Pennsylvania and New Jersey. He currently holds a CISSP certification as well as a CIPP/US certification. Kevin went to the College of the Holy Cross in Worcester, MA, for undergrad with a degree in Philosophy, and attended the Villanova University School of Law.
Jordan Fischer, Moderator
Founding Partner & Owner, Fischer Law, LLC
https://www.jordanfischerlaw.com/
Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.

Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.

With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).

Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.

Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.

In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.

Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.

Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.

HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020

ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data Privacy

CERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP)
Panel Discussion
Panel Discussion
Lexie Thach
Founder, Ex Machina Parlor LLC
https://exmachinaparlor.org/
Lexie Thach is a Lead Cybersecurity Engineer at NIWC Pacific with more than a decade of experience in defensive cyber operations, red teaming, and autonomous system security. A U.S. Air Force veteran, Lexie specializes in robotics, drones, IoT exploitation, and wireless attacks. She is the founder of Ex Machina Parlor, a woman-owned, veteran-operated cyber-centric hackerspace, and the creator of multiple open-source security robotics platforms showcased at DEFCON. Her work focuses on blending physical systems with modern cyber offense and defense.
Panel Discussion
Krista Arndt
Associate CISO, St. Luke's University Health Network
Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.

Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.
Happy Hour
Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/about-us/
Ahanu is a cyber risk analyst with Cyber Risk Opportunities who brings years of hands-on information security experience to the enterprise AI challenge. They lead cyber risk management initiatives for organizations of all sizes, translating complex security concepts into actionable strategies that business leaders can implement.

Since the emergence of generative AI, Ahanu has been at the forefront of enterprise AI security helping organizations safely integrate LLMs into their operations without sacrificing productivity or innovation. Their specialty lies in building secure AI workflows that actually work in practice, bridging the gap between cutting-edge technology and real-world business needs.

Ahanu’s approach centers on a core belief: effective security enables innovation rather than blocking it.
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/
Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.
Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/about-us/
Ahanu is a cyber risk analyst with Cyber Risk Opportunities who brings years of hands-on information security experience to the enterprise AI challenge. They lead cyber risk management initiatives for organizations of all sizes, translating complex security concepts into actionable strategies that business leaders can implement.

Since the emergence of generative AI, Ahanu has been at the forefront of enterprise AI security helping organizations safely integrate LLMs into their operations without sacrificing productivity or innovation. Their specialty lies in building secure AI workflows that actually work in practice, bridging the gap between cutting-edge technology and real-world business needs.

Ahanu’s approach centers on a core belief: effective security enables innovation rather than blocking it.
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/
Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.
Dr. Eric Cole, DPS
Cybersecurity Expert; Author of “Cyber Crisis”
Dr. Eric Cole, DPS is a cybersecurity expert, entrepreneur, public figure, and best-selling author. Dr. Cole has built a solid reputation in the cybersecurity industry over the last three decades. His career has advanced from starting as a professional hacker for the CIA to becoming the 44th President's com-missioner on cyber security to currently advising companies and teaching professionals on how to implement security measures that serve as a business enabler. His accomplishments have earned him an in-duction into the Information Security Hall of Fame and have awarded him as a Cyber Wingman from the US Air Force. His recognition has caught the interest of current clients, who include international banking institutions, Fortune 500 organizations, Bill Gates, and Saudi Aramco. His entrepreneurial accomplishments include three successful exits building eight-, nine-, and ten-figure organizations. Se-cure Anchor Consulting is his fourth cyber security business venture. Aside from his seasoned technical expertise, Dr. Cole is a well-known public figure and author of various publications. He recently released his eighth book, Cyber Crisis, which debuted at #1 on the Wall Street Journal's bestseller list. Dr. Cole is currently focusing on fulfilling his purpose of being on this planet to end suffering in cyber-space and his mission to secure cyberspace, by making cyberspace a safe place to live, work and raise a family.
Dr. Eric Cole, DPS
Cybersecurity Expert; Author of “Cyber Crisis”
Dr. Eric Cole, DPS is a cybersecurity expert, entrepreneur, public figure, and best-selling author. Dr. Cole has built a solid reputation in the cybersecurity industry over the last three decades. His career has advanced from starting as a professional hacker for the CIA to becoming the 44th President's com-missioner on cyber security to currently advising companies and teaching professionals on how to implement security measures that serve as a business enabler. His accomplishments have earned him an in-duction into the Information Security Hall of Fame and have awarded him as a Cyber Wingman from the US Air Force. His recognition has caught the interest of current clients, who include international banking institutions, Fortune 500 organizations, Bill Gates, and Saudi Aramco. His entrepreneurial accomplishments include three successful exits building eight-, nine-, and ten-figure organizations. Se-cure Anchor Consulting is his fourth cyber security business venture. Aside from his seasoned technical expertise, Dr. Cole is a well-known public figure and author of various publications. He recently released his eighth book, Cyber Crisis, which debuted at #1 on the Wall Street Journal's bestseller list. Dr. Cole is currently focusing on fulfilling his purpose of being on this planet to end suffering in cyber-space and his mission to secure cyberspace, by making cyberspace a safe place to live, work and raise a family.
Panel Discussion
Panel Discussion
Nick Falzarano
Director, Information Security, TE Connectivity
Jason Mical
Global Field CTO, Strike48
https://www.strike48.com/
Jason Mical is probably best known as the “Father of the SilentRunner® technology,” the industry’s first full packet capture, network forensics solution of its kind, developed by the NSA and Raytheon. He is also the co-creator of the Resolution1/Fidelis Endpoint Platform, the industry’s first EDR solution. He assists clients in such areas as electronic intercepts, intrusion analysis, malware eradication, forensic investigations, incident response, security standards and guidelines. Jason also offers his expertise and consulting services to clients and other audiences on issues of both cyber and physical security investigations.

Jason has more than 30 years of experience in telecommunications fraud prevention, physical security management, and cybersecurity investigations. During his career, he has developed and implemented overall cybersecurity, physical security, forensic investigation, and fraud control programs for several global organizations and managed lawful interception operations to support federal agencies. He has developed
security and fraud awareness training seminars for employees in private industry, as well as federal, state and local law enforcement. Jason has been a member of the FBI InfraGard, United States Secret Service Electronic Crimes Task Force, ISSA, HTCIA, ASIS, ANSIR ,and CTIA Fraud Task Forces.
Panel Discussion
Ahanu Boyle, Instructor
Associate Cyber Risk Analyst, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/about-us/
Ahanu is a cyber risk analyst with Cyber Risk Opportunities who brings years of hands-on information security experience to the enterprise AI challenge. They lead cyber risk management initiatives for organizations of all sizes, translating complex security concepts into actionable strategies that business leaders can implement.

Since the emergence of generative AI, Ahanu has been at the forefront of enterprise AI security helping organizations safely integrate LLMs into their operations without sacrificing productivity or innovation. Their specialty lies in building secure AI workflows that actually work in practice, bridging the gap between cutting-edge technology and real-world business needs.

Ahanu’s approach centers on a core belief: effective security enables innovation rather than blocking it.
Kip Boyle, Instructor
vCISO, Cyber Risk Opportunities LLC
https://www.cyberriskopportunities.com/
Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Propel your cyber career at SecureWorld!

Hone your skills and connect with your regional peers in InfoSec.