Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, November 7, 2018
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    8:00 am
    SecureWorld PLUS Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:00 am
    SecureWorld PLUS Part 1 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value
    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop
    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    8:00 am
    SecureWorld PLUS Part 1 – How To Build And Maintain A Game-Changing Security Awareness Program That Measures Success
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Chief Strategist and Chief Security Officer, Security Mentor
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.

    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    8:30 am
    Introduction to Industrial Controls Security
    • session level icon
    speaker photo
    Founder & Principal, 443 Consulting LLC
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Industrial controls and their security is becoming more newsworthy; however, many people don’t quite understand what these are and their security vulnerabilities. This presentation is intended to help the listener better understand what industrial controls are, what the security risks are, and how to learn more about the issues.
    8:30 am
    Cybersecurity Update: Phishing to Ransomware - Looking Ahead to 2019
    • session level icon
    speaker photo
    Cybersecurity & Incident Response, City of Seattle
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Ransomware: Will your company become the next Atlanta? Learn and discuss the latest best practices for how to protect your data and infrastructure in this highly interactive session where you learn from your peers.
    8:30 am
    IoT Defense: A Holistic Approach
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Reviewing the current state of IoT devices, their cloud endpoints and the connection between them to understand the threat landscape and where our focus needs to be in the years ahead.

    8:30 am
    GDPR and the SMB World
    • session level icon
    Controlled concern is more productive than pure panic.
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    The European Union’s General Data Protection Regulation (GDPR) will go into effect on May 25, 2018. Think GDPR doesn’t apply to your organization? Think again. There are very few businesses that the GDPR will not apply to. The scope is expansive and affects businesses regardless of where they are globally located. If any part of your business touches a person in the EU – be ready! Just like the Y2K era, companies small and large have a lot of work to do in preparation. For businesses that already have a strong security and privacy program, there may be changes required to achieve full compliance. Unfortunately, SMBs are finding that there is a lot more work to do before the deadline arrives. In this session, we will cover this topic and explain how the harmonizing of privacy laws will impact your business.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE — Going Digital: Building Your Strategic Roadmap for the Next Wave of Digital Transformation
    • session level icon
    speaker photo
    Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    The next major wave of digital transformation will integrate the physical parts of your business even more intimately with the digital world, using sensors, analytics, artificial intelligence, robotics, augmented reality, 5G networking, and blockchain technology. In this talk, former Intel futurist Steve Brown presents a fast-paced, fun exploration of what it will mean to “go digital” in the next decade, and reviews the business and security strategies we will need to navigate the road ahead.

    Hear from Steve as he gives a preview of what he will cover in his keynote: https://youtu.be/Er1spVCyzS8

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm

    Advisory Council – VIP / INVITE ONLY

    11:15 am
    Radware: Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Throughout 2017 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    A Comprehensive Framework for Securing Open Source Software
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    We all understand the benefits of using open source software, but are not necessarily comfortable relying solely on the meritocracy of open source communities to keep that software secure. This talk will establish a framework for securing both the consumption and contribution of open source code. Within the context of the framework we will explore long standing software security techniques and newly emerging technologies and solutions.

     

    11:15 am
    Duo — Past the Perimeter: Earned Access Through a Zero-Trust Model
    • session level icon
    speaker photo
    Customer Advocacy, Duo Security
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Users whose digital lives are increasingly mobile don’t want to be tied to their desks, and an effective security strategy must be flexible enough to protect access from boardrooms and bars, cubicles and coffee shops alike. To do this, companies must ensure that users and their devices meet the same security controls, whether they’re outside or inside the network perimeter.

    Duo adopted the “zero-trust network” model to solve this challenge. All networks and devices are treated as untrusted until proven otherwise, and their health is checked each time a user connects to a protected resource. This approach depends on visibility into whether basic device and network security standards are met. It also requires the ability to enforce granular policy controls based on the results of that health check.

    The perimeter is disappearing, and it’s not coming back… find out how you can get a head start on what’s next.

    11:15 am
    The Expanded Scope of the Computer Fraud & Abuse Act (It's Not Just For Hackers Anymore)
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    As the federal Computer Fraud and Abuse Act (CFAA) turns 33 years old, it is increasingly being applied not just to external hackers, but also to current and former employees, competitors, vendors and even customers. Information Technology attorney Kathy Ossian will discuss recent civil and criminal actions under the CFAA and the impact of its expanded scope on businesses.

    11:15 am
    GDPR – End-to-End Impact
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Review of how GDPR will impact day-to-day operations and the support service. Direct impact to our ability to process in the EU.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm

    Advisory Council – VIP / INVITE ONLY

    12:15 pm
    LUNCH KEYNOTE: Prevent Nightmares in the IoT
    • session level icon
    speaker photo
    CEO, The Privacy Professor, President, SIMBUS, LLC
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    1:15 pm
    Privacy Considerations for the Information Security Professional
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Privacy can be a confusing topic, particularly in the U.S. From his experience building a federally compliant privacy program, Michael will cover basic components of a privacy program, opportunities to incorporate privacy into existing security work, and practical examples of privacy tools. Challenges you may encounter will also be discussed.

    1:15 pm
    Panel: Beware the Highwaymen: Rise of the Cyber Criminal
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    Modern civilization has always been plagued by various classes of criminals. Travelers would hire guards to protect their caravans from hijackers. Thieves came up with various ploys to trick travelers on the road. In today’s day and age the advent of interconnected devices, allowing for portability of corporate secrets, has given rise to a completely different class of nefarious actors. Cyber criminals range from those bent on stealing your personal information to “cyber terrorists” who have the capability to inflict harm on a much wider scale. Uninhibited by current laws, they are very effective given the speeds of networks, lack of appropriate security controls, and the anonymous nature of the attacker. Making matters worse, the crime may be perpetrated by entities outside of the legal jurisdiction where the unlawful act took place. This panel will explore the tools these criminals use, what can be done to prevent them, and how to safeguard your data.
    Panelists:
    Carol Sun, InfoSec Institute
    Ron Winward, Radware
    Justin Woody, FireEye
    Eric Thomas, ExtraHop
    Moderator: Mike Metzler

    1:15 pm
    Panel: Hazards on the Horizon - Emerging Threats
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    Just as in the days of yore, you must have watch guards in the tower scanning the horizon for enemy banners. If you follow cyber threats, then you know that the landscape is constantly changing. From the bring your own device (BYOD) workplace to mobile-malware, social engineering, and everything in between, information security has transformed. In order stay ahead of the ever-changing threats, it is imperative to constantly improve and change security policies. Join industry experts as they discuss the importance of rolling with the changes, and how your company can stop the threat before it gets to the castle gate.
    Panelists:
    Jon Clay, Trend Micro
    Kellen Christensen, Dasher Technologies
    Hariom Singh, Qualys
    Tom Gallo, Symantec
    Gary Southwell, CSPi
    Moderator: Dan Lohrmann

    1:15 pm
    Encrypting the Human Mind
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    The human mind is the weakest link in cyber space. We will show what to look for to be safe online.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Panel: Manage the Damage - The Current Threatscape
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    Every week we learn about some business, government entity, bank, or healthcare entity in the news that has been hacked. Often times the intruders had been sitting collecting information for months before being discovered. Now more than ever it is crucial for organizations to develop, practice, and fine tune their incident response plans. When do you get law enforcement involved? What about the legal team or PR? Will your business recover? This panel discussion will tackle these issues as well as your questions on what you need to know after the hack.
    Panelists:
    Imry Linden, CyberArk
    Peter McNaull, LogRhythm
    Karthik Krishnan, Aruba Networks
    Andrew Cook, Delta Risk
    Bill Shelton, ThinAir
    Moderator: Jean Pawluk

    3:00 pm
    Less Talk and More Action: How the Global Cyber Alliance Is Making a Difference and You Can Too
    • session level icon
    speaker photo
    Global Communications Officer, Global Cyber Alliance
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    The Global Cyber Alliance (GCA) is an international nonprofit focused on developing and deploying practical solutions, made freely available, that measurably improve our collective cybersecurity.

    In this session, you’ll learn about GCA’s more than 200 global partnerships and how their resources—such as the email authentication (DMARC) Setup Guide and the Quad 9 web security service (which blocks 2 million threats a day)—can help your organization. Looking forward, we’ll discuss GCA’s plans to make smart cities more secure cities by tackling security challenges associated with IoT devices and technologies.

    3:00 pm
    Rethinking Network Security With a Software-Defined Perimeter
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    Traditional network security is failing us. This session introduces a new, open network security model, the Software-Defined Perimeter. This architecture, published by the Cloud Security Alliance, verifies and secures all user access to network resources, improving security and compliance for both on-premises and cloud environments.

    3:00 pm
    IoT and Blockchain in Healthcare
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Tens of billions of connected devices will form the smart homes, cities and user experience of the future. The “Internet of Things” is a rich opportunity for IT Leaders but also presents some headaches, particularly when we think of medical and consumer devices in Healthcare. Hear the unique perspective from one of the nations largest healthcare providers on how they plan to step up to the challenge and how one notorious upstart technology, the “Blockchain”, can potentially benefit the “Smart Hospital.”

    3:00 pm
    SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    3:00 pm
    SecureWorld PLUS Part 2 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value

    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop

    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    3:00 pm
    SecureWorld PLUS Part 2 – How To Build And Maintain A Game-Changing Security Awareness Program That Measures Success
    • session level icon
    SecureWorld PLUS registrants ONLY
    speaker photo
    Chief Strategist and Chief Security Officer, Security Mentor
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.

    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

  • Thursday, November 8, 2018
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:00 am
    SecureWorld PLUS Part 3 - How to Build the Future: A Deep Dive into Artificial Intelligence, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Former Chief Evangelist and Futurist, Intel
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

    Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

    AGENDA

    Introductions

    Artificial Intelligence: How AI will reshape every business, including yours
    Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

    Blockchain beyond crypto-currencies: Your foundation to create new business value

    Crypto-currencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy.  Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

    Futurecasting Workshop

    In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

    8:00 am
    SecureWorld PLUS Part 3 – How To Build And Maintain A Game-Changing Security Awareness Program That Measures Success
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Chief Strategist and Chief Security Officer, Security Mentor
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    Every organization seeks a security-aware culture, but how can you build an effective information security awareness program that addresses compliance and changes employee behavior for the better? People are the greatest asset and the weakest link in securing intellectual property and protecting sensitive data within every enterprise; therefore, a well-organized security awareness program is essential.

    You will learn how an effective program that offers lasting solutions requires the right mix of skills, knowledge, executive support and resources. This hands-on workshop will teach you what you need to know to implement just such a program. Offering award-winning case studies, interactive discussions and group participation in exercises, this SecureWorld Plus-session will enable you to hit the ground running with a customized plan that meets your organization’s needs when you head back to the office.

    Dan Lohrmann offers an interactive, engaging style that is both fun and informative. The 4.5-hour workshop covers these essential topics:

    Part 1: Information Security Awareness Fundamentals and War Stories
    What important building blocks, resources and communication strategies are essential to successfully implement your program? How can you reduce the risk of a data breach or other unwanted outcomes using a comprehensive approach to information security awareness? What best practices and examples have succeeded that can be emulated?

    8:30 am
    Cloudy Days Ahead: Security Implications of the Expansion of IIoT/IoT in Industrial Control Environments
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    In recent years, business drivers requiring access to more near real time or real time data has compelled organizations to increase connectivity within their industrial control environments. That connectivity is not only to enterprise networks, however, as there has been an expansion of IIoT (Industrial Internet of Things) capability within these control environments, and a subsequent movement of data into the cloud for further enrichment. What does this mean for a domain that already has significant security challenges? This presentation will examine some of those challenges and what implications there are as IIoT continues to expand.
    8:30 am
    10 Steps to Mastering Cybersecurity for Parents
    • session level icon
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    • session level iconConference Pass
    8:30 am - 9:15 am

    Kids do what their parents do. So, parents need to practice good cyber hygiene and then teach those habits to their kids. They also need to enforce healthy boundaries on Internet usage. We’ll explore specific risks to kids using the Internet along with specific things parents should be doing to minimize those risks. These lessons are drawn from my experience both at work and at home and are based on what we do with our family.

    8:30 am
    Data Breach Digest – Perspective is Reality
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Data breaches are complex affairs. Response activities are proportionately complex involving various stakeholders with slightly different perspectives. This presentation covers the 2017 “Data Breach Digest – Perspective is Reality”; a compendium of data breach scenarios told from different stakeholder points of view covering their decisions, actions and crucial lessons learned.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: Leveraging SDN Technology to Improve Enterprise Security
    • session level icon
    speaker photo
    Vice President, Marketing and Business Development, Pluribus Networks
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    With increasing numbers of high profile breaches, focusing on securing the perimeter is no longer sufficient. New traffic types and the proliferation of diverse end-points along with increased mobility and wireless access fuels a dramatic increase in untrusted traffic entering the network. In addition, the growth of multi-cloud environments and cloud services requiring access to Enterprise resources pose additional challenges. As mixed-use networks continue to grow and Internet of Things (IoT) traffic is introduced to the network, security organizations need a more dynamic approach to secure the increases of unsecure and untrusted traffic.

    Imagine being able to build a simple, automated and secure network overlay that empowers the enterprise with cloud-scale, elasticity and adaptability and enables independence from network operations. This session will discuss the evolution of SDN technologies and explore how to leverage a dynamic SDN architecture to enable dynamic traffic segmentation, distributed policy enforcement, shared security services and increased operational intelligence to reduce risk, contain infiltrations and prevent attack proliferation.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm

    Advisory Council – VIP / INVITE ONLY

    11:15 am
    Infosec Heresies: What We’re Doing Isn’t Working
    • session level icon
    It’s time to question your own authority.
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Stop writing policies that no one reads or enforces. Stop paying for security tools that don’t demonstrably reduce risk. Stop saying “no” to everyone. Maybe a bit of information security heresy is just what we need to reverse the trend of information security failures in our organizations.

    11:15 am
    Navigating the Alternative Facts of Malware Prevention
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    This presentation, given by an individual not linked to any anti-malware vendor, is the result of over two years of research covering several dozen tools in the anti-malware space, in an effort to find the ideal tool for our corporate environment. It is intended to be an in-depth focus on the evolution of the space, the tools, and the technologies behind them, with a “no holds barred” approach to presenting our evaluation methodology and results.

    11:15 am
    Internet of Things Security and You
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    IoT is older than you may imagine and each new advance came with a set of security issues. Learn from history, incidents and controls. Modern IoT is complex; architectures have many common emergent issues but it is possible to make good decisions if you understand the trade-offs.

    11:15 am
    Gaining Better Visibility Into Risk – The Future of GRC
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    In this session we will be discussing the general achievements and failings that clients have experienced utilizing GRC platforms and processes, where the market is headed, and how integration of different data sources and risk correlation techniques are starting to be utilized to get a better picture of risk.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm

    Advisory Council – VIP / INVITE ONLY

    12:15 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    1:15 pm
    How to Perform a Data Privacy Impact Assessment
    • session level icon
    Now I know how to do a DPIA!
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    A practical guide to performing a Data Privacy Impact Assessment, including a fully completed DPIA example and a template you can use.

    1:15 pm
    ABCs of GDPR
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    With the upcoming May 2018 effective date for GDPR compliance, it is important to understand the basics of responsible information management. Organizations must focus on people and process, not just technology, to implement and evidence their compliance. This is an organization-wide issue and requires partnership among IT and diverse business functions. Accountability can leverage a risk-based approach, but compliance by accident will not work.

    1:15 pm
    Panel: Close the Front Gate: Identify all Travelers
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    One of the first lines of defense for a castle was the front gate or portcullis. When the need arose, they would simply close the gate and stop everyone from entering. Castle guards would stop each traveler and determine their identity and if they were a threat before letting them in. Sort of like today’s network access control and firewalls. Identity or the perception of one’s identity was all that mattered and a smart spy or thief would gain access to the castle with only minor delays. Our experts will discuss your options for defending your castle.
    Panelists:
    Michael Stuyt, SailPoint
    Gina Osmond, Venafi
    Michael Feiertag, tCell
    David Hawkins, Centrify
    Moderator: Bruce Lobree

    1:15 pm
    Panel: The Court Jester Has the Crown Jewels (Ransomware)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Way back in the day if you wanted to get someone to bend to your will you could just kidnap the princess or steal the Crown Jewels. Kingdoms would do just about anything to get these things back. It was probably a bit easier to grab the princess and leave a note with your demands. The exchange of coin for the princess was a risky maneuver but worth the reward if you escaped. Now it just takes one foolish click to become a victim of ransomware. Sadly, they are not easily caught when you make the trade with bitcoin. This panel will talk about the current schemes happening with ransomware and how you can try to keep the Crown Jewels safe.
    Panelists:
    Donald Meyer, Check Point Security
    Ryan Peters, Bluvector
    Mat Gangwer, Rook
    Ed Metcalf, Cylance
    Brian Lain, Lastline
    Moderator: Jake Bernstein

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Access Management – How to Control Access in Today’s Technology Environment
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    User ids, long complicated passwords, data breaches, internal audits, external audits, compliance assessments, hackers, and the list goes on-and-on. These are just a few things that access management professionals worry about. How do you setup your access management controls to limit the organizations exposure, and decrease the odds something bad will happen. Come learn proven techniques to control the access management environment.

    3:00 pm
    Being Risk Aware in Cloud Adoption
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    In spite of the benefits to be realized in Cloud, organizations are uneasy about the risks. It is important for organizations to be risk-aware since the impact could easily pass on to the existing /future clients. How can organizations exploit the risk in order to successfully adopt cloud?

    3:00 pm
    DevOps – Security’s Big Opportunity
    • session level icon
    speaker photo
    Contributing Editor, DevOps.com
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    DevOps culture creates an opportunity for us to improve application security. Since developers are the ones producing code, integrating components and creating the innovations that fuel our digital economy, they are also the ones who will determine whether or not security is part of development or not. Security professionals must therefore learn to how to talk to developers about how to create a security program that will accelerate development and not slow it down.
    3:00 pm
    Teaching the Human: Security Awareness Program Design and Discussion
    • session level icon
    speaker photo
    National Practice Lead Consultant for Security Awareness and Training, Ernst & Young LLP
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Security Awareness. The Human Firewall. The mysterious end users. Learn how to engage your audience and employee base to help them understand the fundamentals of information security and social engineering. This non-technical session will help security professionals design security awareness and training programs relevant to their environment. No longer does security training have to be death by PowerPoint or hour long computer based trainings. Security is a product that you need your employees to buy and use daily. Learn tips and techniques to engage all ages and technical proficiencies.

Exhibitors
  • Bay Pay Forum
    Booth:

    The BayPay Forum, a Silicon Valley-based international network composed of over 14,000 payment and commerce executives, entrepreneurs and investors from thousands of different companies, serves as a forum to connect members in identifying and understanding the emerging trends and innovations in the industry.

  • BitSight Technologies
    Booth: TBD

    BitSight Technologies is transforming how companies manage information security risk with objective, evidence-based security ratings. The company’s Security Rating Platform continuously analyzes vast amounts of external data on security behaviors in order to help organizations manage third party risk, benchmark performance, and assess and negotiate cyber insurance premiums.For more information, please visit www.bitsighttech.com or follow us on Twitter (@BitSight)

  • Check Point Security
    Booth: TBD

    Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

  • CIOReview
    Booth: TBD

    CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIOReview is an excellent platform for the enterprise to showcase their innovative solutions.

  • Cloud Security Alliance (CSA)
    Booth:

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • CrowdStrike
    Booth: TBD

    CrowdStrike was founded in 2011 to fix a fundamental problem: The sophisticated attacks that were forcing the world’s leading businesses into the headlines could not be solved with existing malware-based defenses. Co-founders George Kurtz and Dmitri Alperovitch realized that a brand new approach was needed — one that combines the most advanced endpoint protection with expert intelligence to pinpoint the adversaries perpetrating the attacks, not just the malware.

  • CTIN
    Booth:

    CTIN has been providing high tech crime fighting training since 1996 in the areas of high-tech security, investigation, and prosecution of high-tech crimes for both private and public sector security and investigative personnel and prosecutors. CTIN sponsors training from experts world-wide for the benefit of private organizations and law enforcement agencies.

  • Cyber-Ark Software
    Booth: TBD

    Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments.

  • Cylance
    Booth: TBD

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • Dasher Technologies
    Booth: TBD

    Dasher Technologies, Inc. ® is a premier IT solution provider that delivers expert technical resources along with trusted account executives to architect and deliver complete IT solutions and services to help our clients execute their goals, plans and objectives.

  • DirectDefense
    Booth: TBD

    Founded in 2011, DirectDefense offers security services that are unmatched within the industry. Our core strength is our deep experience in performing assessments for a wide array of networks, platforms, and applications. Our seasoned consultants are focused on providing world-class security services to our clients.

    Regardless of industry – financial, insurance, retail, hospitality, healthcare, education, gaming, technology, or energy and utilities, our wealth of knowledge and experience can assist you in achieving your security testing and strategy goals.

  • Duo
    Booth: TBD

    Duo was founded with the belief that security can only be effective if it is easy to use. Through that vision, Duo has built a world-class security platform that is actually enjoyable to use. Duo supports thousands of customers and millions of users in organizations like Accenture, Boston Medical, Emblem Health, Facebook, Toyota, Twitter, Virginia Tech, Yelp and others, and enjoys the highest NPS score in the industry.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Endace
    Booth: TBD

    Customers choose Endace products for one primary reason: they deliver, where competitor products fail. Whether it is capture accuracy, fidelity of time stamps, write-to-disk performance or speed of traffic retrieval, Endace is famous for delivering the very best performing products. Telcos, broadcasters, governments, defence departments, investment banks and many other large enterprises trust our products to help them manage their critical data networks.

  • Fidelis Cybersecurity
    Booth: TBD

    Fidelis Cybersecurity protects the world’s most sensitive data by equipping organizations to detect, investigate and stop advanced cyber attacks. Our products, services and proprietary threat intelligence enable customers to proactively face advanced threats and prevent data theft with immediate detection, monitoring and response capabilities. With our Fidelis Network and Fidelis Endpoint, customers can get one step ahead of any attacker before a major breach hits. To learn more about Fidelis Cybersecurity, please visit www.fidelissecurity.com and follow us on Twitter @FidelisCyber

  • FireEye
    Booth: TBD

    FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 5,000 customers across 67 countries, including more than 940 of the Forbes Global 2000.

  • FireMon
    Booth: TBD

    FireMon is at the forefront of the security management category, delivering first-ever functionality such as firewall behavior testing, workflow integration, traffic flow analysis and rule recertification. Our solutions have helped more than 1,500 organizations around the world gain visibility into and control over their complex network security infrastructures.

  • Fortinet
    Booth: TBD

    Fortinet secures the largest enterprise, service provider, and government organizations around the world. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 300,000 customers trust Fortinet to protect their businesses.

  • Gemalto
    Booth: TBD

    SafeNet and Gemalto have joined forces to create the worldwide leader in enterprise and banking security from core data protection to secure access at the edge of the network. Together, we protect more data, transactions, and identities than any other company, delivering security services that are used by more than 30,000 businesses and two billion people in more than 190 countries around the world. We support 3,000 financial institutions and secure more than 80% of the world’s intra-bank fund transfers, and protect the world’s leading software applications.

  • Gigamon
    Booth: TBD

    Gigamon (NYSE: GIMO) provides active visibility into physical and virtual network traffic, enabling stronger security and performance. Gigamon’s Visibility Fabric™ and GigaSECURE®, the industry’s first Security Delivery Platform, deliver advanced intelligence so that security, network, and application performance management solutions in enterprises government, and service provider networks operate more efficiently.

  • Infoblox, Inc
    Booth: TBD

    For 17 years, we’ve been the market leader for core network services, including DNS, DHCP, and IP address management, a category known as DDI.

  • Imperva
    Booth: TBD

    Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.

  • Intsights
    Booth: TBD

    We are an intelligence driven security provider offering a subscription-based service which delivers rapid, accurate cyberthreat intelligence and incident mitigation in real time.

  • Institute of Internal Auditors (IIA)
    Booth:

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • InfraGard – Evergreen / WA chapter
    Booth:

    InfraGard is a partnership of individuals representing businesses, academic institutions, state and local law enforcement agencies, and communities who are dedicated to collaborating and sharing information to prevent hostile acts against the United States.

    The Evergreen InfraGard Members Alliance area of operation is Washington State and over 600 members. As part of the Western Region, we work closely with the IMAs in Los Angeles, San Diego, Oregon, and Idaho. Our chapter’s mission is, “To protect Washington State’s Infrastructure and critical services by providing a secure platform and trusted community to share experiences and information.”

  • ISACA
    Booth:

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

  • (ISC)2
    Booth:

    (ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education ™ Follow us on Twitter or connect with us on Facebook.

  • ISSA Puget Sound Chapter
    Booth:

    ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. Join today.

  • Juniper
    Booth: TBD

    Our customers don’t set out to build networks. They build on ideas that reinvent, reimagine, and improve the world around them. It makes sense that we should begin there, too.

    Through our passion for creating high-performing networks, Juniper extends knowledge, collaboration, and human advancement in industries around the world—such as energy, healthcare, education, and many others.

    While our innovative product and services portfolio evolves continuously, we need to reach farther to secure our customers’ long-term success. We’re looking beyond the horizons of today’s business challenges, and the technology future we see is built on real-time service integration. That means everything we develop must align with our vision.

  • LogRhythm
    Booth: TBD

    LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

  • Malwarebytes
    Booth: TBD

    Malwarebytes provides anti-malware and anti-exploit software designed to protect users against zero-day threats that consistently escape detection by traditional endpoint security solutions. Malwarebytes Anti-Malware earned an “Outstanding” rating by CNET editors, is a PCMag.com Editor’s Choice, and was the only security software to earn a perfect malware remediation score from AV-TEST.org. That’s why large Enterprise businesses worldwide, including Disney, Dole, and Samsung, trust Malwarebytes to protect their mission-critical data. For more information visit www.malwarebytes.com/business

  • NetScout Arbor
    Booth: TBD

    For fifteen years, the world’s leading network operators across ISP, cloud and enterprise markets have relied on NETSCOUT Arbor for traffic visibility, advanced threat detection and DDoS mitigation. Through a combination of market-leading technology, elite security research, intuitive workflows and powerful data visualizations, NETSCOUT Arbor allows you to efficiently connect the dots to understand attack activity and to take action with confidence. See the threat, understand the risk and protect your business with NETSCOUT Arbor.

  • New Tech Seattle
    Booth:

    Seattle’s largest ongoing monthly event with more than 5,600 members. New Tech Seattle is the place where you’ll always make great connections, enjoy great food and drinks, learn about new companies doing cool things, laugh, smile, and have a fun night out. And most importantly, you’ll discover the people, partners, organizations, and resources to help you to build your dreams.

    It’s your community, we just love it and give everyone a place to play together. New Tech Seattle happens on the 2nd or 3rd Tuesday of every month. You can also join us on the 1st or 2nd Tuesday of every month at New Tech Eastside if you spend more time in Kirkland, Bellevue, Redmond, and the surrounding cities.

  • Northwest Tech Alliance (NWTA)
    Booth:

    The Northwest Tech Alliance (NWTA) is an independent technology association dedicated to bringing together some of the brightest minds from the technology industry.
    NWTA events are focused on helping attendees:
    · Network with other technology industry professionals
    · Provide education and information relative to the latest technologies and industry trends
    · Generate opportunities for personal, professional and business growth
    · Promote the Puget Sound area as a desirable place to start and grow successful technology companies
    · Learn about local food/chefs, wineries, breweries, and distilleries
    · Support local businesses and give back to the community
    · Build lifelong relationships

  • Okta
    Booth: TBD

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • Online Trust Alliance (OTA)
    Booth:

    The Online Trust Alliance (OTA) is a non-profit with the mission to enhance online trust, while promoting innovation and the vitality of the internet. OTA’s goal is to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users’ security, privacy and identity. OTA supports collaborative public-private partnerships, benchmark reporting, meaningful self-regulation and data stewardship.

  • Optiv
    Booth: TBD

    Optiv is the largest holistic pure-play cyber security solutions provider in North America. Our diverse and talented employees are committed to helping businesses, governments and educational institutions plan, build and run successful security programs through the right combination of products, services and solutions related to security program strategy, enterprise risk and consulting, threat and vulnerability management, enterprise incident management, security architecture and implementation, training, identity and access management, and managed security.

    Created in 2015 as a result of the Accuvant and FishNet Security merger, Optiv has served more than 12,000 clients of various sizes across multiple industries, offers an extensive geographic footprint, and has premium partnerships with more than 300 of the leading security product manufacturers.

  • Ping Identity
    Booth: TBD

    Come and see why Ping Identity is consistently named a leader in IAM for solving a diverse set of enterprise challenges meeting employee, partner and customer identity needs. Ping solutions can help your enterprise prevent security breaches, increase employee and partner productivity and provide seamless customer experiences.

  • Pluribus Networks
    Booth: TBD

    Pluribus Networks delivers a programmable software-defined security fabric with a distributed architecture to integrate and orchestrate multiple security functionalities for internal security protections. The Fabric enables establishing a transparent and secure control layer to segment and control all traffic across the enterprise independent of the underlying physical network infrastructure. The Fabric enables network virtualization and segmentation with adaptive security policies, enables security service insertion and provides real-time visibility to identify emerging threats and speed cyber incident response.

  • Qualys, Inc.
    Booth: TBD

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • Radware
    Booth: TBD

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • SailPoint
    Booth: TBD

    In 2005, Mark and Kevin set out to create a new type of company – one that promised to provide innovative solutions to business problems and an exciting, collaborative work environment for identity rock stars. Together, we’re redefining identity’s place in the security ecosystem.

    We love taking on new challenges that seem daunting to others. We hold ourselves to the highest standards, and deliver upon our promises to our customers. We bring out the best in each other, and we’re having a lot of fun along the way.

  • SecureAuth
    Booth: TBD

    SecureAuth enables companies to determine identities with absolute confidence. Whether you’re seeking to continuously secure employee,
    customer or partner access, SecureAuth’s flexible and adaptive platform makes everything fast, frictionless and pain-free. Guaranteed.

  • SentinelOne
    Booth: TBD

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • Skybox Security
    Booth: TBD

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • Splunk
    Booth: TBD

    You see servers and devices, apps and logs, traffic and clouds. We see data—everywhere. Splunk® offers the leading platform for Operational Intelligence. It enables the curious to look closely at what others ignore—machine data—and find what others never see: insights that can help make your company more productive, profitable, competitive and secure. What can you do with Splunk?
    Just ask.

  • SSH Communications Security
    Booth: TBD

    As the inventor of the SSH protocol, we have a twenty-year history of leading the market in developing advanced security solutions that enable, monitor, and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki. For more information, visit www.ssh.com

  • Symantec
    Booth: TBD

    Symantec Corporation (NASDAQ: SYMC), the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Symantec operates one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats. For additional information, please visit www.symantec.com or connect with us on Facebook, Twitter and LinkedIn.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tools4ever
    Booth: TBD

    Tools4ever is one of the largest vendors in Identity Governance & Administration (also known as Identity & Access Management) with more than 5 million managed user accounts.

    Since 1999 Tools4ever has developed and delivered several software solutions and consultancy services such as User Provisioning, Downstream Provisioning, Workflow Management, Employee Self-Service and Access Governance (RBAC). In the area of Password Management, Tools4ever offers Single Sign-On and Self-Service Password Reset among others.

    Tools4ever’s Identity Governance & Administration (IGA) solutions are installed in organizations from various sectors ranging in size from 300 to over 200,000 user accounts.

  • Trend Micro
    Booth: TBD

    As a global leader in cloud security, Trend Micro develops Internet content security and threat management solutions that make the world safe for businesses and consumers to exchange digital information. With more than 20 years of experience, we’re recognized as the market leader in server security for delivering top-ranked client, server, and cloud-based security solutions that stop threats faster and protect data in physical, virtualized, and cloud environments.

  • Vectra
    Booth: TBD

    Vectra® is transforming cybersecurity by applying AI to detect cyberattacks and hunt for threats before they do damage. Powered by AI, Vectra and its flagship Cognito™ platform enable the world’s most consequential enterprise organizations to automatically detect cyberattacks in real time and empower threat hunters to conduct highly-efficient investigations.

  • WhiteHat Security
    Booth: TBD

    Digital life consists of digital experiences, and applications drive these digital experiences. The only way enterprises can truly provide safe digital experiences to their customers, partners, employees and entire ecosystem, is by securing the applications at the heart of their business.

    WhiteHat exists to make this possible. The WhiteHat Application Security Platform enables enterprises to secure their digital businesses. From application creation through production, and from the desktop to mobile devices, we secure the apps that people rely on in their personal and professional lives.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016

    Larry is responsible for developing, implementing and managing the University of Massachusetts Information Security Policy and Written Information Security Program (WISP). The University program is based on industry best practices ISO 27001 / SANS 20 Critical Controls, and is implemented consistently across all University campuses (Amherst, Boston, Dartmouth, Lowell, Medical School and the President’s Office).

    Prior to joining UMASS, Larry was the Vice President, Network Security Manager at State Street. In this role he was responsible for researching, selecting, implementing and overseeing an engineering staff who managed network security technologies / tools including vulnerability scanning, network firewall policy management, intrusion detection, remote access, DNS security, global and local load balancing, etc.

    Larry's industry experience includes IT audit manager for Deloitte Enterprise Risk Services (ERS) consulting practice. In this role he managed a staff responsible for developing and completing a Sarbanes Oxley compliance audit for MasterCard International. Larry's team focused on the application level controls and general computer controls for information technology services implemented and managed from the MasterCard data center in St. Louis.

    Mr. Wilson holds a Master of Science degree in Civil / Structural Engineering from the University of New Hampshire. His industry certifications include CISSP, CISA and ISA (PCI Internal Security Assessor). He serves on the Advisory Board for Middlesex Community College and CISO Advisory Board for Oracle. He co-chairs the Massachusetts State University and Community College Information Security Council, and serves as Certification Director for ISACA New England. His major 2013 accomplishments include Finalist for Information Security Executive® (ISE®) of the Year for both the Northeast Region and North America; and a SANS People who made a difference in Cybersecurity in 2013 award recipient.

    Larry has been teaching CISA certification training for ISACA for 5 years.

  • speaker photo
    Steve Brown
    Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Dan Lohrmann
    Chief Strategist and Chief Security Officer, Security Mentor

    Dan Lohrmann is Chief Strategist and Chief Security Officer (CSO) at Security Mentor. In this role, Lohrmann leads efforts to define and develop key strategic initiatives for the company’s security awareness training offerings, including new programs that can improve security and compliance by elevating an organization’s workforce into security savvy employees. Representing Security Mentor, Lohrmann serves as thought leader serving as a keynote speaker on security and security awareness training, and giving government and industry presentations.

    Over the past decade, Lohrmann has advised the U.S. Department of Homeland Security, the White House, FBI, numerous federal agencies, law enforcement, state and local governments, non-profits, foreign governments, local businesses, universities, churches, and home users on issues ranging from personal Internet safety to defending government and business-owned technology and critical infrastructures from online attacks. Prior to joining Security Mentor, Lohrmann was Michigan's first CSO and Deputy Director for Cybersecurity and Infrastructure Protection and has been recognized as a global leader in cyber defense for government.

    Previously, Lohrmann represented the National Association of State Chief Information Officers on the U.S. Department of Homeland Security’s IT Government Coordinating Council where he assisted in the writing and editing of the National Infrastructure Protection Plans, sector specific plans, Cybersecurity Framework, and other federal cyber documents. Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web, published in November 2008 by Brazos Press and BYOD for You: The Guide to Bring Your Own Device to Work, published in Kindle format in April 2013.

    He has been honored with numerous cybersecurity and technology leadership awards, including “CSO of the Year” by SC Magazine, “Public Official of the Year” by Governing magazine and “Premier 100 IT Leader” by Computerworld Magazine. Lohrmann received his bachelor’s degree in computer science from Valparaiso University in Indiana and his M.S. in Computer Science from Johns Hopkins University in Baltimore.

  • speaker photo
    Ernie Hayden
    Founder & Principal, 443 Consulting LLC

    Ernie Hayden is the Founder and Principal of 443 Consulting LLC. He holds a CISSP, CEH, GICSP (Gold), and PSP. Ernie's consulting experience includes work on every continent except Antarctica.

  • speaker photo
    LTC Kevin J. Murphy
    Cybersecurity & Incident Response, City of Seattle

    Kevin was the VP of Cyber Operations at IOActive.com, a retired US Air Force intelligence officer, and the former Director of Windows Security Architecture with Microsoft with over 25 years of experience in threat intelligence and information security. CISM, CISSP, CGEIT.

  • speaker photo
    Steve Brown
    Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Ron Winward
    Security Evangelist, Radware

    Ron Winward is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the Internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cybersecurity service providers around the world.

  • speaker photo
    Zoe Lindsey
    Customer Advocacy, Duo Security

    Zoe Lindsey is Duo Security’s Advocate Manager, where she educates and advises organizations with unique compliance challenges including the healthcare, government, and financial industries on strong security policy and best practices. She has been hooked on tech since getting her first Commodore 64 at age 10, and joined Duo with a background in cellular and medical technology.

  • speaker photo
    Rebecca Herold
    CEO, The Privacy Professor, President, SIMBUS, LLC

    Rebecca is CEO of The Privacy Professor® consultancy and President of SIMBUS, LLC, an infosec, privacy, technology, and compliance management cloud service. Rebecca has over 25 years of experience, has authored 19 books and hundreds of book chapters and published articles, and serves as an expert witness for information security, privacy, and compliance issues. Rebecca appears regularly on the KCWI23 morning television show and is based in Des Moines, Iowa.

  • speaker photo
    Aimee Larsen Kirkpatrick
    Global Communications Officer, Global Cyber Alliance

    Aimée Larsen Kirkpatrick is the Global Communications Officer for the Global Cyber Alliance (GCA), where she is responsible for strategic communications for the international nonprofit. Prior to GCA she was President of ALK Strategies, a communication and public affairs consulting practice. Aimée was formerly with the National Cyber Security Alliance (NCSA), where among other programs, she led the development of the successful STOP. THINK. CONNECT public cybersecurity awareness campaign and the San Diego Securing Our eCity Model City project. Aimée was a 2012 Executive Women’s Forum Women of Influence Award recipient. She has a BA from Washington State University.

  • speaker photo
    Larry Wilson
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016

    Larry is responsible for developing, implementing and managing the University of Massachusetts Information Security Policy and Written Information Security Program (WISP). The University program is based on industry best practices ISO 27001 / SANS 20 Critical Controls, and is implemented consistently across all University campuses (Amherst, Boston, Dartmouth, Lowell, Medical School and the President’s Office).

    Prior to joining UMASS, Larry was the Vice President, Network Security Manager at State Street. In this role he was responsible for researching, selecting, implementing and overseeing an engineering staff who managed network security technologies / tools including vulnerability scanning, network firewall policy management, intrusion detection, remote access, DNS security, global and local load balancing, etc.

    Larry's industry experience includes IT audit manager for Deloitte Enterprise Risk Services (ERS) consulting practice. In this role he managed a staff responsible for developing and completing a Sarbanes Oxley compliance audit for MasterCard International. Larry's team focused on the application level controls and general computer controls for information technology services implemented and managed from the MasterCard data center in St. Louis.

    Mr. Wilson holds a Master of Science degree in Civil / Structural Engineering from the University of New Hampshire. His industry certifications include CISSP, CISA and ISA (PCI Internal Security Assessor). He serves on the Advisory Board for Middlesex Community College and CISO Advisory Board for Oracle. He co-chairs the Massachusetts State University and Community College Information Security Council, and serves as Certification Director for ISACA New England. His major 2013 accomplishments include Finalist for Information Security Executive® (ISE®) of the Year for both the Northeast Region and North America; and a SANS People who made a difference in Cybersecurity in 2013 award recipient.

    Larry has been teaching CISA certification training for ISACA for 5 years.

  • speaker photo
    Steve Brown
    Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Dan Lohrmann
    Chief Strategist and Chief Security Officer, Security Mentor

    Dan Lohrmann is Chief Strategist and Chief Security Officer (CSO) at Security Mentor. In this role, Lohrmann leads efforts to define and develop key strategic initiatives for the company’s security awareness training offerings, including new programs that can improve security and compliance by elevating an organization’s workforce into security savvy employees. Representing Security Mentor, Lohrmann serves as thought leader serving as a keynote speaker on security and security awareness training, and giving government and industry presentations.

    Over the past decade, Lohrmann has advised the U.S. Department of Homeland Security, the White House, FBI, numerous federal agencies, law enforcement, state and local governments, non-profits, foreign governments, local businesses, universities, churches, and home users on issues ranging from personal Internet safety to defending government and business-owned technology and critical infrastructures from online attacks. Prior to joining Security Mentor, Lohrmann was Michigan's first CSO and Deputy Director for Cybersecurity and Infrastructure Protection and has been recognized as a global leader in cyber defense for government.

    Previously, Lohrmann represented the National Association of State Chief Information Officers on the U.S. Department of Homeland Security’s IT Government Coordinating Council where he assisted in the writing and editing of the National Infrastructure Protection Plans, sector specific plans, Cybersecurity Framework, and other federal cyber documents. Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web, published in November 2008 by Brazos Press and BYOD for You: The Guide to Bring Your Own Device to Work, published in Kindle format in April 2013.

    He has been honored with numerous cybersecurity and technology leadership awards, including “CSO of the Year” by SC Magazine, “Public Official of the Year” by Governing magazine and “Premier 100 IT Leader” by Computerworld Magazine. Lohrmann received his bachelor’s degree in computer science from Valparaiso University in Indiana and his M.S. in Computer Science from Johns Hopkins University in Baltimore.

  • speaker photo
    Larry Wilson
    CISO, UMass President’s Office, Security Magazine's "Most Influential People in Security" 2016

    Larry is responsible for developing, implementing and managing the University of Massachusetts Information Security Policy and Written Information Security Program (WISP). The University program is based on industry best practices ISO 27001 / SANS 20 Critical Controls, and is implemented consistently across all University campuses (Amherst, Boston, Dartmouth, Lowell, Medical School and the President’s Office).

    Prior to joining UMASS, Larry was the Vice President, Network Security Manager at State Street. In this role he was responsible for researching, selecting, implementing and overseeing an engineering staff who managed network security technologies / tools including vulnerability scanning, network firewall policy management, intrusion detection, remote access, DNS security, global and local load balancing, etc.

    Larry's industry experience includes IT audit manager for Deloitte Enterprise Risk Services (ERS) consulting practice. In this role he managed a staff responsible for developing and completing a Sarbanes Oxley compliance audit for MasterCard International. Larry's team focused on the application level controls and general computer controls for information technology services implemented and managed from the MasterCard data center in St. Louis.

    Mr. Wilson holds a Master of Science degree in Civil / Structural Engineering from the University of New Hampshire. His industry certifications include CISSP, CISA and ISA (PCI Internal Security Assessor). He serves on the Advisory Board for Middlesex Community College and CISO Advisory Board for Oracle. He co-chairs the Massachusetts State University and Community College Information Security Council, and serves as Certification Director for ISACA New England. His major 2013 accomplishments include Finalist for Information Security Executive® (ISE®) of the Year for both the Northeast Region and North America; and a SANS People who made a difference in Cybersecurity in 2013 award recipient.

    Larry has been teaching CISA certification training for ISACA for 5 years.

  • speaker photo
    Steve Brown
    Former Chief Evangelist and Futurist, Intel

    Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

    Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

    Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.

  • speaker photo
    Dan Lohrmann
    Chief Strategist and Chief Security Officer, Security Mentor

    Dan Lohrmann is Chief Strategist and Chief Security Officer (CSO) at Security Mentor. In this role, Lohrmann leads efforts to define and develop key strategic initiatives for the company’s security awareness training offerings, including new programs that can improve security and compliance by elevating an organization’s workforce into security savvy employees. Representing Security Mentor, Lohrmann serves as thought leader serving as a keynote speaker on security and security awareness training, and giving government and industry presentations.

    Over the past decade, Lohrmann has advised the U.S. Department of Homeland Security, the White House, FBI, numerous federal agencies, law enforcement, state and local governments, non-profits, foreign governments, local businesses, universities, churches, and home users on issues ranging from personal Internet safety to defending government and business-owned technology and critical infrastructures from online attacks. Prior to joining Security Mentor, Lohrmann was Michigan's first CSO and Deputy Director for Cybersecurity and Infrastructure Protection and has been recognized as a global leader in cyber defense for government.

    Previously, Lohrmann represented the National Association of State Chief Information Officers on the U.S. Department of Homeland Security’s IT Government Coordinating Council where he assisted in the writing and editing of the National Infrastructure Protection Plans, sector specific plans, Cybersecurity Framework, and other federal cyber documents. Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web, published in November 2008 by Brazos Press and BYOD for You: The Guide to Bring Your Own Device to Work, published in Kindle format in April 2013.

    He has been honored with numerous cybersecurity and technology leadership awards, including “CSO of the Year” by SC Magazine, “Public Official of the Year” by Governing magazine and “Premier 100 IT Leader” by Computerworld Magazine. Lohrmann received his bachelor’s degree in computer science from Valparaiso University in Indiana and his M.S. in Computer Science from Johns Hopkins University in Baltimore.

  • speaker photo
    Steven Shalita
    Vice President, Marketing and Business Development, Pluribus Networks

    Steven Shalita has 20+ years of technology experience across the Enterprise, Cloud and Service Provider technology segments. He has market and technology expertise spanning across Cybersecurity, network security, forensics, SDN/NFV, and IT infrastructure. He has spent a considerable amount of time in the performance monitoring marker and was a key evangelist for adapting network monitoring technology for security use cases to identify zero-attacks. Steven is currently Vice President at Pluribus Networks and is a frequent featured speaker at leading industry events. He has held senior technology marketing leadership positions at NetScout, Check Point Software Technologies, Alcatel-Lucent, Cisco, and HP Networking.

  • speaker photo
    Peter Chestna
    Contributing Editor, DevOps.com

    Pete Chestna has more than 25 years of experience developing software and leading development teams, and has been granted three patents. Pete has been developing web applications since 1996, including one of the first applications to be delivered through a web interface. He led his company from Waterfall to Agile and finally to DevOps, in addition to taking the company from a monolithic architecture to one based on microservices.

    Since 2006, Pete has been a leader in the Application Security (AppSec) space and has consulted with some of the world’s largest companies on their AppSec programs. In addition to his role as a contributing editor at DevOps.com and SecurityBoulevard.com, he now shares his experience by speaking internationally at both security and developer conferences on the topics of AppSec, Agile, and DevSecOps. Buy him a whisk(e)y and he’ll tell you all about it.

  • speaker photo
    Alexandra Panaretos
    National Practice Lead Consultant for Security Awareness and Training, Ernst & Young LLP

    Alex is a senior consultant and the National Cyber Practice Lead for Security Awareness and Training for Ernst & Young LLP. She specializes in cybersecurity awareness and education, as well as personal and physical security training and program development, the psychology of social engineering, behavior analytics, and operations security program development. Alex has over 10 years of experience developing and implementing cybersecurity awareness and education strategies in government, military family services, the Department of Defense, and global health and business industries. She is Operations Security Program Manager certified by the Joint Information Operations Warfare Center and the U.S. Army.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Don't miss out!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!