Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, November 9, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 1
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Ransomware is a specific and extremely harmful type of malware used by cybercriminals to extort money from individuals, organizations, and businesses. The infections block access to your data until you make a ransom payment, at which point you’re supposed to regain access. In reality, nearly 40% of the victims who pay the ransom never get their data back and 73% of those who pay the ransom are targeted again later – which is why everyone must protect against ransomware. In the past year, targeted ransomware attacks against government agencies, educational establishments, and healthcare providers have raised the stakes for those charged with protecting organizations. Ransomware attacks not only damage business, but also put health, safety, and lives at risk.

    Active Directory has become a popular pathway for ransomware attacks. The main reason cybercriminals target Active Directory is because it serves as a gateway to the rest of the network as a service for managing, networking, grouping, authenticating, and securing users across corporate domain networks. Users and computers rely on Active Directory to access various network resources. As such, cybercriminals understand that ransomware attacks on Active Directory can wreak havoc on any organization, making it an excellent extortion mechanism.

    In the fight against ransomware, organizations need to strategically prepare to protect against and respond to attacks. However, many IT organizations struggle to prioritize the appropriate initiatives to combat and mitigate the impact of ransomware. With more tools, technologies and processes than ever, a comprehensive ransomware security program is a must to help detect, prevent, respond and limit the overall exposure to ransomware and other destructive attacks. This comprehensive training course will help organizations to design, build, and manage a comprehensive Ransomware Security Program.

    Part 1: Ransomware Overview (90 Minutes)

    1.1 – Background & Introduction

    • What is ransomware?
    • How do ransomware attacks work?
    • How ransomware attacks have evolved (2016) – WannaCry and Petya / NotPetya
    • How ransomware attacks have evolved (2021) – REvil and Ryuk
    • Top six Ransomware Attacks of 2021 / 2022

    1.2 – Today’s Ransomware Problem

    • Human Operated Ransomware Attacks (Double Extortion)
    • Supply Chain Attacks
    • Ransomware as a Service (RaaS)
    • Attacking Unpatched Systems
    • Phishing Emails
    • Penetration Testing Tools (Cobalt Strike)

    1.3 – Ransomware Attacks against Information Technology (IT) Networks and Systems

    • Ransomware attack stages (initial access, lateral movement, privilege escalation, extortion, encryption)
    • The Ireland Health Service Elective (HSE) ransomware attack
    • How Conti Ransomware works
    • Lessons learned from the HSE Ransomware Attack

    1.4 – Ransomware Attacks against Operational Technology (OT) Networks and Systems

    • Ransomware attack stages (initial access, lateral movement, privilege escalation, extortion, encryption)
    • The Colonial Pipeline ransomware attack
    • How DarkSide Ransomware works
    • Lessons learned from the Colonial Pipeline Ransomware Attack

    Part 2: Understanding Ransomware Attacks (90 Minutes)

    2.1 – The MITRE ATT&CK Framework

    • What are the current Attack Models and how do they work?
    • What is the MITRE ATT&CK Framework?
    • What are MITRE Tactics?
    • What are MMITRE Techniques?
    • What are MITRE Procedures?
    • What is the MITRE D3FEND Matrix?

    2.2 – Mapping Ransomware Tactics, Techniques, Procedures (TTPs) to MITRE ATT&CK

    • Mapping REvil Ransomware to the MITRE ATT&CK Framework
    • Mapping Conti Ransomware to the MITRE ATT&CK Framework
    • Mapping Maze Ransomware to the MITRE ATT&CK Framework
    • Mapping Ryuk Ransomware to the MITRE ATT&CK Framework
    • Mapping DarkSide Ransomware to the MITRE ATT&CK Framework

    2.3 – Pen Testing Tools and the MITRE ATT&CK Framework

    • The Pen Testing Execution Standard (PTES)
    • NIST SP 800-115 Technical Guide to Information Security Testing and Assessment
    • The Cobalt Strike Penetration Testing Platform
    • Mapping Cobalt Strike to the MITRE ATT&CK Framework

    2.4 – Understanding Cyber Threat Intelligence (CTI)

    • What is Cyber Threat Intelligence (CTI)?
    • How does Cyber Threat Intelligence Work?
    • Who are the main providers of Cyber Threat Intelligence?
    • What are the main themes of Cyber Threat Intelligence in 2021?

    Part 3: Building a Ransomware Security Program (90 Minutes)

    3.1 – Ransomware Security Controls / Guides

    • CISA_MS-ISAC Ransomware Guide
    • Higher Education Ransomware Playbook
    • CSBS Ransomware Self-Assessment Tool
    • NIST IR 8374 – NIST Cybersecurity Framework (CSF) Guidance on Ransomware
    • US Government Interagency Technical Guidance – How to Protect your Networks from Ransomware
    • Canadian Centre for Cyber Security Ransomware Playbook

    3.2 – NIST SP 1800 Practice Guides on Ransomware

    • NIST SP1800-25 – Identifying and Protecting Assets Against Ransomware and Other Destructive Events
    • NIST SP 1800-26 – Detecting and Responding to Ransomware and Other Destructive Events.
    • NIST SP 1800-11 – Recovering from Ransomware and Other Destructive Events

    3.3 – Free Cybersecurity Tools and Services > https://www.cisa.gov/free-cybersecurity-services-and-tools

    • Tools that focus on reducing the likelihood of a damaging cyber incident
    • Tools that focus on detecting malicious activity quickly
    • Tools that focus on responding effectively to confirmed incidents
    • Tools that focus on maximizing resilience to a destructive cyber event

    3.4 – Building a Ransomware Security Program

    • Cybersecurity Program Assessment: based on CIS Security Controls Scorecard
    • Ransomware Program Assessment: based on CISA MS-ISAC Ransomware Controls Scorecard
    • Develop a Plan of Action and Milestones (POA&M)
    • Document an Executive Summary
    • Conduct Read Team, Blue Team, Purple Team and Table-Top Exercises
    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am

    Participating professional associations and details to be announced.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    9:00 am
    OPENING KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    They Were Here, Now They're Everywhere: Leading Distributed Teams
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    It’s no secret that many organizations abruptly shifted to a remote workplace model when the COVID-19 pandemic swept the globe. As leaders cope with the aftermath of the strangest time of their lives, they now consider what the workforce of the future looks like. Although the long-term answer will vary, one thing is certain: more organizations are embracing a dispersed workforce. Some leaders are concerned how they will continue to build and lead effective teams when many of our tried-and-true tactics are obsolete. While many have overcomplicated remote leadership, all we really need are four basic principles for success.

    10:15 am
    Conquering Cloud Complexity
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Cloud security is hard, not least because cloud platforms change so quickly.  This talk presents several lessons learned from security teams struggling to get their arms around the sprawl of modern infrastructure, using practical analogies from pandemics and earthquakes.

    10:15 am
    Paving the Way to AppSec Program Success
    • session level icon
    How to build a scaleable enterprise-wide application security program.
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    This presentation offers a fundamental approach to creating a foundation for an application security program that holistically addresses findings by creating a conduit between the information security teams—who often discover the issues—and the development teams, who know the application better than anyone and can re-mediate issues in the best possible fashion.

    11:10 am
    Data vs. Systems Protection: The New Cybersecurity School of Thought
    • session level icon
    speaker photo
    CISO, AAA Washington
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    The average individual has had their personal data compromised at least seven times in the past several years. This has spawned industries that are providing products and solutions to help people be made whole again with minimal effort.

    In a time when we are becoming tone deaf to data security breaches, we are acutely aware of breaches that have far greater impact than data confidentiality. Ransomware and denial of service attacks are proving to cause a more harmful impact to organizations than data breaches. Yet, the cybersecurity profession continues to emphasize data protection as its primary concern.

    This session will explore whether cybersecurity professionals and supporting product and solution providers should be changing their emphasis from data protection to systems protection to address the new threat and risk landscape.

    11:10 am
    Securing Your Sensitive Assets in a Cloud-First World
    • session level icon
    speaker photo
    Security, Cyral
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    As enterprises continue their digital transformation journeys, data repositories and the sensitive assets within are more exposed than ever before for several reasons, including a dramatic rise in the:

    • Amount of data created, collected, and stored
    • Number of repositories storing sensitive data across clouds
    • Number of users and applications that need access to data

      In this talk, we’ll address how organizations can avoid top threats facing your data repositories with GitOps and how to safely democratize access to data repositories across clouds.

    11:10 am
    Insider Threats: A Multi-Pronged Approach to Protecting Your Organization
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    Insider threats are a real danger and cannot be overlooked. While deploying the latest secure system to fight against cyber threats is a decent strategy, you must also implement an effective insider threat system for an overall cybersecurity solution. An insider threat program cannot be brought off the shelf, but is a continuous process to identify and detect an incident as it occurs.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    12:00 pm
    [Lunch Keynote] Cybersecurity Collaboration: A Vital Component to U.S. Cyber Resilience
    • session level icon
    speaker photo
    Director, Region 10, DHS Cybersecurity and Infrastructure Security Agency (CISA)
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    The threats against our national cyber defenses are growing increasingly sophisticated and resourced. To adequately protect networks and information, government and industry must utilize their collective strengths, combine their talents, and work together to share threat information and best practices.
    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    [Panel] Tales from the Cloud: Doing More with Less
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

    1:15 pm
    [Panel] The Current Threat Landscape
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    2:30 pm
    Incident Response: Look Who's Talking
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm

    Key Takeaway:
    Learn the essential elements of crisis communications and reputation control for the cybersecurity team and the elements not exercised in most Incident Response plans.

    The ability to control the narrative during a cyber event will shape public perception of the company’s preparedness for a cyber event. In a cyber crisis, for everyone outside of the technical teams, perception is reality, and that reality may affect the company’s reputation long after the incident is over. Businesses have a significant reliance on technology; a breach of customer trust can be just as devastating as a network breach. Employees who are unsure of the circumstances will not hesitate to share on social media. Does the Incident Response plan account for reputation control? How will the company handle crisis communications during a cyber incident?

    2:30 pm
    How to Build an Effective Security Awareness Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    2:30 pm
    Going Passwordless: Authentication Fact or Fiction?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    Are your internal customers tired of passwords? Are you tired of easily breaking their passwords? Well, look no further. Passwordless authentication is upon us and can be achieved for multi-factor authentication (MFA), while making our internal customers happy. How is this possible? Come and listen with your colleagues as I share how we rolled it out, describe the lessons learned, and share who the players are.

    Passwords are one of the most loathed controls in the wild. If you can’t beat ’em, join ’em. Learn who the passwordless alphas are and the lessons learned to achieve a win-win strategy within your company.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    3:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    3:45 pm
    Industrial Control Systems and Cybersecurity
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:45 pm - 4:30 pm

    Industrial Control Systems are everywhere and have an impact on our lives every day.  If they are not protected properly, we could lose access to electricity, oil & gas, and even food.  This presentation will look at what an Industrial Control System is, what the possible dangers are, and how to best protect them.

     

    3:45 pm
    Finding Your Own Vulnerabilities (Before Attackers & Auditors Do)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm

    Organizations can often struggle to identify and address vulnerabilities in their environment, whether for network devices, servers, workstations, IoT devices and other hosts. This presentation covers a number of “quick wins” in vulnerability management for the wide range of devices seen on corporate and home networks today.

    3:45 pm
    Access Management: How to Control Access in Today’s Technology Environment
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm

    User IDs, long, complicated passwords, data breaches, internal audits, external audits, compliance assessments, hackers, and the list goes on and on. These are just a few things that access management professionals worry about. How do you set up your access management controls to limit the organization’s exposure and decrease the odds something bad will happen?  Come learn proven techniques to control the access management environment.

    3:45 pm
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 2
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm
  • Thursday, November 10, 2022
    7:00 am
    Registration open
    Registration Level:
    7:00 am - 4:30 pm

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 3
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am
    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 pm

    Participating professional associations and details to be announced.

    8:00 am
    Exhibitor Hall open
    Registration Level:
    8:00 am - 4:30 pm

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    9:00 am
    [Opening Keynote] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    Registration Level:
    9:45 am - 10:15 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    Encryption and Quantum Computing - Breaking It Down
    • session level icon
    speaker photo
    Security & Privacy Information Systems Leader, Philips
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    This presentation will discuss the current state of encryption and why it won’t be sufficient in the world of Quantum computing. We will look at the life of data and why current encryption models will not be able to meet the life expectancy of the data, which is a measure of how strong your company’s encryption needs to be. We will also look at legacy data that is encrypted at rest and why it is also at risk, and why redoing the encryption of this data using newer encryption models may become mandatory in order to safeguard your data.
    10:15 am
    An Enlightened Path to AppSec Nirvana from Code to Cloud
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Key Takeaway:
    You’ll leave with an executable roadmap to improving the security of your applications.

    This session will be high-level and cover the various elements of a comprehensive application security program and how the pieces fit together. We’ll also review the various secure development models to equip you with a choice of standards you can adopt. Finally, we’ll cover sequencing and speed so you can follow a path to achieving your own AppSec nirvana.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:15 am
    Threat Detection: Beyond Prevention
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    11:10 am
    Understanding and Managing the Risk of Emerging Technology
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Technology is evolving at a record pace and continuing to speed up. Emerging technology such as Artificial Intelligence (AI), Robotic Process Automation (RPA), Blockchain, Internet of Things (IoT), and Quantum computing are enabling efficiency gains and business value never before imagined. More and more frequently these technologies sit on a cloud foundation which enables a considerable level of scalability and resiliency. These new technological capabilities also carry unique risks which are still being uncovered and subsequently understood. Many of these technologies require new control models while a lack of standards present the challenge of where to look for guidance.

    The session will explore the risks presented by emerging technologies, as well as controls that can be employed to manage the risks, while still harnessing the unique benefits of these technological advances.

    11:10 am
    5 Steps to Zero Trust
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Protecting the edge of your network isn’t enough in a world where anyone can access data from anywhere. The principles of Zero Trust turn the traditional perimeter-centric model on its head and focus on securing what matters most: the data.

    See how a data-centric approach to security can help you defend against ransomware, APTs, and insider threats.

    We’ll break down how to get to Zero Trust, covering how to:

    • Identify sensitive data with scalable classification
    • Create an audit trail around sensitive data
    • Architect microperimeters by limiting who has access to data
    • Monitor for potential threats
    • Use automation for remediation and response

    Learn about what Zero Trust means and concrete steps you can take to implement it in practice.

    11:10 am
    Third-Party Risk: Creating and Managing a Program that Works!
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Every organization is concerned with third-party risk. No one wants to be the next Target breach. This session will examine the components of third-party risk management and give you some leading practices on how to develop a workable and sustainable process.

     

    12:00 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Advisory Council – VIP / INVITE ONLY

    12:45 pm
    Networking Break
    Registration Level:
    12:45 pm - 1:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    [Panel] The Battle to Control the Endpoints
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    In a recent survey, the SecureWorld media team uncovered that a whopping 30% of IT professionals admitted they didn’t actually know if they had visibility on all the endpoints within their organizations! With close to a thousand endpoints (in the majority of those surveyed) that included: servers, office PCs, printers, employee-owned devices, smart watches, IoT—the list goes on and on. What does the cloud do to impact this count? What was missed? Join our experts as they help us gain better visibility into the battle to control ALL the endpoints.

    1:15 pm
    [Panel] Prioritizing the Current Threatscape
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    Ransomware, business email compromise, cloud misconfigurations, social engineering, insider threats, third-party coding… the list goes on and on. The threats are everywhere. Some are new, but the old ones work just as well. How do you decide which threats are of the most concern to your organization? Do you report all of these to the Board? How do you provide the resources necessary to minimize the risks and still enable the business? Join our experts as they tackle how to identify and prioritize the current threats.

    2:30 pm
    The Last 2%: The Defense in Depth Layers No One Wants to Talk About
    • session level icon
    Perception Management, Value, and Trust
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm

    Having an effective security program is more than just having great technology. It’s about turning data into information and information into action. True success comes in the form of the business “wanting” you involved because they trust you and value the services your team provides. It doesn’t happen overnight and like any other part of your program, it needs to be deliberately designed in.

    2:30 pm
    Reducing Implicit Trust in Your Cloud Service Provider
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    As organizations embark on a cloud-first strategy, they often find they’re placing excessive trust in their cloud service provider to protect the sensitivity of their organization’s assets, especially sensitive data. During this presentation, we provide an overview of how the cloud service provider requires you to participate in a shared security model and how your organization can retain control of your sensitive data encryption. In other words: your data, their cloud! We’ll discuss and show how using newer tools and techniques—that include split trust, ubiquitous data encryption, and contextual access—reduce and mitigate implicit trust in your cloud provider along with allowing you to manage your own encryption and manage access to your data in the cloud.

    2:30 pm
    I.A.M. What I Am: Building a Strong Identity and Access Management Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    Identity and Access Management has risen from a necessary evil to the “new perimeter” as applications migrate to the cloud. Having the right people aligned to your business processes with sound technology will propel your IAM program from the back office to business enabling function. This presentation will guide you on how to mature your existing identity and access management program, pitfalls to avoid, and tips to get your stakeholders on board.

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    Cloud Security Checklist Manifesto
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:45 pm - 4:30 pm

    Inspired by the best-selling book “The Checklist Manifesto” by surgeon Dr. Atul Gawande, this talk will focus on identifying and focusing on a Cloud Security checklist. Like the medical field where checklists are necessary to make complex life and death situations a little more manageable, we need a robust set of tasks that are absolutely required for any cloud infrastructure. This session will also provide information to build up a starter checklist that can grow with the cloud workload. This will also help organizations meet their audit and compliance requirements.

    3:45 pm
    Ransomware and the Future of Cyberwarfare
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm

    The use of ransomware as a class of malware has exploded in recent years, causing millions of dollars in damages to organizations across the world—and the damage isn’t slowing down. On the contrary, ransomware as a tool is being adopted by a wide array of perpetrators. This includes nation-states, for cash, and to use the demand for cash to obfuscate activities like espionage and sabotage. Ransomware has become a powerful tool of asset seizure and extortion, being used by criminals, activists, and even sanctioned governments for multiple purposes, including use as a weapon of war. The use of ransomware and its close cousin, wiperware, is only accelerating.

    In this talk, we will examine how the proliferation of ransomware brought us to this point, what it means for current global conflicts, and the implications for the future of cyberwarfare.

    3:45 pm
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 4
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm
Exhibitors
  • Adaptiva
    Booth:

    Adaptiva’s unrivaled solutions empower complex, enterprise IT teams to manage and secure endpoints with unparalleled speed at massive scale. They eliminate the need for a vast IT infrastructure and automate countless endpoint management tasks for many of the world’s largest organizations and government agencies.

  • AuditBoard, Inc
    Booth:

    AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. Its integrated suite of easy-to-use audit, risk, and compliance solutions streamlines internal audit, SOX compliance, controls management, risk management, and security compliance. AuditBoard’s clients range from prominent pre-IPO to Fortune 50 companies

    looking to modernize, simplify, and elevate their functions. AuditBoard is the top-rated audit management and GRC software on G2, and was recently ranked for the second year in a row as one of the 100 fastest-growing technology companies in North America by Deloitte.

  • BeyondTrust
    Booth:

    BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry’s most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.

    The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. We are trusted by 20,000 customers, including 78 of the Fortune 100, and a global partner network.

  • BlackBerry
    Booth:

    BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including more than 175M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear—to secure a connected future you can trust.

    BlackBerry. Intelligent Security. Everywhere.

    For more information, visit BlackBerry.com and follow @BlackBerry.

  • Code42
    Booth:

    Code42 is the leader in insider risk detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data from insider threats while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

  • Critical Start
    Booth:

    Critical Start is a cybersecurity company with a holistic, customer-focused approach. We work with our customers to understand the impact of IT on their business and determine the associated risks. Using this risk profile, we can offer big-picture guidance on the strategies and controls that will enable them to effectively manage risk and improve security. Critical Start is 100% employee owned by a team of experts who are passionate about security, quality and service. For more information on what sets us apart, visit criticalstart.com.

  • Cybercrime Support Network
    Booth: N/A

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Cyral
    Booth:

    Cyral delivers enterprise data security and governance across all data services such as S3, Snowflake, Kafka, MongoDB, Oracle and more.

    The cloud-native service is built on a stateless interception technology that monitors all data endpoint activity in real-time and enables unified visibility, identity federation and granular access controls.

    Cyral automates workflows and enables collaboration between DevOps and Security teams to operationalize assurance and prevent data leakage.

  • Endace
    Booth:

    Customers choose Endace products for one primary reason: they deliver, where competitor products fail. Whether it is capture accuracy, fidelity of time stamps, write-to-disk performance or speed of traffic retrieval, Endace is famous for delivering the very best performing products. Telcos, broadcasters, governments, defence departments, investment banks and many other large enterprises trust our products to help them manage their critical data networks.

  • Expel
    Booth:

    Expel provides transparent managed security, on-prem and in the cloud. It’s the antidote for companies trapped in failed relationships with their managed security service provider (MSSP) and those looking to avoid the frustration of working with one in the first place. To learn more, go to https://www.expel.io.

  • HackEDU
    Booth:

    HackEDU provides secure coding training to companies ranging from startups to the Fortune 5. HackEDU’s mission is to provide best in class interactive cybersecurity training. Whether you are someone brand new to the field looking to break in or a developer looking to code more securely, we are passionate about teaching. Our aim is to lower barriers to learn security and give safe and legal environments for exploration. Only then will the industry flourish with more cybersecurity professionals and security champions.

    Our decades of cybersecurity experience helps us shape our platform and curriculum. We are always looking for cybersecurity experts that are passionate about teaching. If you are interested in joining our team please check out our careers page.

  • Illumio
    Booth:

    We built the Illumio Adaptive Security Platform (ASP)™ to provide unprecedented visualization and control of enterprise applications. Our system constantly inspects and adapts to the computing environment it is protecting, without pause.
    Moreover, since 75 percent of computing interactions never leave the data center, our customers can now have complete visibility behind the firewall, whether it is running in their data center or the vibrant public cloud services of Amazon Web Services, Microsoft Azure, Google Compute Engine, Rackspace, and many others.

  • Mimecast
    Booth:

    Mimecast (NASDAQ: MIME) was born in 2003 with a focus on delivering relentless protection. Each day, we take on cyber disruption for our tens of thousands of customers around the globe; always putting them first, and never giving up on tackling their biggest security challenges together. We are the company that built an intentional and scalable design ideology that solves the number one cyberattack vector—email. We continuously invest to thoughtfully integrate brand protection, security awareness training, web security, compliance and other essential capabilities. Mimecast is here to help protect large and small organizations from malicious activity, human error and technology failure; and to lead the movement toward building a more resilient world.

  • Netography
    Booth:

    Netography is the only company that delivers Security for the Atomized Network. In the Atomized Network, applications and data are scattered across a complex environment consisting of multi-cloud, on-premise, and legacy infrastructure, all being accessed by increasingly mobile and remote workers.

    Netography Fusion®, a pure SaaS, universal platform, provides a single view of complete network visibility for real-time and retrospective attack detection across your entire footprint. Empowering enterprises with full visibility and control, Fusion provides custom threat detections, cloud and network visibility, and threat hunting. No hardware, no software, and nothing to deploy–with time-to-value within minutes.

  • Open Systems
    Booth:

    The escalated threat level, the cyber talent shortage, and the sheer complexity of deploying and managing a multitude of security solutions, are the perfect storm for security and IT teams. We are deeply passionate about protecting organizations from that storm.

    We provide a set of AI-based, cloud-delivered security solutions that are simple to deploy and manage, and provide the highest level of protection. And Mission Control, our integrated NOC and SOC, is staffed by experts, not only in threat hunting and cyber hygiene, but also in the proper configuration and maintenance of the Microsoft security stack. So we can leverage what you already own.

    The combination is changing the lives of our customers, giving them security traditionally reserved for only the largest organizations. We give them “shelter from the storm”. That is our passion.

  • OpenText
    Booth:

    OpenText, The Information Company™, enables organizations to gain insight through market leading information management solutions, powered by OpenText Cloud Editions.

  • Pentera
    Booth:

    Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale.

    Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited.

  • Proofpoint
    Booth:

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth:

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • ReliaQuest
    Booth:

    ReliaQuest fortifies the world’s most trusted brands against cyber threats with its platform for proactive security model management. Acting as a force multiplier on an organization’s existing cybersecurity investments, only ReliaQuest’s GreyMatter integrates disparate technologies to provide a unified, actionable view that fills the gaps in enterprise security programs.

  • Team Cymru
    Booth:

    Give your security analysts visibility they can’t get anywhere else. With Pure Signal RECON, analysts can extend threat hunting far beyond the enterprise perimeter to trace, map and monitor malicious infrastructures. Block cyber attacks, close threat detection gaps, improve incident response and enforce supply chain security.

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tevora
    Booth:

    Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats. For more information visit https://www.tevora.com.com/.

  • Trend Micro
    Booth:

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • UpGuard
    Booth:

    UpGuard is the best platform for securing your organization’s sensitive data. Our security ratings engine monitors millions of companies and billions of data points every day.

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    William Lidster, PhD
    CISO, AAA Washington

    William serves as the leader of AAA Washington’s information security and compliance efforts. He is responsible to establish a responsive, dynamic, and flexible cybersecurity program to meet continually changing information security, regulatory, and compliance needs in the organization.  William has been with AAA Washington since August of 2017. Other roles that William serves in the company includes coordinating business continuity program activities and leading the company through emerging privacy legislation management.

    In the evenings, William instructs graduate and undergraduate cybersecurity courses at the University of Washington and The Penn State University.
    William completed his Bachelor of Science in Computer Science from the US Military Academy at West Point. He subsequently earned a Masters in Management Information Systems and an MBA from the University of Maryland. In December of 2018, he completed his Doctorate of Philosophy in Cybersecurity and Information Assurance from Capella University.

    Prior to William starting at AAA Washington, he served five years as the Manager of IT Security Engineering at Puget Sound Energy. Prior to that he also served as the regional Chief Information Security Officer for Providence Health and Services. He has also served in similar positions with Alaska USA Federal Credit Union, Chugach Electric Association, and the State of Alaska, Department of Public Safety.

    William served in the US Army from 1990 to 1996 as an officer in the Infantry and is a combat veteran for Operation Desert Storm.

  • speaker photo
    Solomon
    Security, Cyral

    Solomon has over 20 years' experience as a security leader at such companies as Microsoft, IBM, VMware, and Facebook.

  • speaker photo
    Patrick Massey
    Director, Region 10, DHS Cybersecurity and Infrastructure Security Agency (CISA)

    Patrick Massey serves as the Regional Director of the DHS Cybersecurity and Infrastructure Security Agency (CISA) Region 10 office in Seattle where he is responsible for assisting private and public sector stakeholders enhance the security and resiliency of critical infrastructure facilities in the states of Alaska, Idaho, Oregon, and Washington.

    Prior to joining CISA in 2016, Mr. Massey served for twenty years with the Federal Emergency Management Agency (FEMA) Region 10 office including as the Director, National Preparedness Division, Regional Integration Branch Chief, Technological Hazards Branch Chief, and as a Hazard Mitigation Specialist. In addition, Mr. Massey served in various operational assignments on numerous disasters throughout the country over his career.

    Prior to joining FEMA, Mr. Massey served as the Assistant State Hazard Mitigation Officer with the Illinois Emergency Management Agency and served as a Planner for a Regional Planning Commission in Illinois.

    Trained as a Nuclear, Biological, and Chemical Officer in the United States Army, Mr. Massey served in a tank battalion in West Germany and in the First Gulf War. Mr. Massey holds several professional certifications to include: CISM, CRISC, and CPP and has earned a B.S. in Electrical Engineering Technology, and an M.S. in Environmental Planning from Southern Illinois University, an M.A. in Security Studies from the Naval Postgraduate School, and an M.A. in Strategic Studies from the United States Army War College.

  • speaker photo
    Panel Discussion
  • speaker photo
    Panel Discussion
  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Bruce Lobree
    Security & Privacy Information Systems Leader, Philips

    Bruce Lobree has participated in and managed technical security, technical architecture, audit and consulting, teams as a first level manager up to having Global responsibilities at an executive level managing multi-million programs. He has working experience in government, retail, financial, software and utility industries generating cost effective, client focused security solutions, operational models and programs to meet corporate and regulatory requirements. This has included architecting, designing, individually implementing or managing the implementation of physical and logical security systems and controls for reliability and availability. These programs have dealt with implementing various industry standards and regulatory requirements including HIPAA, SOX, PCI, GLBA and ISO 270001 and other National and International control standards. He has also authored books and taught at the University level.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
INVEST IN YOUR GROWTH!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!