Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, April 22, 2021
    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:00 am
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable
    • session level icon
    Philosophy of Technology: Leveraging Your Own IT Leadership Experience and Ideas to Inspire Creativity, Participation, and Performance in Others
    speaker photo
    Director, IT Governance & Security, Novolex
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:55 am

    This session is for SecureWorld Advisory Council members by invite only.

    James Kidwell will moderate the discussion on the topic of leveraging your IT leadership experience and ideas to inspire creativity, participation, and performance in your teams.

    8:15 am
    Get Beyond Compliance and Achieve Real Data Security
    • session level icon
    speaker photo
    SVP, Strategy and Imperva Fellow, Imperva
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:55 am

    To keep pace with the database activity explosion that has accompanied recent rapid technology innovations, organizations must rethink their strategy for securing their data assets. A strategy designed to meet compliance requirements is not enough. Organizations need to develop new approaches that augment traditional agent-based monitoring to achieve real data security today and in the future.

    We’ll provide insight into how you can automate data collection and monitoring so you may apply more resources to identifying non-compliant behavior and orchestrating rapid responses, regardless of where your data is or the size of your data estate.

    8:15 am
    Top 4 Reasons Why Privileged Access Management Implementations Fail
    • session level icon
    speaker photo
    Chief Strategy Officer, Remediant
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:55 am

    It is shocking that, year over year, stealing credentials is still the top tactic used by attackers to breach organizations. Why is this still happening? Hint: It isn’t only because of weak passwords. Organizations have invested heavily into privileged access management (PAM) technologies, but these solutions have struggled to address the problem for five key reasons. In this discussion, we will address the gaps in current access management approaches but, more importantly, show you how to quickly close the gaps and significantly reduce security risks without disrupting your current investments or systems.

    Join Remediant in this discussion to:

    • Learn the five reasons why privileged access management implementations fail
    • Identify areas in your IAM program where you can reduce admin access risk
    • Capitalize on existing investments, while improving your risk posture

    Presentation level: TECHNICAL (deeper dive including TTPs)

    8:15 am
    Stay Ahead: Prep and Protect Your Workforce for a Post-Pandemic World
    • session level icon
    speaker photo
    Emerging Threats Cybersecurity Evangelist, Office of the CTO, Check Point Software Technologies
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:55 am

    Organizations worldwide transformed their ways of working with the onset of the COVID-19 pandemic. Now, we’re all forced to face new uncertainties as we transition to a post-pandemic world. Meanwhile, threat actors and cybercriminals are evolving their tactics to take advantage of these hazy times and of the pandemic’s disruption as seen by recent surges in attacks across all industry sectors. This new phase of the modern workforce threatens more disruptive change and unpredictability. Join us to better understand what organizations such as yours should be focusing on to avoid being the next victim and stay a step ahead of the world’s leading cybercriminals.

    9:00 am
    [Opening Keynote] Moving Forward in 2021: What We've Learned, Where Security Goes Next
    • session level icon
    speaker photo
    CISO, Georgia Department of Revenue
    speaker photo
    CISO, Safe-Guard Products
    speaker photo
    Director, Head of Security, Compliance and Risk, Vaco
    speaker photo
    CISO, Carolina Complete Health; VP, Information Security, Centene Corp.
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    Join this session to hear from security leaders in Atlanta and Charlotte discuss what kind of pandemic lessons will help fuel digital innovation going forward, how security teams are working together in the evolution of the workplace, and what security’s ideal role will be as we move forward.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:00 am
    Enemies Among Your Friends: Vendor Management in a Post SolarWinds World
    • session level icon
    speaker photo
    Co-Founder & Managing Partner, XPAN Law Partners
    speaker photo
    Interim CISO, University of Chicago Medical Center; CSO, Trexin Group
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    We have had one of the most seismic shifts in the world of data privacy and cybersecurity in the SolarWinds breach. In this single incident, we see the convergence of what security and data privacy experts have been railing about for years: namely, the terrifying reality of prolonged access to a system and a robust supply chain breach.

    One of the most important considerations in cybersecurity does not involve your own direct network security; it involves your partners and vendors. You are only as strong as the weakest link in your vendor chain. The ease, convenience, and cost effectiveness of outsourcing certain business functions frequently overshadows the potential pitfalls lurking in using outside third parties and vendors.

    This presentation will include technology and legal perspectives as we “unpack” the SolarWinds breach. Providing interplay between the two worlds, we will begin with a technology overview of the “reach of the breach,” then discuss the legal ramifications in terms of contractual obligations, insurance coverage, and regulatory issues. Finally, we will discuss the steps your organization needs to take to ensure that any partners or vendors with access to your network systems or company data are meeting (at least) a minimum level of security requirements. We will go through the steps involved in a vendor management program and explain how to get started (or how to get better) at managing vendors.

    10:00 am
    Incredible Email Hacks You'd Never Expect
    • session level icon
    speaker photo
    Data-Driven Defense Evangelist, KnowBe4
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware! Join us as we explore 10 ways hackers use social engineering to trick your end-users into revealing sensitive data or enabling malicious code to run.

    You will learn:

    •  How silent malware launches, remote password hash capture, and how rogue rules work
    •  Why rogue documents, establishing fake relationships and getting you to compromise your ethics are so effective
    •  Details behind clickjacking and web beacons
    •  Actionable steps on how to defend against them all

    If all you were worried about were phishing attempts, think again!

    10:00 am
    Faking It: Stopping Impersonation Attacks with Cyber AI
    • session level icon
    speaker photo
    Director, Email Security Products, Darktrace
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Today, 94% of cyber threats still originate in the inbox. “Impersonation attacks” are on the rise, as artificial intelligence is increasingly being used to automatically generate spear-phishing emails, or digital fakes, that expertly mimic the writing style of trusted contacts and colleagues.

    Humans can no longer distinguish real from fake on their own, and businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response.

    In an era when thousands of documents can be encrypted in minutes, “immune system” technology takes action in seconds—stopping cyber threats before damage is done.

    Find out how in this session.

    10:00 am
    A Proven Approach to Embed Security into DevOps
    • session level icon
    speaker photo
    Security Evangelist & Sr. Solution Specialist, Checkmarx Inc.
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    The shift towards DevOps makes it clear that organizations are adopting this model to facilitate the practice of automating development, delivery, and deployment of mission-critical software. While the traditional idea of a software release dissolves into a continuous cycle of service and delivery improvements, organizations find that their conventional approaches to application security are having a difficult time adapting to DevOps, since security if often viewed as an inhibitor to this new approach.

    Join Stephen Gates, Checkmarx SME, where you’ll:

    • Discover the six proven steps of embedding software security into DevOps.
    • Learn how to ensure vulnerabilities and run-time risks are identified and remediated early in development.
    • Explore the benefits of AppSec integration and automation into the tooling your developers use.
    • Hear about new AppSec awareness and training approaches to improve developer secure coding skills.
    10:30 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:45 am
    Cloud Encryption Dynamics
    • session level icon
    speaker photo
    Executive Director, Data Management & Protection, JPMorgan Chase
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    The emergence of cloud computing resulted in a boom in attention on encryption. Where has encryption benefited cloud computing, and where have hopes been dashed? What are today’s models, and what impact will the latest technologies—confidential computing, privacy preserving encryption, homomorphic encryption, for example—have in the years ahead? This session will provide an overview of cloud encryption dynamics that probably contradicts at least one thing you believe on that topic. Come join this session and learn from someone that’s lived in the trenches and values constructive debate.

    Paul Rich is the Executive Director of Data Management & Protection at JPMorgan Chase & Co. From 1998 to 2019, he worked at Microsoft where he worked with encryption technologies and developed new features in Office 365 for protecting customer data. Paul aspires to evangelize unfortunate truths and debunk popular myths regarding encryption and cloud computing.

    10:45 am
    Hacking Exposed: Learning from the Adversaries
    • session level icon
    A look inside the techniques of OceanLotus / APT32
    speaker photo
    Chief Evangelist & Sr. Director, Product Marketing, BlackBerry
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Fileless attacks and fileless malware have grown in sophistication, especially in their ability to obfuscate and hide from both traditional and next-generation anti-virus. With this ever growing threat, how do you train your systems to defend against it?

    In this session, you will learn techniques to make your own weaponized document that is designed to not just bypass AV but also human threat hunters through a sophisticated method of obfuscation and the use of built-in trusted tools. The document is capable of allowing the attacker to gain remote access to the victim system and exfiltrate sensitive data. You will get to see, firsthand, the attack compromise both a Windows PC and a MacOS.

    Join Blackberry’s Brian Robison to discover the techniques being used by APT32/OceanLotus to attack their victims and learn how to replicate them to better test your defenses.

    10:45 am
    A Modern Approach to Information Protection
    • session level icon
    speaker photo
    Global Director, Cloud and Information Protection, Proofpoint
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Data Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations—especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021?

    11:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    11:30 am
    What We Need Now: A National Cybersecurity Safety Board
    • session level icon
    speaker photo
    Cybersecurity Program Chair, Indiana University
    speaker photo
    Former Chairman, National Transportation Safety Board; Founder, Hart Solutions LLP
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    No system for investigating and reporting on cyber attacks is perfect, and incentives will often be misaligned in this context. However, creating a National Cybersecurity Safety Board (NCSB), similar to the National Transportation Safety Board (NTSB), could help protect organizations and critical infrastructure more effectively than ever before. But how would such a Board function, and could it succeed where past public-private collaborations have failed given the rapid pace of technical innovation in the cybersecurity field? This session will examine the possibilities and limitations of such an approach within the broader context of critical infrastructure protection.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    11:30 am
    Taking an APPSECond
    • session level icon
    Taking an APPSECond to understand security vulnerabilities in mobile application development
    speaker photo
    Sr. Manager, Information Security, Krispy Kreme
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    Taking an APPSECond to understand security vulnerabilities in mobile application development. This presentation will show how mobile applications are being utilized to stand up parallel businesses by exploiting weaknesses in those applications. These exploits go unseen in most cases, however, through a series of live demonstrations, will show how the exposures can be detected and mitigated.

    Learning objectives:

    • Understand the methodologies utilized by cybercriminals to create businesses using exploited mobile applications
    • How the business activity is hiding in plain sight
    • What steps can be taken to mitigate and potentially disrupt the cybercriminal’s business at the expense of your company’s applications.

    Additional take-aways:

    • See how and where the “activity” is conducted to perform these criminal acts
    • How to identify malicious activity associated with mobile applications “beyond the scan”
    • Enhance current security practices on what controls are bypassed by utilizing existing company resources

    Who should attend:
    Anyone involved in defending critical infrastructure information networks and systems, those developing software for critical infrastructure systems, or organizational IT leaders and managers

    11:30 am
    The Implementation Journey of Zero Trust and SASE: Realizing the Benefits
    • session level icon
    speaker photo
    CSO & VP, Cloud Security Transformation, Netskope
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    Most organizations have a hybrid implementation of cloud and on-prem services. With the rapid adoption of business digitalization and expanding remote work force, how do we consolidate controls and enhance the security of the systems?

    In this hybrid mode, enterprises need speed, visibility, security, and reliability without compromise. Enter the secure access service edge, better known as SASE. It’s inevitable that SASE implementations and Zero Trust implementations will provide a more comprehensive security capability to truly support digital transformation. How can your organization best position itself for the transition?

    In this session, James Christianson will discuss:
    ·  How to migrate your security controls to take advantage of SASE
    ·  Reducing cost while increasing your security posture
    ·  Implementing a road map for SASE / Zero Trust

    11:30 am
    The Challenge of Detecting Threats in the Cloud
    • session level icon
    speaker photo
    VP of Solutions, Securonix
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    Detecting threats in the cloud presents several challenges: dealing with new technologies and facing new threat scenarios, exacerbated by the COVID-19 accelerated cloud adoption. Gartner indicates that organizations have been expanding their adoption of cloud security-oriented tools, such as Cloud Security Posture Management (CSPM) and Cloud Access Security Broker (CASB), as they try to keep cloud-related threats under control. However, not all organizations have an interest in adopting all these added technologies, and even when they do, the challenge of integrating them into their security monitoring infrastructure remains.

    Join this discussion to learn:

    • What are the differences between traditional threats and cloud threats?
    • How to align your security monitoring architecture to the new cloud monitoring requirements
    • How to optimize cloud security monitoring with a cloud-first SIEM approach
    12:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    12:15 pm
    Not Just a Checkbox Anymore: InfoSec Policies that Drive Accountability and Security-Mindedness
    • session level icon
    speaker photo
    Sr. Director, Information Security, Sleep Number
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    Security policies are a foundational requirement of any security program. Most of us have them, auditors review them, and we update them annually. That is a good start, but are your policies working for you in a way that advances your security program? A well-designed policy structure coupled with strategic communication, training, and processes will enable organizational clarity, gain executive buy-in, drive accountability, and even help advance security culture.

    Tina Meeker, CISSP, CIPP/US, and Sr. Director of Information Security for Sleep Number, will share proven practices to help you take your policy design and operational practices to the next level (or build from scratch) based on her experience in this space for over 15 years across several organizations across various industries.

    In this session, you will learn how to:

    • Architect a policy structure that fits your organization’s needs
    • Gain buy-in from the top and key stakeholders early and often
    • Identify key stakeholders to develop and deliver custom messaging (and training if needed) and drive ownership and accountability
    • Establish a simple “policy operations” process to help capture challenges and exceptions and to ensure proper visibility to risks
    • Evolve policy over time, staying in line with business capabilities and priorities
    12:15 pm
    Success Factors for Securing a Multi- or Hybrid-Cloud Environment
    • session level icon
    speaker photo
    Enterprise Customer Success Manager, CloudPassage
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    More organizations are experiencing the benefits of public cloud infrastructure—all of which enables development teams to select the best infrastructure for their application, such as one cloud provider over another, or leveraging the data center to host a portion of their assets and resources. But it creates a security challenge, since the security tooling for one cloud service provider is often not portable to another, and the tooling for the data center is not optimized for the cloud. The result is multiple dashboards, reduced productivity, increased costs, and gaps in security controls. Join us to learn about better ways to secure these diverse and complex environments.

    12:15 pm
    [Panel] Workforce 2.0: The New Normal
    • session level icon
    speaker photo
    Sr. Director, Product Management, Synopsys
    speaker photo
    Director of Product Marketing, Siemplify
    speaker photo
    Solutions Engineer, SpyCloud
    speaker photo
    Sr. Solutions Engineer, Okta
    speaker photo
    VP of Marketing, Appaegis
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    Our panelists will discuss the continued challenges with managing the remote workforce securely. Whether people go back to an office again is up in the air, but InfoSec and Operations must have processes and technology in place to keep the business running with an acceptable risk. Bring your questions for our panel.

    12:15 pm
    [Panel] The Rise of Ransomware
    • session level icon
    speaker photo
    Global Principal Engineer, Corelight
    speaker photo
    Presales Engineer, Arctic Wolf
    speaker photo
    Director for Cyber Intelligence and Analysis, Darktrace
    Registration Level:
    • session level iconVIP / Exclusive
    12:15 pm - 1:00 pm

    Even a pandemic didn’t slow the roll of hackers and other nefarious groups. Ransomware attacks are at an all-time high. It seems if a dollar is to be had, someone is trying to take it. So, how do we arm our clients, partners, and coworkers with the tools they need to identify these next-level threats?

    1:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    How to Achieve Your Cybersecurity Career Goals So You Can Reclaim Your Joy
    • session level icon
    speaker photo
    Founder, Activate & Implement LLC
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    This inspirational and empowerment session will address steps to take to avoid persistent procrastination, how to activate those steps and identify destiny threats that can undermine your personal development. You want to achieve your career goals in the industry, but some things are hindering your progress. It is time to address them. You will be empowered to activate, implement your goals, and push through to elevate your career.

    1:15 pm
    [Panel] Insider Threat: The Good, the Bad, and the Ugly!
    • session level icon
    speaker photo
    VP, Global Services Technical Operations, BlackBerry
    speaker photo
    Sr. Systems Engineer - GA, Gigamon
    speaker photo
    Sr. Cybersecurity Solutions Architect, Securonix
    speaker photo
    Sales Engineer, LogRhythm
    speaker photo
    Sr. Named Account Manager, Proofpoint
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm
    1:15 pm
    [Panel] Let's Talk About Clouds
    • session level icon
    speaker photo
    Solutions Engineer, Bitglass, Inc.
    speaker photo
    VP, Global Sales Engineering, Imperva
    speaker photo
    CMO, CloudPassage
    speaker photo
    Chief Evangelist, Netskope
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    It’s been a year now since many companies were forced to adopt cloud services or perish. For many, this was a huge shift and a leap of faith. This discussion will cover lessons learned, positives we have uncovered, and some of the new alphabet soup relating to cloud—CASB, SaaS, IaaS, etc.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:15 pm
    [Closing Keynote] Identity and Access Management: A Case Study from Harvard Medical School
    • session level icon
    speaker photo
    CISO, Harvard Medical School
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm

    Good identity management is one of the keys to good cyber hygiene within an organization, but it’s not without its fair share of challenges. Consider a large university with several schools within it, as well as a medical facility. You’ve got students, faculty, doctors, patients, and a host of random visitors all expecting access to your network.

    In this keynote address from Joe Zurba, CISO at Harvard Medical School, we will hear first-hand insight about his team’s approach to developing a robust and cohesive identity strategy: how they give the right levels of access to the right people, and how they track all of the moving pieces. We will also evaluate best practices in managing key components of identities, including: verification, validation, lifecycle management, and password management. Join us for this unique opportunity to get an insider’s perspective on cybersecurity at one of the most prestigious institutions in the nation.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

Exhibitors
  • Appaegis
    Booth:

    Appaegis provides the most secure agentless zero trust access solution to connect authorized users and devices to enterprise application. Appaegis’ cloud native solution fits into any organizations secure access service edge (SASE) framework, integrates with existing workflow, security infrastructure and is agnostic to the types of applications or endpoints. Appaegis provides complete visibility into every interaction between end points and applications, control access to applications and identify abnormal or anomalous transactions by leveraging its differentiated isolation technology.

    Appaegis solutions are built on the principal that organizations security posture must be based on the foundation of Zero Trust plus least privilege access, and account for the fact that every organization relies on a mix of internal applications, cloud native applications and SaaS.

  • Arctic Wolf Networks
    Booth:

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit  https://www.arcticwolf.com.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Bitglass
    Booth:

    Your company’s move to the cloud delivers flexibility and cost savings, but that doesn’t mean you should lose control of your data. Bitglass’ Cloud Access Security Broker (CASB) solution enables your enterprise to adopt cloud apps while ensuring data security and regulatory compliance. Bitglass secures your data in the cloud, at access, on any device.

    Bitglass was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution.

  • BitSight
    Booth:

    BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter

  • BlackBerry
    Booth:

    BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including more than 175M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear—to secure a connected future you can trust.

    BlackBerry. Intelligent Security. Everywhere.

    For more information, visit BlackBerry.com and follow @BlackBerry.

  • Check Point Software Technologies Inc.
    Booth:

    Check Point Software Technologies Inc. is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Checkmarx Inc.
    Booth:

    Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

  • CloudPassage
    Booth:

    CloudPassage® Halo® is the world’s leading agile security platform that provides instant visibility and continuous protection for servers in any combination of data centers, private clouds and public clouds. Halo uses minimal system resources; so layered security can be deployed right at every workload – servers, instances and containers.

  • Corelight
    Booth:

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • Cybercrime Support Network
    Booth:

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Darktrace
    Booth:

    Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.

    The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

  • DHG
    Booth:

    Headquartered in Charlotte, NC, DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 13 states, we combine deep experience with a strong commitment to personal service. We are passionate about helping our clients succeed—and we do so through a resourceful approach to solving problems, providing solutions and helping our clients achieve their goals.

    Dedicated client focus and relationships have been and always will be our touchstone. Here at DHG, you’ll receive personalized service provided by a team of professionals who are eager to share their knowledge and experience with you. We draw on our extensive resources to combine comprehensive assurance, tax and advisory services.

  • Gigamon
    Booth:

    Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.

  • Imperva
    Booth:

    Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.

  • KnowBe4
    Booth:

    We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.

    KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

    The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.

    Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.

  • LogRhythm
    Booth:

    LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

  • Netskope
    Booth:

    The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • Proofpoint
    Booth:

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Remediant
    Booth:

    Founded in the heart of San Francisco, Remediant offers an industry leading Privileged Access Management (PAM) solution we call SecureOne.  Our innovative and enterprise-class cybersecurity solution enables real-time monitoring, Zero Trust protection of privileged accounts and Just-In-Time Administration (JITA) across IT/Security/Cloud ecosystems. We protect organizations from stolen credentials being used against them, which is the number one attack vector across all breaches. To learn more, please visit: www.remediant.com

  • Securonix
    Booth:

    Securonix is redefining the next generation of cyber-threat detection using the power of machine learning and big data. Our purpose-built security analytics platform uses machine learning to track and create baselines of user, account, and system behavior and detects the most advanced insider threats, cyber threats, and fraud activities in real time. Built on a Hadoop platform, the Securonix solution provides an open platform with unlimited scalability. Securonix provides incident orchestration capabilities with playbooks that enable automated incident response. Globally, customers use Securonix to address their insider threat, cyber threat, cloud security, fraud, and application security monitoring requirements. Visit www.securonix.com.

  • Siemplify
    Booth:

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • SpyCloud
    Booth:

    SpyCloud is the leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts worldwide. Our award-winning solutions proactively defeat fraud attempts and disrupt the criminals’ ability to profit from stolen information. Learn more & check your exposure at spycloud.com.

  • Synopsys
    Booth:

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Moderator: James Kidwell, JD, CISA
    Director, IT Governance & Security, Novolex
  • speaker photo
    Terry Ray
    SVP, Strategy and Imperva Fellow, Imperva

    Terry Ray is the SVP and Imperva Fellow for Imperva Inc. As a technology fellow, Terry supports all of Imperva’s business functions with his years of industry experience and expertise. Previously he served as Chief Technology Officer where he was responsible for developing and articulating the company’s technical vision and strategy, as well as, maintaining a deep knowledge of the Application and Data Security Solution and Threats Landscape.

    Earlier in his tenure at Imperva, he held the role of Chief Product Strategist where he consulted directly with Imperva’s strategic global customers on industry best practices, threat landscape, application and data security implementation and industry regulations. He continues to operate as an executive sponsor to strategic customers who benefit from having a bridge between both company’s executive teams. He was the first U.S.-based employee, and during his 15 years at Imperva, he has worked hundreds of data security projects to meet the security requirements of customers and regulators from every industry.

    Terry is a frequent speaker for RSA, ISSA, OWASP, ISACA, IANS, CDM, NLIT, The American Petroleum Institute, and other professional security and audit organizations in the Americas and abroad. Terry also provides expert commentary to the media and has been quoted in Security Week, SC Magazine, CBS News, the BBC, and others.

  • speaker photo
    JD Sherry
    Chief Strategy Officer, Remediant

    JD Sherry is a seasoned technology executive and is responsible for providing vision and awareness regarding the latest trends in cybersecurity, risk and compliance. Well-versed in enterprise security and data center architecture, as a former practitioner and CEO, JD has successfully implemented large-scale public, private, and hybrid clouds emphasizing security architecture best practices to meet strict compliance standards.

    Over the last decade, he has established himself as a trusted senior advisor for the protection of Payment Card Industry (PCI), Health Information Privacy Act (HIPAA), and Personally Identifiable Information (PII) data. JD interfaces regularly with TV/media/press to provide expert insight on the state of cybersecurity and how individuals and organizations can adequately protect themselves from loss. JD has held Top Secret clearance and has an MBA/IT degree from Jones University and a B.S. degree from the University of Nebraska.

  • speaker photo
    Brian Linder
    Emerging Threats Cybersecurity Evangelist, Office of the CTO, Check Point Software Technologies

    Brian Linder is an Emerging Threats Expert and Evangelist in Check Point’s Office of the CTO, specializing in the Modern Secured Workforce. Brian has appeared multiple times on CNBC, FOX, ABC, NBC, CBS, and NPR Radio, and hosts Check Point’s CoffeeTalk Podcast and Weaponizers Underground, and has teamed on keynote CyberTalks at Check Point’s CPX360 events. For 20+ years, Brian has been an advisor at the C-level to firms big and small in financial, legal and telecommunications, on next generation cybersecurity solutions and strategies for cloud, mobile, and network. Brian holds a B.S. in computer science from Drexel University and an M.S. in Information Science from the Pennsylvania State University.

  • speaker photo
    Tamika Bass
    CISO, Georgia Department of Revenue

    Tamika Bass is an Information Security professional with extensive experience in information security. Her expertise includes assessing and mitigating risk, analyzing impacts, business continuity and disaster recovery planning. Tamika focuses on building cohesive relationships with all levels of staff, management, and suppliers.

  • speaker photo
    Michelle Stewart
    CISO, Safe-Guard Products
  • speaker photo
    Vladimir Svidesskis
    Director, Head of Security, Compliance and Risk, Vaco
  • speaker photo
    Rick Doten
    CISO, Carolina Complete Health; VP, Information Security, Centene Corp.

    Rick is CISO of Carolina Complete Health, a state healthcare plan for Centene Corporate. Rick has run ethical hacking, application security, incident response & forensics, and risk management teams throughout his 25 years in IT Security. Rick has been the first CISO for two companies. He has also consulted as a virtual CISO for many industries and companies around the world. Other notable roles over last 20 years have been as a Risk Management consultant at Gartner, Chief Scientist for Lockheed Martin’s Center for Cyber Security Innovation, and Managing Principal in the Professional Security Services practice at Verizon.

  • speaker photo
    Rebecca Rakoski
    Co-Founder & Managing Partner, XPAN Law Partners

    Rebecca L. Rakoski, Esq., is the managing partner at XPAN Law Partners. Rebecca counsels and defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. She manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to aggressively mitigate her client's litigation risks. As an experienced litigator, she has handled hundreds of matters in state and federal courts. Rebecca advises her clients on a proactive, multi-jurisdictional approach to identify and address data privacy and cybersecurity compliance gaps and potential liabilities. She works with clients to create and tailor a security and privacy governance program that fits their specific needs in order to limit their regulatory exposure.

    As a thought leader in the area of data privacy and cybersecurity, Rebecca serves on the New Jersey State Bar Association's Cyber Task Force. Rebecca is Vice-Chair Elect for the New Jersey State Bar Association's Bankruptcy Law Section, and also served on the Complex Business Litigation Committee that drafted and revised the Court Rules involving electronic discovery in complex litigation matters. She has been appointed in several litigation matters by the New Jersey Superior Court as a Discovery Special Master.

    Rebecca is on the Board of Governors for Temple University Health Systems, and is an adjunct professor at Drexel University’s Thomas R. Kline School of Law and Rowan University.

  • speaker photo
    Glenn Kapetansky
    Interim CISO, University of Chicago Medical Center; CSO, Trexin Group

    Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.

    Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).

  • speaker photo
    Roger Grimes
    Data-Driven Defense Evangelist, KnowBe4

    Roger Grimes is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He has been the weekly security columnist for InfoWorld and CSO magazines since 2005.

  • speaker photo
    Mariana Pereira
    Director, Email Security Products, Darktrace

    Mariana is the Director of Email Security Products at Darktrace, with a primary focus on the capabilities of AI cyber defenses against email-borne attacks. Mariana works closely with the development, analyst, and marketing teams to advise technical and non-technical audiences on how best to augment cyber resilience within the email domain, and how to implement AI technology as a means of defense. She speaks regularly at international events, with a specialty in presenting on sophisticated, AI-powered email attacks. She holds an MBA from the University of Chicago, and speaks several languages including French, Italian, and Portuguese.

  • speaker photo
    Stephen Gates
    Security Evangelist & Sr. Solution Specialist, Checkmarx Inc.

    Stephen Gates brings more than 15 years of information security experience to his role as Security Evangelist and Senior Solution Specialist at Checkmarx. He is an SME with an extensive hands-on background in security and is a well-known writer, blogger, presenter, and published author who is dedicated to conveying facts, figures, and information that brings awareness to the security issues all organizations face.

  • speaker photo
    Paul Rich
    Executive Director, Data Management & Protection, JPMorgan Chase

    Paul Rich joined JPMorgan Chase & Co. in 2019 as Executive Director, Data Management & Protection, with the mission of tackling the management of all unstructured data within the company. Paul is passionate about data security, privacy, principle-based design and goal-setting, and has over thirty years of technology experience. During the more than twenty years Paul spent working for Microsoft he was on the team that launched the company’s first iterations of commercial cloud services—what would eventually become Office 365. He oversaw the design and development of key security and compliance features of Office 365 as well as the integration of encryption to the Exchange and SharePoint Online cloud services. Paul has been a regular speaker at Microsoft and industry events on the topics of cloud security, privacy, encryption, trust, and transparency.

  • speaker photo
    Brian Robison
    Chief Evangelist & Sr. Director, Product Marketing, BlackBerry

    Brian Robison is the Senior Director, Product Marketing and Chief Evangelist at BlackBerry (formerly Cylance), where he educates the world that preventing cybersecurity threats is actually possible and a much better approach than detecting and responding after an attack. With over 20 years' of cybersecurity experience, Robison is a regular speaker at industry events such as RSA, Black Hat, and thought leadership forums. Prior to joining BlackBerry, Robison worked to defend organizations from mobile security threats—three years as a director at Citrix XenMobile and two years driving enterprise strategy at Good Technology. Robison also spent over six years at McAfee with a special focus on end-point security leading efforts. During this time, he also managed vulnerability and policy compliance solutions.

  • speaker photo
    Mike Stacy
    Global Director, Cloud and Information Protection, Proofpoint

    Mike Stacy is the Global Cloud and Information Protection Director at Proofpoint. Mike works with customers and oversees technical strategy for areas which include cloud security, advanced email defense, SOAR, browsing security, and SDP. Prior to joining Proofpoint, Mike held numerous technical leadership and product strategy roles across a variety of solutions.

  • speaker photo
    Scott Shackelford
    Cybersecurity Program Chair, Indiana University

    Professor Scott J. Shackelford serves on the faculty of Indiana University where he is Cybersecurity Program Chair along with being the Executive Director of the Ostrom Workshop. He is also an Affiliated Scholar at both the Harvard Kennedy School’s Belfer Center for Science and International Affairs and Stanford’s Center for Internet and Society, as well as a Senior Fellow at the Center for Applied Cybersecurity Research, and a Term Member at the Council on Foreign Relations.

    Professor Shackelford has written more than 100 articles, book chapters, essays, and op-eds for diverse publications. Similarly, his research has been covered by an array of outlets, including Politico, NPR, CNN, Forbes, Time, the Washington Post, and the L.A. Times. He is also the author of "The Internet of Things: What Everyone Needs to Know" (Oxford University Press, 2020), "Governing New Frontiers in the Information Age: Toward Cyber Peace" (Cambridge University Press, 2020), and "Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace" (Cambridge University Press, 2014).

    Both his academic work and teaching have been recognized with numerous awards, including a Harvard University Research Fellowship, a Stanford University Hoover Institution National Fellowship, a Notre Dame Institute for Advanced Study Distinguished Fellowship, the 2014 Indiana University Outstanding Junior Faculty Award, and the 2015 Elinor Ostrom Award.

  • speaker photo
    Christopher A. Hart
    Former Chairman, National Transportation Safety Board; Founder, Hart Solutions LLP

    Christopher A. Hart is the founder of Hart Solutions LLP, which specializes in improving safety in a variety of contexts, including the safety of automation in motor vehicles, workplace safety, and process safety in potentially hazardous industries.

    Mr. Hart is also Chairman of the Washington Metrorail Safety Commission, a three-jurisdictional agency (MD, VA, DC) that was created in 2019 to oversee the safety of the Washington area subway system. In addition, in 2019 he was asked by the Federal Aviation Administration to lead the Joint Authorities Technical Review that was created bring together the certification authorities of 10 countries, as well as NASA, to review the robustness of the FAA certification of the flight control systems of the Boeing 737 MAX and make recommendations as needed to improve the certification process. Also, he was recently asked to join the Board of the Joint Commission on Accreditation of Healthcare Organizations, the organization that accredits hospitals, to help improve healthcare safety. After an Uber test vehicle struck and killed a pedestrian in Tempe, AZ, in 2018, and Uber terminated such tests on public streets, Mr. Hart was included in the team of experts that Uber engaged to recommend how to safely resume street testing, which it has done.

    From 2009 until 2018 Mr. Hart was Chairman, Vice Chairman, and a Member of the National Transportation Safety Board (NTSB), having been nominated by President Obama and confirmed by the Senate. The NTSB investigates major transportation accidents in all modes of transportation, determines the probable causes of the accidents, and makes recommendations to prevent recurrences. He was previously a Member of the NTSB in 1990, having been nominated by (the first) President Bush.

    Mr. Hart has a law degree from Harvard Law School and a Master's degree and a Bachelor's degree (magna cum laude) in Aerospace Engineering from Princeton University. He is a member of the District of Columbia Bar and the Lawyer-Pilots Bar Association, and he is a pilot with commercial, multi-engine, and instrument ratings as well as a Cessna Citation SIC Type Rating.

  • speaker photo
    Mike Muscatell
    Sr. Manager, Information Security, Krispy Kreme

    Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.

  • speaker photo
    James Christiansen
    CSO & VP, Cloud Security Transformation, Netskope

    James Christiansen is Netskope’s vice president of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients understand the challenges and solutions of cloud deployments by helping drive thought leadership in cloud security transformation.

    James brings extensive expertise as a global leader in information security. Prior to joining Netskope, he was vice president CISO at Teradata where he led the global security, physical, and information security teams. Previously, James was vice president of information risk management at Optiv, chief information risk officer for Evantix, and CISO at Experian Americas, General Motors, and Visa International.

    As a sought-after expert speaker on security, James has been featured at numerous prestigious events, including the Business Roundtable, Research Board, American Bar Association, American Banker, the RSA Conference, BankInfoSecurity, ISSA, ISACA, HIMSS, and MIS Training Institute. He has also been featured in The New York Times and quoted as an expert in USA Today, The Wall Street Journal, Reuters, United States Cybersecurity Magazine, Bloomberg, and Healthcare IT News.

    James is a patent inventor and has received three innovation awards in cyber security, GRC, and cloud computing. He is the author of the Internet Survival Series and contributing author of CISO Essentials, as well as numerous industry papers.

  • speaker photo
    Augusto Barros
    VP of Solutions, Securonix
  • speaker photo
    Tina Meeker
    Sr. Director, Information Security, Sleep Number

    Tina is currently the Sr. Director of Information Security at Sleep Number Corporation and has held executive cybersecurity leadership positions at Best Buy, Shutterfly, and Target Corporation. Tina holds a B.A. in Organizational Behavior from St. Scholastica and an MBA from Augsburg University. Tina also maintains active CISSP and CIPP/US certifications and is an adjunct cybersecurity instructor at Dunwoody College in Minneapolis, and serves on their advisory board. She is also currently the Vice President of the newly-formed Minnesota Chapter of the WiCyS (Women in CyberSecurity) National Organization.

  • speaker photo
    John Swensson
    Enterprise Customer Success Manager, CloudPassage

    John Swensson is the Customer Success Manager at CloudPassage and is responsible for all customer support initiatives. John’s information security career spans two decades and includes a broad number of business environments. John and the CloudPassage teams have worked together creating groundbreaking security solutions across a range of industries and public sectors, with heavy focus on financial services, federal government, and high-tech.

  • speaker photo
    Meera Rao
    Sr. Director, Product Management, Synopsys

    Ms. Meera Rao is a Senior Director of Product Management, focusing on DevOps solutions at Synopsys, Inc. Ms. Meera has over 20 years of experience in software development organizations in a variety of roles including Architect, Lead Developer, and Project Manager, and Security Architect. Ms. Meera has been working as a trusted adviser to Fortune 500 companies, helping them achieve realistic goals for practical CI/CD & DevSecOps. She advises organizations in defining, implementing, maturing, scaling and measuring DevSecOps. Ms. Meera is very passionate about getting more women working in the technology industry. Ms. Meera participates, presents, and speaks at several conferences, spreading her knowledge of security and the importance of women in the technology workforce. Meera was awarded the SecDevOps Trailblazer award from SecuritySerious in London in 2018. Meera was a finalist in the Computing Women in IT Excellence Awards 2019 for Role Model of the Year.

  • speaker photo
    Kristen Cooper
    Director of Product Marketing, Siemplify

    Product marketing specialist with over 15 years of experience at emerging and growing cybersecurity and SaaS companies. Currently heading up product marketing at Siemplify. SecOps solution specialist. Remote work advocate.

  • speaker photo
    Donovan Stevens
    Solutions Engineer, SpyCloud

    Donovan is a Solutions Engineer at SpyCloud and has been in the tech industry since the mid nineties. He has worked in various industries and for companies ranging from start-ups to those listed in the Fortune 50. His career has taken him all over the world, including a four-year stint in South-Africa where he worked for the South-African government. He is passionate about security and educating people about safeguarding their online identity and digital footprint.

  • speaker photo
    Steve Velazquez, CISSP, CISM
    Sr. Solutions Engineer, Okta

    Steve is a Sr. Solutions Engineer at Okta helping enterprise customers with their identity and access management needs. In his previous life, Steve has served as a CISO / VP of Information Security, Data Center Manager, and held various Security, Windows, and Network Engineering roles.

  • speaker photo
    Prakash Nagpal
    VP of Marketing, Appaegis

    Prakash Nagpal is VP of Marketing at Appaegis, where he is responsible for bringing the next generation of Zero Trust Secure Application Access solutions to market. His mission is to help customers realize the vision of securing applications and data without compromising user experience, with a Zero Trust application centric approach to security. He has spent over two decades in various leadership roles in technology including marketing, product marketing product management, and engineering in networking, security, and cloud-based services. He has brought several security products to market, including UEBA, security intelligence platforms, data security solutions, and perimeter defense products.

  • speaker photo
    Alex Kirk
    Global Principal Engineer, Corelight

    Alex Kirk is an open source security veteran, with a combined 17 years at Sourcefire, Cisco, Tenable, and now Corelight, where he serves as Global Principal for Suricata. Formerly a malware zookeeper and IDS signature writer, today he spends his time helping SOC analysts and advising on security policy for government agencies, universities, and large corporations around the world.

  • speaker photo
    Vito Ferrante
    Presales Engineer, Arctic Wolf
  • speaker photo
    Justin Fier
    Director for Cyber Intelligence and Analysis, Darktrace
  • speaker photo
    Belinda Enoma, CIPP/US
    Founder, Activate & Implement LLC

    Belinda Enoma is a privacy and cybersecurity consultant with a legal and technology background. She offers virtual privacy and cybersecurity services including risk mitigation solutions and building privacy programs from scratch. She is a writer, corporate trainer, lifestyle strategist, mentor, and coach to women in the cybersecurity and data protection industry. Her published work includes “Data breach in the travel sector and strategies for risk mitigation,” (Journal of Data Privacy and Protection, Volume 3.4, 2020). Belinda is a Certified Information Privacy Professional (CIPP/US) and has an LLM from Benjamin N. Cardozo Law School, New York.

  • speaker photo
    Tony Lee
    VP, Global Services Technical Operations, BlackBerry
  • speaker photo
    Jay Bivens
    Sr. Systems Engineer - GA, Gigamon

    Jay Bivens started his technology career working in IT stationed aboard the USS WASP (LHD-1) back in 1993. With a background expertise in email security and Advanced Threat Protection, his career spans several areas including Cloud Access Security Brokers, Web Application Firewalls, and Application Delivery Controllers. Jay has earned GIAC Certified Forensic Analyst along with Reverse Engineering Malware certifications. Currently, Jay works as a subject matter expert for Gigamon’s Network Detection and Response solution, along with preaching the value of pervasive visibility in physical networks and private and public cloud environments.

  • speaker photo
    David Swift
    Sr. Cybersecurity Solutions Architect, Securonix
  • speaker photo
    Brad Tompkins
    Sales Engineer, LogRhythm
  • speaker photo
    Mike Asaro
    Sr. Named Account Manager, Proofpoint

    Mike Asaro is an Insider Threat Management and DLP Specialist at Proofpoint. Before joining Proofpoint earlier this year, he spent almost 10 years with an industry leading traditional DLP vendor. Throughout his career in cybersecurity, he’s managed and supported many organizations in the Southwest region across multiple verticals. As a San Diego native, Mike currently resides in San Diego helping companies modernize their approach to Data Protection.

  • speaker photo
    Matthew Norwood
    Solutions Engineer, Bitglass, Inc.
  • speaker photo
    Tim Chang
    VP, Global Sales Engineering, Imperva
  • speaker photo
    Rich Guth
    CMO, CloudPassage

    Rich has built a 25-year career in Silicon Valley bringing new B2B software technologies to market including Big Data, Analytics, Business Intelligence, Java development tools, interactive development environments. and web application servers. He has held sales, product management, product marketing, solutions marketing, partner marketing, GM, VP, and CMO positions.

    Rich is passionate about communicating the business value of technology differentiation. For Rich, marketing is a collaborative endeavor and it’s the journey of “digging in," "figuring it out," and "pulling it all together" with a diverse group of smart people that gets him out of bed and out the door every morning.

  • speaker photo
    Bob Gilbert
    Chief Evangelist, Netskope
  • speaker photo
    Joe Zurba
    CISO, Harvard Medical School

    In his role as the leader of Information Security at Harvard Medical School, Joe Zurba has been responsible for defining and building capabilities to meet the requirements of an extraordinarily diverse community of clinical and research faculty, students, and staff. Joe develops strategy, improves capabilities, and manages risk for all information security, Identity and Access Management, and IT compliance efforts across the school. Joe also serves on several committees in his role as the school’s information security leader. He is a non-scientific, voting member of the Harvard Medical School Institutional Review Board (IRB), which oversees human subjects research. He is also a co-chair of Harvard Catalyst subcommittee on Emerging Technologies, Ethics, and Research Data. His expertise is often sought in the creation of University policy, programs, and other initiatives that seek to benefit from his experiences working with biomedical and basic science research. Joe has worked for over 20 years in Information Security roles within Higher education, Health Care, High Tech Manufacturing, and Technology. Prior to his current role, he served as Research Information Security Officer in the Partners Healthcare Information Security and Privacy Office and 11 years previously in information security at Harvard Medical School and Director of IT Security at Harvard University Information Technology. He currently holds certifications as a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA).

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store