Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, September 20, 2017
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    speaker photo
    CNN Military Analyst, USAF (ret.) and CEO, Cedric Leighton Associates
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    Location / Room: 100
    8:00 am
    SecureWorld PLUS Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 120

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:00 am
    SecureWorld PLUS Part 1 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 121

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    8:30 am
    Are You Spending Your InfoSec Dollars in the Right Place?
    • session level icon
    speaker photo
    VP of Information Security, Veterans United Home Loans
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 104

    Are you allocating your Infosec budget properly? This presentation will discuss how to evaluate whether you are increasing your security posture with your spending.

    8:30 am
    Anatomy of a Cyber-Heist: Examples of Advanced Cyber Risks
    • session level icon
    speaker photo
    Principal and Virtual CIO, UHY LLP
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 102

    One click is all it takes. Bring your A-game! This presentation will take you through how cyber crooks are getting away with some big pay days. We will explore techniques in use demonstrating an increasingly high level of sophistication, patience, and planning, so you can better plan your defenses.

    8:30 am
    Don't Let Your Server Be a POW: Security Monitoring for Cloud-Based Servers
    • session level icon
    speaker photo
    Manager, IBM Cloud - Penetration Testing, IBM
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 101

    This discussion will take server security monitoring in the enterprise cloud to the next level. We will look at how and what to monitor as well as how to respond to new and existing threats in the cloud.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: Artificial Intelligence, Real Intelligence, and the Need for a Coherent National Cyber Policy
    • session level icon
    speaker photo
    CNN Military Analyst, USAF (ret.) and CEO, Cedric Leighton Associates
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    A call to action to policy makers, corporate leaders and front-line cyber warriors to develop a coherent and workable national and international cyber policy. Every day brings us new headlines from the cyber front. It’s pretty clear that we are woefully unprepared for the cyber battles of the unfolding Global Cyber War. This talk will lay the groundwork for efforts to fix this critical shortfall that will impact every aspect of our lives in the Cyber Age.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Round Table: (VIP / Invite Only)
    • session level icon
    Topic: Security Policy Creation and Implementation
    speaker photo
    Global Product Champion, ISMS, BCM , British Standards Institution
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 100
    11:15 am
    Wombat: 70 Million Responses Can’t Be Wrong
    • session level icon
    speaker photo
    Brand Communications Manager, Wombat Security Technologies
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 105

    This session will share the results of our 2017 Beyond the Phish Report, which analyses the aggregate data of 70 million responses to security questions and training challenges across several different topics. You’ll learn in which topics end users are the strongest and the weakest so that you can determine how to plan or improve your security awareness and training program. Understand knowledge in various industries and how they differ so that you can have a benchmark against which to compare your end users’ knowledge.

    11:15 am
    Check Point Software: Welcome to the Future of Cybersecurity
    • session level icon
    speaker photo
    Enterprise Accounts, Security Engineer, Check Point Software
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 104

    We will discuss how a unified platform providing security controls and visibility across physical devices, virtual devices, mobile devices and hand-held devices can provide greater security efficacy in your environment.

    11:15 am
    Access Management – How to Control Access in Today’s Technology Environment
    • session level icon
    speaker photo
    Director, Midwest Market Leader, MorganFranklin Consulting, LLC
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 102

    User ids, long complicated passwords, data breaches, internal audits, external audits, compliance assessments, hackers, and the list goes on-and-on. These are just a few things that access management professionals worry about. How do you setup your access management controls to limit the organizations exposure, and decrease the odds something bad will happen. Come learn proven techniques to control the access management environment.

    11:15 am
    (ISC)2 Chapter Meeting
    • session level icon
    Discover Your Local Associations - Open to All Attendees
    speaker photo
    Director of Sales, Bugcrowd
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 101

    Join (ISC)2 for a meet and greet. This session is intended for members and non-members.

    12:00 pm
    Advisory Council LUNCH Round Table - (VIP / Invite Only)
    • session level icon
    Topic: Security Awareness Training- Change Behavior, Reduce Risk
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 100
    12:15 pm
    LUNCH KEYNOTE: Panel - Using Public Data to Alert Organizations of Vulnerabilities
    • session level icon
    speaker photo
    CISO, State of Missouri
    speaker photo
    Security Analyst, Office of Administration, IT Services Division, State of Missouri
    speaker photo
    Security Infrastructure Manager, Office of Cyber Security, State of Missouri
    Registration Level:
    • session level iconConference Pass
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Did you know your organization’s internet vulnerability information is available online? Learn about the tools and techniques that Missouri’s Office of Cyber Security uses to identify vulnerable systems, and how you can use these techniques to protect your organization.

    1:15 pm
    Tokenization: X9.119-2 American National Standard
    • session level icon
    speaker photo
    VP Enterprise Information Security Architect, Wells Fargo
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm
    Location / Room: 102

    Tokenization is the latest data protection method but – What is it? How does it work? When do i use it? Why do i use it? Where can i use it? This session looks at tokenization pros and cons.

    1:15 pm
    Panel: What Will They Think of Next? (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    It would seem the more we “build a better mousetrap” the better the threats become. Will machine learning and AI be used against us in the future? Will these and other innovations be hacked and used for gain? Will the Crime as a Business platform take off where business competitors are utilizing these attacks for the upper hand? Perhaps the cars that are being hacked will evolve into driverless vehicles that are hacking companies from inside there own parking lots. What about drones? So many questions, let’s see what our experts say on this panel.

    PANELISTS:
    Kristi Thiele, IXIA
    Bryan Lares, Sparkcognition
    TJ Adamowicz, Mimecast
    Brian Gorenc, Trend Micro
    Mike Kiser, SailPoint
    Moderator: Jon Stitzel, Lead Analyst, Ameren

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    All Risks Are Business Risks
    • session level icon
    speaker photo
    Cybersecurity Risk Management Lead, Ameren
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 104

    Defining accurate cybersecurity measurements has always been difficult. We need to alter the perception of cybersecurity from a primarily IT concern, to an everyday function of the business. This presentation will provide some ammunition to allow us to make that argument and move us beyond our current limitations.

    3:00 pm
    GDPR: Weaving a Data Protection Culture Into the Fabric of Your Business
    • session level icon
    Overview, impact, and best practice approaches to preparing and meeting the GDPR requirements
    speaker photo
    Global Product Champion, ISMS, BCM , British Standards Institution
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 102

    This session discusses the nature and scope of the planned privacy reforms, the considerable cross-business challenges they represent, and best practices to address them. It is of relevance both to security and compliance professionals, and to functional managers in Sales, Marketing, and HR.

    3:00 pm
    Overview of Cyber Education: Missouri’s Only NSA CAE in Cyber Defense Education
    • session level icon
    speaker photo
    Assistant Professor of Information Systems, University of Missouri-St. Louis
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 105

    America is struggling to fill critical positions in cybersecurity as cyber attacks continue to rise in the public and private sectors. Even the federal government has provided funding to promote a network of cybersecurity education, training, and development of a workforce. To address this need the University of Missouri – Saint Louis (UMSL) has developed an innovative program to address these needs at the undergraduate and graduate levels.

    3:00 pm
    SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: 120

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    3:00 pm
    SecureWorld PLUS Part 2 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: 121

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    3:45 pm
    Casino Happy Hour
    • session level icon
    Join us For the Casino After-Party: Networking, Games, Prizes, Drinks and Snacks
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 5:30 pm
    Location / Room: SecureWorld Exhibitor Floor

    Join your peers at 3:45 p.m. in the Exhibit Hall for beverages and snacks compliments of Express Scripts. Test your luck at Blackjack, Roulette and Craps. Hand the voucher you receive at registration to one of the participating exhibitors to get started with $1,000 and win big for your chance at some cool prizes!
    Casino tables sponsored by: Bitdefender, Check Point Security, AOS, Cisco, Event Tracker, Mimecast

  • Thursday, September 21, 2017
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 120

    The University of Massachusetts has developed a 4.5 hour SecureWorld Plus training class that focuses on designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who are currently using the NIST Cybersecurity Framework or are planning to use the NIST Cybersecurity Framework for their cybersecurity program will benefit from this course. The course will show attendees how to use Cloud Platforms to implement and maintain security controls based on the NIST Cybersecurity Framework.

    This innovative education and training program includes the following key elements:
    • A Controls Factory that consists of three main areas; Engineering, Technology and Business
    • The Engineering Area includes a focus on threats, vulnerabilities, assets, identities, business environment and the NIST Cybersecurity Framework
    • The Technology Area includes a focus on technical controls (based on the CIS 20 Critical Controls), security technologies, Security Operations Center (SOC) and technology testing
    • The Business Area includes a focus on business controls (based on ISO 27002), cyber workforce (based on the NICE Workforce Framework) and cyber risk program (based on AICPA Description Criteria)

    The class will help individuals and organizations acquire knowledge, skills and abilities to:
    • Develop a strategy to adopt the NIST Cybersecurity Framework (NCSF)
    • Create a comprehensive Cybersecurity Program based on the NIST Cybersecurity Framework, technical controls and business controls
    • Engineer, implement, manage the 20 critical controls based on the cloud platform
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Establish an executive scorecard to measure and communicate risks, and develop an action plan / program roadmap to remediate controls gaps

    About the Instructor – Larry Wilson:
    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 4 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:
    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013

    8:00 am
    SecureWorld PLUS Part 3 - Cloud Security - Securing Your Organization's Digital Transformation
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Director of Security Operations, Massachusetts Advanced Secure Technologies
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 121

    This course will provide a healthy introduction to modern aspects of cloud computing security. The attendee will learn how to assess and protect their organization’s data in the cloud. IoT, Providers, Tools, and processes to help avoid a rainy day.

    8:00 am
    InfraGard Chapter Meeting - Open to all Attendees
    • session level icon
    speaker photo
    Computer Scientist, U.S. Department of Justice
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:15 am
    Location / Room: Keynote Theater

    Join InfraGard for their chapter meeting and guest presentation. This session is for InfraGard members and all attendees interested in the local association. This is also a great networking opportunity.

    8:30 am
    Security Crisis & Breach Readiness for the Enterprise
    • session level icon
    speaker photo
    Security Director, Express Scripts
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 101

    What is the difference between a security crisis and a Breach? How will your organization as a whole respond if crippled by ransomware or a breach of all PHI or Confidential Pii? During this discussion we will speak about some of the must have items in order to have a brilliant response to a cyber security incident that impacts the entire organization.

    8:30 am
    From IT Introvert to Organizational Leader
    • session level icon
    speaker photo
    CISO, Washington University in St. Louis
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 102

    Building and utilizing leadership skills to effect change within your organization and increase your personal value.

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: Framing an Innovation Strategy to Drastically Improve Our Cyber Defense (& Offense)
    • session level icon
    speaker photo
    Asst. Professor of Systems Engineering, U.S. Military Academy, Research Scientist, Army Cyber Institute
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    This session introduces a framework that distinguishes between 4 types of innovation: sustaining and incremental innovations are reactive, while breakthrough and revolutionary innovations proactively reshape the future. To better defend our information systems, we must first analyze the innovations attackers use and develop a balanced approach to cyber innovation.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Round Table: (VIP / INVITE ONLY)
    • session level icon
    Topic: ROI for Risk Management
    speaker photo
    CISO, Edwards Jones
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 100
    11:15 am
    GDPR: Impact on Multinationals and Cross-Border Information Sharing
    • session level icon
    speaker photo
    Partner, Armstrong Teasdale
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 104

    Scott will discuss the EU General Data Protection Regulation (GDPR) which takes effect May 2018. The GDPR will overhaul the longstanding European data protection regime, which presents particular challenges in how the EU and U.S. will reconcile their vastly different policies in the cross border exchange of data.

    11:15 am
    Know Your Adversary: A Live Hack Simulation Using NSA’s Stolen Digital Weapons
    • session level icon
    speaker photo
    CEO, Night Lion Security
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 101

    Live hack simulation from start to finish using modern hacking techniques and some stolen NSA toys.

    11:15 am
    End-Point Protection – Artificial Intelligence Solutions Is The Future
    • session level icon
    speaker photo
    Global Director, Networking and Communications, VSecure360
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 102

    Signature and behavioral based end-point security protection no longer suffices in today’s modern era of hacking. Corporations must prevent an attack, not just stop one. Come and learn why AI solutions have the upper hand, and learn facts from lives comparisons of AI solutions vs. traditional AV market leaders.

    11:15 am
    EventTracker: Hunting Modern Malware – The Latest Techniques
    • session level icon
    speaker photo
    CEO, EventTracker
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 105

    The threatscape is evolving rapidly, but many IT security heads and admins are so busy managing operations and ensuring the company’s ongoing security efforts that they miss key indicators that their network has been compromised. As malware and ransomware attacks continue to advance and increase, it has become crucial for enterprises to be able to assess and detect digital threat incidents quickly and easily for the security of their infrastructures.

    This session will cover:

    • How modern malware and ransomware, such as WannaCry and Petya, enter and spread through your network
    • Best methods of detecting malware and finding hidden copies (polymorphic, mutating or dormant malware hunting)
    • What to do after you’ve detected a potential attack
    • Tools to consider to improve threat detection

    12:00 pm
    Advisory Council LUNCH Round Table - (VIP / Invite Only)
    • session level icon
    Topic: Ransomware - Breaking the Criminal Business Model
    speaker photo
    Senior Bank Technical Analyst, State Farm Bank
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 100
    12:15 pm
    LUNCH KEYNOTE: Minding The Gap
    • session level icon
    Collaboration and Evaluation are Necessary Steps Towards Cyber Readiness
    speaker photo
    CEO, ISACA
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    Enterprises globally are working seemingly around the clock to protect their critical information and technology assets from cybersecurity threats and attacks. Boards of Directors and senior executives are asking questions such as “are we safe” and seeking proof that their organizations have the capabilities in place to meet today’s challenges. Companies are also finding that a technically advance workforce is hard to find due to the lack of qualified candidates, making each a hire critical step in ensuring business stability, digital transformation, and to soothe nervous corporate boards, unsettled investors and alarmed customers, all of whom worry about cyber hacking.

    In this talk, ISACA’s CEO, Matt Loeb will shed light on the importance of hiring exceptional talent and how constant collaboration and evaluation are necessary steps towards cyber readiness.

    1:15 pm
    Panel: Phishing and Social Engineering Scams 2.0
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Phishing continues to be the #1 attack vector for the bad guys. Why? Simply put: it works. These attacks keep getting more realistic and sophisticated. In the future we should expect nothing less. Criminals will do more homework on their potential victims and possible pose as business leads or clients to gain our trust. What sales person doesn’t want email from a potential client who wants a new solution? Or they may just lay in wait until they’ve collected enough information to strike. Will they actually come to your business and drop thumb drives like pen testers do? Use drones to do their dirty work? Our experts will discuss the current state of affairs and brainstorm possible new scenarios.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Cybersecurity Metrics for Senior Leadership
    • session level icon
    speaker photo
    Manager, CyberSecurity and Privacy, PwC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 102

    Presenting Cybersecurity Metrics to influence senior leadership.

    3:00 pm
    Where Does it Hurt? Diagnosing Delivery Issue
    • session level icon
    speaker photo
    Local Information Security Officer, Ascension Health
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 101

    Finding ways to improve chronic organizational issues such as communications or other services can be a challenge. This high-level framework was developed to diagnose and improve organizational communication issues, and is useful for finding the right questions to ask in any service delivery dynamic.

    3:00 pm
    Exploring Emerging Cyber Attest Requirements
    • session level icon
    speaker photo
    Manager, RubinBrown LLP
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 104

    The session will provide insights on the latest cybersecurity and attestation changes.
    Recent standards changes, which can change how you interact with and/or serve third parties, will be covered:
    1. New Cybersecurity Attestation
    2. New Trust Services Criteria
    3. New SOC1 Guide
    4. Pending new SOC2 Guide
    5. SSAE18 implications

Exhibitors
  • AOS
    Booth: 410

    AOS specializes in architecting, implementing and supporting an expansive portfolio of solutions. These offerings range from Enterprise Network, Unified Communications, Storage and Virtualization to Physical and Information Security, Managed Services, GIS, SharePoint and more.

  • Bitdefender
    Booth: 200

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures – Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • Carbon Black
    Booth: 120

    Carbon Black is Transforming Security Through Big Data and Analytics in the Cloud Growing trends in mobility and cloud have made the endpoint the new perimeter. New and emerging attacks are beating traditional defenses, and security teams are too reactive and held back by their technologies. Carbon Black is leveraging the power of big data and analytics to solve the challenges surrounding endpoint security. With the Cb Predictive Security Cloud platform, we are transforming cybersecurity to deliver a new generation of cloud-delivered security solutions designed to protect against the most advanced threats.

     

  • Check Point Security
    Booth: 530

    Since 1993, Check Point has been dedicated to providing customers with uncompromised protection against all types of threats, reducing security complexity and lowering total cost of ownership. We are committed to staying focused on customer needs and developing solutions that redefine the security landscape today and in the future.

  • Cisco
    Booth: 410

    Cisco builds truly effective security solutions that are simple, open and automated. Drawing on unparalleled network presence as well as the industry’s broadest and deepest technology and talent, Cisco delivers ultimate visibility and responsiveness to detect more threats and remediate them faster. With Cisco, companies are poised to securely take advantage of a new world of digital business opportunities.

  • Cylance
    Booth: 730

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ECTF
    Booth: TBD

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • EventTracker
    Booth: 550

    EventTracker’s advanced security solutions protect enterprises and small businesses from data breaches and insider fraud, and streamline regulatory compliance. The company’s EventTracker platform comprises SIEM, vulnerability scanning, intrusion detection, behavior analytics, a honeynet deception network and other defense in-depth capabilities within a single management platform. The company complements its state-of-the-art technology with 24×7 managed services from its global security operations center (SOC) to ensure its customers achieve desired outcomes—safer networks, better endpoint security, earlier detection of intrusion, and relevant and specific threat intelligence.

  • Express Scrips
    Booth: 180

    Headquartered in St. Louis, Express Scripts is a healthcare technology company providing integrated pharmacy benefit management services. We put medicine within reach of eighty-three million people by aligning with plan sponsors, taking bold action and delivering patient-centered care to make better health more affordable and accessible. It’s more than what you think. As an organization that deals with highly sensitive patient information, we are committed to protecting the clients, patients, and companies we serve from security breaches and cyber-attacks. Our cyber defenders are challenged and trusted with maintaining our secure infrastructure day in and day out, while leveraging internal and external threat intelligence to continuously improve our security posture.

  • ExtraHop
    Booth: TBD

    ExtraHop is a force multiplier for IT teams struggling with increasing complexity. With the ExtraHop platform, organizations can regain control over the security and performance of their applications and infrastructure, and capitalize on their data analytics opportunity to improve business operations and results. Learn more at www.extrahop.com

  • FireEye
    Booth: 100

    FireEye (https://www.fireeye.com/) is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,100 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.

  • Fortinet
    Booth: 430

    Fortinet secures the largest enterprise, service provider, and government organizations around the world. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 300,000 customers trust Fortinet to protect their businesses.

  • Gigamon
    Booth: 510

    Gigamon is leading the convergence of network and security operations to reduce complexity and increase efficiency of security stacks. Our GigaSECURE® Security Delivery Platform is a next generation network packet broker that makes threats more visible – across cloud, hybrid and on-premises environments, deploy resources faster and maximize the performance of security tools.

  • GuidePoint Security LLC
    Booth: 730

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

  • HOPZERO
    Booth: 170

    Firewalls control access, HOPZERO controls distance. Learn how newly patented technology automates setting of “packet toll value” controlling distance data may travel across networks. We keep sensitive database information inside the data center so hackers can’t get a login prompt – even when firewalls fail.

  • Imperva
    Booth: 510

    Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.

  • InfraGard St. Louis
    Booth: 440

    InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. With thousands of vetted members nationally, InfraGard’s membership includes business executives, entrepreneurs, military and government officials, computer professionals, academia and state and local law enforcement; each dedicated to contributing industry specific insight and advancing national security.

  • ISACA St. Louis
    Booth: 160

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the region.

    Meetings are generally held the 3rd Wednesday of the month between September and May.

  • (ISC)2 St. Louis Chapter
    Booth: 720

    As a regional chapter of (ISC)2, located in St. Louis and serving the St. Louis Metro area, the mission of the St. Louis Region/Scott AFB (ISC)2 Chapter is to provide members and other security professionals with the opportunity to share knowledge, grow professionally, raise security awareness and advance information security in local communities around the world.

  • Ixia, a Keysight Business
    Booth: 400

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • LogRhythm
    Booth: 150

    LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

  • Midwest Cyber Center
    Booth: 725

    The Midwest Cyber Center (MC²) was created in response to a comprehensive needs analysis study. Findings in the report suggested a need to increase the supply of cyber security professionals to meet the current and future demand of employers in the Midwest region. MC² has quickly established itself as a backbone organization grounded in Midwestern values that will lead the region to become a cyber ecosystem other communities will follow.

  • Mimecast
    Booth: 540

    Mimecast Is Making Email Safer For Business.
    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service.
    Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • Novacoast
    Booth: 150

    A uniquely positioned IT services and solutions company, Novacoast is less defined by our broad range of expertise and services than by a perspective rooted in our cooperative environment of adaptable problem solving.

    Beyond security specialists, software developers or network engineers, we are guides, allies, and problem solvers.

    From implementation services, license fulfillment and technical training to software development, staffing services and custom or emerging solutions, Novacoast is an experienced and comprehensive IT business resource empowered on every level by our flexible and fearless perspective.

  • Professional Education Technology & Leadership Center
    Booth: 130
  • Reblaze
    Booth: 170

    A comprehensive, cloud-based protective shield for web platforms. Reblaze offers an all-in-one virtual private cloud solution (VPC) that includes DDoS protection, WAF, IPS, bot detection and anti-scraping solutions, and more. Using a unique approach, Reblaze protects its customers’ sites, web apps, and services by monitoring and cleansing incoming traffic before it reaches the protected data centers. Bandwidth and other resources auto-scale as needed. The platform is fully managed, always up-to-date, and provided via a SaaS monthly subscription. Reblaze is available on a try-before-you-buy basis, and can easily work with existing security solutions.

  • Recorded Future
    Booth: 730

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • SailPoint
    Booth: 450

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Splunk
    Booth: 730

    You see servers and devices, apps and logs, traffic and clouds. We see data—everywhere. Splunk® offers the leading platform for Operational Intelligence. It enables the curious to look closely at what others ignore—machine data—and find what others never see: insights that can help make your company more productive, profitable, competitive and secure. What can you do with Splunk?
    Just ask.

  • St. Louis University (SLU)
    Booth: 170
  • Synopsys
    Booth: 710

    Synopsys offers the most comprehensive solution for integrating security and quality into your SDLC and supply chain. Whether you’re well-versed in software security or just starting out, we provide the tools you need to ensure the integrity of the applications that power your business. We don’t stop when the test is over. Our experts also provide remediation guidance, program design services, and training that empower you to build and maintain secure software. For more information go to www.synopsys.com/software.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Unisys
    Booth: 150

    Unisys is a global information technology company that specializes in providing industry-focused solutions integrated with leading-edge security to clients in diverse markets. Unisys combines experienced security consulting, Stealth micro-segmentation security solutions and efficient managed security services to deliver dramatic improvement in security posture and operational efficiencies.
    Visit http://unisys.com/security for more information.

  • Varonis
    Booth: 730

    Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.

  • Wombat Security Technologies
    Booth: 750

    Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%.

  • Zscaler
    Booth: 740

    Zscaler’s Cloud-delivered security solution provides policy-based secure internet access for any employee, on any device, anywhere. Our proxy and scanning scalability ensures ultra-low latency in a 100% SaaS security solution requiring no hardware, software or desktop all while providing complete control over security, policy and DLP.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Col Cedric Leighton
    CNN Military Analyst, USAF (ret.) and CEO, Cedric Leighton Associates

    Founder of a strategic risk consultancy after serving 26 years in the US Air Force, Cedric Leighton oversaw numerous critical intelligence missions throughout his career. He served at US Special Operations Command, the Joint Staff and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star.

    Currently, Cedric advises multinational businesses on cyber attacks and the management of complex global strategies to reduce risk and unpredictability.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Randy Raw
    VP of Information Security, Veterans United Home Loans

    Randy Raw is Director of Information Security, serving as the Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has 25 years of experience in both public entities and private industry, having built three Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community and the Central Missouri InfraGard chapter.

  • speaker photo
    David Hartley
    Principal and Virtual CIO, UHY LLP

    Dave Hartley serves as a ‘Virtual CIO’ and ‘Virtual CISO’ helping clients with technology strategy and projects including strategic roadmap development, third party risk management including SOC reports, cyber risk assessments and cybersecurity programs, and digital transformation including cloud, mobile, etc. Dave joined UHY in 2015 following six years serving as the VP/Chief Information Officer for Arch Coal, the 2nd largest publicly traded coal company in the US, and 20 years of Big 4 consulting and auditing experience. Dave’s experience as a public-company CIO combined with a background as a CPA, CISA and auditor enables him to bring unique insights into today’s technology, cybersecurity and business challenges. He is a frequent speaker at technology and cybersecurity conferences and seminars.

  • speaker photo
    Justin Bauman
    Manager, IBM Cloud - Penetration Testing, IBM

    JJustin is currently a leader in Information Security for IBM Cloud and Watson Platform. With a background in red teaming and blue teaming over the past ten years, multiple degrees in his field, and SIEM and hacking certifications, he has affected positive change in securing some of the largest environments and cloud deployments in the world today.

  • speaker photo
    Col Cedric Leighton
    CNN Military Analyst, USAF (ret.) and CEO, Cedric Leighton Associates

    Founder of a strategic risk consultancy after serving 26 years in the US Air Force, Cedric Leighton oversaw numerous critical intelligence missions throughout his career. He served at US Special Operations Command, the Joint Staff and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star.

    Currently, Cedric advises multinational businesses on cyber attacks and the management of complex global strategies to reduce risk and unpredictability.

  • speaker photo
    John DiMaria
    Global Product Champion, ISMS, BCM , British Standards Institution

    John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, is the Global Product Champion for Information Security and Business Continuity for BSI and a Cloud Security Alliance (CSA) Research Fellow. He has 30 years of successful experience in Standards and Management System Development, including Information Systems, ISMS, Business Continuity and Quality Assurance. John was one of the key innovators of CSA STAR Certification for cloud providers, a contributing author of the American Bar Association’s Cybersecurity Handbook, a working group member and key contributor to the NIST Cybersecurity Framework. He currently serves as the CSA GDPR and Cloud Trust Protocol working group Co-Chair.

  • speaker photo
    Gretel Egan
    Brand Communications Manager, Wombat Security Technologies

    Gretel Egan is the Brand Communications Manager for Wombat Security Technologies, a leading provider of information security awareness and training software that helps organizations educate employees. She has extensive experience in researching and developing cybersecurity education content and was named one of “10 Security Bloggers to Follow” by IDG Enterprise.

  • speaker photo
    Jeffrey Pricher
    Enterprise Accounts, Security Engineer, Check Point Software

    Jeffrey Pricher has over 17 years of cybersecurity experience working in many different industries, and currently works for Check Point Software. He holds a master’s degree in Network Security, and serves part-time as a lead threat hunter for the Missouri Guard’s Computer Network Defense team, focused on providing security for the state’s critical infrastructure.

  • speaker photo
    Timothy Grace
    Director, Midwest Market Leader, MorganFranklin Consulting, LLC

    Tim Grace has more than 30 years of business experience delivering solutions that drive business innovation and change within world class organizations. As a leader in the fields of information technology, security, privacy, governance, compliance, and risk assessment, Tim has brought best practices to global organizations and helps drive solutions that strengthened and enhanced business practices. Tim’s deep information technology background and understanding of business processes allowed him to bring technology and business processes together. As a former Chief Information Security / Technology Officer, Tim has led and implemented solutions to ensure the secure handling and processing of corporate data.

  • speaker photo
    Sean Henry
    Director of Sales, Bugcrowd

    Sean Henry has been in the cybersecurity industry since 2007 when he started his career in recruiting. Sean's career path includes being a key member of building out the east coast sales team at Rapid7. He was a Partner and helped launch CyberSN's go to market strategy around the Boston market. Sean has also had key stops at GuidePoint Security, Invincea and now currently is the Director of Sales @ Bugcrowd. Sean's background & experience is geared at getting start up's within the cybersecurity industry off get off the ground faster. Sean has previously presented at various ISSA, ISC2 and ISACA groups on various topics up and down the East Coast.

  • speaker photo
    Michael Roling
    CISO, State of Missouri

    Michael Roling has been the Chief Information Security Officer for the Office of Administration, Information Technology Services Division for the State of Missouri since 2009. He heads the Office of Cyber Security and is responsible for overseeing the information security posture for the State of Missouri.

  • speaker photo
    Theresa Frommel
    Security Analyst, Office of Administration, IT Services Division, State of Missouri

    Theresa Frommel is a network security analyst for the Office of Administration, Information Technology Services Division for the State of Missouri. She is responsible for incident response and coordinating end user awareness for the SOC within the Office of Cyber Security. She has a background in access controls, policy development and end user education. Her prior experience includes working as a security analyst with the Missouri Research and Education Network and information security officer with Missouri’s Office of State Courts Administrator. Theresa has been in the information security field since 2002.

  • speaker photo
    Aaron Schubert
    Security Infrastructure Manager, Office of Cyber Security, State of Missouri

    Aaron Schubert joined the State of Missouri in 2003 after graduating college in 2001 with a degree in Networking Systems Technology. His roles as both a network and Unix/Linux administrator reinforced an interest in the Office of Cyber Security, which he joined in 2009. Aaron is now responsible for the deployment, integration and administration of the various technologies utilized in the Office of Cyber Security's daily operations.

  • speaker photo
    Jeff Stapleton
    VP Enterprise Information Security Architect, Wells Fargo

    Jeff Stapleton has over 30 years’ experience with information technology and security including cryptography, key management, and biometrics. He is an ISO and ANSI security standards developer (chair X9F4); author of the Security without Obscurity books (CRC Press); and is a frequent writer (ISSA Journal 2017 July cover).

  • speaker photo
    Jon Stitzel
    Cybersecurity Risk Management Lead, Ameren

    Jon Stitzel is the Lead Analyst for Cybersecurity Risk Management at Ameren. He is responsible for driving cybersecurity and risk management strategy for business and industrial control system environments, in addition to leading IT and Cybersecurity controls compliance. Jon has over 30 years of experience in the IT industry, including more than 20 years in cybersecurity. He has served as a system administrator, manager, analyst, and consultant in many diverse industries during his cybersecurity career, including energy, manufacturing, financial services, telecommunications, and DOD.

  • speaker photo
    John DiMaria
    Global Product Champion, ISMS, BCM , British Standards Institution

    John DiMaria; CSSBB, HISP, MHISP, AMBCI, CERP, is the Global Product Champion for Information Security and Business Continuity for BSI and a Cloud Security Alliance (CSA) Research Fellow. He has 30 years of successful experience in Standards and Management System Development, including Information Systems, ISMS, Business Continuity and Quality Assurance. John was one of the key innovators of CSA STAR Certification for cloud providers, a contributing author of the American Bar Association’s Cybersecurity Handbook, a working group member and key contributor to the NIST Cybersecurity Framework. He currently serves as the CSA GDPR and Cloud Trust Protocol working group Co-Chair.

  • speaker photo
    Dr. Maurice Dawson Jr.
    Assistant Professor of Information Systems, University of Missouri-St. Louis

    Dr. Maurice Dawson serves as an Assistant Professor of Information Systems at the University of Missouri-St. Louis (UMSL), and POC for the institution’s cyber security program with the NSA. UMSL is the only university that is designated NSA & DHS Center for Academic (CAE) for Cyber Defense (CD) education in Missouri. Dawson has doctoral degrees from London Metropolitan University and Colorado Technical University.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Gene Kingsley
    Director of Security Operations, Massachusetts Advanced Secure Technologies

    Gene Kingsley, Director of Security Operations Center where he leads his team to help protect the clients of Massachusetts Advanced Security Technologies.

  • speaker photo
    Gary Hopewell
    Computer Scientist, U.S. Department of Justice
  • speaker photo
    James Norberg
    Security Director, Express Scripts

    James Norberg is an Information Risk Management Director at Express Scripts and has been in the Technology field since 2002. His areas of responsibility include the Security Operations Center, Incident Response, eDiscovery, and Cyber Threat Intel & Hunting. He earned his undergrad from Drury University and MBA from Texas A&M. Currently James and his family reside in the St. Louis area.

  • speaker photo
    Kevin Hardcastle
    CISO, Washington University in St. Louis

    Kevin Hardcastle, Chief Information Security Officer (CISO) for Washington University in St. Louis, is a member of the CIO Leadership team and serves a key role in University leadership, working closely with senior administration, academic leaders and the campus community. The CISO is responsible for the development and delivery of a holistic information security strategy to optimize the security posture through collaboration with campus-wide resources, facilitate information security governance, advise senior leadership on security direction and direct program functions of risk and incident management, compliance, information security operations, and information security policy development and education.

  • speaker photo
    Lieutenant Colonel Ernest Wong
    Asst. Professor of Systems Engineering, U.S. Military Academy, Research Scientist, Army Cyber Institute

    Ernest Wong is a Research Scientist at the Army Cyber Institute and a United States Military Academy Assistant Professor of Systems Engineering.

  • speaker photo
    Mike Gibbons
    CISO, Edwards Jones
  • speaker photo
    Scott Galt
    Partner, Armstrong Teasdale

    As a member of the firm’s International practice group and a Certified Information Privacy Professional/Europe (CIPP/E), Scott helps clients navigate overseas data protection waters in the wake of the Schrems decision, the advent of the EU General Data Protection Regulation (GDPR), and the ongoing Privacy Shield negotiations. Scott assists clients in developing, implementing, assessing and auditing trade, data privacy, and FCPA compliance programs.

  • speaker photo
    Vinny Troia
    CEO, Night Lion Security

    Founder and Principal Security Consultant of Night Lion Security, Vinny Troia brings 20+ years of IT security and development experience. He is also a featured speaker on ABC, CNBC, and Fox News.

  • speaker photo
    Mike Ehlers
    Global Director, Networking and Communications, VSecure360

    Mike Ehlers is the Director of Network Security & Communications at a global fortune 500 company. He has been in the IT industry for over 25 years, and provides consulting for enterprise corporations on cybersecurity strategies. Mike holds a BS/BA in Management Information Systems, with a Masters Certificate in IT Management.

  • speaker photo
    A. N. Ananth
    CEO, EventTracker

    As the co-founder and CEO of EventTracker, Ananth was one of the architects of the EventTracker SIEM solution. With an extensive background in product development and operations for telecom network management, he has consulted for many companies on their compliance strategy, audit policy and automated reporting processes.

  • speaker photo
    Chris Fawcett
    Senior Bank Technical Analyst, State Farm Bank
  • speaker photo
    Matt Loeb
    CEO, ISACA

    Matt Loeb, CGEIT, FASAE, CAE, is chief executive officer of ISACA. Prior to joining ISACA, he completed a 20-year career as staff executive for the Institute of Electrical and Electronics Engineers (IEEE) and as the executive director of the IEEE Foundation. His experience includes enterprise strategy, corporate development, global business operations, governance, publishing, sales, marketing, product development and acquisitions functions in a variety of for-profit and nonprofit organizations. He is a member of CESSE and NACD, and a senior member of IEEE. Additionally, he is an ASAE Fellow and serves on ASAE’s board of directors.

  • speaker photo
    William Sawyer
    Manager, CyberSecurity and Privacy, PwC

    Bill Sawyer is a Manager in PwC's Advisory Services. As a member of PwC’s Security Architecture Center of Excellence, he is responsible for developing and delivering PwC’s Security Architecture security offerings. Across his 17 year career, Bill’s experience in both consulting and industry includes application security, security architecture and assessments, identity and access management, IT operations, platform and network engineering and architecture, mergers and acquisitions, email and directory services consolidations, and data center consolidations. Prior to joining PwC, Bill led the Identity and Access Management service line for a Microsoft-centric consulting firm.

  • speaker photo
    Austin Winkleman
    Local Information Security Officer, Ascension Health

    Austin is currently the Information Security Manager for Ascension Health’s system office and five other service locations. He has worked over 30 years in IT, with over 20 years in non-profit educational and healthcare organizations.

  • speaker photo
    Christine Figge
    Manager, RubinBrown LLP

    Christine has over 10 years of public accounting and consulting experience analyzing financial information and internal controls for companies. She manages SOC engagements for companies across a variety of industries. Her knowledge spans industries and includes working with companies directly as well as with third party service providers.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store