Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, September 18, 2019
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    Advisory Council Breakfast – (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    8:00 am
    SecureWorld PLUS Part 1 - Cyber Defense Ineffectiveness and What We Can Do About It
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CEO, Alpine Security
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    Alpine Security CEO, Christian Espinosa, a bronze sponsor of SecureWorld Chicago, hosts SecureWorld Plus training session on Cyber Defense Ineffectiveness and What We Can Do About It. Attendees will be exposed to data gathered from real-world penetration tests, audits, and incident responses, bringing attention to the current state of cyber defense. Attendees will become familiar with the top 5 trending cybersecurity misconceptions and learn actionable solutions and tools to approach cyber defense and to create a more secure world. Upon completion of this 6-hour training session, attendees will be eligible to receive 12 CPE’s.

    “Ransomware & cyber extortion are effective because organizations blindly implement controls without a risk-based strategy, have poor cybersecurity awareness, and have difficulty determining the validity of ‘incriminating data’ used for cyber extortion.” -Christian Espinosa

    Throughout this training session, Christian Espinosa will candidly discuss the following key elements:

    • Despite all the Next-Gen tools, latest products, compliance requirements, etc., breaches still happen daily. Why is this, and what can we do about it?
    • Data gathered from real-world penetration tests, audits, and incident responses to focus on the current state of cyber defense.
    • Motivations, breaches, and primary tactics used by attackers.
    • Opportunities and solutions to address common issues such as how more organizations focus on the wrong items, how egos get in the way, how compliance doesn’t really help, how risk is rarely assessed, and how cloud migrations can actually make security worse.

    During this training session, you can expect to participate in group activities and discussions. Be open to new ideas and approaches. We can learn from each other.

    Meet the Trainer:
    Christian Espinosa is Alpine Security’s CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

    8:00 am
    SecureWorld PLUS Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:30 am
    Cybersecurity and Industrial Control Systems
    • session level icon
    speaker photo
    Cybersecurity Compliance Manager / NERC Sr. Consultant, Electric Power Systems
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    This session will cover the special challenges of cybersecurity in Industrial Control Systems (ICS), the lack of available training, and how to find people to fill the void.

    8:30 am
    Engaging the Board on Cybersecurity
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Boards of directors are increasingly interested more than ever in the organization’s cybersecurity posture and strategy. It’s important to engage them early and often with the right level of detail to maintain their confidence. This session will provide practical guidance on approaches that could be used to be successful when communicating with the Board.

    8:30 am
    Data Privacy for Information Security Professionals
    • session level icon
    Changing Our Old Compliance Methods
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    Just as we are getting IoT, cloud computing, SOX/HIPAA/FISMA etc. under our belts, Europe changed the rules. The General Data Protection Regulation (GDPR) may just change the way we look at “compliance” once and for all. This isn’t just another regulation. We’re going to need to make a fundamental change in the way we think about data to get past this newest challenge.

    8:30 am
    Third-Party Risk: Creating and Managing a Program that Works!
    • session level icon
    speaker photo
    Managing Director, UHY Advisors
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Every organization is concerned with third-party risk. No one wants to be the next Target breach. This session will examine the components of third-party risk management and give you some leading practices on how to develop a workable and sustainable process.

     

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE: Business Email Compromise: Real World Stories and Practical Defense
    • session level icon
    speaker photo
    Cyber-Enabled Financial Fraud Investigator, U.S. Secret Service / Firebird AST
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    Business Email Compromise is a scourge and a severe threat to our national and global economy. With $13.5 billion in losses from 2013, BEC is an exponentially growing threat. The presentation will cover the evolution of BEC, major players, and how to protect your business from this cyber-enabled financial fraud scheme.
    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council LUNCH RoundTable: (VIP / Invite Only)
    • session level icon
    Topic: Prioritization of Top 20 Critical Security Controls
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 1:00 pm

    This session is for our Advisory Council members only.

    11:15 am
    (ISC)2 Chapter Meeting and Guest Presentation - Open to All Attendees
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Interested in your local associations? Join (ISC)2 for their chapter meeting and guest presentation. This opportunity is open to all attendees.

    11:15 am
    10 Steps to Mastering Cybersecurity for Parents
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm

    Kids do what their parents do. So, parents need to practice good cyber hygiene and then teach those habits to their kids. They also need to enforce healthy boundaries on Internet usage. We’ll explore specific risks to kids using the Internet along with specific things parents should be doing to minimize those risks. These lessons are drawn from my experience both at work and at home and are based on what we do with our family.

    11:15 am
    CISO Ventures Panel: Are Cybersecurity Startups Meeting Expectations of Buyers Taking a Risk on Them?
    • session level icon
    speaker photo
    Founder & Managing Director, Whiteboard Venture Partners
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    A panel of CISOs will share their expectations of cybersecurity startups. This will include how they use solutions from startups to meet existing and emerging cybersecurity challenges.

     

    12:15 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.

    1:15 pm
    Panel: You Got Burned, Now What? (Incident Response)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    We’ve all heard the adage that it’s not if it happens but when you are inevitably breached… Do you have a plan? Even a framework to go off of? What do you include? Who do you include? How often should you be practicing this plan? Join our experts as they discuss incident response plans, who should be involved, best practices, and pitfalls.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Legal Issues in AI, IoT and the Cloud of the Future
    • session level icon
    speaker photo
    Professor, Researcher, Lawyer, Education
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    AI, IoT and the Cloud are no doubt changing the way we live in the future. This presentation discusses current and predicted legal issues in AI, IoT and the Cloud into the future. Legal areas cover privacy and security law, marketing law, and tech law more generally. Trends in how AI, IoT and the Cloud will be used in the future will be married with the potential legal issues that may present themselves in that context. This will permit insight into how the law may evolve in these areas and how we can be ready for our cyber future from this perspective.
    3:00 pm
    Ready is the New Black: Data Theft, Breach Response and Liability Updates
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    When it comes to data security, knowing a little goes a long way. Jeff Schultz, Armstrong Teasdale partner and co-chair of the firm’s Data Security and Privacy practice, will cover common, and even some unexpected threats, how to prepare for and how to respond following a breach, and potential liability.

    3:00 pm
    Opening the Door to InfoSec
    • session level icon
    speaker photo
    Intelligence Analyst, Express Scripts
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    This presentation is about personal experiences over my year as an intern to an associate cybersecurity intelligence analyst. Going from a dev team, to a red team, and eventually blue team. Highlighting industry struggles as a female (first and only female of each of these teams) trying to get an entry level position and trying to close my own skill gap. Also highlighting personal struggles as well as technical struggles.

    3:00 pm
    IoT and Blockchain in Healthcare
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    Tens of billions of connected devices will form the smart homes, cities and user experience of the future. The “Internet of Things” is a rich opportunity for IT Leaders but also presents some headaches, particularly when we think of medical and consumer devices in Healthcare. Hear the unique perspective from one of the nations largest healthcare providers on how they plan to step up to the challenge and how one notorious upstart technology, the “Blockchain”, can potentially benefit the “Smart Hospital.”

    3:00 pm
    SecureWorld PLUS Part 2 - Cyber Defense Ineffectiveness and What We Can Do About It
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CEO, Alpine Security
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    Alpine Security CEO, Christian Espinosa, a bronze sponsor of SecureWorld Chicago, hosts SecureWorld Plus training session on Cyber Defense Ineffectiveness and What We Can Do About It. Attendees will be exposed to data gathered from real-world penetration tests, audits, and incident responses, bringing attention to the current state of cyber defense. Attendees will become familiar with the top 5 trending cybersecurity misconceptions and learn actionable solutions and tools to approach cyber defense and to create a more secure world. Upon completion of this 6-hour training session, attendees will be eligible to receive 12 CPE’s.

    “Ransomware & cyber extortion are effective because organizations blindly implement controls without a risk-based strategy, have poor cybersecurity awareness, and have difficulty determining the validity of ‘incriminating data’ used for cyber extortion.” -Christian Espinosa

    Throughout this training session, Christian Espinosa will candidly discuss the following key elements:

    • Despite all the Next-Gen tools, latest products, compliance requirements, etc., breaches still happen daily. Why is this, and what can we do about it?
    • Data gathered from real-world penetration tests, audits, and incident responses to focus on the current state of cyber defense.
    • Motivations, breaches, and primary tactics used by attackers.
    • Opportunities and solutions to address common issues such as how more organizations focus on the wrong items, how egos get in the way, how compliance doesn’t really help, how risk is rarely assessed, and how cloud migrations can actually make security worse.

    During this training session, you can expect to participate in group activities and discussions. Be open to new ideas and approaches. We can learn from each other.

    Meet the Trainer:
    Christian Espinosa is Alpine Security’s CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

    3:00 pm
    SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
  • Thursday, September 19, 2018
    7:00 am
    Registration Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk
    8:00 am
    SecureWorld PLUS Part 3 - Cyber Defense Ineffectiveness and What We Can Do About It
    • session level icon
    speaker photo
    CEO, Alpine Security
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    Alpine Security CEO, Christian Espinosa, a bronze sponsor of SecureWorld Chicago, hosts SecureWorld Plus training session on Cyber Defense Ineffectiveness and What We Can Do About It. Attendees will be exposed to data gathered from real-world penetration tests, audits, and incident responses, bringing attention to the current state of cyber defense. Attendees will become familiar with the top 5 trending cybersecurity misconceptions and learn actionable solutions and tools to approach cyber defense and to create a more secure world. Upon completion of this 6-hour training session, attendees will be eligible to receive 12 CPE’s.

    “Ransomware & cyber extortion are effective because organizations blindly implement controls without a risk-based strategy, have poor cybersecurity awareness, and have difficulty determining the validity of ‘incriminating data’ used for cyber extortion.” -Christian Espinosa

    Throughout this training session, Christian Espinosa will candidly discuss the following key elements:

    • Despite all the Next-Gen tools, latest products, compliance requirements, etc., breaches still happen daily. Why is this, and what can we do about it?
    • Data gathered from real-world penetration tests, audits, and incident responses to focus on the current state of cyber defense.
    • Motivations, breaches, and primary tactics used by attackers.
    • Opportunities and solutions to address common issues such as how more organizations focus on the wrong items, how egos get in the way, how compliance doesn’t really help, how risk is rarely assessed, and how cloud migrations can actually make security worse.

    During this training session, you can expect to participate in group activities and discussions. Be open to new ideas and approaches. We can learn from each other.

    Meet the Trainer:
    Christian Espinosa is Alpine Security’s CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

    8:00 am
    SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    CISO and Adjunct Faculty, University of Massachusetts
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:30 am
    InfraGard Chapter Meeting - Open to all Attendees
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    Join InfraGard for their chapter meeting and guest presentation. This session is for InfraGard members and all attendees interested in the local association. This is also a great networking opportunity.

    8:30 am
    DLP Demystified: How I Learned to Stop Worrying and Love my Inner Blue Team Roots
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    Today data breaches have become a common fixture of our daily lives. Executives are paying closer attention to their organization’s security posture and funding projects aggressively. Often these projects involve a rollout of flashy new technology and / or devices. These solutions are sold, marketed, and deployed as silver bullet solutions. Technologies such as DLP are “open sandbox” tools that allow a company to build policies around how data can be stored, processed, and transmitted. The same Lego “bricks” can be used to make a space shuttle can also be used to make a dinosaur, a pirate ship, or even a spooky castle. The same is true in Data Loss Prevention (DLP).

    8:30 am
    The Dark Web, Cyber Crimes, and Cyber Intelligence
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am

    In this presentation we will learn about trends in cyber fraud tactics and attacks, how dark web markets and forums fuel cyber crime, and how they can be investigated for threat intelligence. In addition, we will learn how cyber criminals utilize digital currencies, and how these transactions can intersect with the formal financial sector. In addition we will discuss cyber awareness and cyber literacy as well as an introduction to Cyber Intelligence.

    8:30 am
    How to Up-Level Your Skills to Enhance Your Career
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Up-Level Your Hard and Soft Skills to Turbo-Charge Your Career

    9:00 am
    Exhibit Floor Open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

    9:30 am
    OPENING KEYNOTE:
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Round Table: (VIP / INVITE ONLY)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    11:15 am
    Deconstructing Chaos: A Look at the Threat Beyond the Computer
    • session level icon
    speaker photo
    Cyber Threat Intelligence Engineer, Pathfinder Intel
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Discussions on cyber threats typically don’t go beyond the computer system. Rarely, is the lone hacker or group and their intent come to light. In their attempt to understand cyber threats, security professionals typically grasp the minimalist understanding of “Bad Guys Do Bad Things.” Information Security Professionals sometimes lock themselves into a reactive state, and patching holes in a wall about to break.

    This is discussion will look beyond the computer threat, at the hacker, and what motivates them and try to create professionals who can see beyond the indicators, vulnerabilities and exploits, and find the proactive thinkers, organizations need.

    11:15 am
    An Introduction to IoT Penetration Testing
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    IoT devices are one of the biggest challenges for security professionals now and will continue to be in the future. The secure engineering and implementation of these devices is critical as more insecure devices come to market. As technology professionals we need to have an idea how these devices effect our organization. In this talk we will explore the basic principles of IoT PenTesting, what is in an effective toolset, reverse engineering, and analyzing popular IoT protocols with software defined radios.

    11:15 am
    Opportunity and Risk: How Open APIs Are Transforming Banking
    • session level icon
    speaker photo
    Sr. National Cybersecurity Specialist, Federal Reserve
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Do you know what an Open API is? The data shows the majority of Americans don’t. Open/ public application programming interfaces (APIs) are the engine that power Open Banking, something that has transformed banking around the world the last couple of years. It is on the radar of banks in the United States and in practice in some. Open APIs enable the exchange of customer data with other parties in a simple and secure way, facilitating rapid innovation in products and services. Countries are creating laws and regulation around this practice. This innovation and opportunity potentially carries security risk.

    11:15 am
    7 Ways to Boost InfoSec’s Influence (and Yours) by Communicating Differently
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm

    Grow your personal influence, your leadership possibilities and move your InfoSec objectives forward (faster) by thinking differently about how you communicate. Whether your audience is the board, your team, or any part of the business, this session will help you and your communication stand out. Lead by a long-time TV reporter turned cybersecurity journalist who shares a framework for powerful communication you can implement immediately.

    12:00 pm
    Advisory Council LUNCH Round Table - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    12:15 pm
    LUNCH KEYNOTE: How to Manage Your Own Career to Get to the Top
    • session level icon
    speaker photo
    Former CIO, The White House
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:15 pm
    Location / Room: Keynote Theater
    Do you have a plan for your future? Why not? You are the leader of your own destiny! You need to look at where you are, where you want to go, and have a plan to get there. We will talk about how to develop a plan, what to think about, and how to put one foot in front of the other to get to your end goal. We will also talk about how to manage up to your boss to get what you need to help you in your own career. Col. Mark Gelhardt made it to The White House managing his own career, and stood next to the President of the United States. He will tell you how he did it; if he can do it, so can you!

     

    1:30 pm
    Panel: Shifting Landscape of Attack Vectors
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:30 pm - 2:15 pm

    If one thing holds true in cybersecurity it is the fact that our adversaries are pretty smart. They are. To be fair, they only have to be right once in a while. These cyber thugs are constantly shifting their attack vectors to better infiltrate our networks. There are so many endpoints to cover that the “bad guys” can try something new all the time. They have also discovered that we do not have great cyber hygiene when it comes to training our workforce. End users continue to be the “weakest link” within an organization as we’ve learned from all the ransomware attacks and business email compromises of late. This panel will talk about the shift in attack vectors and make some predictions about what to watch out for in the not too distant future.

    1:30 pm
    Panel: The Battle for the Endpoint Continues (Endpoint Security)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:30 pm - 2:15 pm

    What are you doing to keep the network safe for your employees? You’ve got your fancy next-gen firewall and some A/V. Maybe even some biometrics or 2FA thrown in for safekeeping. We also keep hearing the IAM acronym thrown around. And what is Zero Trust? What are you missing? Oh, yeah… remote workers and IoT. Wouldn’t it be cool if you had someone to ask? Now you do. This panel will go through these questions and more. Join the group discussion as we address the challenges in endpoint and network security.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    Present the Security Strategy to the Board for a Budget
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    We will share the strategy of how the VP of IT at APi Group presented the Security Strategy to the Board for budget approval.

    3:00 pm
    Practical Application of the NIST CSF
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    The NIST Cybersecurity Framework is a valuable tool for mapping security posture and maturity in an organization. This presentation strives to take some of the confusion out of how to approach and apply the framework to an organization in an effective manner, including an expanded CSF worksheet template.

    3:00 pm
    Insider Threat Detection and Response
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm

    From cybercriminal recruiting for insiders on the Dark Web to nation-state operatives, insider threats are an increasing risk facing many firms today.
    We will discuss the latest technologies and techniques that can be used to detect various types of insiders as well as what to do once you actually find them.

Exhibitors
  • Alert Logic
    Booth:

    Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.

  • Apricorn
    Booth:

    Founded in 1983, Apricorn designs, manufactures, and supports storage innovations with your data’s security as our top priority. Our unique, patented approach is centered on being 100% hardware-encrypted, software-free, and cross-platform compatible. Trusted by numerous state, national, and international governments, as well as small and large corporations alike, Apricorn delivers advanced data security innovations designed to address today’s threats, as well as tomorrow’s.

  • Burwood Group, Inc.
    Booth:

    Burwood Group, Inc. is an IT consulting and integration firm. We help forward-thinking leaders design, use, and manage technology to transform their business and improve outcomes. Our services in consulting, technology, and operations are rooted in business alignment and technical expertise in cloud, automation, security, and collaboration.

  • CISO Ventures
    Booth:

    Whiteboard Venture Partners is building this exclusive community to help cybersecurity startups engage/collaborate with security innovation stakeholders.

  • Comodo Cybersecurity
    Booth:

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • CyberUp
    Booth:

    Our mission is to close the cybersecurity skills gap by training the workforce of today and inspiring the workforce of tomorrow.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ECTF
    Booth:

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • FBI St. Louis Citizens Academy Alumni Association
    Booth:

    Join the FBI St. Louis Citizens Academy Alumni Association (FBISTLCAAA) membership any time after graduating from the FBI Citizens Academy!  FBISTLCAAA membership provides access to education in the areas of Federal Law Enforcement, to network with others, to participate in fun events, and to promote a safe and informed St. Louis community.
    Each member of the FBI St. Louis Citizens Academy Alumni Association is a graduate of an eight-week FBI Citizens Academy course in which the curriculum focuses on federal law enforcement issues and challenges. The FBISTLCAAA was established in 2006 with a local membership of FBI Citizens Academy Graduates.

  • InfraGard St. Louis
    Booth:

    InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. With thousands of vetted members nationally, InfraGard’s membership includes business executives, entrepreneurs, military and government officials, computer professionals, academia and state and local law enforcement; each dedicated to contributing industry specific insight and advancing national security.

  • ISACA St. Louis
    Booth:

    As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the region.

    Meetings are generally held the 3rd Wednesday of the month between September and May.

  • (ISC)2 St. Louis Chapter
    Booth:

    As a regional chapter of (ISC)2, located in St. Louis and serving the St. Louis Metro area, the mission of the St. Louis Region/Scott AFB (ISC)2 Chapter is to provide members and other security professionals with the opportunity to share knowledge, grow professionally, raise security awareness and advance information security in local communities around the world.

  • Ixia, a Keysight Business
    Booth:

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Malwarebytes
    Booth:

    Malwarebytes provides anti-malware and anti-exploit software designed to protect users against zero-day threats that consistently escape detection by traditional endpoint security solutions. Malwarebytes Anti-Malware earned an “Outstanding” rating by CNET editors, is a PCMag.com Editor’s Choice, and was the only security software to earn a perfect malware remediation score from AV-TEST.org. That’s why large Enterprise businesses worldwide, including Disney, Dole, and Samsung, trust Malwarebytes to protect their mission-critical data. For more information visit www.malwarebytes.com/business

  • Midwest Cybersecurity Alliance
    Booth:

    Let MCSA help you prepare for the inevitable. Join our community to get access to insider best practices and new cutting edge approaches to developing cyber security programs and combating cyber attackers. To learn more about MCSA membership, contact us at info@MidwestCyber.org.

  • Mimecast
    Booth:

    Mimecast Is Making Email Safer For Business.

    Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
    Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

  • One Identity
    Booth:

    Turn security from the practice of denial and restriction to the utopia of enablement and transformation with the One Identity family of IAM solutions for access management, identity governance, and privileged account management on prem and in the cloud.

  • ProcessUnity
    Booth:

    ProcessUnity’s cloud-based solutions help organizations of all sizes automate their risk and compliance programs. Our highly configurable, easy-to-use tools significantly reduce manual administrative tasks, allowing customers to spend more time on strategic risk mitigation. As a software-as-a-service technology, ProcessUnity deploys quickly with minimal effort from customers and their IT resources.

  • Professional Education Technology & Leadership Center
    Booth:
  • Radware
    Booth:

    Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

  • SailPoint
    Booth:

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Christian Espinosa
    CEO, Alpine Security

    Christian Espinosa is Alpine Security's CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Craig Reeds
    Cybersecurity Compliance Manager / NERC Sr. Consultant, Electric Power Systems

    Craig Reeds has been involved with Cybersecurity since before there was a name for it. During his time in the IT field, he has been responsible for Cyber Security, Cyber Vulnerability Assessments, Penetration Testing, Risk Identification and Management, Business Continuity/Disaster Recovery and Change Management. In his role as a NERC Compliance Senior Consultant he helps to protect the North American Power Grid. Craig hold both a CISSP and the CRISC certifications as well as degrees a BS in Information Systems from Maryville and an MBA from Webster University.

  • speaker photo
    David Barton
    Managing Director, UHY Advisors

    David Barton is a Managing Director with UHY Advisors and practice leader of the Internal Audit, Risk, and Compliance practice, which provides consulting and attestation services around information technology controls, cybersecurity, and compliance. He has over 25 years of practical experience in information systems and technology risk and controls. David is frequently asked to speak at national and regional events, such as SecureWorld and the Cloud Security Alliance Congress. He is the primary author of the CSA position paper on AICPA Service Organization Control Reports. He regularly provides his input and opinions for national publications such as Compliance Week, Accounting Today, and the Atlanta Journal Constitution. David holds an MBA and BS in Business Administration from Appalachian State University. He is Certified in Risk and Information Systems Control (CRISC), received the Certified Information Systems Auditor (CISA) designation in 1988, and is a member of the Atlanta chapter of the Cloud Security Alliance.

  • speaker photo
    Stephen Dougherty
    Cyber-Enabled Financial Fraud Investigator, U.S. Secret Service / Firebird AST

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Moderator: Abhijit Solanki
    Founder & Managing Director, Whiteboard Venture Partners

    Abhijit Solanki is the founder of Whiteboard Venture Partners, an early stage venture capital firm helping entrepreneurs achieve their whiteboard dreams.

  • speaker photo
    Dr. Raj Sachdev
    Professor, Researcher, Lawyer, Education

    Dr. Raj Sachdev is a professor, researcher, and‎ internationally qualified lawyer (USA and England/Wales). He holds‎ several degrees in business and law and has guest spoken at such institutions as Oxford, Cambridge, Stanford and major industry‎ conferences including having given a Tedx talk. Over the last 15‎ years, he has taught 50‎+ different courses at other institutions including some as a part-time‎ instructor at Stanford. He was formerly a visiting researcher at UC Berkeley.

  • speaker photo
    Alexis Womble
    Intelligence Analyst, Express Scripts

    Alexis Womble is a Cybersecurity Intelligence Analyst at Express Scripts, where she interned for a year in an EOCC automation development role, Attack Simulation role, and an Intelligence role. She is also a recent grad from Missouri Baptist University, where she can still be found backstage assisting in stage management even as an alumnus. Outside of this, she likes to break things, be up to date on all the infosec news and secrets, as well as practice social engineering with anyone who has fun with it.

  • speaker photo
    Christian Espinosa
    CEO, Alpine Security

    Christian Espinosa is Alpine Security's CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Christian Espinosa
    CEO, Alpine Security

    Christian Espinosa is Alpine Security's CEO/Founder and a Cybersecurity Professor at Maryville University. He holds over 25 certifications, including the CISSP, CCISO, and PMP. Christian is a US Air Force veteran with a BS in Engineering from the US Air Force Academy and MBA from Webster University. Christian holds multiple patents on cybersecurity attack and defense. Major recent projects include penetration testing and assessments of commercial aircraft, medical device penetration testing, and numerous incident response projects. When Christian isn’t protecting us from cybercriminals, he climbs mountains, travels the world, teaches outdoor wilderness survival, and competes in Ironman triathlons.

  • speaker photo
    Larry Wilson
    CISO and Adjunct Faculty, University of Massachusetts

    Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

  • speaker photo
    Daniel Stiegman
    Cyber Threat Intelligence Engineer, Pathfinder Intel

    Daniel is a 15-year Intelligence Professional, with a career in US Army Intelligence and the National Geospatial Agency. His primary focus has been in Counter-Terrorism, Asymmetrical Warfare, and Intelligence Analysis methodology. Daniel was a national-level instructor in All Source Intelligence Analysis and has written several published white papers on threats and threat methodology. Daniel now works as the Cyber Threat Intelligence Engineer for one of the largest private companies in the U.S. and is the Founder and Intelligence Lead of a non-profit that helps locate missing and exploited children.

  • speaker photo
    Don Peterson
    Sr. National Cybersecurity Specialist, Federal Reserve

    Don Peterson is a Sr. National Cybersecurity Specialist for the Federal Reserve System, based out of the Federal Reserve Bank- St. Louis. He is tasked with overseeing the supervision of the largest and most systemically important financial institutions in the United States with assets of $100B+. His duties also include participating in the development of Federal Reserve and international cybersecurity policy and guidance. He sits on multiple System steering groups involving cybersecurity, technology, and intelligence within the Federal Reserve.

    His past roles in technology and security span several sectors including Technology, Law Enforcement, Medical, and Higher Education. His research has involved Automated Machine Translation (AMT) of Arabic dialects to English and counterintelligence involving extremist groups. He is a member of several industry groups that include InfraGard, ECTF, Cloud Security Alliance, OWASP, and the IEEE. He holds several certifications and a Master’s of Cybersecurity Management (MSCM) from the McKelvey School of Engineering at Washington University in St. Louis.

  • speaker photo
    Mark Gelhardt
    Former CIO, The White House

    Colonel Mark Gelhardt is a retired Army combat veteran. While in the Army, Mark was selected to be the Chief Information Officer for The White House, supporting President Clinton with secure Automation and Telecommunication for over four and half years. Mark has over 40 years of experience in providing executive level management in Information Technology and Cybersecurity fields as a CTO, CSO, CIO, and CISO for several global companies. He is currently the VP of Global Technology Governance for US Bank. Mark is a published author and well-known keynote speaker.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Don't miss out!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!