SecureWorld St. Louis 2025

AI technology enables computers and machines to simulate human learning, comprehension, problem solving, decision making, creativity and autonomy. Applications and devices equipped with AI can see and identify objects, understand, and respond to human language, learn from new information and experience. AI based applications (for example autonomous vehicles) can make detailed recommendations to users and experts, act independently, replacing the need for human intelligence or intervention. This class focuses on how the development of AI capabilities, technologies, and tools impact cybersecurity.

Lesson 1: What is Artificial Intelligence?
Includes an overview of Artificial Intelligence including how AI works, AI architecture components and processes (models, algorithms, workflows). We will cover Generative AI, Large Language Models (LLMs), foundation models and AI agents. In addition, we will discuss today’s top AI use cases across multiple industry sectors.

Lesson 2: What are the AI threats?
Includes an overview of MITRE ATLAS (a framework that provides adversary profiles, techniques, and mitigations for securing AI-enabled systems). We will cover AI threats based on FS-ISAC Adversarial AI Framework and NIST AI 100-2: Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations. AI Threats include those related to AI models, the data such models are trained and tested on, the third-party components, plug-ins, and libraries utilized in their development, as well as the platform models are hosted on.

Lesson 3: What are the AI vulnerabilities?
Includes an overview of AI vulnerabilities including data related vulnerabilities and model related vulnerabilities. We will cover the Top 10 for LLM Applications (2025). We also cover the top vulnerabilities found in AI Agents.

Lesson 4: What are AI security controls?
Includes an overview of the Google Secure AI Framework (SAIF), the OWASP AI Security and Privacy Guide, the UK Department for Science, Innovation and Technology’s (DSIT’s) developing AI Cyber Security Code of Practice and Black Duck Blueprint for Generative AI Security.

Lesson 5: What is AI risk management?
Includes an overview of NIST-AI-600-1, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile and companion document AI RMF Playbook. The profile helps organizations identify unique risks posed by generative AI and proposes actions for generative AI risk management that best aligns with their goals and priorities.

Lesson 6: What is AI Test, Evaluate, Validate, and Verify (TEVV)
One of the key activities highlighted in the NIST AI Risk Management Framework is TEVV (Test, Evaluation, Verification, and Validation)—tasks that are performed throughout the AI lifecycle to measure and govern risk from non-deterministic AI systems. This lesson includes an overview of AI Threat Modeling, AI Penetration Testing, AI Red Team Exercises, AI Model Cards, and AI Data Cards

Lesson 7: What are the AI governance, AI compliance, AI audit requirements?
Includes an overview of AI Governance, Compliance and AI Audit requirements. AI governance includes processes, standards and guardrails that help ensure AI systems and tools are safe and ethical. AI compliance refers to the decisions and practices that enable businesses to stay in line with the laws and regulations that govern the use of AI systems. AI audit requirements focus on ensuring transparency, accountability, and compliance in AI systems.

Lesson 8: Building an AI security program
Includes a systematic approach to building an AI security program to protect AI systems and applications. Based on best practices covered in the class. The goal is to establish a process, assign resources, establish program requirements and deliverables and design / build / maintain a comprehensive AI system security program.

Upon completion of the class, the attendees will have an up-to-date understanding of AI and its impact on cybersecurity as well as what actions an organization should take to benefit from the many advancements available with adopting AI into their security design, development, deployment, operations, and maintenance.

STUDENT TESTIMONIAL:
“Mr. Wilson presented an incredibly complex, emerging topic that includes significant risks in such a way that it left me convinced GenAI is just another piece of software. He walked us through defining the technical components, understanding the risks of and threats to these systems, and the security controls to help mitigate them. He wrapped the class by outlining how we may want to develop a program for managing the risks associated with AI, and did it with a wealth of practical knowledge, relatable personal anecdotes, and a ton of thoughtful research. Best class of SecureWorld Boston 2025!”
— Andrew F. Powell Jr., Information Security Director, Williams College

This intensive, live workshop is your shortcut to cyber resilience mastery. In just one power-packed day, you’ll walk away with:

• Complete mastery of NIST CSF 2.0 – Understand every component and why it matters to YOUR business
• Your personalized Cyber Risk Map – Identify your organization’s exact vulnerabilities and blind spots
• A step-by-step action plan – No more guessing what to do next
• Real-world case studies – See how organizations just like yours have successfully implemented the framework
• Expert-level confidence – Finally speak cybersecurity with authority and clarity

What makes this different?
This isn’t another theoretical lecture. You’ll spend most of your time actually BUILDING your organization’s cybersecurity roadmap using the proven Cyber Risk Management Action Plan (CR-MAP) methodology. You’ll leave with tools and know-how you can implement immediately.

Perfect for:

• IT Directors and Managers
• Cybersecurity Professionals
• Business Leaders responsible for risk management
• Compliance Officers
• Anyone tasked with “figuring out cybersecurity”

Exclusive Bonus: Every attendee receives our comprehensive digital CR-MAP Online Workbook ($197 value), your step-by-step guide to:

• Getting BUY-IN from your senior decision makers
• Discovering your top five cyber risks
• Creating a prioritized risk mitigation plan with implementation roadmap
• A score card you can use to track progress

Warning: This live, in-person intensive has limited seating. Don’t let another cyber incident catch your organization unprepared.

Your organization’s cybersecurity can’t wait. Register now.

Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible, as well as association chapters! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Also, look for “Cyber Connect” discussions on select topics and join the conversation.

As cyber threats evolve and business pressures mount, resilience is no longer just a technical objective—it’s a leadership imperative. In this closed-door roundtable discussion, local Advisory Council members and cybersecurity leaders will share their perspectives on what cyber resilience looks like today and how their organizations are striving to achieve it. From incident response readiness and business continuity planning to workforce stress and supply chain challenges, this open-format session is designed to spark dialogue around the strategies, struggles, and successes that define resilience in the real world.

Cybersecurity challenges don’t just face giant companies; they weigh heavily on schools, small towns, and local businesses. The Missouri Cybersecurity Center of Excellence (MCCoE) was created to address cybersecurity workforce, access, and resilience gaps across the state. In this session, Heather Noggle, MCCoE board member, shares how this new model builds hands-on talent and strengthens community defense, ensuring cybersecurity becomes practical, accessible, and sustainable for organizations of every size.

Visit the Networking Hall to network with attendees and connect with our vendor sponsors and association partners.

Artificial intelligence rapidly redefines how we defend our networks—and how attackers target them. From threat detection to deepfakes, explore the double-edged nature of AI in cybersecurity and how it’s impacting your daily work.

Please join us in the Networking Hall to connect with peers over coffee and snacks and share real-world experiences, strategies, and concerns around AI’s growing role in security.

2025 has become the year of Agentic AI. In this session, we will discuss the evolution of threats and opportunities when using AI in Cybersecurity as well as recent Agentic AI Use cases in Cybersecurity and the race to protect our organizations.

As digital transformation accelerates, the traditional boundaries between infrastructure and security are fading. Today’s security professionals are responsible for safeguarding the enterprise while enabling agility, innovation, and operational resilience. This thought leadership session reframes security as a strategic enabler—anchored in the core principles of prevention, detection, and recovery.

We’ll explore how the convergence of infrastructure and security is creating new opportunities for alignment, efficiency, and visibility—helping technology leaders break down silos and respond to threats with greater speed and precision.

Equally important is the shift toward security as a managed service. With escalating compliance complexity, rapid technology cycles, and increasing resource constraints, security professionals must evaluate new delivery models that can scale with their organization’s needs.

Attendees will walk away with a clear picture of what a modern security program looks like: integrated, cloud-ready, agile, and built to adapt. Through strategic insights and practical takeaways, this session will empower technology leaders to build resilient programs that protect the business while driving it forward.

Despite all the tools and technology, people remain the most unpredictable variable in security. Whether insider threats, awareness training, or culture-building, human behavior is central to your cyber strategy.

Please join us in the Networking Hall to connect with peers over coffee and snacks and discuss how organizations are tackling the people side of cybersecurity.

Cybersecurity professionals are trained to manage risk, but what happens when personal resilience is worn thin by the very weight of that responsibility? In this compelling session, we’ll explore how emotional attachment to mission-critical work can erode personal resilience, and why that matters more than ever in today’s high-stakes cyber landscape. Drawing from real-world experience, we’ll examine the hidden costs of burnout and emotional fatigue on risk-based decision making. Attendees will walk away with a fresh perspective on how cultivating personal resilience isn’t just self-care, it’s a strategic imperative for sound cybersecurity leadership.

Zscaler has built the world’s largest security cloud in the world, arming us with a comprehensive view of threats, vulnerabilities, policy definitions, and overall risk. To better support our customers’ efforts to improve their posture, we are offering top-tier exposure management and threat defense strategies. This requires the highest quality data with the necessary context to yield powerful insights. In this session, we will break down the methodologies for achieving transformation within proactive and reactive security programs.

Today’s professionals face challenges reminiscent of classic fairy tales: shadowy villains, unexpected allies, and battles for safety and survival. This panel will delve into the current threat landscape, from ransomware dragons to insider trolls. It will offer insights into the strategies and tools organizations need to craft their own happily ever after in cybersecurity.

Moderated discussion for SecureWorld Advisory Council members. By invite only.

Sponsored by:

The days of reacting to alerts are over. From continuous monitoring to threat hunting, organizations are shifting to proactive security models that anticipate and prevent incidents before they happen.

Please join us in the Networking Hall to connect with peers over coffee and snacks and explore how to make proactive security a reality in your environment.

In every great story, the hero faces challenges, makes pivotal choices, and learns lessons that shape their future. Cybersecurity is no different—our “once upon a time” moments often arrive in the form of evolving risks, shifting priorities, and decisions that can make or break our defenses.

Join Montez Fitzpatrick, CISO at Navvis Healthcare, for an engaging session that blends real-world experience with practical guidance on identifying, prioritizing, and mitigating cyber risks in today’s complex threat landscape. From balancing security with business needs to understanding the ripple effects of AI, privacy concerns, and network vulnerabilities, this session will help you write the next chapter of your organization’s risk strategy with confidence.

Whether you’re an emerging professional or a seasoned leader, you’ll walk away with insights you can immediately apply—because in the story of cybersecurity, every decision shapes the ending.

The AI revolution is fundamentally transforming cybersecurity, while the future of networking evolves toward Hybrid Full Mesh—integrating 5G, WiFi, Ethernet, Fiber, and other network infrastructures. This presentation examines how AI is accelerating cyber threats: attack costs are skyrocketing, incidents surging 50% year-over-year, and ransomware development compressed from nine days to mere minutes*. We’ll explore why Hybrid SASE (not cloud-only) forms the core of an effective hybrid full-mesh security architecture and how organizations can respond when the rate of change and complexity outpace their capabilities. Most importantly, we’ll demonstrate why security isn’t just a feature but the essential foundation of operations in this new era of hyperconnected vulnerability.

In the realm of enterprise security, every organization faces a classic tale as old as time: the eternal battle between defenders and digital dragons. Just as fairy tale heroes relied on preparation, vigilance, and the right tools to protect their kingdoms, today’s cybersecurity professionals must deploy proactive measures to safeguard their digital domains.

This panel session explores how preventative measures serve as the ultimate “happily ever after” for enterprise security. Our expert panel guides attendees through the enchanted forest of modern threats, revealing how proactive security architecture can transform organizations from vulnerable victims to empowered heroes.

Panelists share real-world case studies, proactive security solutions, and how organizations can write their own security success stories.

The cybersecurity workforce shortage is real—and growing. From finding skilled talent to reducing burnout and investing in upskilling, leaders are rethinking how to build resilient teams for the future.

Please join us in the Networking Hall to connect with peers over coffee and snacks and exchange ideas for navigating one of the industry’s most significant ongoing challenges.

Quantum Computing has the potential to render traditional cryptographic systems breakable within the next decade. There are now standards and viable implementations of quantum-resistant cryptographic protocols. That is the first step. The next step is how to assess your organization’s risk and begin the transition to Post-Quantum Cryptography (PQC). You will walk away knowing you need to have and maintain a cryptographic protocol inventory; you need to transition to quantum-resistant cryptography starting with your highest risk data and platforms; and you need to transition in a way that doesn’t interrupt the business.

Session details to come.

AI can be both a powerful ally and a mischievous force if left unchecked. This panel will explore how organizations can harness the magic of AI for cybersecurity—automating defenses, detecting threats, and enhancing decision-making—while addressing the risks of bias, over-reliance, and adversarial AI. Use this transformative technology wisely to write your cybersecurity success story.

This is your final chance to visit the Networking Hall and get scanned by our participating partners for our Dash for Prizes. You can also turn in your Passport cards at the Registration Desk before we announce our winner!

Join your peers for conversation and complimentary beverages. This is a great opportunity to network with other security professionals from the area and discuss the hot topics from the day.

Participating sponsors will announce their Dash for Prizes winners. Must be present to win.