Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, October 14, 2021
    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:00 am
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable [VIP only]
    • session level icon
    Discussion Topic: Incident Response
    speaker photo
    Co-Chair, Cybersecurity & Data Privacy Practice Group, Spencer Fane LLP
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This session is for SecureWorld Advisory Council members by invite only. Discussion moderated by Shawn Tuma.

    8:15 am
    Ransomware Hindsight: As Attacks Surge, What Can We Learn from Previous Response?
    • session level icon
    speaker photo
    CISO, State of Texas
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:50 am

    Ransomware attacks are surging across the United States, often targeting government and education. That was certainly the case when 20 government agencies in Texas were attacked in a single day. Join this fireside chat as Texas CISO Nancy Rainosek shares what that day was like, how her team approached the attacks, and lessons they learned from remediating them. These insights could help your agency in the future.

    8:15 am
    Conquering Cloud Complexity
    • session level icon
    speaker photo
    CTO, RedSeal Networks
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:50 am

    Cloud security is hard, not least because cloud platforms change so quickly.  This talk presents several lessons learned from security teams struggling to get their arms around the sprawl of modern infrastructure, using practical analogies from pandemics and earthquakes.

    8:15 am
    The Value of Continuous Security Validation
    • session level icon
    speaker photo
    Technical Director, AttackIQ
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:50 am

    With cyber threats on the rise and the abundance of security controls and capabilities out there, how do you gain confidence in your ability to protect critical assets? Testing. Continuous validation of your controls and their capabilities. Let’s talk about how that looks and why it works.

    8:15 am
    Data Protection: Action and Reaction
    • session level icon
    speaker photo
    VP, Product Marketing, Encryption, Thales Group
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:50 am

    Protecting data is a critical component of any enterprise security strategy. We will discuss trends observed in a survey and presented in the 2021 Thales Data Threat Report. Ransomware has been a topic of significant concern recently, given the increasing number of targeted attacks. We’ll offer some recommendations to address this menace. Finally, we’ll go over the recent Executive Order in response to increasing security incidents, discuss sections of the executive order that pertain to data protection, and present Thales’ perspective to address it.

    9:00 am
    [Opening Keynote] Cybersecurity Habits to Help Secure Your Organization
    • session level icon
    speaker photo
    Chief Security Officer, Southern Methodist University
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    Cybersecurity should be understood as a series of nine habits that we must pursue. Doing so can greatly increase the security posture of an organization. Join author and CISO George Finney as he explores implementing these habits, changing our behaviors, and the power of these shifts to help combat most information security problems.

    George’s new book, “Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future,” is available for purchase here: https://www.amazon.com/Well-Aware-Master-Cybersecurity-Protect/dp/1626347352

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:00 am
    Staying Resilient: Small and Medium Enterprises (SMEs) and Cybersecurity
    • session level icon
    speaker photo
    Director of Information Security, Ambra Health
    speaker photo
    IT Security Architect, University of Texas Health Science Center at Houston (UTHealth)
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Small and Medium Enterprises (SMEs) are the backbone of U.S. and European economies. SMEs are significant drivers of economic growth, job creation, and new innovation. Technology enables businesses to increase connectivity and engagement with their customers, and can provide SMEs with a better understanding of their customer base. Today’s digitally connected environments lead to greater risk of data breach or service disruptions. One of the greatest challenges for SMEs is to keep running the operations while keeping themselves protected from ongoing attacks. Cybercriminals are no longer targeting larger enterprises alone. Larger enterprises have overall better security, so targeting them requires more resources in terms of time and money, whereas 90% of cybercriminals are lazy and want to get easy access and do quick damage. SMEs are lucrative to cybercriminals as they can be easy targets, and also, due to digital connectivity, are a step closer to larger organizations that SMEs partner with.

    Key questions we will cover:

    • What does downtime due to a cyberattack mean to an SME?
    • What data resides in SME networks that needs to be secured?
    • How do SMEs build cyber resilience?
    • What should an SME budget for a cybersecurity program be?

    Presentation level: MANAGERIAL (security and business leaders)

    10:00 am
    Getting Ahead of the Ransomware Operations Life Cycle
    • session level icon
    speaker photo
    Director, Strategic Threat Advisory Group, CrowdStrike
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Join this session to learn about CrowdStrike’s most current understanding regarding the ever-prevalent ransomware threat and our observations around how the ransomware ecosystem has evolved over the last couple of years. Attendees of this session will benefit from the unique insights into the associated enablers of ransomware, including associated initial access techniques, ransomware-related business models, and our newest data around monetization schemes being leveraged by the eCrime extortion community. Lastly, CrowdStrike will close by proposing actionable recommendations that organizations can undertake in order to harden their cybersecurity environment against the ransomware threat.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:00 am
    Different, Yet Better Together: Data Security and Data Privacy
    • session level icon
    speaker photo
    Product Manager, Partners, PKWARE
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Standard data security controls are excellent at ensuring that data stays secure and is only accessed by those with appropriate permissions. But where security fails is knowing the information that privacy requires, such as where the data came from, why the data is being stored, who the data belongs to, who it’s shared with, and how long it will be retained. The answers to those questions for every system or data element has an impact on which security controls a company needs to have in place.

    In this session, data expert Akshay Kumar details the crucial intersection between data security and data privacy, including:

    • The key differences between data security and data privacy
    • Why it’s possible to have security without privacy, but impossible to have privacy without security
    • How to enable and support both security and privacy when it comes to data
    10:00 am
    Anatomy of a Ransomware ATT&CK
    • session level icon
    speaker photo
    Sr. Solutions Engineer, Red Canary
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    This session will dive into a ransomware attack, from initial compromise through the detection opportunities leading up to widespread infection.

    10:30 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:45 am
    We Are All Collateral Damage Casualties of the Ongoing Cyber War
    • session level icon
    speaker photo
    Director, Global Cybersecurity Program, University of St. Thomas
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Today, one can make the argument that on some level all commerce is eCommerce and that the safety and prosperity of the places we work and communities we live in depend on a safe and secure internet. But how safe can we be when the titans for global geopolitics are engaged in an undeclared asymmetrical conflict that uses all aspects of national power that operate in the cyber domain? The old school modalities of propaganda, disinformation, espionage, intellectual property theft, and sabotage have greater reach and capabilities in our digitally connected world. Let’s look at a brief history of the conflict from Estonia, NotPetya, to Colonial Pipeline and then ask the question: is there a technical solution to the conflict, or is it time to consider cyber arms control?

    10:45 am
    Zero Trust and Battling Insider Threats
    • session level icon
    speaker photo
    CTO, ForgeRock
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Remote work has soared, and organizations are facing rapid change in their workforces. What’s really different about the situation? What can we do about ransomware, data exfiltration, and other threats given the new realities?

    10:45 am
    From Authentication to Audit: How to Secure Third-Party Connectivity
    • session level icon
    speaker photo
    Director, Sales Engineering, SecureLink
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    The risks associated with third-party remote access into an organization’s network grow daily. We regularly see breaches in the headlines that, time and time again, turn out to be the result of unsecured remote access. While the risks and the damages are growing, so is the need for secure third-party remote access. In this session, we’ll review the third-party lifecycle, discuss how to identify vulnerabilities in remote access, and hone in on managing connectivity from authentication to audit.

    If you manage an enterprise network and can’t identify every third-party user on your network by name and tie their identity back to their session activity, then join us to learn about the gaps in the lifecycle you can address to protect your organization.

    10:45 am
    A Proven Approach to Embed Security into DevOps
    • session level icon
    speaker photo
    Security Evangelist & Sr. Solution Specialist, Checkmarx Inc.
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    The shift towards DevOps makes it clear that organizations are adopting this model to facilitate the practice of automating development, delivery, and deployment of mission-critical software. While the traditional idea of a software release dissolves into a continuous cycle of service and delivery improvements, organizations find that their conventional approaches to application security are having a difficult time adapting to DevOps, since security if often viewed as an inhibitor to this new approach.

    Join Stephen Gates, Checkmarx SME, where you’ll:

    • Discover the six proven steps of embedding software security into DevOps.
    • Learn how to ensure vulnerabilities and run-time risks are identified and remediated early in development.
    • Explore the benefits of AppSec integration and automation into the tooling your developers use.
    • Hear about new AppSec awareness and training approaches to improve developer secure coding skills.
    11:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    11:30 am
    Lessons from Emergency Response for IT and Cybersecurity
    • session level icon
    speaker photo
    Program Manager, Cyber Readiness Center, Texas A&M Engineering Extension Service
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    For years, Information Technology and Cybersecurity departments within organizations have been struggling to develop plans and procedures for mitigating, responding to, and recovering from cybersecurity events. Although some strides have been made at the federal and state government level to integrate cybersecurity into the “all hazards approach” to incident management, many organizations outside of traditional emergency management are hard pressed to develop incident response, recovery, and mitigation/preparedness procedures.

    In this presentation, Andrew Jarrett will discuss a brief history of NIMS/ICS, federal and state doctrine that has been developed to coordinate cybersecurity incident response in the public sector, and how organizations in both the public and private sector can implement a model inspired by the core tenants of incident command and other lessons in emergency response to manage cybersecurity risk and organize for the response and recovery from cybersecurity disasters.

    11:30 am
    Never Trust. Always Verify.
    • session level icon
    speaker photo
    Global Security Strategist, Check Point Software Technologies
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    Humans are inherently both trusting and distrusting, without even knowing it! We pick up on innumerable subtle micro expressions and nuances of our environment, instantly spotting what’s out of place. Without a second thought, our computer brains process and alert us to “things out of place” and focus our attention, silencing distractions so we can verify trust.

    In this session, Eddie Doyle will demonstrate that when we design systems after our neuro-biology, we can focus our networks to eliminate threats in much the same manner as our natural born instincts.

    11:30 am
    Information Protection and Cloud Security Overview
    • session level icon
    speaker photo
    Global Director, Cloud and Information Protection, Proofpoint
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    Data Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations—especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021?

    11:30 am
    [Panel] Third-Party Risk: Managing Your Partners
    • session level icon
    speaker photo
    Vice President, Strategy & Risk, RiskRecon, a Mastercard company
    speaker photo
    Sr. Product Marketing Manager, ReversingLabs
    speaker photo
    Director, Sales Engineering, SecureLink
    speaker photo
    Solutions Engineer, Okta
    speaker photo
    Security Engineer, Corelight
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    At any given moment, a company could take a snapshot of its risk and stay busy trying to seal up all of its own holes (or accept them for what they are) in security. But what about the businesses that support you? How do you know that Fred’s band has a secure API for its clients? Does ACME really need access to our HR files? Why do we keep getting old invoices from ABC Parts Company? Dive into third-party risk, networking security with a focus on data exfiltration, and how Zero Trust could eliminate this costly issue.

    12:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    12:15 pm
    Ripples Across the Risk Surface: New Waves in 2021
    • session level icon
    speaker photo
    Vice President, Strategy & Risk, RiskRecon, a Mastercard company
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    Join the head of strategy from RiskRecon for a presentation based on exclusive research with Cyentia on multi-party breaches and the effect it can have on your firm and its supply chain, including:

    • how multi-party incidents have hurt organizations financially since 2008
    • the differences in impact between multi-party and single-party security incidents
    • the number of days for a typical ripple event to reach 75% of its downstream victims
    1:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    The Unified Controls Framework
    • session level icon
    speaker photo
    Vice President, Information Security Strategy, Innovation and Analytics, Allstate Insurance Company
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    In this presentation, Mia Boom-Ibes, Allstate Vice President, will explore the Secure Software Development Life Cycle and how you can deliver secure products—making the easy thing the right thing to do for your product development teams.

    You’ll get examples that you can put into practice, and leave armed with the knowledge and skills on how to improve code quality and gain transparency into the residual risks. The presentation will also cover a future focus on the unified control framework program and how the world of secure software development is innovating to stay in front of emerging threats.

    1:15 pm
    Breach Walkthroughs and Lessons Learned
    • session level icon
    speaker photo
    Director of Systems Engineering, Arctic Wolf
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Cybersecurity tools aren’t enough to stop cybercrime. We need an operational approach to truly minimize our cyber risk.

    Let’s walk through three major breaches from last year. You’ll see what the consequences were and what was the true root cause. (Hint: it wasn’t the security tools). We will dive into some of the struggles security teams are dealing with right now and how you can move your organization toward an operational approach to security to truly minimize your risk.

    1:15 pm
    [Panel] Ransomware: Myths, Pitfalls, and New Insights
    • session level icon
    speaker photo
    VP, Global Services Technical Operations, BlackBerry
    speaker photo
    Security Strategist, Cybereason
    speaker photo
    Director, Strategic Threat Advisory Group, CrowdStrike
    speaker photo
    Principal Security Strategist, Synopsys
    speaker photo
    Principal Solutions Architect, Armis
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    One thing we have learned over the past 18 months is that ransomware is very lucrative. Backups and cyber insurance have you covered, right? Not so fast. Misinformation abounds around digital extortion. Join our panel of experts as they unpack some of the myths and pitfalls around ransomware and offer valuable insight on how to keep your company out of the headlines!

    1:15 pm
    [Panel] Cloud: Power and Peril
    • session level icon
    speaker photo
    Director of Information Security and Research, Automox
    speaker photo
    Field CISO, Snyk
    speaker photo
    Field CTO, Gigamon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    We are making history now, in the cloud. Organizations are utilizing cloud at record levels, revealing its power like never before. However, much of this shift was forced, and fast, which increased risk. And attackers are shifting, too. Join this panel as we unpack the power of the cloud and also its peril: current challenges, threats, and pitfalls.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:15 pm
    [Closing Keynote] 2022 and Beyond Cyber Priorities
    • session level icon
    speaker photo
    CISO, G6 Hospitality, LLC
    speaker photo
    Director, Cybersecurity & Risk Compliance, Triumph Group
    speaker photo
    CISO, ExactlyIT Inc.; former CISO, alliantgroup
    speaker photo
    CSO, Security Mentor; Former CISO, State of Michigan
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
Exhibitors
  • Arctic Wolf Networks
    Booth:

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit  https://www.arcticwolf.com.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Association of Continuity Professionals (ACP) North Texas
    Booth:

    ACP is a non-profit professional organization, which provides a forum for the exchange of experiences and information, for business continuity professionals, throughout a network of local chapters.

    Founded in March of 1986, the North Texas Chapter is one of the oldest continuously meeting chapters, and among the largest by membership, serving the Dallas/Fort Worth metroplex. Meetings are held on the first Tuesday of every month, unless the first Tuesday coincides with a holiday week.  We invite you to attend our next meeting.

  • AttackIQ
    Booth:

    AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to identify security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat Informed Defense.

  • Automox
    Booth:

    Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.

  • BitSight
    Booth:

    BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter

  • BlackBerry
    Booth:

    BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including more than 175M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear—to secure a connected future you can trust.

    BlackBerry. Intelligent Security. Everywhere.

    For more information, visit BlackBerry.com and follow @BlackBerry.

  • Check Point Software Technologies Inc.
    Booth:

    Check Point Software Technologies Inc. is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Checkmarx Inc.
    Booth:

    Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

  • Corelight
    Booth:

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • CrowdStrike
    Booth:

    CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service—all delivered via a single lightweight agent.

  • Cybercrime Support Network
    Booth:

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Cybereason
    Booth:

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • ForgeRock
    Booth:

    ForgeRock®, a leader in digital identity, delivers modern and comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world. Using ForgeRock, more than a thousand global customer organizations orchestrate, manage and secure the complete lifecycle of identities from dynamic access controls, governance, APIs, and storing authoritative data—consumable in any cloud or hybrid environment. The company is privately held, and headquartered in San Francisco, California, with offices around the world. For more information and free downloads, visit www.forgerock.com or follow ForgeRock on social media.

  • Gigamon
    Booth:

    Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.

  • InfraGard North Texas
    Booth:

    The primary purpose of the InfraGard North Texas Members Alliance is to assist in increasing the security of the United States national infrastructures through ongoing exchanges of information relevant to infrastructure protection and through education, outreach, and similar efforts. In addition to the benefits offered by the national InfraGard organization, there are several ways our local chapter accomplishes these objectives, including:

    • Local quarterly membership meetings focused on infrastructure protection
    • Sector-specific meetings and information exchanges
    • Partnerships and discounts to training offerings with other organizations such as ISSA and SecureWorld
    • Networking opportunities with peers within and across all sectors
  • (ISC)2 Dallas-Fort Worth
    Booth:

    The Dallas-Fort Worth Chapter of (ISC)2 is based in the DFW area and serves the counties of the Dallas-Fort Worth Metroplex. Members include those with security certifications from (ISC)2 as well as other professionals practicing or interested in information, software and communications security. Our mission is to advance information security in the DFW area by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects. Our chapter programs provide members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resources and educational programs to keep them up to date with the latest advances in technology as well as information assurance.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • PKWARE
    Booth:

    PKWARE protects the world’s data with smart encryption software and solutions. In use by more than 35,000 customers, including government agencies and global corporations, PKWARE’s easy-to-use security armors data itself and eliminates vulnerabilities wherever data is used, shared or stored.

    PKWARE offers the only data discovery and protection solution that locates and secures sensitive data to minimize organizational risks and costs, regardless of device or environment. Our software enables visibility and control of personal data, even in complex environments, making PKWARE a global leader in data discovery, security, and compliance.

  • Proofpoint
    Booth:

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • RangeForce
    Booth:

    RangeForce offers interactive and hands-on cybersecurity training experiences. Upskill your team to close the cybersecurity skills gap in your organization.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth:

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • RedSeal
    Booth:

    By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.

  • ReversingLabs
    Booth:

    ReversingLabs automatically detects and analyzes sophisticated file-based threats built to evade security controls from development to the SOC. Our hybrid-cloud Titanium Platform verifies binaries at the speed, accuracy, and scale required for software development, third-party software acceptance, and security operations teams to take confident action. Learn more at www.reversinglabs.com.

  • RiskRecon
    Booth:

    RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
    easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
    solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
    enabling organizations to efficiently operate scalable, third-party risk management programs for
    dramatically better risk outcomes. Request a demo to learn more about our solution.

  • SecureLink
    Booth:

    SecureLink is a leader in managing secure third-party access and remote support for both enterprise companies and technology providers. SecureLink serves over 400 customers and 30,000 organizations worldwide. World-class companies across multiple industries including healthcare, financial services, legal, gaming and retail rely on SecureLink’s secure, purpose-built platform.

  • Snyk
    Booth:

    Snyk is a developer-first security company that helps organizations use open source and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Founded in 2015, Snyk is based in London, England.

  • Synopsys
    Booth:

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Thales
    Booth:

    As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

  • ThreatConnect
    Booth:

    Designed by analysts but built for the team, ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. To learn more about our TIP and SOAR solutions, visit www.ThreatConnect.com.

  • WiCyS Houston Affiliate
    Booth:

    Women in CyberSecurity (WiCyS) is a global community that is dedicated to bringing talented women together to celebrate and foster their passion and drive for cybersecurity. WiCyS Houston Affiliate was formed to empower women in cyber and create a safe community for women to flourish, explore, and learn. We unite local, national, and international communities across academia, research, and industry to empower women through knowledge, experience, networking, and mentorship.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Shawn E. Tuma
    Co-Chair, Cybersecurity & Data Privacy Practice Group, Spencer Fane LLP

    Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

  • speaker photo
  • speaker photo
    Mike Lloyd
    CTO, RedSeal Networks

    Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.

    Dr. Mike Lloyd holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.

  • speaker photo
    Cory Sutliff
    Technical Director, AttackIQ

    Practice Lead for Technical Account Management at AttackIQ. Cory has 20+ years' experience in IT focusing on security, seven+ years with the DoD. He has spent the last two years at AttackIQ delivering Security Optimization (BAS).

  • speaker photo
    Krishna Ksheerabdhi
    VP, Product Marketing, Encryption, Thales Group

    Krishna has more than 25 years of experience leading Engineering and Business Strategy teams, including evaluating and integrating several key Thales acquisitions. Krishna has a Ph.D. in Computer Science and has worked on various topics, from compilers for supercomputers to operating systems for smart cards, leading skunkworks innovation projects to corporate entrepreneurship initiatives and M&A. He is currently responsible for marketing Thales’ Encryption products.

  • speaker photo
    George Finney
    Chief Security Officer, Southern Methodist University

    George Finney is the Chief Security Officer for Southern Methodist University and the author of “No More Magic Wands: Transformative Cybersecurity Change for Everyone.” He previously worked with several startups and global telecommunications firms designing networks, writing policy, hardening servers, and educating users. George is a member of the Texas CISO Council, an Advisory Council member for SecureWorld, and a board member of the Palo Alto Networks FUEL User Group.

  • speaker photo
    Deepthi Menon
    Director of Information Security, Ambra Health

    Deepthi Menon serves as Director of Information Security at Ambra Health. Ambra Health is an innovative software company that provides solutions for medical image sharing of DICOM and non-DICOM data between patients, physicians, and hospitals. Deepthi has more than 12 years of experience in information security. She has her Masters in Information Security from the University of Houston. In last 12 years, Deepthi has held several different security roles, from Network Security Architect to Leading Security Operations Center to Directory of Security. Deepthi is one of the founding members of Tech Ladies and a champion for women in technology and security. On a personal front, Deepthi is a trained Indian classical dancer (dancing preferably when no one is watching) and an avid fan of mystery novels and movies. Deepthi has a lovely 10-year-old daughter and loves spending time with her.

  • speaker photo
    Karl Bernard
    IT Security Architect, University of Texas Health Science Center at Houston (UTHealth)

    Karl Bernard, CISSP, is an IT Security Architect at UTHealth with 30 years of IT experience, with 20 years in Information Security. His experience runs the full gamut of IT Security: he has implemented new technologies, such as network monitoring products and web application firewalls; performed risk assessments; coordinated large DR tests; led incident response tabletops; started and managed a web application firewall and system vulnerability management program; and trained and mentored colleagues to run these programs.

  • speaker photo
    Jason Rivera
    Director, Strategic Threat Advisory Group, CrowdStrike

    Jason Rivera has over 15 years of experience innovating at the intersection of security operations and technology. He was a former Intelligence Officer/Captain in the U.S. Army, had assignments with the National Security Agency (NSA) and U.S. Cyber Command (USCYBERCOM), and served in combat tours overseas. He has experience in the private sector and built threat intelligence and cybersecurity programs for large Fortune 500 companies and U.S. government agencies. He received his M.A. in Security Studies from Georgetown University, M.A. in Economics from the University of Oklahoma, and his B.A. in Political Science & Economics from the University of Nevada, Las Vegas.

  • speaker photo
    Akshay Kumar
    Product Manager, Partners, PKWARE

    Akshay Kumar serves as the product lead for Hadoop Distributed File Systems (HDFS) and cloud storage modules, in addition to growing key partnerships with companies like AWS and IBM. Prior to joining PKWARE via the Dataguise acquisition in 2020, Akshay built his data security background as a solutions architect, where he implemented hybrid deployments and helped clients become GDPR/PCI/PHI compliant. In addition, Akshay gained data center infrastructure experience from being a software engineer at Arista Networks, where he oversaw large-scale server maintenance and lab network utility. Akshay holds a Bachelor of Science in Computer Science from University of California, Davis.

  • speaker photo
    Bobby Mazzotti
    Sr. Solutions Engineer, Red Canary
  • speaker photo
    Eric Botts
    Director, Global Cybersecurity Program, University of St. Thomas

    Eric Botts is Director, Global Cyber Security Program, and Assistant Professor of International Studies at the University of St. Thomas, teaching courses on Cyber Warfare, Cyber Ethics, Enterprise Cybersecurity, and Digital Governance. Adjunct Lecturer at the University of Houston Downtown, teaching a course on Organizational Resilience in the Master of Security Management program in the College of Business. He is a lecturer at the Women’s Institute of Houston teaching a course entitled The World According to Eric. He received his Bachelor of Arts degree in Political Science from St. Mary's University and a Master of Security Management degree from the University of Houston Downtown.

    After serving for 31 years in the U.S. Department of State as a Foreign Service Officer (Santo Domingo, Seoul, Dublin, and Nassau), Assistant Director of the Houston Passport Agency, and an Information Systems Security Officer, Eric retired and went to work in the private sector. During his federal career, he served as Program Chairman of the Gulf Coast Federal Safety Council, and as a member of the Federal Executive Board. He is a founding board member of the Foreign Policy Alliance and has spoken on foreign policy issues to civic groups, colleges, and the media. He works as a security project manager and consultant for Swailes & Co. Inc., specializing in cybersecurity, risk management, business continuity, due diligence, travel security, and investigations. In the cybersecurity community, he sits on the SecureWorld Advisory Council. He has authored and published two novels: "Conversations with An Alien" (2004) and "The Circle - Portrait of an American Family" (2015), writing under the pen name Eric Cristofer.

  • speaker photo
    Eve Maler
    CTO, ForgeRock

    Eve Maler is a globally recognized strategist, innovator, and communicator on digital identity, security, privacy, and consent, with a passion for fostering successful ecosystems and individual empowerment. She has 20 years of experience innovating and leading standards such as SAML and User-Managed Access (UMA), and has also served as a Forrester Research security and risk analyst. She leads the ForgeRock Labs team investigating and prototyping innovative approaches to solving customers' identity challenges, along with driving ForgeRock's industry standards leadership.

  • speaker photo
    Russell Dowdell
    Director, Sales Engineering, SecureLink

    For nearly a decade, Russell has worked with SecureLink customers and organizations looking to improve third-party security. He has been an integral part of the implementation, support, and solution engineering for customers ranging from large healthcare vendors to small towns. In his current role, Russell and his team help organizations identify the SecureLink products and product features that can be leveraged to both improve security and streamline workflows.

  • speaker photo
    Stephen Gates
    Security Evangelist & Sr. Solution Specialist, Checkmarx Inc.

    Stephen Gates brings more than 15 years of information security experience to his role as Security Evangelist and Senior Solution Specialist at Checkmarx. He is an SME with an extensive hands-on background in security and is a well-known writer, blogger, presenter, and published author who is dedicated to conveying facts, figures, and information that brings awareness to the security issues all organizations face.

  • speaker photo
    Andrew Jarrett
    Program Manager, Cyber Readiness Center, Texas A&M Engineering Extension Service

    Andrew Jarrett of the TEEX Cyber Readiness Center is a former firefighter, current member of a Type II/Type III Incident Management Team (IMT) and has recently been deployed as a member of Texas Division of Emergency Management (TDEM) Incident Support Teams (ISTs) for COVID response. As the Cyber Enterprise Program Manager at the TEEX CRC, he helps organizations assess their cybersecurity risk posture, develop pre-incident plans for cybersecurity, and organize their resources for response and recovery. He has also developed and delivered a number of FEMA-certified cybersecurity courses focused on the FEMA mission set of preparedness, mitigation, response, and recovery.

  • speaker photo
    Eddie Doyle
    Global Security Strategist, Check Point Software Technologies

    Edwin Doyle communicates with international leaders in cybersecurity, cyber forensics, and cyber law enforcement, across the world. Taking best practices for threat mitigation from the industry’s finest CISOs and from police and military cyber command, Edwin’s responsibilities include sharing cyber defense tactics with media, government agencies, and enterprise corporations, via keynote and panel discussions.

    Edwin’s unconventional background in education allows him to clearly explain technical topics to a diverse audience. With over 20 years of cybersecurity experience, Edwin holds a unique understanding of the security risks and challenges that organizations must overcome.

  • speaker photo
    Mike Stacy
    Global Director, Cloud and Information Protection, Proofpoint

    Mike Stacy is the Global Cloud and Information Protection Director at Proofpoint. Mike works with customers and oversees technical strategy for areas which include cloud security, advanced email defense, SOAR, browsing security, and SDP. Prior to joining Proofpoint, Mike held numerous technical leadership and product strategy roles across a variety of solutions.

  • speaker photo
    Jonathan Ehret
    Vice President, Strategy & Risk, RiskRecon, a Mastercard company

    Jonathan has been a third-party risk practitioner since 2004. He is co-founder and former president of the Third-Party Risk Association. He has deep experience building and running third-party risk programs in finance and healthcare. He started with RiskRecon in April, 2020.

  • speaker photo
    Jasmine Noel
    Sr. Product Marketing Manager, ReversingLabs

    Jasmine Noel is Senior Product Marketing Manager at ReversingLabs. Her career began as an industry analyst covering IT technologies. She then founded Ptak, Noel & Associates to provide research and marketing services to Fortune500 and startup technology firms. Prior to ReversingLabs, Noel also held product marketing roles in growth companies, including Veracode, Corvil, and NS1.

  • speaker photo
    Russell Dowdell
    Director, Sales Engineering, SecureLink

    For nearly a decade, Russell has worked with SecureLink customers and organizations looking to improve third-party security. He has been an integral part of the implementation, support, and solution engineering for customers ranging from large healthcare vendors to small towns. In his current role, Russell and his team help organizations identify the SecureLink products and product features that can be leveraged to both improve security and streamline workflows.

  • speaker photo
    Dan Kaplan
    Solutions Engineer, Okta

    Dan is a Solutions Engineer for Okta and aligns identity-related technical requirements to business outcomes for Okta US West commercial customers and prospects. He is an Okta-certified consultant and developer familiar with Zero Trust methods used by Okta's ecosystem of customers, partners, and prospects.

  • speaker photo
    Tom Dixon
    Security Engineer, Corelight

    Tom has 15 years of experience in the security industry, beginning his career as an Analyst at what is now the U.K. MOD Joint Cyber Unit. After seven years in the military, he left to join Sourcefire as a Security Engineer. Cisco acquired Sourcefire in 2013, and he joined a small global team working with Cisco's top 28 accounts, ultimately leading him to move to the U.S. Wanting to go back to his open source roots, Tom joined Corelight in April.

  • speaker photo
    Jonathan Ehret
    Vice President, Strategy & Risk, RiskRecon, a Mastercard company

    Jonathan has been a third-party risk practitioner since 2004. He is co-founder and former president of the Third-Party Risk Association. He has deep experience building and running third-party risk programs in finance and healthcare. He started with RiskRecon in April, 2020.

  • speaker photo
    Mia Boom-Ibes
    Vice President, Information Security Strategy, Innovation and Analytics, Allstate Insurance Company

    Mia Boom-Ibes is Vice President, Security Innovation, Strategy and Analytics, ATSV for Allstate Insurance Company. In this role, she is responsible for Allstate's cybersecurity strategy and priorities. She manages relationships with key business and technology stakeholders to ensure alignment and oversees architectural standards to enable consistency across the enterprise.

    Prior to becoming a vice president at Allstate in July of 2017, Mia was a director in Allstate Information Security with responsibility for setting the strategy and direction for information security governance, risk and compliance efforts across the corporation. She spearheaded the creation of the company’s first Enterprise Information Security Policy and Information Security Risk Management program aligned with industry best practices and frameworks. In addition, Mia has designed and built security governance programs to obtain or retain PCI compliance status at multiple institutions.

    Mia began her Allstate career in 2012 as an information security compliance and consulting manager, quickly progressing to roles of increasing leadership. She previously served in information security roles at John Deere Financial, PwC Consulting and Discover Financial Services.

    Mia holds CISSP and CISM certifications and bachelor’s degree from the College of Saint Benedict. As the proud mother of four sons, Mia leads an active lifestyle balancing her work responsibilities, learning new skills in mixed martial arts and enjoying time with her husband and children.

  • speaker photo
    Jim Johnson
    Director of Systems Engineering, Arctic Wolf

    Jim Johnson has been working to end cybercrime for the past two decades. His career started at Blue Coat, where he helped customers with their struggles to mitigate risk in the early days of web filtering. Since then, he has worked with customers of all sizes and verticals providing solutions from F5, Forescout, and now Arctic Wolf. As the Director of Systems Engineering, he interfaces with several companies struggling with the operational aspects of cybersecurity.

  • speaker photo
    Tony Lee
    VP, Global Services Technical Operations, BlackBerry
  • speaker photo
    Maggie MacAlpine
    Security Strategist, Cybereason
  • speaker photo
    Jason Rivera
    Director, Strategic Threat Advisory Group, CrowdStrike

    Jason Rivera has over 15 years of experience innovating at the intersection of security operations and technology. He was a former Intelligence Officer/Captain in the U.S. Army, had assignments with the National Security Agency (NSA) and U.S. Cyber Command (USCYBERCOM), and served in combat tours overseas. He has experience in the private sector and built threat intelligence and cybersecurity programs for large Fortune 500 companies and U.S. government agencies. He received his M.A. in Security Studies from Georgetown University, M.A. in Economics from the University of Oklahoma, and his B.A. in Political Science & Economics from the University of Nevada, Las Vegas.

  • speaker photo
    Tim Mackey
    Principal Security Strategist, Synopsys

    Tim Mackey is a principal security strategist within the Synopsys CyRC (Cybersecurity Research Center). He joined Synopsys as part of the Black Duck Software acquisition where he worked to bring integrated security scanning technology to Red Hat OpenShift and the Kubernetes container orchestration platforms. As a security strategist, Tim applies his skills in distributed systems engineering, mission critical engineering, performance monitoring, large-scale data center operations, and global data privacy regulations to customer problems. He takes the lessons learned from those activities and delivers talks globally at well-known events such as RSA, Black Hat, Open Source Summit, KubeCon, OSCON, DevSecCon, DevOpsCon, Red Hat Summit, and Interop. Tim is also an O'Reilly Media published author and has been covered in publications around the globe including USA Today, Fortune, NBC News, CNN, Forbes, Dark Reading, TEISS, InfoSecurity Magazine, and The Straits Times. Follow Tim at @TimInTech on Twitter and at mackeytim on LinkedIn.

  • speaker photo
    Travis Dye
    Principal Solutions Architect, Armis

    Travis Dye is a Principal Solutions Architect for Armis focusing on strategic customers with challenging security projects. His passion is to help organizations with large and complex network environments find effective, real-world approaches to improve their network security programs. Prior to his current role he worked with security teams to help them implement SOC technologies and workflows focused on their most valuable assets to give them the agility to quickly identify and mitigate serious threats and vulnerabilities.

  • speaker photo
    Christopher Hass
    Director of Information Security and Research, Automox

    Chris Hass is an extremely driven and proven information security professional with extensive experience in Malware Reverse Engineering, Threat Intelligence, and Offensive Security Operations. In his current role, Chris serves as Director of Information Security and Research at Automox. In addition to being a former cybersecurity analyst for the NSA, he also served as a principal research engineer at LogRhythm and helped fight off malware authors using AI/ML at Cylance. His unique experience makes him adept at understanding today's current threat landscape, and works passionately to secure Automox and its customers from today's cyber attacks.

  • speaker photo
    Steve Kinman
    Field CISO, Snyk

    Steve Kinman is a dedicated technology leader, with 20+ years of innovative, compliance-driven security strategy knowledge and the ability to deliver scalable, principle-based security and privacy programs focused on business requirements. Most recently, he led a security program transformation at Zalando SE in Berlin, Germany, joining as the first CISO for the now Dax listed publicly traded company in 2018 to help solve GDPR challenges. Steve is currently the Field CISO of Snyk, a developer-first security platform.

  • speaker photo
    Jim Mandelbaum
    Field CTO, Gigamon
  • speaker photo
    KC Condit
    CISO, G6 Hospitality, LLC

    KC Condit has been an information security practitioner and IT leader for 30 years with a diverse resume including hospitality, financial services, retail, and private, post-secondary education. He is currently the CISO for G6 Hospitality, LLC, and is responsible for information security, data privacy, IT risk management, and IT compliance for the Motel 6 and Studio 6 brands in the U.S. and Canada along with the Hotel 6 brand in India. Since 2011, KC has made 3rd party risk management an area of particular focus, developing low-cost approaches and creative, risk-based solutions.

  • speaker photo
    Sonya Wickel
    Director, Cybersecurity & Risk Compliance, Triumph Group
  • speaker photo
    Mike Davis
    CISO, ExactlyIT Inc.; former CISO, alliantgroup
  • speaker photo
    Dan Lohrmann
    CSO, Security Mentor; Former CISO, State of Michigan

    Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker, and author. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington D.C. to Moscow. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader. In 2017, Dan was awarded the cybersecurity breakthrough CISO of the year for global security products and services companies.

    He led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO), and Chief Information Security Officer (CISO) roles in Michigan.

    Dan currently serves as the CSO and Chief Strategist for Security Mentor, Inc., where he leads the development and implementation of Security Mentor’s industry-leading cyber training, consulting, and workshops for end-users, managers, and executives in the public and private sectors. He has advised senior leaders at the White House, National Governor’s Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses, and non-profit institutions.

    Dan has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

    He is the author of two books: "Virtual Integrity: Faithfully Navigating the Brave New Web" and "BYOD For You: The Guide to Bring Your Own Device to Work." He is the co-author of the upcoming (November 2021) Wiley book, "Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering from the Inevitable."

    Dan holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store