googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });

2nd Annual

SecureWorld Twin Cities 2018

September 6, 2018 | Hyatt Regency Minneapolis

EVENT DETAILS

Click here to view registration types and pricing (PDF)

Download Now

Conference Agenda

Day 1
Day 2

Filter by registration level:

Open Sessions
Conference Pass
SecureWorld Plus
VIP / Exclusive

Wednesday, September 5, 2018
9:00 am
[SecureWorld PLUS] Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
9 a.m. - 3 p.m. • Earn 12 CPEs!
Larry Wilson, CISSP, CISA, Instructor
Manager, Cyber and Information Security, Point32Health
Registration Level:
SecureWorld Plus
9:00 am - 3:00 pm
Location / Room: Nokomis
The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

This innovative education and training program includes the following key elements:

An introduction to the key components of the NIST Cybersecurity Framework

How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy

An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications

How to use the Framework to protect critical information assets

A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program

A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

The class will help individuals and organizations acquire knowledge, skills, and abilities to:

Develop a strategy to apply the NIST Cybersecurity Framework to their environment

Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework

Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed

Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps

Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps

Identify required workforce skills and develop career pathways for improving skills and experience

About the instructor:

Larry Wilson is the CISO for UMass President’s Office since 2009.

Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.

Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.

Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

The program and its author have won the following industry awards:

Security Magazine’s Most Influential People in Security, 2016

SANS People Who Made a Difference in Cybersecurity Award, 2013

Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
9:00 am
SecureWorld PLUS - How to Build the Future: A Deep Dive into AI, Blockchain, and Preparing Your Organization for 5-10 Years Ahead
9 a.m. - 3 p.m. - Earn 12 CPEs!
Steve Brown
The Bald Futurist, Former Chief Evangelist and Futurist, Intel
Registration Level:
SecureWorld Plus
9:00 am - 3:00 pm
Location / Room: Isles
In this workshop, you will learn about two of the most important technologies shaping our future, Artificial Intelligence and Blockchain technology. You will then learn how to use the Futurecasting process to model, plan, and build future experiences, including some that are a built around AI and Blockchain. While it does discuss some technical topics at a high level, this workshop is open and accessible to anyone and everyone. Sign up today to boost your knowledge on both AI and Blockchain, and to learn new techniques that will enable you to imagine, plan and build the future.

Hear from Steve as he gives a preview of what he will cover in this PLUS course: https://youtu.be/eN-wYrdPyjs

AGENDA

8:00-8:15 a.m. Introductions

8:15-9:45 a.m. Artificial Intelligence: How AI Will Reshape Every Business, Including Yours (1.5 hours)

Artificial intelligence (AI) is a profoundly important set of technologies that are already shaping the way we live our lives, and the ways that businesses operate. As the second era of computing, AI will have as profound of an effect on business and society as did electrification and traditional digital computers. Over the next decade, AI will transform all our lives and will reshape every industry. AI will power autonomous vehicles, smart robots, drones, virtual assistants, and chatbots. It will manage our smart cities, power sentient factories, and oversee our smart energy grids. AI will turbo-charge medical diagnosis, revolutionize customer service, and aid in the discovery of new materials and new pharmaceuticals. AI will reshape every business process, and could reshape the structure of every team. The HR Director and CIO of every company will need to become best friends as IT and HR co-own a blended human-machine labor force. Every IT person needs to understand the capabilities, limitations, and implications of artificial intelligence, no matter their level of technical acumen. This session explains what Artificial Intelligence is and how it can be used. Attendees will then review the main concepts of AI: artificial neural networks, deep learning, supervised learning, unsupervised learning, reinforcement learning, and generative adversarial networks. Finally, the session will explore how AI may develop in the future, and how it will require a rethinking of every workflow, and every workplace.

9:45-10:00 a.m. BREAK

10:00-11:30 a.m. Blockchain Beyond Cryptocurrencies: Your Foundation to Create New Business Value (1.5 hours)

Cryptocurrencies like Bitcoin are just one of the many applications that can be built on top of Blockchain technology. Blockchain has rapidly become a valuable platform for new value creation across a wide range of industries. Heavyweights like IBM, Walmart, Accenture, Intel, and Bank of America are all placing big bets in this area. Over the last thirty years, we have moved from the client-server era, through the cloud computing era, and now with Blockchain to the era of distributed applications. Blockchain technology removes the need for central authorities, creates trust in a trestles world, reduces transaction costs, and dramatically improves traceability. In this session, you’ll cover Blockchain basics, understand why Blockchain technology is so disruptive, and learn how distributed applications (dApps) enable a new innovation paradigm that brings with it new funding and collaboration models. You’ll then look at examples of how Blockchain is already being used to solve problems in a wide range of industries, from real-estate to supply chain, and healthcare to energy. Be sure that you are prepared to take full advantage of the increased levels of trust, privacy, traceability, and data security made possible by Blockchain technology. Every IT person needs to understand the implications of this technology to their business.

11:30-1:00 p.m. LUNCH

1:00-4:00 p.m. Futurecasting Workshop (3 hours)

In this workshop, you’ll learn all the main steps of the Futurecasting process, a proven foresights process developed by futurist, Brian David Johnson. You will then practice each of these major steps—trend synthesis, personas, rapid futurecasting, science fiction prototyping, and backcasting—and start to develop some plans for the future. Some of these plans will build upon what you learned during the two morning sessions focused on AI and Blockchain. In addition to using Rapid Futurecasting to design simple experiences that you may wish to create, you will also consider the investments, partnerships, R&D effort, and talent plans you might need to succeed. “The best way to predict the future is to design it”. So said engineer, inventor, and futurist Buckminster Fuller. Similar statements have been credited to Alan Kay, Peter Drucker, and even Abraham Lincoln. The bottom line is that in order to seize a leadership position in any market, a company needs to take an active role in defining the future that they want to build, and then develop a comprehensive plan to build that imagined future. Attend this workshop to learn how to deploy the Futurecasting process at your company, or perhaps in your own life, as a way to help you model, plan, and then build the future that you want.

4:00 p.m. CLOSE

Thursday, September 6, 2018

7:00 am

Registration open

Registration Level:

Open Sessions

7:00 am - 3:00 pm

Location / Room: Registration Desk

Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

7:30 am

Advisory Council Breakfast – (VIP / INVITE ONLY)

Topic: The Journey to the Cloud - Roadblocks, Pitfalls & Silver Linings

Anton Towne

CISO, Minnesota State Lottery

Registration Level:

VIP / Exclusive

7:30 am - 8:30 am

Location / Room: Isles

This session is for Advisory Council members only.

8:30 am

Cloak & Dagger: Using the Actor-Centric Approach in Gathering Cyber Threat Intelligence

Ryan Aniol

Deputy CISO, State of Minnesota

Registration Level:

Conference Pass

8:30 am - 9:15 am

Location / Room: Minnetonka

In this session, you’ll learn that gathering cyber threat intelligence is more than just collecting and processing IOCs. You will learn about HUMINT and the importance of having a threat actor-centric intelligence capability. In order to properly understand the threat landscape and protect ourselves, we must become shadows in a dark and murky underground.

8:30 am

The CISO Stop List

Brent Lassi

CISO, Bluecore, Inc.

Registration Level:

Conference Pass

8:30 am - 9:15 am

Location / Room: Calhoun

Each year security teams are faced with new threats, new compliance requirements, new technologies, new environments, and new marching orders from management. Most respond by adding new processes, people, and tools to satisfy the emerging needs, but how often do we look at what we’re already doing and say “That is wrong. That is extraneous. That is of low value”? Or even, “That is hurting the security program. That is hurting my career”? This session will cast a baleful eye on some of the habits security professionals have developed and failed to shed as the landscape evolves.

8:30 am

Women in Security Panel

Milinda Rambel Stone

VP & CISO, Provation Medical

Jadee Hanson

CISO, Code42

Jennifer Czaplewski

Director in the Information Security Team, Target

Registration Level:

Open Sessions

8:30 am - 9:15 am

Location / Room: Keynote Theater

Diversity in teams has been proven to produce better results. In the Information Security field only 11% of these positions are filled with women. Women bring a unique skill set to the industry and we need to continue to increase the number in the Information Security field.

During the “Women In Security” panel, you will hear from women who have been successful in navigating a career in Information Security. These executives will speak about how they got into the field, how they were able to break through the glass firewall and what they are doing to promote getting more women into security.

8:00 am

Exhibitor Hall open

Registration Level:

Open Sessions

8:00 am - 3:00 pm

Location / Room: SecureWorld Exhibitor Floor

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

9:30 am

OPENING KEYNOTE — Going Digital: Building Your Strategic Roadmap for the Next Wave of Digital Transformation

Steve Brown

The Bald Futurist, Former Chief Evangelist and Futurist, Intel

Registration Level:

Open Sessions

9:30 am - 10:15 am

Location / Room: Keynote Theater

The next major wave of digital transformation will integrate the physical parts of your business even more intimately with the digital world, using sensors, analytics, artificial intelligence, robotics, augmented reality, 5G networking, and blockchain technology. In this talk, former Intel futurist Steve Brown presents a fast-paced, fun exploration of what it will mean to “go digital” in the next decade, and reviews the business and security strategies we will need to navigate the road ahead.

Hear from Steve as he gives a preview of what he will cover in his keynote: https://youtu.be/Er1spVCyzS8

10:15 am

Conference Break / Exhibitor Product Demonstration

Registration Level:

Open Sessions

10:15 am - 11:15 am

Location / Room: SecureWorld Exhibitor Floor

Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

11:15 am

baramundi — Innovative Endpoint Management: A Holistic Approach to Vulnerability Management, Patching, OS Upgrades, and Software Distribution

Robert Troup

Executive Sales Manager, baramundi Software USA Inc.

Registration Level:

Open Sessions

11:15 am - 12:00 pm

Location / Room: Minnetonka

Zero Day vulnerability, Windows Fall Anniversary Update, Office 365 migration: Are any of these topics causing your blood pressure to rise? This seminar will show you how you can automate OS-migrations, software deployment projects, and effective security exploit management, all from one easy to use Endpoint Management Suite. No university degree or nerd glasses required–buckle up!

11:15 am

Present the Security Strategy to the Board for a Budget

Skip Hansen

Vice President of IT Operations, APi Group, Inc.

Registration Level:

Conference Pass

11:15 am - 12:00 pm

Location / Room: Calhoun

We will share the strategy of how the VP of IT at APi Group presented the Security Strategy to the Board for budget approval.

11:15 am

Comodo — Re-Think Cyber: AI and the Human Touch Safeguarding Against Known and Unknown Threats

John Fahey

Cybersecurity Specialist, Infoblox

Registration Level:

Open Sessions

11:15 am - 12:00 pm

Location / Room: Lake Nokomis

Today’s cybersecurity threat level remains at its highest in history: malware runs rampant, and organizations large and small are besieged by phishing, breaches, take-downs, and DDoS attacks. In this environment, cybersecurity presents the greatest challenges to IT organizations.

Join Comodo Cybersecurity experts and see how their patented auto-containment technology works defending against known and unknown malware signatures. In conjunction, they will talk to and demonstrate the visibility they have throughout their global customer footprint of nearly 89 million endpoint users. To conclude, Comodo will give a brief overview of its budding partner program and how they’re growing the Comodo Cybersecurity ecosystem.

11:15 am

Security (Engineering) as a Business Enabler

Or, How to Turn Your Developers and Business Customers into Your Biggest Fans

Lenny Maly

VP, Cybersecurity Architecture & Engineering, Capital One

Registration Level:

Conference Pass

11:15 am - 12:00 pm

Location / Room: Harriet

Traditional Security teams are not equipped to enable agile, digitally transforming organizations, especially IT organizations embracing DevOps. Learn how to structure and transform your team (focused on Security Engineering) into a business enabler and a force for good within your business.

12:00 pm

Advisory Council Lunch Roundtable (VIP / Invite only)

Michael Kearn, CISSP, NSA-IAM

Director, Threat Informed Defense, U.S. Bank Information Security Services

Registration Level:

VIP / Exclusive

12:00 pm - 1:00 pm

Location / Room: Isles

This session is for Advisory Council members only.

12:15 pm

LUNCH KEYNOTE: The Nation-State, the Corporation, and You: Cybersecurity in the Cyber Age

Col. Cedric Leighton

CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC

Registration Level:

Open Sessions

12:15 pm - 1:00 pm

Location / Room: Keynote Theater

1:15 pm

Panel: Phishing and Social Engineering Scams

Registration Level:

Open Sessions

1:15 pm - 2:15 pm

Location / Room: Calhoun

Phishing continues to be the #1 attack vector for the bad guys. Why? Simply put: it works. These attacks keep getting more realistic and sophisticated. In the future we should expect nothing less. Criminals will do more homework on their potential victims and possible pose as business leads or clients to gain our trust. What sales person doesn’t want email from a potential client who wants a new solution? Or they may just lay in wait until they’ve collected enough information to strike. Will they actually come to your business and drop thumb drives like pen testers do? Use drones to do their dirty work? Our experts will discuss the current state of affairs and brainstorm possible new scenarios.
Panelists:
Dana Torgersen, Malwarebytes
Erich Kron, KnowBe4
David Sterz , baramundi
Moderator: Rick Leib, Three Square Market

1:15 pm

Panel: What Will They Think of Next (Emerging Threats)

Registration Level:

Open Sessions

1:15 pm - 2:15 pm

Location / Room: Keynote Theater

It would seem the more we “build a better mousetrap” the better the threats become. Will machine learning and AI be used against us in the future? Will these and other innovations be hacked and used for gain? Will the Crime as a Business platform take off where business competitors are utilizing these attacks for the upper hand? Perhaps the cars that are being hacked will evolve into driverless vehicles that are hacking companies from inside there own parking lots. What about drones?
So many questions, let’s see what our experts say on this panel.
Panelists
Evan Glaser, Darktrace
Randy Armknecht, Protiviti
John Fahey, Comodo
Moderator: Bruce Sussman

2:15 pm

Conference Break / Exhibitor Product Demonstration

Registration Level:

Open Sessions

2:15 pm - 3:00 pm

Location / Room: SecureWorld Exhibitor Floor

Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

2:30 pm

Networking Break — Dash for Prizes and CyberHunt winners announced

Registration Level:

Open Sessions

2:30 pm - 2:45 pm

Location / Room: SecureWorld Exhibitor Floor

Be sure to have your badge scanned with participating exhibitors throughout the day. Past prizes have included Kindles, Bose wireless headphones, gift cards, iPads, drones, and more! *Must be present to win.

3:00 pm

Less Talk and More Action: How the Global Cyber Alliance Is Making a Difference and You Can Too

Mary Kavaney

Chief Operating Officer, Global Cyber Alliance

Registration Level:

Open Sessions

3:00 pm - 3:45 pm

Location / Room: Harriet

The Global Cyber Alliance (GCA) is an international nonprofit focused on developing and deploying practical solutions, made freely available, that measurably improve our collective cybersecurity.

In this session, you’ll learn about GCA’s more than 200 global partnerships and how their resources—such as the email authentication (DMARC) Setup Guide and the Quad 9 web security service (which blocks 2 million threats a day)—can help your organization. Looking forward, we’ll discuss GCA’s plans to make smart cities more secure cities by tackling security challenges associated with IoT devices and technologies.

3:00 pm

Global Compliance and the Impact to Security

Christopher Rence

President, Rimage Corporation; CSRO, Equus Holdings

Registration Level:

Conference Pass

3:00 pm - 3:45 pm

Location / Room: Minnetonka

Business, Technology, Data, and Compliance are now fully intertwined. Decisions can no longer be made without looking at the layers and touch points, and IT is now being viewed at as the lynch pin to help bridge these discussions.

3:00 pm

Executive Leadership Panel: Building a Career in Cybersecurity

Milinda Rambel Stone

VP & CISO, Provation Medical

Michael Kearn, CISSP, NSA-IAM

Director, Threat Informed Defense, U.S. Bank Information Security Services

Tim Wittenburg

Information Security Officer, FPX, LLC

Miles Edmundson

Business Information Security Officer, Equinti

Brian Bobo

CISO, Sun Country Airlines

Registration Level:

Conference Pass

3:00 pm - 3:45 pm

Location / Room: Calhoun

Every security leader has a different and sometimes unique story about how they got to where they are. In many cases, they didn’t imagine that one day they will end up in security.
Moreover, security is relatively new practice, it is done differently in every organization, and is a target that is moving constantly.

In this panel we will hear from our panelists about:
1. How do you develop your career in Security?
2. What skills do you need to have?
3. How do you keep yourself up to date?
4. Stories from the front lines and a-ha moments

Keynote & Speaker Information

SecureWorld Twin Cities

September 6, 2018

Exhibitors

baramundi software USA, Inc.
Booth: 200
baramundi Software provides companies and organizations with efficient, secure, and cross-platform management of workstation environments.

The baramundi Management Suite (bMS) combines all important features for Endpoint Management: Patch Management, Software Deployment, OS-Installation, Enterprise Mobility Management, Vulnerability Assessment, and more. bMS optimizes IT management processes by automating routine tasks and providing an extensive overview of the status of the network and endpoints. In doing so, it relieves pressure on IT administrators and ensures that users always have the necessary rights and applications on all platforms and form factors; whether on PCs, servers, notebooks, mobile devices or Macs.

Over 3,000 customers around the world benefit from nearly two decades of experience and the easy-to-use software solution.
Binary Defense
Booth: 205
Binary Defense is a managed security services provider and software developer with leading cybersecurity solutions that include SOC-as-a-Service, Managed Detection & Response, Security Information & Event Management, Threat Hunting and Counterintelligence. Binary Defense believes its unique approach resolves infosec’s biggest challenges such as limited in-house security expertise, lack of innovative resources and the significant budgetary and time investment required to ensure protection from today’s threats.
Comodo Cybersecurity
Booth: 115
In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.
Darktrace
Booth: 225
Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.

The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.
EC-Council
Booth:
International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.
Express Scripts
Booth: 222
Headquartered in St. Louis, Express Scripts is a healthcare technology company providing integrated pharmacy benefit management services. We put medicine within reach of eighty-three million people by aligning with plan sponsors, taking bold action and delivering patient-centered care to make better health more affordable and accessible. It’s more than what you think. As an organization that deals with highly sensitive patient information, we are committed to protecting the clients, patients, and companies we serve from security breaches and cyber-attacks. Our cyber defenders are challenged and trusted with maintaining our secure infrastructure day in and day out, while leveraging internal and external threat intelligence to continuously improve our security posture.
Global Cyber Alliance
Booth:
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org
InfraGard Minnesota
Booth:
ISC2 Twin Cities Chapter
Booth:
Our mission is to create a safe environment where information security practitioners can openly share expertise and ideas, providing practical, relevant, useful and timely information that, when applied, will develop and promote the ISC2 CISSP CBK®. help support the Information Security and Cyber Security Communities of the Upper Midwest.

The objectives of this chapter are to:

• Educate: Provide low cost (or no-cost), high impact educational opportunities for both new and seasoned information security practitioners.
• Network: Create an environment that encourages relationship building and professional growth via networking and creating Mentorship opportunities
• Transform: Provide a forum for the free exchange of bold, innovative, transformative ideas to advance the perception and effectiveness of information security.
ISACA Minnesota Chapter
Booth:
With approximately 1,100 members from over 100 organizations, we are the premier organization for information technology audit and control professionals in Minnesota and surrounding areas.

Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IT governance, IS audit, control and security profession throughout the state of Minnesota.

On our website, you will find a wealth of information about events and volunteer opportunities within our chapter including local job postings. Please be sure to visit the members-only pages for important information about your chapter, special members-only benefits.
ISSA Minnesota Chapter
Booth:
The Minnesota Chapter of ISSA (MN ISSA) serves the Minneapolis / St. Paul twin cities area, greater Minnesota and western Wisconsin. Our membership, over 170 strong and growing, is drawn from the multitude of large corporations, small businesses, government entities and educational institutions in the area. They span all levels of career growth, from students and entry-level to senior management, and cover all industries – finance, medical, government, education, retail, technology, services, and more. This depth of experience and breadth of knowledge provides a dynamic networking environment and a cadre of great individuals to draw from for education, guidance and thought leadership.
Ixia, a Keysight Business
Booth: 150
We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.
KnowBe4
Booth: 207
We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.

KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.

Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.
Malwarebytes
Booth: 240
Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.
OWASP Minneapolis-St. Paul
Booth:
Proofpoint
Booth: 120
Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.
Protiviti
Booth: 110
Protiviti is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Our consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit.
Securonix
Booth: 140
Securonix is redefining threat detection and response for today’s hybrid cloud, data-driven enterprise. Securonix Next-Gen SIEM and XDR are powered by the most advanced analytics and built on a scalable, flexible cloud native architecture. Securonix leverages behavioral analytics technology that pioneered the UEBA category to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats.
SSH Communications Security
Booth: 220
As the inventor of the SSH protocol, we have a twenty-year history of leading the market in developing advanced security solutions that enable, monitor, and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki. For more information, visit www.ssh.com
TechTarget
Booth:
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
TrustedSec
Booth: 205
TrustedSec is a leader in attack intelligence and security advisory services. Our team of highly talented, skilled, senior consultants sets us apart from other commodity-service security companies. We form partnerships with our number one goal to help you holistically improve your security program. You’ll find that working with us amounts to more than “just another engagement”—it’s establishing an understanding with your organization, and working to make you more secure, and better as a whole.

Return to Agenda

Keynote Speakers

Speakers

Larry Wilson, CISSP, CISA, Instructor
Manager, Cyber and Information Security, Point32Health
Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.
Steve Brown
The Bald Futurist, Former Chief Evangelist and Futurist, Intel
http://www.baldfuturist.com/
Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.
Anton Towne
CISO, Minnesota State Lottery
https://www.mnlottery.com/
Ryan Aniol
Deputy CISO, State of Minnesota
Ryan Aniol is the Deputy CISO for the State of Minnesota. A cyber threat expert with over 19 years of cyber security experience, Ryan has specialized in cyber threat intelligence, threat actor profiling, incident response, penetration testing, and digital forensics spanning multiple industries. He is a recognized security researcher and thought-leader on cyber threat intelligence. Ryan was responsible for building the Cyber Threat Intelligence (CTI) program for Target Corporation post-breach. Ryan has spoken on numerous panels including that of the NCFTA to discuss breaches and what companies can do to protect themselves. He is closely partnered with the MS-ISAC, FS-ISAC, NCFTA, and the general intelligence community.
Brent Lassi
CISO, Bluecore, Inc.
https://www.bluecore.com/
Brent Lassi is currently the CISO at Bluecore, Inc. He has nearly 20 years of experience in the information security field. Brent's previous roles include CISO at Carlson Wagonlit, Director of Information Security at UnitedHealth Group, CISO and VP of Information Security at Digital River, Inc. for a decade. He also co-founded one of the world’s first application security companies, specializing in secure design and review of software.
Milinda Rambel Stone
VP & CISO, Provation Medical
https://www.provationmedical.com/
Milinda Rambel Stone is an executive security leader with extensive experience building and leading security programs, including Information Security Governance, Vulnerability Management, Incident Investigation & Response, Security Awareness, and Risk Management & Compliance. With significant experience in creating and managing large-scale information security programs in technology, healthcare, and financial services, today Milinda puts this expertise to work as a VP and CISO at Provation Medical.
Jadee Hanson
CISO, Code42
https://www.code42.com/
As chief information security officer at Code42, Jadee Hanson leads global risk and compliance,
security operations, incident response, and insider threat monitoring and investigations. To her
position, she brings more than 15 years of information security experience and a proven track
record of building security programs.
Prior to Code42, Jadee held a number of senior leadership roles in the security department of
Target Corporation, where she implemented key programs, including compliance, risk
management, insider threat assessments and more. Jadee also spearheaded the effort to
embed security resources into the development process as well as the security plans behind the
acquisition of software development and online retail companies. She was the security lead for
the sale of Target Pharmacies to CVS Health.
Before joining Target, Jadee worked at Deloitte, where she served as a security consultant for
companies across diverse industries, such as healthcare, manufacturing, energy, retail and
more.
In addition to her day job at Code42, Jadee is the founder and CEO of the non-profit
organization Building Without Borders, which serves those in poverty-stricken areas throughout
the world through housing services. Since April 2015, Building Without Borders has built 39
homes in areas of the Dominican Republic. In her spare time, you can find Jadee working for her
non-profit, enjoying time with her husband and three girls, and spending time on the lake.
Jennifer Czaplewski
Director in the Information Security Team, Target
https://corporate.target.com/
Jennifer Czaplewski is a Director in the Information Security team at Target. She leads Product Analytics, Security Ninjas, Cyber Risk Management, and Product Security Engineering functions. Jennifer has been with Target for 12 years and in Information Security for 8 years. Prior to her time at Target, she led efforts in Corporate IT at Pfizer. She has a BBA and an MBA from Western Michigan University, and holds CISSP and CISM certifications.
Steve Brown
The Bald Futurist, Former Chief Evangelist and Futurist, Intel
http://www.baldfuturist.com/
Steve Brown is an energetic speaker, author, strategist, and advisor with over 30 years of experience in high tech. Speaking at events all over the world, Steve helps his audiences to understand the business and societal impacts of new technologies and how they will shape the future five, ten, and fifteen years from now.

Steve is passionate about helping people to imagine and build a better future. Whether talking about the future of work in a post-automation world, doing a deep dive on artificial intelligence, or discussing the future of flying cars, Steve inspires his audiences to think beyond the current status quo and to reimagine their businesses, and their lives, for the better.

Steve speaks and writes in plain language on how continued advances in computing will intersect business, cultural and human trends to create both new opportunities and new challenges. His new book, Hacking Reality, will be published later this year. Steve has been featured on BBC, CNN, Bloomberg TV, ABC News, Wired, WSJ:Digits, CBS, and many other media outlets.
Robert Troup
Executive Sales Manager, baramundi Software USA Inc.
https://www.baramundi.com/
Bob Troup is Executive Sales Manager for baramundi Software USA Inc., Headquartered in Framingham, MA,. Bob is a 30-year industry veteran in corporate networking and endpoint management sales and consulting with companies including, Ivanti, VMWare, Auria Corp., and Xyplex. He specializes in solutions and deployment consulting for complex networks and cloud-based software environments.
Skip Hansen
Vice President of IT Operations, APi Group, Inc.
Keith ‘Skip’ Hansen is the Vice President of IT Operations at APi Group Inc., a multi-billion-dollar parent company to more than 40 independently managed life safety, energy, specialty construction and infrastructure companies located in over 200 locations worldwide. Skip is responsible for aligning APi’s information technology strategy with the business strategy by integrating business processes and appropriate technology solutions. Skip is responsible for all aspects of prioritizing, developing, and implementing information technology initiatives at APi Group, as well as developing, streamlining, and maintaining all APi Group IT systems. Prior to APi Group, Skip was the Director of Global Technical Operations at PPD, a contract resource organization (CRO) that managed clinical trials. He lead the managed services technologies that enrolled patients into the clinical trials, which included global technical support, development, engineering, quality assurance and project management. Prior to PPD, Skip held technical leadership positions at Terabyte Network Solutions and Summus. Skip also spent eight years active duty in the U.S. Navy, where he specialized in Cryptology.
John Fahey
Cybersecurity Specialist, Infoblox
https://www.infoblox.com/
John Fahey is a technical consultant with over 25 years of experience in infrastructure and security solutions. John’s career spans healthcare, telecommunications, and software manufacturers such as EMC, Intel Security, McAfee and Splunk prior to his current role as Product Security Specialist with Infoblox’s BloxOne Threat Defense solution. John has spent the last decade focused on helping to improve the lives of security analysts and security operations teams using software solutions, data analytics and automation. Today, John focuses on DNS as the real perimeter of security and on helping to improve security posture by automating DNS data for visibility, threat detection and as a mitigating control.
Lenny Maly
VP, Cybersecurity Architecture & Engineering, Capital One
https://www.capitalone.com/
Lenny is the former of VP of Cyber for Capital One, leading the Security Engineering and Architecture tower. Prior to that, Lenny was at Target, where he lead a number of security engineering organizations, including Cloud Security, Vulnerability Management, and Cybersecurity.
Michael Kearn, CISSP, NSA-IAM
Director, Threat Informed Defense, U.S. Bank Information Security Services
As Managing BISO for Community Banking and Consumer Banking lines of business, he regularly consults with technology, risk and business executives as an information security subject matter expert. Mr. Kearn also manages the relationship between Community and Consumer Banking technical leaders, their teams and ISS. Mr. Kearn brings more than nineteen years of varied experience in Information Technology to his current role. Prior to joining US Bank early in 2012, Mr. Kearn held several positions with Wells Fargo & Company, including roles as an IT Auditor, Application Developer, Application Architect and VP of Information Security (ISO). Mr. Kearn has been a featured speaker at many industry events and has taught at the graduate level for nearly ten years.
Col. Cedric Leighton
CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
http://www.cedricleighton.com/
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
Mary Kavaney
Chief Operating Officer, Global Cyber Alliance
https://www.globalcyberalliance.org/
Ms. Kavaney is the Chief Operating Officer for the Global Cyber Alliance (GCA), where she manages the daily operations of GCA, including strategy, personnel and legal responsibilities. She also engages in partnership development and outreach. Previously, Ms. Kavaney worked at the Center for Internet Security, where she developed relationships with law enforcement and others to facilitate cross-sector collaboration. Ms. Kavaney has more than two decades’ experience in the public sector, including serving as the Assistant Deputy Secretary for Public Safety for the New York State Governor’s Office. Ms. Kavaney graduated from Hamline College and Syracuse College of Law.
Christopher Rence
President, Rimage Corporation; CSRO, Equus Holdings
http://www.rimage.com/
Christopher is President and CEO of Rimage Corporation. He has more than 25 years of experience leading global security and technology transformation for Accenture, FICO, Digital River, and EQ Holdings, with deep expertise in governance and compliance, business continuity and disaster recovery, cloud architecture computing, and sustainability. GDPR, DPO, CIPPE, CRISC, CISO, MBCP
Milinda Rambel Stone
VP & CISO, Provation Medical
https://www.provationmedical.com/
Milinda Rambel Stone is an executive security leader with extensive experience building and leading security programs, including Information Security Governance, Vulnerability Management, Incident Investigation & Response, Security Awareness, and Risk Management & Compliance. With significant experience in creating and managing large-scale information security programs in technology, healthcare, and financial services, today Milinda puts this expertise to work as a VP and CISO at Provation Medical.
Michael Kearn, CISSP, NSA-IAM
Director, Threat Informed Defense, U.S. Bank Information Security Services
As Managing BISO for Community Banking and Consumer Banking lines of business, he regularly consults with technology, risk and business executives as an information security subject matter expert. Mr. Kearn also manages the relationship between Community and Consumer Banking technical leaders, their teams and ISS. Mr. Kearn brings more than nineteen years of varied experience in Information Technology to his current role. Prior to joining US Bank early in 2012, Mr. Kearn held several positions with Wells Fargo & Company, including roles as an IT Auditor, Application Developer, Application Architect and VP of Information Security (ISO). Mr. Kearn has been a featured speaker at many industry events and has taught at the graduate level for nearly ten years.
Tim Wittenburg
Information Security Officer, FPX, LLC
https://www.fpx.com/
Tim Wittenburg is the Information Security Officer at FPX, LLC, a B2B company providing industry-leading CPQ software that improves sales force productivity by preparing complete and accurate product quotations. As ISO, Tim is responsible for the delivery of a catalog of security and compliance services based on industry leading cybersecurity standards, SOC2 compliance, and GDPR compliance.

Prior to FPX, Tim has held a variety of leadership positions, including:
• Information Security Officer at Pine River Capital Management
• Information Security Director at Ameriprise
• Director of Data Management at BlueCross BlueShield of Minnesota
• Principal Security Architect at Deluxe
• Program Manager at Allianz

Tim began his career at Honeywell designing and developing flight simulator systems and machine vision software for government clients, where as a Principal Research Scientist he led many projects, obtained two patents and later wrote two technical books. Tim became interested in information security while working at MITRE Corporation in Boston, engineering large scale image processing applications for government clients. While at MITRE, Tim obtained a master’s degree in computer engineering from Boston University.
Miles Edmundson
Business Information Security Officer, Equinti
https://equiniti.com/
Miles has spent over 20 years in senior and executive leadership positions building cybersecurity programs with global and national companies across a variety of vertical markets. He has experience in risk assessments, remediation prioritization, business continuity management/disaster recovery, incident response, policy/standard development, security product reviews and assessments, and those pesky budgets which get in the way!

He is a passionate believer that information security requires a strategic approach to enable business success and that no single cybersecurity program works for all companies. Each company contains unique data, customer requirements, legal/privacy concerns, and systems. Therefore, each company requires a cost effective, efficient cybersecurity program with tools and processes that fit its risk profile and culture.
Brian Bobo
CISO, Sun Country Airlines
https://www.suncountry.com/
Brian Bobo is the Chief Information Security Office for Sun Country Airlines in Eagan, Minnesota. He is responsible for all aspects of the security and disaster recovery strategy, implementation, and effectiveness. Sun Country Airlines focuses on vacation destinations taking vacationers to the tropical beaches of Mexico, Costa Rica, and the Caribbean, as well as flying charters to support our troops across the world.

Previously, he was the Director of Global Security at Ecolab, a leading provider in water, hygiene, and energy technologies to foodservice, food processing, hospitality, healthcare, industrial, and oil and gas companies in over 170 countries. In this role, Bobo was responsible for the planning and execution of effective processes and technologies for incident response and security operations. He also leads the security awareness and continuous improvement of security.

Prior to Ecolab, Bobo was the CISO for Schneider, a leading provider of transportation, intermodal and logistics services. In this role, Bobo was responsible for the planning and execution of effective processes throughout the enterprise for information security, personal and physical security, as well as disaster recovery, business continuity and emergency preparedness. Prior to that, Bobo was a Technologies Services Manager for Target Corporation, where he managed corporate-wide information protection and IT security teams. Bobo worked for Target for 12 years, holding various positions with increasing responsibility, including warehouse management, IT security and disaster recovery. Bobo has 30 years of military experience serving in the U.S. Army and Army National Guard. He most recently led the Cyber team for the Minnesota Army National Guard prior to being promoted to the head of IT for the Minnesota Army National Guard.

Bobo received his Bachelor of Science degree in History and Systems Engineering from the United States Military Academy at West Point. He holds a Master’s Degree in Business Administration from the University of Florida and a Master's Degree in Strategic Studies from the U.S. Army War College. In addition, Bobo has earned the Certified Information Systems Security Professional and Certified Business Continuity Professional certifications.