Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, April 20, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge.

    7:30 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:20 am

    This roundtable discussion is for our Advisory Council members only.

    7:30 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 8:20 am

    Participating professional associations and details to be announced.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes.

    8:30 am
    [Opening Keynote] How to Become a CISO: Cybersecurity Learning, Growth, and Career Advancement
    • session level icon
    Panel Discussion
    speaker photo
    BISO, Bank of America
    speaker photo
    SVP & BISO, Wells Fargo
    speaker photo
    VP & CISO, The Wendy's Company
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    Key Take-Away: 
    To achieve your goals, you need to take charge and plan for your future—nobody else is going to do it for you.

    What do you want to be doing in five, 10, and 20 years? Where should you place your focus now? What is most important: education, experience, certifications, or who you know?

    9:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:15 am - 9:45 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    9:45 am
    Third-Party Risk: Creating and Managing a Program that Works!
    • session level icon
    Registration Level:
    • session level iconConference Pass
    9:45 am - 10:30 am

    Every organization is concerned with third-party risk. No one wants to be the next Target breach. This session will examine the components of third-party risk management and give you some leading practices on how to develop a workable and sustainable process.

     

    9:45 am
    Conquering Cloud Complexity
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am

    Cloud security is hard, not least because cloud platforms change so quickly.  This talk presents several lessons learned from security teams struggling to get their arms around the sprawl of modern infrastructure, using practical analogies from pandemics and earthquakes.

    9:45 am
    Privacy and Cyber Law Landscape for 2022
    • session level icon
    Registration Level:
    • session level iconConference Pass
    9:45 am - 10:30 am

    Join this session to explore the latest evolutions in cybersecurity and privacy law. This includes the emerging trends and initiatives that are most likely to impact organizations in 2022. Plus, we’ll talk about a strategic approach to cut through the confusion and identify where to focus right now.

    10:40 am
    The Inadvertent Remote Insider Threat
    • session level icon
    speaker photo
    Sr. Director, Cyber Security, Acumatica, Inc.
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am

    Threat methods and controls utilized are very comprehensive and effective for those who are typically in the office, but what about the remote workforce of today? Their intent may not be malicious but rather inherent to poor practices.

    This presentation is designed to help individuals identify how seemingly “innocent” activity can make them an insider threat, and to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology. Through live demonstrations, we will show simple techniques used to bypass various controls.

    Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity
    • How to identify system based behavioral indicators
    • Learn which existing or enhanced security layer can provide insider threat profile data
    • Learn how areas of the organization, i.e. Legal, Procurement, and HR, are key stakeholders in assisting to identify insider threat activity
      Key Takeaways:
    • How to identify business processes which can contribute to remote work insider threats
    • Enhance current security program on what controls are bypassed by utilizing routine IT procedures
    • Enhance procedures required to identify insider threat exposures
    • Enhance awareness training to include additional methods of insider threat
    • Enhance existing physical and digital security layers to better identify specific insider threat activity
    10:40 am
    Cyber Incidents, Forensics, and Insurance: Are All Three up to Snuff?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:40 am - 11:25 am

    2020 was the year of ransomware and the pandemic, and many organizations realized their IR wasn’t up to snuff, and others did not listen to external professionals helping and were re-compromised. Have you really tested your Incident Response processes? How about having a detailed post-mortem after an event? Have you looked at your cyber insurance policy to see who you are supposed to be using for assistance? This session will review going through an actual incident and what was good and what was missing in the recovery, alerting (oops, the customers are involved), and finding the root cause, and whether cyber insurance was worth it.

    10:40 am
    Ransomware Incident Command and Lessons Learned for Managers
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am

    This presentation presents a practical approach to incident command for managers at all levels, irrelevant of cyber expertise. Managers of all types are asked to take charge in critical situations and can benefit from leveraging proven crisis management processes during ransomware response.

    11:30 am
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:30 pm
    Location / Room: Keynote Theater
    12:30 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:00 pm
    [Panel] Tales from the Cloud: Doing More with Less
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm

    The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

    1:00 pm
    [Panel] The Current Threat Landscape
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    2:00 pm
    Driving Business Strategy and Growth Using Cybersecurity
    • session level icon
    speaker photo
    Director, Cybersecurity Due Diligence, RSM US
    Registration Level:
    • session level iconConference Pass
    2:00 pm - 2:45 pm
    Traditionally, cybersecurity is often viewed as a means to reducing risks to an organization, thwarting the attacks of threat actors and securing company assets and infrastructure. When we examine the strategic goals and objectives that organizations undertake to promote their growth and success, we can often identify the interlinkage between business objectives and the services cybersecurity provides. By shifting the focus on how cybersecurity could enable an organization to bring products to market faster, make it easier for customers to conduct business with the company, create an environment to attract and retain employees and become the vendor of choice to our customers, we can strengthen our relationship with executive leadership and board of directors, become a trusted partner to the business, serve as a trusted advisor to line of business owners and shift the paradigm of cybersecurity from risk reduction cost center to a business enablement service line.
    2:00 pm
    Hiring During Troubled Times
    • session level icon
    speaker photo
    Agency CISO, N.C. State Board of Elections
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm
    2:00 pm
    Going Passwordless: Authentication Fact or Fiction?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    Are your internal customers tired of passwords? Are you tired of easily breaking their passwords? Well, look no further. Passwordless authentication is upon us and can be achieved for multi-factor authentication (MFA), while making our internal customers happy. How is this possible? Come and listen with your colleagues as I share how we rolled it out, describe the lessons learned, and share who the players are.

    Passwords are one of the most loathed controls in the wild. If you can’t beat ’em, join ’em. Learn who the passwordless alphas are and the lessons learned to achieve a win-win strategy within your company.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    2:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:45 pm - 3:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    3:15 pm
    Are You Ready for the Convergence of IIoT, OT, and IT Security?
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:15 pm - 4:00 pm

    Business transformation and drive for smart factory initiatives has placed demands on business leaders to leverage relevant technologies to achieve the desire end goal of operational excellence. The technologies such as industrial internet of things (IIoT) are being layered on top of manufacturing floor machinery to provide that needed insight into business operations and productivity. These improvement and perceived operational excellence have come with cyber security risks which were not a common place in manufacturing space previously. It for this reason that there is now a convergence between operation technology (OT), Industrial internet of things (IIoT) and IT. This intersection is becoming very evident in manufactural, supply chain and traditional production organization or companies.

    Most of these manufacturing machineries were never directly connected to the ethernet networks and as such the risk was very minimal. In some cases, these organizations had organized security based on perimeter controls such as data center firewalls, site firewalls, floor firewalls that provide segmentation or microsegment between corporate IT and manufacturing operation technology (OT space). However, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network — even if there is a secure communication link. There are many ways to run into problems on the OT/IoT front if companies are not careful in their network design security implementation. These increase the risk and a re-thinking of how to architect security appropriately to meet the ever-evolving threat landscape with relevant implications to OT/IIoT and larger enterprise network.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    3:15 pm
    Maturing a Cybersecurity Program
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:15 pm - 4:00 pm

    Whether you are a small organization, single person on a cybersecurity team or inheriting a multinational cybersecurity program, this talk will provide context for you to mature your program.  This presentation will help you define your own program maturity level and how to better your program. Attending the presentation will provide a better understanding of:

    • Why and what is maturity in a cybersecurity program
    • How to build risk based maturity into running a program
    • Cybersecurity as a culture
    • Communicating maturity and KPIs to the board and senior leaders including examples
    3:15 pm
    How to Build an Effective Security Awareness Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 4:00 pm

    How to build an effective security awareness program and help your team recognize phishing and BEC.

Exhibitors
  • Ballantyne IT Professionals
    Booth:

    A non-profit technology professional group formed in 2011 under the premise to provide a relaxing atmosphere for IT Professionals living and working in the Ballantyne area of Charlotte North Carolina to build relationships and share ideas. Our mission is to Connect IT, Build IT, Create IT and Give Back to IT & Our Community.

  • Cloud Security Alliance (CSA)
    Booth:

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Cybercrime Support Network
    Booth: N/A

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Cybereason
    Booth:

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • deepwatch
    Booth:

    deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry. Designed to be different, deepwatch provides customers with world-class managed security services and unrivaled value by extending their cybersecurity teams, curating leading technologies into deepwatch’s cloud SecOps platform, and proactively driving their SecOps maturity.

  • Institute of Internal Auditors (IIA)
    Booth:

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • InfraGard North Carolina
    Booth:
  • ISACA Charlotte
    Booth:

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the region.

  • (ISC)2 Piedmont Triad Chapter
    Booth:

    We are the local (ISC)2 chapter here in central North Carolina. Our Chapter meets bi-monthly and rotates between Greensboro and Winston-Salem meeting sites. We usually meet on the second Thursday of the odd months from 6-9PM. If you are a local Information Security Professional looking to join, please contact the membership chair at membership@isc2chapter114.org

  • ISSA Charlotte Chapter
    Booth:

    The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.

  • Lake Norman IT Professionals
    Booth:

    Our vision is to meet IT professionals within our Local IT community for learning, sharing, community outreach, leadership and professional growth. We are a 501c4 Non-Profit entity, and donate a significant portion of our sponsorship dollars to the E2D organization, who is helping to eliminating the digital divide!

  • NCTECH Association
    Booth:

    Founded in 1993, the North Carolina Technology Association (NCTA) is a 501 (c) (6) not-for-profit association focused on advancing the state’s tech industry. NCTA has 700+ member companies, organizations and institutions representing more than 200,000 North Carolina based employees.

  • North Carolina Center For Cybersecurity
    Booth:

    Headquartered in Winston-Salem, the North Carolina Center for Cybersecurity, a 501(c)3 organization, accelerate regional economic development through applied cybersecurity to foster economic development. It will also position North Carolina as a leader in cybersecurity workforce development at the community level to help existing businesses meet the global demand for a more secure supply chain. Regional hubs across the state, operating under the umbrella of the North Carolina Center for Cybersecurity (NCCC), will concentrate on: Workforce development aimed at training students and retraining the local workforce to solve practical cybersecurity problems and help companies seeking a consistent supply of cybersecurity talent across multiple disciplines. Public, private, and academic collaboration focused on developing practical solutions to commercial cybersecurity problems that match each region’s economic strengths.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • SafeBreach
    Booth:

    SafeBreach’s mission is to change the way the industry deals with security and risk, and enable companies to use the security technologies they have invested in to the fullest. By validating those technologies against attacks, from the known to the latest emerging threats, they will drive risk down — on a continuous basis. Companies will be able to invest smart and protect more. They will be able to quantify risks to the business and drive a security strategy aligned with the company’s business growth. Changing the mindset of defenders to offensive and proactive will help us build a safer world.

  • SIM Charlotte
    Booth:

    The Chapter strives to strengthen professional communications among members who direct the application of information technology in private and pubic organizations. Chapter activities include:

    • Meeting to share innovative ideas and real world experiences which address enterprise information needs. We have excellent speakers both from our membership, and bring in industry executives and subject matter experts from many sources.
    • Providing presentations by leading national information-management professionals and executives who benefit from management-information systems.
    • Challenging our comfort levels by exchanging ideas with peers and business counterparts.
    • Being a resource for each other, and personal networking.
  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Rob Dalzell
    BISO, Bank of America

    Rob Dalzell is a cybersecurity professional with over 30 years of IT experience and 10 years of cybersecurity experience. He has thrived in the following cybersecurity based arenas: Third Party Defense, Identity and Access management, Responsible Vulnerability Disclosure, email encryption and end user security awareness. He is a member of the ISACA, serves on the Advisory Board for SecureWorld Charlotte and is embarking on the laborious process of acquiring his CISM accreditation. Rob is an active supporter and advocate for those impacted by disabilities and he recently became an advocate in the Women in Technology and Operations (WIT&O) organization. He is an ardent believer in life-long learning. In his spare time, he can be found officiating or playing soccer, mentoring young soccer referees, generating sawdust, digging in the dirt around his house or trying to keep a British sports car running.

  • speaker photo
    Margaret White
    SVP & BISO, Wells Fargo
  • speaker photo
    Christopher Zell
    VP & CISO, The Wendy's Company
  • speaker photo
    Mike Muscatell
    Sr. Director, Cyber Security, Acumatica, Inc.

    Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.

  • speaker photo
    Panel Discussion
  • speaker photo
    Panel Discussion
  • speaker photo
    Toby Zimmerer
    Director, Cybersecurity Due Diligence, RSM US

    Toby Zimmerer is a Director of Cybersecurity Due Diligence in the Transaction Advisory Services Practice of RSM US, where he assists organizations with identifying and addressing the potential cybersecurity risks during mergers and acquisitions. He has over 22 years of professional experience developing information security strategies, designing information security programs, developing information security solutions and lead teams with deploying and operating information security programs. Toby has an MBA, a B.S. in Electrical Engineering, a CISSP certification, a CCSK from the Cloud Security Alliance and is a U.S. Navy veteran.

  • speaker photo
    Torry Crass
    Agency CISO, N.C. State Board of Elections

    Torry Crass currently serves as the Agency CISO at the North Carolina State Board of Elections and member of the CISO team at Woodstar Labs, a division of Associated Universities, Inc.

    Torry has more than 20 years of experience in the IT field and over 10 years of cybersecurity experience. Prior to joining Woodstar Labs, Torry was a CISO at LEO Cyber Security based in Fort Worth, TX, assisting a variety of clients with all aspects of planning, implementing, and improving cybersecurity programs in manufacturing, industrial, utility, and financial sectors. Prior to LEO Cyber Security, he spent 14 years with SPX Corporation and finished his time there as the Manager of Information Security.

    Torry also serves as the chair of the InfraGard National Cyber Camp Program, an advisory board member for the Cyber Crime Technology Program at SPCC, a co-chair of BSides Charlotte security conference, and a member of the South Carolina State Guard cyber unit regularly participating in cybersecurity related activities and exercises with the National Guard and other organizations. In addition to his organizational involvement, he regularly presents at industry conferences and contributes to industry publications such as InfoSec Magazine and PenTest Magazine.

Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Don't miss out!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!