Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, April 20, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:00 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    Advisory Council Roundtable Breakfast [VIP / Invite Only]
    • session level icon
    Topic: De-Risking IT/OT Convergence
    speaker photo
    Director, North America Systems Engineering, Skybox Security
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:20 am

    The convergence of operational technology (OT) and IT systems creates complexity and places organizations at high risk of cyber-attacks. The proliferation of networked sensors (IoT) has increased the attack surface, taxing the responsiveness of network perimeter security and vulnerability management teams. Concepts like ZTA and SASE, while conceptually beneficial, can introduce even more uncertainty to the hybrid environment. These problems used to be confined within the data center walls but Digital Transformation projects have greatly increased the scope of challenges. It’s not just an IT problem anymore as industrial control systems and the like look to leverage the benefits of automation and centralized control via the network.

    We will explore some of these challenges, approaches taken by your fellow leaders, and outcomes.

    Generously supported by:

    7:30 am
    Cloud Security Alliance Chapter Meeting - Open to all attendees
    • session level icon
    Demystifying Zero Trust
    speaker photo
    Sr. Director, Security Solutions, East, Sirius, a CDW Company
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 8:20 am

    7:30 -7:45:  Introduction to Chapter and CSA Programs including the Zero Trust Advisory – Ali Alwan, Chapter Founder

    7:45 – 8:20:  Demystifying Zero Trust – Jose Ferreira, Solutions Architect Manager

    Originally, Zero Trust Network (ZTN) concepts were developed by the US Department of Defense (DoD) in the early 2000s while defining Global Information Grid (GIG) Network Operations (NetOps) Black Core routing and addressing architecture, part of the DoD’s Netcentric Service Strategy. Over time, this concept evolved within the DoD intelligence and security communities into the current ZTN/SDP framework and test lab1 . Around the same time, Forrester, a market research company that provides advice on technology began promoting ZTN as a worthwhile consideration for enterprise security teams. Today, Zero Trust has grown widely in adoption, as well as scope. Zero trust is based upon the principle of “trust nothing, verify everything” and focusing on protecting resources regardless of where they are physically or digitally and to never trust anything by default.

    In this session you will learn that ZeroTrust No one vendor, product, or technology will get you to zero trust. Rather it requires a cultural shift and a lot of different solutions to shift the paradigms by which we secure our resources. This article looks at the concept of zero trust, the benefits of implementing a zero trust model, and provides guidance on the steps that organizations need to take to transition towards it.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:15 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:30 am
    [Opening Keynote] How to Become a CISO: Cybersecurity Learning, Growth, and Career Advancement
    • session level icon
    Panel Discussion
    speaker photo
    BISO, Bank of America
    speaker photo
    SVP & BISO, Wells Fargo
    speaker photo
    VP, Cyber Operations and Analysis, Dell Technologies
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am

    Key Take-Away: 
    To achieve your goals, you need to take charge and plan for your future—nobody else is going to do it for you.

    What do you want to be doing in five, 10, and 20 years? Where should you place your focus now? What is most important: education, experience, certifications, or who you know?

    9:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:15 am - 9:45 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    9:45 am
    The Intersection of Cyber Crime + Cyber Defense and What IT Practitioners Can Do
    • session level icon
    speaker photo
    Managing Director, Saperde; Chief of Staff, Philadelphia InfraGard
    Registration Level:
    • session level iconConference Pass
    9:45 am - 10:30 am

    IT practitioners and cybersecurity professionals contend with cyber incidents daily. On occasion, these incidents rise to the level where they become criminal acts that require intervention over and above standard defensive measures. As part of this session, Chris Quintanilla will explore four real-life examples of criminal acts, how cybersecurity intervention either foiled the crime or identified the perpetrators, lessons that were learned, and what issues still need to be addressed by service providers and lawmakers.

    9:45 am
    Developing Cybersecurity Programs with Framework & Architecture Considerations
    • session level icon
    speaker photo
    Managing Principal - Security Services, Insight
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am

    Insight’s Darren Carroll offers critical perspective on today’s most important cybersecurity concerns. He explains how organizations can begin to build a measurable, monitorable, repeatable approach to a preventive security posture with respect to both framework and architecture. Learn how an all-in approach to enterprise risk management can prevent your organization from being caught off guard—and mitigate the risks, costs, and chaos of pivoting cybersecurity on the fly.

    9:45 am
    Ransomware and the Future of Cyberwarfare
    • session level icon
    speaker photo
    Security Strategist, Cybereason
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:30 am

    The use of ransomware as a class of malware has exploded in recent years, causing millions of dollars in damages to organizations across the world—and the damage isn’t slowing down. On the contrary, ransomware as a tool is being adopted by a wide array of perpetrators. This includes nation-states, for cash, and to use the demand for cash to obfuscate activities like espionage and sabotage. Ransomware has become a powerful tool of asset seizure and extortion, being used by criminals, activists, and even sanctioned governments for multiple purposes, including use as a weapon of war. The use of ransomware and its close cousin, wiperware, is only accelerating.

    In this talk, we will examine how the proliferation of ransomware brought us to this point, what it means for current global conflicts, and the implications for the future of cyberwarfare.

    10:40 am
    The Inadvertent Remote Insider Threat
    • session level icon
    speaker photo
    Sr. Director, Cyber Security, Acumatica, Inc.
    Registration Level:
    • session level iconConference Pass
    10:40 am - 11:25 am

    Threat methods and controls utilized are very comprehensive and effective for those who are typically in the office, but what about the remote workforce of today? Their intent may not be malicious but rather inherent to poor practices.

    This presentation is designed to help individuals identify how seemingly “innocent” activity can make them an insider threat, and to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology. Through live demonstrations, we will show simple techniques used to bypass various controls.

    Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity
    • How to identify system based behavioral indicators
    • Learn which existing or enhanced security layer can provide insider threat profile data
    • Learn how areas of the organization, i.e. Legal, Procurement, and HR, are key stakeholders in assisting to identify insider threat activity
      Key Takeaways:
    • How to identify business processes which can contribute to remote work insider threats
    • Enhance current security program on what controls are bypassed by utilizing routine IT procedures
    • Enhance procedures required to identify insider threat exposures
    • Enhance awareness training to include additional methods of insider threat
    • Enhance existing physical and digital security layers to better identify specific insider threat activity
    10:40 am
    Applying FTC Cyber Guidance for Small and Midsize Businesses
    • session level icon
    speaker photo
    Chapter Member, (ISC)2
    Registration Level:
    • session level iconOpen Sessions
    10:40 am - 11:25 am

    Key Take-Away:
    Audience members will hear about the government’s cyber guidance for small and midsized businesses, learn how this can reduce the risk of the most common and harmful cyber threats, understand how to leverage this to protect their businesses, and leave with a completed worksheet that identifies gaps and opportunities for improvements in their company’s cyber protections.

    The Federal Trade Commission, partnering with Department of Homeland Security, has produced cyber guidance for small and midsize businesses. This practical and pragmatic guidance is designed with more than just technology in mind—it is a guide on how to protect your business. The broad range of protections and considerations range from risk management, cyber insurance, best practice technical controls, user education, and third-party risk.

    10:40 am
    Remediating Critical Vulnerabilities in 12 Hours or Less: Lessons Learned from Log4j
    • session level icon
    speaker photo
    Security Solutions Architect, Qualys
    Registration Level:
    • session level iconOpen Sessions
    10:40 am - 11:25 am
    11:30 am
    [Lunch Fireside Chat] BEC Attacks and the Investigative Powers of the U.S. Secret Service
    • session level icon
    speaker photo
    Special Agent, Global Investigative Operations Center, United States Secret Service
    speaker photo
    Sr. Special Agent, U.S. Secret Service, North Carolina Cyber Fraud Task Force (CFTF), Charlotte Field Office
    speaker photo
    Sr. Director, Cyber Security, Acumatica, Inc.
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:30 pm
    Location / Room: Keynote Theater
    11:30 am
    Advisory Council Roundtable Lunch – (VIP / Invite only)
    • session level icon
    Topic: Security Control Validation – How Do You Know if Your Security Investments Are Working?
    speaker photo
    CISO, SafeBreach
    Registration Level:
    • session level iconVIP / Exclusive
    11:30 am - 12:30 pm

    Discussion moderated by Avishai Avivi, CISO of SafeBreach.

    Generously supported by:

    12:30 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:00 pm
    CIS v8.0—a Great Place to Begin
    • session level icon
    speaker photo
    CISSP | CISM, Sr. Cybersecurity Consultant, Risk Advisory Services , AccessIT Group
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm

    Reduce the stress of meeting compliance with regulatory standards by first taking advantage of a prescriptive and easy to follow Framework.

    1:00 pm
    [Panel] The Current Threat Landscape
    • session level icon
    speaker photo
    Area VP - Security Strategist, Deepwatch
    speaker photo
    Director of Threat Intelligence, Abnormal Security
    speaker photo
    Sr. Sales Engineer Manager, Gigamon
    speaker photo
    Director of Product Management, Delinea
    speaker photo
    Head of Legal & Compliance, Certes Networks
    speaker photo
    CIO / CISO, Cadrillion Capital
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    1:00 pm
    [Panel] Tales from the Cloud: Doing More with Less
    • session level icon
    speaker photo
    Sr. Sales Engineer, Orca Security
    speaker photo
    Security Architect, US Public Sector, Office of the CTO, Check Point Software Technologies
    speaker photo
    Regional Sales Manager, Thales
    speaker photo
    Manager, Cloud Architect, Trend Micro
    speaker photo
    Global Director, Sales Engineering, Digital Shadows
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:50 pm

    The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

    2:00 pm
    Hiring During Troubled Times
    • session level icon
    speaker photo
    Agency CISO, N.C. State Board of Elections
    Registration Level:
    • session level iconConference Pass
    2:00 pm - 2:45 pm
    2:00 pm
    [Panel] Prioritizing the Threats
    • session level icon
    speaker photo
    Identity and Security Architect, Insight
    speaker photo
    CISSP, C|EH, Sales Engineering Manager, Proofpoint
    speaker photo
    Director of Governance & Compliance, Risk Advisory Services, AccessIT Group
    speaker photo
    Director of Security Engineering, Salt Security
    speaker photo
    Director of Services, Semperis
    speaker photo
    VP, Information Security, Essent Guaranty, Inc.
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    Ransomware, Business emails compromise, Cloud mis-configurations, Social Engineering, Insider Threats… the list goes on and on. The threats are everywhere. Some are new but the old ones work just as well. How do you decide which ones are of the most concern to your organization? Do you report all of these to the board? How do you provide the resources necessary to minimize the risks and still enable the business? Join our experts as they tackle how to prioritize the threats.

    2:00 pm
    Reducing Implicit Trust in Your Cloud Service Provider
    • session level icon
    speaker photo
    Principal Solution Architect, Digital Identity and Security, Thales Cloud Security
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    As organizations embark on a cloud-first strategy, they often find they’re placing excessive trust in their cloud service provider to protect the sensitivity of their organization’s assets, especially sensitive data. During this presentation, we provide an overview of how the cloud service provider requires you to participate in a shared security model and how your organization can retain control of your sensitive data encryption. In other words: your data, their cloud! We’ll discuss and show how using newer tools and techniques—that include split trust, ubiquitous data encryption, and contextual access—reduce and mitigate implicit trust in your cloud provider along with allowing you to manage your own encryption and manage access to your data in the cloud.

    2:45 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:45 pm - 3:15 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:15 pm
    Cybersecurity Leader's Guide to Talking to Vendors
    • session level icon
    It’s Like Dating, and Both Sides Can Better Communicate to Be More Successful
    speaker photo
    CISO, Carolina Complete Health; VP, Information Security, Centene Corp.
    Registration Level:
    • session level iconConference Pass
    3:15 pm - 4:00 pm

    Key Take-Away: Tips for cybersecurity leaders and vendors to better be realistic, honest, and direct to benefit both sides.

    In this presentation, Rick Doten will share from his unique experience on this topic and cover:

    • Getting customers to swipe right
      Vendor email, LinkedIn, and phone etiquette; don’t lead with an insult, or try to guilt them to connect. Examples of good and bad approaches. Customers shouldn’t be ghosting or rude.
    • The first date
      Meeting tips for vendors, virtual and in-person; do your homework, get to the point quickly. Customers should be clear in their expectations, respectful, and not abusive; provide constructive feedback.
    • After the date: getting them to text you back
      Vendors need to understand it’s not a simple decision for large companies. Customers should be clear in their aspirations, set expectations with vendors. Vendors controlling sales management to give customer space/time.
    3:15 pm
    Driving Business Strategy and Growth Using Cybersecurity
    • session level icon
    speaker photo
    Director, Cybersecurity Due Diligence, RSM US
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 4:00 pm
    Traditionally, cybersecurity is often viewed as a means to reducing risks to an organization, thwarting the attacks of threat actors and securing company assets and infrastructure. When we examine the strategic goals and objectives that organizations undertake to promote their growth and success, we can often identify the interlinkage between business objectives and the services cybersecurity provides. By shifting the focus on how cybersecurity could enable an organization to bring products to market faster, make it easier for customers to conduct business with the company, create an environment to attract and retain employees and become the vendor of choice to our customers, we can strengthen our relationship with executive leadership and board of directors, become a trusted partner to the business, serve as a trusted advisor to line of business owners and shift the paradigm of cybersecurity from risk reduction cost center to a business enablement service line.
Exhibitors
  • Abnormal Security
    Booth: 430

    Abnormal is the most precise human behavior security engine for blocking all email attacks, including phishing, malware, ransomware, social engineering, executive impersonation, supply chain compromise, internal account compromise, spam, and graymail.
    Secure email gateways and built-in Microsoft and Google security struggle to block email attacks that pass reputation checks, have no URLs or attachments, and appear to come from trusted sources.

    Only Abnormal uses behavioral AI to profile known good behavior and analyzes over 45,000 signals to detect anomalies that deviate from these baselines, delivering maximum protection for global enterprises.

  • AccessIT Group
    Booth: 200

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • Akeyless
    Booth: 215

    Akeyless’ unique combination of innovative technology and cloud-native architecture, enables enterprises to fastly secure DevOps, cloud workloads, and legacy environments, while meeting compliance and regulations.

  • BeyondTrust
    Booth: 310

    BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry’s most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.

    The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. We are trusted by 20,000 customers, including 78 of the Fortune 100, and a global partner network.

  • Certes Networks
    Booth: 340

    Headquartered in the U.S. with a global presence in Europe, Middle East and Asia Pac, Certes Networks has been delivering security technology solutions to enterprises and governments around the world for over 15 years. Our technology is deployed across 1000 customers in nearly 100 countries and is certified for FIPS 140-2 and Common Criteria EAL4+. Our global foot print of organizations using Certes technology has helped customers to meet national, international or industry-specific regulations.

  • Check Point Software Technologies Inc.
    Booth: 200

    Check Point Software Technologies Inc. is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Cloud Security Alliance Carolinas
    Booth: 140

    The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud—from providers and customers, to governments, entrepreneurs and the assurance industry—and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

  • Critical Start
    Booth: 110

    Critical Start is a cybersecurity company with a holistic, customer-focused approach. We work with our customers to understand the impact of IT on their business and determine the associated risks. Using this risk profile, we can offer big-picture guidance on the strategies and controls that will enable them to effectively manage risk and improve security. Critical Start is 100% employee owned by a team of experts who are passionate about security, quality and service. For more information on what sets us apart, visit criticalstart.com.

  • Cyber Breakfast Club
    Booth: N/A

    The Cyber Breakfast Club ™ is a private cybersecurity breakfast group connecting cybersecurity executives and leaders each month over virtual breakfast.

  • Cybercrime Support Network
    Booth: N/A

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Cybereason
    Booth: 450

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • deepwatch
    Booth: 320

    deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry. Designed to be different, deepwatch provides customers with world-class managed security services and unrivaled value by extending their cybersecurity teams, curating leading technologies into deepwatch’s cloud SecOps platform, and proactively driving their SecOps maturity.

  • Delinea
    Booth: 630

    Delinea is a leading provider of privileged access management (PAM) solutions that make security seamless for the modern, hybrid enterprise. Our solutions empower organizations to secure critical data, devices, code, and cloud infrastructure to help reduce risk, ensure compliance, and simplify security. Delinea removes complexity and defines the boundaries of access for thousands of customers worldwide, including over half of the Fortune 100. Our customers range from small businesses to the world’s largest financial institutions, intelligence agencies, and critical infrastructure companies.

  • Devo
    Booth: 100

    Devo, formerly Logtrust, is a technology company that developed the first real-time big data-in-motion software, which collects and analyses big data in real-time.

  • Digital Shadows
    Booth: 225

    Digital Shadows monitors and manages an organization’s digital risk, providing relevant threat intelligence across the widest range of data sources within the open, deep, and dark web to protect their brand, and reputation.

  • ForeScout Technologies, Inc.
    Booth: 200

    ForeScout Technologies, Inc. has pioneered an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT). We offer a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of today’s vast array of physical and virtual devices the instant they connect to the network. Our technology continuously assesses, remediates and monitors devices and works with disparate security tools to help accelerate incident response, break down silos, automate workflows and optimize existing investments. As of June 30, 2018, more than 2,900 customers in over 80 countries improve their network security and compliance posture with ForeScout solutions.

  • Gigamon
    Booth: 230

    Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.

  • Institute of Internal Auditors (IIA)
    Booth: N/A

    Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.

  • North Carolina InfraGard
    Booth: 240

    North Carolina InfraGard membership is comprised of professionals from various size companies of all industries. We hold regular meetings to discuss issues, threats and other matters that impact their companies. Speakers from public and private agencies and the law enforcement communities are invited. It is our goal to improve and extend information sharing between private industry and the government. InfraGard members gain access to information that enables them to protect their assets and in turn give information to government that facilitates its responsibilities to prevent and address terrorism and other crimes. Attend a local chapter meeting, meet FBI officials from your area and help protect your nation’s infrastructure.

  • Insight
    Booth: 410

    Insight is a comprehensive solutions integrator that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. With a client-focused approach to delivery, we recommend the most appropriate solutions to drive digital transformation and modernization for innovation. As clients look for ways to optimize data for better business, empower speed and scale of service, and drive next-gen security, Insight delivers expertise that is grounded, unbiased, and refreshingly straightforward.

  • ISACA Charlotte
    Booth: N/A

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the region.

  • (ISC)2 Piedmont Triad Chapter
    Booth: N/A

    We are the local (ISC)2 chapter here in central North Carolina. Our chapter meets bi-monthly and rotates between Greensboro and Winston-Salem meeting sites. We usually meet on the second Thursday of the odd months from 6-9 p.m. If you are a local Information Security Professional looking to join, please contact the membership chair at membership@isc2chapter114.org

  • Charlotte Metro ISSA
    Booth: 130

    The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.

  • Lake Norman IT Professionals
    Booth: 250

    Our vision is to meet IT professionals within our Local IT community for learning, sharing, community outreach, leadership and professional growth. We are a 501c4 Non-Profit entity, and donate a significant portion of our sponsorship dollars to the E2D organization, who is helping to eliminating the digital divide!

  • NCTECH Association
    Booth: N/A

    Founded in 1993, the North Carolina Technology Association (NCTA) is a 501 (c) (6) not-for-profit association focused on advancing the state’s tech industry. NCTA has 700+ member companies, organizations and institutions representing more than 200,000 North Carolina based employees.

  • Netskope
    Booth: 210

    The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

  • North Carolina Center For Cybersecurity
    Booth: N/A

    Headquartered in Winston-Salem, the North Carolina Center for Cybersecurity, a 501(c)3 organization, accelerate regional economic development through applied cybersecurity to foster economic development. It will also position North Carolina as a leader in cybersecurity workforce development at the community level to help existing businesses meet the global demand for a more secure supply chain. Regional hubs across the state, operating under the umbrella of the North Carolina Center for Cybersecurity (NCCC), will concentrate on: Workforce development aimed at training students and retraining the local workforce to solve practical cybersecurity problems and help companies seeking a consistent supply of cybersecurity talent across multiple disciplines. Public, private, and academic collaboration focused on developing practical solutions to commercial cybersecurity problems that match each region’s economic strengths.

  • Orca Security
    Booth: 200

    We’re on a mission to make it fast, easy, and cost effective for organizations to address the critical security issues in their AWS, Azure, and GCP estates so that they can operate in the cloud with confidence.

  • Proofpoint
    Booth: 600

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Qualys, Inc.
    Booth: 650

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • Recorded Future
    Booth: 120

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth: 245

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • SafeBreach
    Booth: 440

    SafeBreach’s mission is to change the way the industry deals with security and risk, and enable companies to use the security technologies they have invested in to the fullest. By validating those technologies against attacks, from the known to the latest emerging threats, they will drive risk down — on a continuous basis. Companies will be able to invest smart and protect more. They will be able to quantify risks to the business and drive a security strategy aligned with the company’s business growth. Changing the mindset of defenders to offensive and proactive will help us build a safer world.

  • Salt Security
    Booth: 620

    Salt Security delivers an API Threat Protection solution focused on securing the ubiquitous APIs connecting everything from web and mobile applications to microservices and IoT devices. These are the APIs that you develop and own and are at the core of connecting your applications and data.

    Salt Security was founded in 2016 by alumni of the Israeli Defense Forces (IDF) to deliver the first, patented API Protection platform to secure APIs. Salt Security deploys in minutes, automatically learns your unique APIs, and requires no configuration or customization to help you protect and improve your API security.

  • Semperis
    Booth: 420

    Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments. The company provides cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services—the keys to the kingdom. Semperis’ patented technology for Microsoft Active Directory protects over 40 million identities from cyberattacks, data breaches, and operational errors. Semperis solutions are accredited by Microsoft and recognized by Gartner. Semperis is headquartered in New Jersey and operates internationally, with its research and development team distributed between San Francisco and Tel Aviv.

  • SentinelOne
    Booth: 610

    SentinelOne is the future of Endpoint Protection. It unifies prevention, detection and response in a single platform driven by sophisticated machine learning and intelligent automation. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated, integrated response capabilities, and adapt their defenses against the most advanced cyber attacks.

  • SIM Charlotte
    Booth: N/A

    The Chapter strives to strengthen professional communications among members who direct the application of information technology in private and pubic organizations. Chapter activities include:

    • Meeting to share innovative ideas and real world experiences which address enterprise information needs. We have excellent speakers both from our membership, and bring in industry executives and subject matter experts from many sources.
    • Providing presentations by leading national information-management professionals and executives who benefit from management-information systems.
    • Challenging our comfort levels by exchanging ideas with peers and business counterparts.
    • Being a resource for each other, and personal networking.
  • Skybox Security
    Booth: 300

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Thales
    Booth: 330

    As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

  • Trend Micro
    Booth: 640

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • Women in CyberSecurity (WiCyS)
    Booth: N/A

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Moderator: Terry Olaes
    Director, North America Systems Engineering, Skybox Security

    Terry Olaes is director of North America systems engineering at Skybox Security. With more than 20 years of experience in IT, his expertise includes IT/OT convergence, audit and compliance, data breaches, and incident management. Working on the ground floor at a manufacturing plant, serving as a systems engineer, and managing large security teams have provided Terry with a unique perspective on fortifying IT/OT security posture. Terry specializes in helping organizations devise the right cybersecurity strategies to help manage vulnerabilities and mitigate risks across IT, OT, and hybrid cloud environments. Previously, he has served in security management roles at Neiman Marcus and IBM. Terry has a BA in Business Administration and Management from the University of Phoenix.

  • speaker photo
    Jose Ferreira
    Sr. Director, Security Solutions, East, Sirius, a CDW Company

    Ferreira helps enterprises develop and maintain proactive security programs. He has over two decades of IT security experience and works with organizations to understand their assets, identify security gaps, and define the people, processes and technology that can facilitate mitigation and support business goals. He focuses on the development of tactical and strategic data protection plans, and applies his knowledge of core infrastructure security, security program governance, threat and vulnerability management, identity and access management, and application security to enable the improvement of overall security posture.

  • speaker photo
    Rob Dalzell
    BISO, Bank of America

    Rob Dalzell is a cybersecurity professional with over 30 years of Information Technology and Cybersecurity experience. He has thrived in the following cybersecurity based arenas: BISO, Third Party Defense, Vulnerability Management, Identity and Access management, Responsible Vulnerability Disclosure, email encryption and general security awareness. He is a member of the ISACA, serves on the Advisory Board for SecureWorld Charlotte and is in the final stages of completing a Master’s degree in Cybersecurity. Rob is an active supporter and advocate for those impacted by disabilities and is an advocate in the Women in Technology and Operations (WIT&O) organization. He is an ardent believer in life-long learning. In his spare time, he can be found playing or officiating soccer, generating sawdust or digging in the dirt around his house and trying to keep a British sports car running.

  • speaker photo
    Margaret White
    SVP & BISO, Wells Fargo

    Margaret White is currently Senior Vice President, Business Information Security Officer (BISO) for Wells Fargo’s Enterprise Functions. In this role, Margaret leads execution of cybersecurity posture and strategy for enterprise-wide cybersecurity engagements and provides bi-directional transparency to Enterprise Functions CEOs and CIOs. Prior to joining Wells Fargo, Margaret served in multiple leadership roles at Bank of America including Cybersecurity Technology Strategy for Incident Management and Data Loss Prevention; Threat Prevention Operations Transformation; Corporate and Commercial Banking BISO; and Customer Notifications Engine, delivering six million alerts per day.

    An award-winning technology leader in Financial Services, Margaret has spent nearly 20 years building, designing and protecting Critical Infrastructure financial systems. Passionate about people, Margaret advocates for colleagues, clients and the underserved through her work as a mentor and volunteer in employee networks and community organizations such as Women in Technology, Girls Who Code, Women in Cybersecurity (WiCyS) and BSides.

    Margaret is a Certified Information Systems Security Professional and holds a BS in Computer Science from Florida State University where she co-founded the Women in Computer Science organization (now a chapter of ACM-W).

  • speaker photo
    Christopher Zell
    VP, Cyber Operations and Analysis, Dell Technologies

    Chris is currently Vice President, Cyber Operations and Analysis, for Dell Technologies. In this role, Chris leads the strategy and optimization of Dell's Cyber Security Operations (CSIRT, eFI, Security Assurance and Vulnerability Management) globally. Prior to joining Dell, Chris served at the first CISO for the Wendy's company, where he spent five years growing and maturing the Information Security organization, with responsibility for the security of over 6,800 restaurants as well as a massive e-commerce platform. Before joining Wendy's, Chris was the first Director of Cyber Security Operations for Lowe's Home Improvement, building out their first Security Operations Center, and held various leadership roles during his tenure.

    A decorated 22-year veteran of the US Air Force, Chris spent his military career building, protecting, and defending critical systems and networks from some of the most advanced threat actors in the world. Passionate about giving back to the community, Chris is known as a trusted mentor and champion of diversity and inclusion, and is a staunch supporter of our military veterans.

    Chris is the Vice-Chair of the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), an Executive Committee member of the Cybersecurity Collaborative, and frequent advisor to cyber start-ups and VCs. He holds a bachelor’s degree in Information Technology from Western Governors University as well as multiple industry certifications.

  • speaker photo
    Chris A. Quintanilla
    Managing Director, Saperde; Chief of Staff, Philadelphia InfraGard

    Chris has over 25 years’ experience in the IT field and is a Certified Information Systems Security Professional (CISSP). He has served as a senior project manager and engineer for several federal and municipal governments’ IT projects, as a network and systems engineer for IBM's Education and Training Division, and as an adjunct faculty member at the Pennsylvania Institute of Technology. Chris leverages his associations with federal law enforcement along with his IT background to advise clients on matters of information security, works with them to implement best practices to safeguard critical systems and sensitive information, and assists victims and law enforcement after malicious acts occur. Chris has been appointed by three different U.S. Presidents and two different Governors as a US Selective Service Board Member. He is also an information systems officer in the US Coast Guard Auxiliary.

  • speaker photo
    Darren Carroll
    Managing Principal - Security Services, Insight

    Darren is a risk management and information security leader with diverse global experience in operational, technical, management, and presales roles. He has had the pleasure to build and lead multiple diverse, dynamic, high-performing teams. Throughout his career, he has provided consultative thought leadership, strategic direction, and tactical response to multiple federal, state, and local agencies, many of the Fortune 100, and hundreds of mid-sized enterprises.

  • speaker photo
    Maggie MacAlpine
    Security Strategist, Cybereason

    Maggie MacAlpine is a security strategist at Cybereason and one of the co-founders of the DEF CON Voting Village. Over the course of 10 years spent in the field of cybersecurity, MacAlpine has been a contributing researcher on the "Security Analysis of the Estonian Internet Voting System" in partnership with the University of Michigan, co-author of the DEF CON Voting Village annual reports, and appeared in the HBO documentary "Kill Chain." She has been a speaker on cybersecurity threats at various conferences, including DEF CON, the Diana Initiative, ShmooCon Hacker Conference, PacSec Tokyo, and in presentations to Capitol Hill.

  • speaker photo
    Mike Muscatell
    Sr. Director, Cyber Security, Acumatica, Inc.

    Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.

  • speaker photo
    Terry Ziemniak, CISSP
    Chapter Member, (ISC)2

    Terry has over 25 years' experience in the information security field with work ranging from hands on security penetration testing to the build out of complex, state of the art cyber protections. Additionally, he has spent over a decade in the role of Chief Information Security Officer for very large organizations (including Atrium Health here in Charlotte). Terry brings that technical experience and business acumen into the consulting space—helping business leaders navigate the risks and rewards of cybersecurity. Terry has achieved the CISSP (Certified Information System Security Practitioner) designation as well as having completed his Master's degree in Information Security from DePaul University. He has spoken on cybersecurity topics to groups all over the country and as far away as Germany.

  • speaker photo
    Jeff Hardee
    Security Solutions Architect, Qualys
  • speaker photo
    Christopher McMahon
    Special Agent, Global Investigative Operations Center, United States Secret Service

    Chris McMahon is a Special Agent for the United States Secret Service. Prior to joining the Secret Service, Chris was a Prince George’s County, MD Police Officer. Chris is a well-seasoned criminal investigator specializing in cyber-enabled financial fraud, money laundering, credit card/ID fraud among other crimes. Chris began his Secret Service career out of the New York Field Office spending time between the Fraud Squad and Electronic Crimes Task Force where he earned the designation NITRO Agent for specialized training in network intrusions. While in the New York Field Office, Chris ran point on several large-scale multi-national criminal investigations targeting transnational organized crime groups. Chris is currently assigned to the U.S. Secret Service, Global Investigative Operations Center (GIOC) where he specializes in Business Email Compromise schemes and account takeovers focusing on the international nexus of cyber-enabled financial crime.

  • speaker photo
    McClellan 'Mac' Plihcik
    Sr. Special Agent, U.S. Secret Service, North Carolina Cyber Fraud Task Force (CFTF), Charlotte Field Office
  • speaker photo
    Moderator: Mike Muscatell
    Sr. Director, Cyber Security, Acumatica, Inc.

    Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.

  • speaker photo
    Moderator: Avishai Avivi
    CISO, SafeBreach
  • speaker photo
    Brett Price
    CISSP | CISM, Sr. Cybersecurity Consultant, Risk Advisory Services , AccessIT Group

    Brett Price is a Senior Cybersecurity Consultant for the Risk Advisory Services practice at AccessIT Group (AITG). Brett is a knowledgeable cybersecurity consultant with over twenty years of experience and an extensive background in security consulting, network engineering/administration and cybersecurity best practices. Brett’s skills range from analyzing network packet behavior to securing enterprise critical infrastructure with expertise in assessing and consulting on risk management frameworks and standards such as NIST 800-53, NIST CSF, CIS and ISO/IEC 2700X. Brett has experience working with enterprise and mid-market customers across various industry sectors such as healthcare, banking, industrial, retail, pharmaceutical and insurance.

  • speaker photo
    Neal Humphrey
    Area VP - Security Strategist, Deepwatch

    Neal Humphrey has been active in the security industry for nearly 20 years. He has reviewed Security from the Application layer, to the Transport Layer, to Cyber Threat Intelligence, and finally to the Human. Over the last 20 years he has worked with customers from the Global 100 down to the SMB market to identify and solve Cyber Security Operation issues and to help to understand and mature Security Architectures and processes. Neal has always taken a human based approach to Security that allows for faster improvement and effective determination of tool use and capabilities.

  • speaker photo
    Crane Hassold
    Director of Threat Intelligence, Abnormal Security

    Crane Hassold is the Director of Threat Intelligence at Abnormal Security, where he leads a team responsible for researching enterprise-focused cyber threats. Prior to joining the private sector in 2015, Crane served as an Analyst at the Federal Bureau of Investigation for more than 11 years, providing strategic and tactical analytical support to cyber, financial crime, and violent crime cases. For most of his career with the FBI, Crane worked in the Behavioral Analysis Units in Quantico, Virginia, where he provided analytical and behavioral support (“profiling”) to intelligence community and law enforcement partners against national security adversaries and serial criminals. Crane has also been recognized as a subject matter expert in open source intelligence collection and has presented at numerous conferences about using successful analytical techniques.

  • speaker photo
    Peter Steyaert
    Sr. Sales Engineer Manager, Gigamon
  • speaker photo
    Justin Harris
    Director of Product Management, Delinea

    Justin Harris is a 20+ year technology veteran with a wide range of vertical industry exposure that has a knack for understanding how market trends introduce market needs. In his role as Director of Product at Delinea he leads the Vault portfolio of products such as Secret Server and DevOps Secure Vault. Justin’s area of expertise includes bringing secure SaaS platforms to market, cloud-native design, product evangelism, and unified communication.

  • speaker photo
    Simon Hill
    Head of Legal & Compliance, Certes Networks

    As VP of Legal and Compliance for Certes Networks, Simon assists with Regulatory and Compliance matters, Intellectual Property and interpretation of Security and Compliance Framework requirements. Simon has extensive international experience as a technology lawyer, working in multiple jurisdictions including the European Union, Japan, India and the United States for clients in both government and private sector.

    Simon is a regular speaker on data protecting regulations and cybersecurity standards including GDPR, PCI DSS, NIST publications, NERC CIP standards and Executive Order 142028 (Improving the Nations’s Cybersecurity). Simon resides in Pittsburgh, Pennsylvania.

  • speaker photo
    Moderator: Mike Hillhouse
    CIO / CISO, Cadrillion Capital
  • speaker photo
    Stephen Fitzgerald
    Sr. Sales Engineer, Orca Security

    From writing detection rules and automations for SOC teams to assisting with compliance initiatives, cloud security has always been the focus of Stephen's career. Currently Stephen serves as a Senior Solutions Engineer at Orca helping customers architect and operationalize the Orca platform, as well as providing risk assessment reviews and guidance on security operations overall. Outside of his professional pursuits, he enjoys cars, computer hardware, and anything where he get's to play defense.

  • speaker photo
    Aaron Rose
    Security Architect, US Public Sector, Office of the CTO, Check Point Software Technologies

    Aaron Rose is a Cyber Security Evangelist, Security Architect & Member of the Office of the CTO at Check Point Software Technologies. A subject matter expert in Cloud, Internet of Things, and Application security; Aaron has focused his career on securing organizations & their resources beyond the perimeter of the traditional network firewall.

    An avid international traveler, Aaron welcomed the opportunity to spend three months in Tel Aviv’, Israel training with Check Point’s research & development teams at the company’s global headquarters.

  • speaker photo
    Rob Vanderberry
    Regional Sales Manager, Thales

    Rob Vanderberry is celebrating his 26th year of technology sales and consultation, experienced in selling solutions to businesses and public sector organizations as manufacturer rep, distributor and reseller. Rob has a passion for helping organizations achieve successful business outcomes through optimized blends of technology, knowledge and people. Evolving a focus on cyber security since 2017, today he is a regional sales manager for the southeast U.S., providing data encryption and key management solutions to Fortune 1000, Enterprise and Commercial companies in the Carolinas and Tennessee.

  • speaker photo
    Vitaliy Shtym
    Manager, Cloud Architect, Trend Micro

    Vitaliy Shtym is a Cybersecurity Practitioner with over 10 years of experience, 5 of which have been at Trend Micro. Vitaliy has been in multiple customer facing roles to address cybersecurity challenges in organization of all sizes. He focuses on architecting optimal security solutions for customers leveraging Public and Hybrid Cloud. With primary focus on customers that are migrating their infrastructure from traditional, monolithic, applications to modern technologies like Docker/Kubernetes and Serverless.

  • speaker photo
    MJ Knudsen
    Global Director, Sales Engineering, Digital Shadows
  • speaker photo
    Moderator: Frank DePaola
    VP, CISO, Enpro

    Frank is the CISO at EnPro Industries (NPO). He is passionate about striking balance between the responsible use of technology and effective risk management. In his role, Frank is responsible for defining, championing, and executing the cybersecurity and regulatory compliance strategies, programs, and initiatives globally, in deep collaboration with IT and business stakeholders. Frank is an advocate for education and constant personal and professional growth, as well as mentoring others. He is a proud US Army veteran and former U.S. Army AIT Instructor.

  • speaker photo
    Torry Crass
    Agency CISO, N.C. State Board of Elections

    Torry Crass currently serves as the Agency CISO at the North Carolina State Board of Elections and member of the CISO team at Woodstar Labs, a division of Associated Universities, Inc.

    Torry has more than 20 years of experience in the IT field and over 10 years of cybersecurity experience. Prior to joining Woodstar Labs, Torry was a CISO at LEO Cyber Security based in Fort Worth, TX, assisting a variety of clients with all aspects of planning, implementing, and improving cybersecurity programs in manufacturing, industrial, utility, and financial sectors. Prior to LEO Cyber Security, he spent 14 years with SPX Corporation and finished his time there as the Manager of Information Security.

    Torry also serves as the chair of the InfraGard National Cyber Camp Program, an advisory board member for the Cyber Crime Technology Program at SPCC, a co-chair of BSides Charlotte security conference, and a member of the South Carolina State Guard cyber unit regularly participating in cybersecurity related activities and exercises with the National Guard and other organizations. In addition to his organizational involvement, he regularly presents at industry conferences and contributes to industry publications such as InfoSec Magazine and PenTest Magazine.

  • speaker photo
    Dean Gross
    Identity and Security Architect, Insight
  • speaker photo
    Iván Hernández
    CISSP, C|EH, Sales Engineering Manager, Proofpoint
  • speaker photo
    Chad Barr
    Director of Governance & Compliance, Risk Advisory Services, AccessIT Group

    Chad Barr is the Director of Governance & Compliance for the Risk Advisory Services practice at AccessIT Group (AITG) AITG). Chad is an experienced information security leader with an extensive background in security
    engineering, project management, network administration and compliance. Through his many years of experience, Chad has established knowledge with respect to governance, regulatory and compliance frameworks such as NIST CSF, ISO2700X and PCI DSS. Chad has experience in various industry sectors such as retail, banking, real estate, healthcare, manufacturing and government.

  • speaker photo
    Ran Barth
    Director of Security Engineering, Salt Security

    Ran is an Enterprise Security Expert with many years of experience helping Fortune 500 companies secure their data and applications. Ran has detailed knowledge of Enterprise Security best practices and technologies and has been focused on the creation and deployment of solutions protecting networks, systems, and information assets with focus on web applications.

  • speaker photo
    Sean Deuby
    Director of Services, Semperis
  • speaker photo
    Moderator: James Keegan
    VP, Information Security, Essent Guaranty, Inc.
  • speaker photo
    David Ortega
    Principal Solution Architect, Digital Identity and Security, Thales Cloud Security

    David Ortega been a cybersecurity professional for more than 20 years with deep expertise in digital innovation utilizing modern cloud, data, and security solutions. David has had the pleasure of working with various industry leaders in finance, healthcare, government, higher education, and manufacturing services. His highly sought-after expertise is in security advisory services, architecture and solutions engineering, and digital transformation data-centric solutions that drives business value and manages risks.

  • speaker photo
    Rick Doten
    CISO, Carolina Complete Health; VP, Information Security, Centene Corp.

    Rick is CISO of Carolina Complete Health, a state healthcare plan, for Centene Corporate. Rick has run ethical hacking, application security, incident response & forensics, and risk management teams throughout his 25 years in IT Security. Rick has been the first CISO for two companies. He has also consulted as a virtual CISO for many industries and companies around the world. Other notable roles over last 20 years have been as a Risk Management consultant at Gartner, Chief Scientist for Lockheed Martin’s Center for Cyber Security Innovation, and Managing Principal in the Professional Security Services practice at Verizon.

  • speaker photo
    Toby Zimmerer
    Director, Cybersecurity Due Diligence, RSM US

    Toby Zimmerer is a Director of Cybersecurity Due Diligence in the Transaction Advisory Services Practice of RSM US, where he assists organizations with identifying and addressing the potential cybersecurity risks during mergers and acquisitions. He has over 22 years of professional experience developing information security strategies, designing information security programs, developing information security solutions and lead teams with deploying and operating information security programs. Toby has an MBA, a B.S. in Electrical Engineering, a CISSP certification, a CCSK from the Cloud Security Alliance and is a U.S. Navy veteran.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes