googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, April 1, 2025
    9:00 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0
    • session level icon
    speaker photo
    vCISO & Managing Director, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

     

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    9:00 am
    [PLUS Course] AI Unleashed: Cybersecurity Strategies for an Autonomous Future
    • session level icon
    speaker photo
    Sr. Cybersecurity Consultant, Wilson Cyber
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    Artificial Intelligence (AI) technology enables computers and machines to simulate human learning, comprehension, problem solving, decision making, creativity and autonomy. Applications and devices equipped with AI can see and identify objects, understand, and respond to human language, learn from new information and experience. AI-based applications (a classic example being a self-driving car) can make detailed recommendations to users and experts and act independently, replacing the need for human intelligence or intervention.

    Recognizing the importance of technical standards in shaping development and use of AI, the U.S. President’s October 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (EO 14110) calls for “a coordinated effort… to drive the development and implementation of AI-related consensus standards, cooperation and coordination, and information sharing” internationally.

    This PLUS Course focuses on how the development of AI capabilities, technologies, and tools impact cybersecurity. Instructor Larry Wilson breaks down the course into four digestible lessons:

    Lesson 1: What Is Artificial Intelligence: Includes an overview of Artificial Intelligence, how AI is used today (case studies), the current / future state of international AI standards.

    Lesson 2: AI Security Threats: How threat actors are using AI to automate stages of the attack lifecycle, including reconnaissance, evasion, privilege escalation, lateral movement, and exploitation.

    Lesson 3: AI Security Standards: (1) Secure Design – risks and threat modelling; (2) Secure Development – supply chain security, documentation, asset and technical debt management; (3) Secure Deployment – protecting infrastructure from compromise, threat or loss, incident management, and responsible release; and (4) Secure Operation and Maintenance – logging and monitoring, update management and information sharing.

    Lesson 4: AI Risk Management Playbook: (1) Govern – policies, processes, procedures and practices across the organization related to the mapping, measuring and managing of AI risks are in place, transparent, and implemented effectively; (2) Map – context is measured and understood; (3) Measure – appropriate methods and metrics are identified and applied; (4) Manage – AI risks based on assessments and other analytical output from the Map and Measure functions are prioritized, responded to, and managed; (5) Roadmap – key activities for advancing the NIST Artificial Intelligence Risk Management Framework.

    Upon completion of the class, attendees will have an up-to-date understanding of AI and its impact on cybersecurity. They will learn what actions organizations should take to benefit from the many advancements available with adopting AI into their security design, development, deployment, operations, and maintenance.

  • Wednesday, April 2, 2025
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:15 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:15 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Participating professional associations and details to be announced.

    8:00 am
    Benchmarking Your Cybersecurity Framework
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] Harnessing the Strengths of Neurodiversity in Cybersecurity
    • session level icon
    speaker photo
    VP, Information Security, Centene Corporation
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    Neurodiversity. What is it, what are the traits, and why are people with these traits attracted to the cybersecurity fields?

    Rick Doten has managed technical cybersecurity staff for more than 25 years. He’s observed how we have special skills and abilities to perform the work we do; things like identifying patterns, spotting anomalies, learning new information quickly, troubleshooting, and being able to hyperfocus on a tasks until they’re resolved. Rick highlights how some traits help you naturally be good at some cybersecurity roles.

    This has been a special interest of Rick’s for the last couple years, and he have taken dozens of hours of clinical training to become a certified clinical specialist in Autism and ADHD. He discusses topics such as executive functions, which are the cognitive skills that regulate emotions, impulse control, attention, time management and others, how to manage focus and distractions, and what motivates people.

    He’ll talk about accommodating these executive functions, how to better gain motivation and focus, and even how people with neurodiversity can be better in interviews.

    Rick provides techniques, tools, and even apps to help people with neurodiversity be more productive and successful. He lists apps and life hacks to help initiate tasks, manage time, working memory, and reduce procrastination.

    Rick’s goal is to celebrate how it’s okay that we are different, because the cybersecurity community is a tribe of neurodivergent people who accept, support, and encourage each other.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    Bridging Business and Security: The Evolving Role of the BISO
    • session level icon
    speaker photo
    VP, Cybersecurity & IT Compliance, Shaw Industries
    speaker photo
    VP, Product Security, LPL Financial
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Business Information Security Officers (BISOs) are not just translators between security and business—they are architects of alignment, champions of risk-informed decision making, and enablers of secure growth. This dynamic panel delves into the BISO’s multifaceted role, discussing how they:

    • Bridge gaps between technical teams and business units.
    • Build security strategies that align with business goals.
    • Advocate for cybersecurity investment and cultural change.

    Attendees learn how BISOs influence enterprise security programs while navigating organizational complexities.

    10:15 am
    Investing in Your Application Security Programs
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Session description to come.

    10:15 am
    Bug Bounties: Tips from the Triager
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Hear directly how someone who has spent years reviewing and prioritizing bug bounty program submissions approaches the task. In this talk, discover how to craft reports that stand out, ensuring your findings are presented for maximum impact and value. Discover the most common pitfalls to avoid, tips on how to structure your reports for clarity and precision, and hear highlights of the key elements triagers focus on to determine the severity and validity of vulnerabilities.

     

    10:15 am
    Tabletop Exercises: The Fun Kind
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Tabletops are not new in incident response training. But oftentimes, they’re pretty dull or ridden with anxiety. But, what if we applied gamification and game-based learning techniques? By transforming tabletop exercises into interactive, engaging scenarios, with Dungeons & Dragons-style play, we can make them more memorable and effective!

    This approach allows participants to practice critical skills, with a structure that encourages more balanced team involvement and participation, and dice-rolling to determine success and failure (that does a remarkable job in simulating a real-world experience). Enter HackBack Gaming! Why not build incident response “muscle” memory in a fun way? This session provides a foundation for you to start conducting exercises like this yourself right away.

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Locking the Future: Why Data Security Is the Key to Trustworthy AI
    • session level icon
    speaker photo
    Data Strategy and Data Information Architect, Bank of America
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    As AI becomes a cornerstone of innovation across industries, the importance of robust data security has never been more critical. This presentation will explore the essential role of data security in enabling the widespread adoption of AI technologies. Attendees will gain insights into how safeguarding sensitive data builds trust, ensures compliance, and mitigates risks in AI systems. We’ll discuss real-world challenges that encompass data breaches, privacy concerns, and ethical considerations while highlighting strategies to secure data pipelines that promote trustworthy AI deployment.

    11:10 am
    Building Trusted Partnerships to Enable Secure Products
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    In today’s interconnected digital ecosystem, the security of any product is only as strong as its weakest link. This panel session explores the critical role of trusted partnerships in developing and maintaining secure products throughout their lifecycle.

    Our distinguished panel delves into the challenges and opportunities of fostering collaborative relationships between vendors, suppliers, and customers to enhance product security. They examine how these partnerships can lead to more robust security measures, improved threat intelligence sharing, and faster response times to emerging vulnerabilities. Key topics include:

    • Establishing trust in the supply chain
    • Collaborative approaches to secure software development
    • The role of transparency in building and maintaining trust
    • Balancing intellectual property concerns with security needs
    • Leveraging partnerships for more effective incident response
    • Case studies of successful security-focused partnerships
    11:10 am
    Cyber Risk by the Numbers from a Cyber Insurance Perspective
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    You’ve experienced a cyber incident. Does cyber insurance really pay? What’s actually a recoverable expense? How can insurance help? And when the insurance does pay, how do you balance the amount of insurance with cybersecurity priorities? In this session, we’ll evaluate the data and dig into recent real-world examples of how cyber insurance pays claims, what’s covered, the role of insurance in incident preparation and response, and how organizations are using analytics in decision-making.

    11:10 am
    [Panel] Improving Incident Response Through Threat Intelligence, Cloud Resilience, and AI Innovations
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Session description to come.

    12:00 pm
    [Lunch Keynote] A Leadership Strategy for Navigating a Crisis
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    Session description to come.

    12:00 pm
    Advisory Council Roundtable Lunch (VIP / Invite only)
    • session level icon
    Sponsored by Semperis
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    Generously sponsored by:

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    The Unbreakable Chain: Securing Supply Lines Against Cyber Attacks
    • session level icon
    speaker photo
    Founder, Armstrong Risk Management LLC
    speaker photo
    Information Security Executive - Global Supply Chain, Lenovo
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Though most organizations have an increased budget for securing internal systems, in recent years there has been an increased dependency on third parties – suppliers/vendors or partners to deliver products and services across various industries. Given the current threat landscape and increase in supply chain attacks across industries, there is a need for addressing business resiliency.

    The session uncovers:

    • Various types of supply chain attacks
    • Recent trends and causes
    • Mechanisms to assess and address supply chain risk
    • Recommendations for building a resilient supply chain
    1:15 pm
    AI Systems Under Siege: From Adversarial Attacks to Post-Quantum Defense Strategies
    • session level icon
    speaker photo
    Executive Partner of Innovation, AiSuNe
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Session spoiler: The adversaries are already digging the siege tunnel. Future IT systems will increasingly rely on AI as one of their core components. In an environment of omnipresent, available devices of all sizes and the increasing challenge of data encryption through quantum computing, we must harden secure build processes and communication. We are used to the idea that AI protects us, but how do we protect AI? Our presentation explores some of these challenges and their countermeasures.

    We examine how AI systems create new attack surfaces and security risks. The discussion then shifts to Generative AI and the future of autonomy with Agentic AI. We analyze how their decision-making capabilities and physical world interactions introduce unprecedented risks if not appropriately secured. Finally, we address how quantum computing threatens current cryptographic protections and present post-quantum cryptography as a vital defense strategy for securing AI systems in the quantum era.

    1:15 pm
    Addressing the Cybersecurity Skill Shortage Internally and Externally
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    This presentation will cover accelerating skill development and cross-department collaboration efficiently and economically. Key takeaway: How to build a cyber guild and utilize it for expanded upskilling and role development.

    1:15 pm
    [Panel] The Secret Potential of AI and ML
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Artificial intelligence (AI) and machine learning (ML) have emerged as powerful tools for cybersecurity professionals, offering the potential to revolutionize how organizations and individuals detect, analyze, and respond to cyber threats. Join us as we delve into the world of AI- and ML-powered cybersecurity, exploring the hidden potential of these technologies and their ability to transform cybersecurity superheroes into formidable defenders of the digital realm.

    Our panel of experts unravel the intricate world of AI and ML in cybersecurity, shedding light on the latest advancements, emerging applications, and the challenges involved in harnessing the power of these technologies effectively. They discuss the use of AI in threat detection and analysis, ML-powered threat prediction, and the potential of AI-driven automated response capabilities.

    Our panel provides a comprehensive overview of AI and ML in cybersecurity, empowering attendees to understand the hidden potential of these technologies and explore how they can be leveraged to enhance their organization’s cybersecurity posture. Learn how to identify and implement AI and ML solutions, overcome the challenges of data privacy and ethics, and embrace the future of AI-powered cybersecurity.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    SOC Essentials: Assembling Your First Response Team
    • session level icon
    speaker photo
    Team Leader of Information Security, Garmin International
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    The Security Operations Center (SOC) is an organization’s first eyes and ears to security threats and risks. For the SOC to support being an organization’s first response team, the team must have the proper resources for continuous growth and monitoring to keep an organization secure. This discussion focuses on key foundational elements for developing and maturing a SOC. Attendees will learn how to establish processes, procedures, and data-driven growth plans for their SOC .

    2:10 pm
    Integrating Transformative OT Cybersecurity Programs
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    Session description to come.

    2:10 pm
    Social Engineering: Training the Human Firewall
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Phishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.

    2:10 pm
    Navigating Third-Party Risk and Vendor Resilience
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    In today’s dynamic cyber risk landscape, risk managers must stay informed and adapt their strategies accordingly. Recent global cyber events have had a profound impact on critical functions across multiple sectors, underscoring the gravity of cyber events. Risk managers also face complexities from trends like reliance on third parties and evolving data protection laws.

    To successfully navigate these challenges, risk managers are tasked with learning from significant cyber events, implementing best practices for managing third-party cyber risk, and staying updated on privacy regulations. This session assists risk managers in effectively mitigating cyber risks and safeguarding their organizations by discussing strategies for managing third-party cyber risk and providing updates on privacy regulations.

    3:00 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 4:00 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary beverages. This is a great opportunity to network with other security professionals from the area and discuss the hot topics from the day.

     

    3:30 pm
    [Closing Keynote] Securing the Queen City and Beyond: Lessons in Leadership from Charlotte’s Top CISOs
    • session level icon
    speaker photo
    Corporate VP & Global CISO, Lowe's Companies, Inc.
    speaker photo
    VP & Global CISO, Hanesbrands Inc.
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    Location / Room: Keynote Theater

    The role of the CISO continues to evolve as cybersecurity leaders work to shape business resilience and protect critical assets. In this keynote panel, Charlotte’s top CISOs come together to share their hard-earned insights, leadership strategies, and lessons learned from defending some of the region’s largest and most influential organizations.

    This engaging discussion explores topics such as navigating boardroom conversations, driving a culture of security across the enterprise, and adapting to emerging threats while enabling business growth. Designed for cybersecurity executives and their teams, this panel provides actionable advice, strategic takeaways, and inspiration to close the conference on a high note.

Exhibitors
  • AccessIT Group
    Booth: TBD

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • Black Duck
    Booth: TBD

    Black Duck® offers the most comprehensive, powerful, and trusted portfolio of application security solutions in the industry. We have an unmatched track record of helping organizations around the world secure their software quickly, integrate security efficiently in their development environments, and safely innovate with new technologies. As the recognized leaders, experts, and innovators in software security, Black Duck has everything you need to build trust in your software. Learn more at www.blackduck.com.

  • CDW
    Booth: TBD

    CDW Corporation is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. For more information about CDW, please visit  www.CDW.com.

    Our broad array of products and services range from hardware and software to integrated IT solutions such as security, cloud, hybrid infrastructure and digital experience.

  • Charlotte IT Professionals
    Booth: TBD

    We are a growing organization, with a goal to help shape the Charlotte area’s IT groups to better deliver value to our respective companies. As our profession in technology becomes more immersive and the speed of change increases, our lives both personally and professionally require a commitment to lifelong education and networking. We offer numerous ways to connect, from our peer leadership breakfast meetings, to yearly outings, and other evening networking and educational events. Our Purpose is to facilitate various opportunities to Meet Learn and Share.

  • Charlotte Metro ISSA
    Booth: TBD

    The Charlotte ISSA chapter is committed to providing the Information Security professionals of Charlotte opportunities to grow both technically and professionally through training, meetings and summits.

  • Cloud Security Alliance Charlotte Chapter
    Booth: TBD

    CSA chapter membership allows opportunities for continued learning, security awareness, networking, and career growth.

    • Network with peers and subject matter experts
    • Gain valuable insight from industry professionals and peers
    • Build cloud security awareness at the community level
    • Participate in cloud security education and training locally
    • Participate in CSA research and development
    • Discuss cloud vulnerabilities and brainstorm solutions
    • Be a leader in the cloud security field
    • Member discounts on training and exams
  • ISACA Charlotte
    Booth: TBD

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the region.

  • Charlotte Metro ISC2
    Booth: TBD

    The Charlotte Metro ISC2 chapter is a 501c3 non-profit organization, whose mission is to advance information security in the local communities throughout the Charlotte Metro area. We provide our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate. We are committed to engaging in public service activities and outreach to advance cybersecurity awareness in the broader community.

  • Cyberhaven
    Booth: TBD

    When the DLP market first emerged 20 years ago, the goal was to protect confidential information in on-premises databases, file servers, application servers, other data repositories, and endpoints. Today millions of sensitive documents, files, and other data are being exfiltrated in violation of corporate data policies every day because DLP is completely ineffective in the era of cloud-first applications and Zero Trust security. These data breaches result in stolen IP, damaged brands, and significant financial penalties. Let’s face it, DLP in its current form is nothing more than a compliance checkbox. Cyberhaven is transforming the DLP market and helping organizations secure all of the high-value data they must protect in order to compete and thrive in the digital economy. It’s a big hairy problem, and we are up to the challenge.

  • Island
    Booth: TBD

    What if the enterprise had complete control over the browser? What would it mean for security, for productivity, for work itself? Introducing Island, the Enterprise Browser—the ideal enterprise workplace, where work flows freely while remaining fundamentally secure. With the core needs of the enterprise naturally embedded in the browser itself, Island gives organizations complete control, visibility, and governance over the last mile, while delivering the same smooth Chromium-based browser experience users expect. Led by experienced leaders in enterprise security and browser technology and backed by leading venture funds—Insight Partners, Sequoia Capital, Cyberstarts and Stripes Capital—Island is redefining the future of work for some of the largest, most respected enterprises in the world.

  • Lake Norman IT Professionals
    Booth: TBD

    Our vision is to meet IT professionals within our Local IT community for learning, sharing, community outreach, leadership and professional growth. We are a 501c4 Non-Profit entity, and donate a significant portion of our sponsorship dollars to the E2D organization, who is helping to eliminating the digital divide!

  • Phish Club
    Booth: TBD

    Phish Club is a dynamic and inclusive community dedicated to ‘phishing’ cybersecurity professionals into a world of networking and learning. We provide a platform for engaging discussions, knowledge sharing, and valuable networking opportunities in the ever-evolving realm of cybersecurity. Our goal is to foster connections, offer insights, and promote learning in a supportive environment.

    Let’s navigate the cyber seas together, ‘phishing’ for valuable connections and knowledge. Join Phish Club and embark on an exciting journey in the world of cybersecurity!

  • SIM Charlotte
    Booth: TBD

    The Chapter strives to strengthen professional communications among members who direct the application of information technology in private and pubic organizations. Chapter activities include:

    • Meeting to share innovative ideas and real world experiences which address enterprise information needs. We have excellent speakers both from our membership, and bring in industry executives and subject matter experts from many sources.
    • Providing presentations by leading national information-management professionals and executives who benefit from management-information systems.
    • Challenging our comfort levels by exchanging ideas with peers and business counterparts.
    • Being a resource for each other, and personal networking.
  • ThreatLocker
    Booth: TBD

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • WiCyS North Carolina Affiliate
    Booth: TBD
Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Glen Sorensen, Instructor
    vCISO & Managing Director, Cyber Risk Opportunities LLC

    Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.

    Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.

  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Sr. Cybersecurity Consultant, Wilson Cyber

    Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Rick Doten
    VP, Information Security, Centene Corporation

    Rick is VP of Information Security at Centene Corporation and CISO of the Medicaid healthplan based in Charlotte, NC.

    In his prior role, Rick worked as Virtual CISO supporting international companies. During that time Rick educated corporate boards, developed and matured security programs, and created the curriculum for a Cybersecurity Master’s degree program for an International University.

    Rick is a frequent speaker at cybersecurity conferences such as RSA, Secureworld, Bsides, and FutureCon, and guest on numerous cybersecurity podcasts, including The CyberWire Hashtable, CISO Series, Google Cloud, Elevate Your Career, and The Rsnake Show. Rick talks about topics ranging from cybersecurity and risk, to neurodiversity, leadership, and staffing.

    He on the Cloud Security Alliance (CSA) CXO Trust Advisory Council, and the Boards of his local Charlotte ISC2 and CSA Chapters. He works with several Venture Capital and go-to-market firms reviewing security technology, as well as on the Board of Advisors for several startups.

    Rick is on the CIS Critical Security Controls editorial panel and was a lead author on Version 8 of the Controls. He was also on the committee to update Cloud Security Alliance CCSK v5 study guide. Rick has a Cybersecurity YouTube channel where he has videos on the 18 CIS CSC v8 Controls, and other videos on cybersecurity topics.

    Rick has alternated between being a cybersecurity management consultant and CISO throughout his 27+ year cybersecurity career, and has led ethical hacking, incident response and forensics, and risk management teams.

  • speaker photo
    Max Everett
    VP, Cybersecurity & IT Compliance, Shaw Industries

    Max Everett is a cybersecurity risk and information technology modernization expert whose work has spanned Federal government, political organizations, and private sector companies.

    Max is currently the CISO for Shaw Industries, a wholly owned subsidiary of Berkshire Hathaway. He spent 20 years in Washington, DC where he served in numerous roles including as CIO for the White House and the U.S. Department of Energy. He has consulted for Federal agencies and private sector companies on cybersecurity throughout his career.

    He holds a CISSP, is a member of the bar in the State of Texas, and lives in North Carolina with his wife and two daughters.

  • speaker photo
    Steven Powers
    VP, Product Security, LPL Financial

    Steven is a VP at LPL Financial leading the BISO team. Steven has been a part of the BISO department since inception 5 years ago. Steven has 20 years of experience across banking and utilities industries within Governance, Risk, Control, and Audit functions and holds CPA, CISA, CRISC, CISSP, and CCSP certifications.

  • speaker photo
    Jennifer Fite
    Data Strategy and Data Information Architect, Bank of America

    Experienced data and security professional with a demonstrated history of working in the financial services industry. Skilled in architecture design, data patterns, data services to achieve desired business outcomes, information management, data governance, and data security practices. Strong research professional with a Doctor of Philosophy - PhD focused in Information Assurance and Security.

  • speaker photo
    Panel Discussion
  • speaker photo
    Justin Armstrong
    Founder, Armstrong Risk Management LLC

    Justin Armstrong is a security, privacy, and regulatory compliance consultant with over 25 years of experience in the Healthcare Industry. He worked as a vCISO at FractionalCISO, managed security at Healthcare Cybersecurity startup Tausight, and led Product Security at MEDITECH, a top three Electronic Health Record vendor. He has engaged with Hospitals in nearly 100 ransomware incidents.

    Recently he founded Armstrong Risk Management to provide guidance on security, privacy, and regulatory compliance to companies large and small.

    He holds the CISSP and HCISPP certifications and obtained his Masters in Cybersecurity Leadership at Brandeis University.

  • speaker photo
    Sue Thomas
    Information Security Executive - Global Supply Chain, Lenovo

    Sue Thomas is a Global Technology & Cybersecurity Executive with over 25 years of experience across semiconductors, finance and technology industries and specializes in Infrastructure, Security, Technology Risk, Governance, regulatory compliance , business resiliency & Data Privacy. Sue worked as Deputy CISO for Analog Devices, Director of IT Audit for financial institutions, Head of IT for KMG Chemicals and currently leads Global Supply Chain Information Security at Lenovo.

    Sue dedicated her career to build and lead programs to transform IT and enhance operational resiliency, while leveraging cybersecurity as a strategic asset and implementing innovative initiatives that create value and drive revenue growth.

    Sue holds an Executive MBA, master's in computer science, along with certifications in CISSP, CRISC, CISA, CMMC-RP, CSPO & PMP, which have equipped her with a deep expertise in security, risk, and governance.

  • speaker photo
    Wolfgang Rohde
    Executive Partner of Innovation, AiSuNe

    Dr. Rohde, a pioneer in applying cutting-edge technologies, co-founded IBM’s Web Services and SOA Excellence Team for Europe. He later developed Cloud solutions for an international solution provider. As global Director of Research at Siemens Digital, he focused on AI, GenAI, Blockchain, Cybersecurity, and Autonomous Factories in manufacturing and supply chain. Currently, as Executive Director at AiSuNe Foundation, Dr. Rohde bridges innovative research with practical business solutions.

  • speaker photo
    Panel Discussion
  • speaker photo
    Reanna Schultz
    Team Leader of Information Security, Garmin International

    Reanna Schultz, from Kansas City, MO, holds both a Bachelor’s and Master’s degree in Cybersecurity. With over six years of professional experience, Reanna has contributed to various corporate environments, leveraging her expertise to strengthen cybersecurity practices.

    Throughout her career, Reanna has worn many hats, including roles in Endpoint Security Engineering, Detection Engineering, and leading a Security Operations Center (SOC) team. In addition to her primary responsibilities, Reanna serves as an adjunct professor at the University of Central Missouri (UCM) and is also an entrepreneur.

    Reanna is the founder of CyberSpeak Labs, a platform dedicated to fostering community engagement through collaboration. She hosts the podcast Defenders in Lab Coats, where she delves into cyber threats and occasionally invites passionate guests to share their insights.
    Driven by her passion for cybersecurity, Reanna frequently travels to speak at events, sharing her industry knowledge and empowering others to improve their organizations' cybersecurity practices.

  • speaker photo
    Happy Hour
  • speaker photo
    Marc Varner
    Corporate VP & Global CISO, Lowe's Companies, Inc.

    As vice president, chief information security officer, Marc Varner is responsible for the global security strategy and program, ensuring all Lowe’s information assets and technologies are properly protected. He collaborates with senior technology and business leaders to implement the best security practices to protect and serve our customers and overall business. He joined Lowe’s in 2021.

    Marc has over 25 years of experience in technology and has expertise in global cybersecurity strategy, security architecture and process, information security governance and controls and regulatory compliance. Prior to Lowe's, he served as vice president and global chief information security officer at Yum! Brands, where he was responsible for global cybersecurity and strategic cybersecurity planning. He previously served as vice president and global chief information security officer at McDonald’s.

    Marc is on the advisory board of a number of leading cybersecurity companies and serves as a global chair for the Cyber Security Collaborative, which he co-founded in 2012.

  • speaker photo
    John Opala, PhD, Moderator
    VP & Global CISO, Hanesbrands Inc.

    Cybersecurity thought leader with over 19 years of technical and leadership experience in multiple disciplines.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes