googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, June 5, 2018
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    Advisory Council RoundTable (Breakfast & Coffee Served) - (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    7:30 am - 8:30 am
    Location / Room: 31

    This Roundtable is for our Advisory Council Members Only.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:30 am
    Trend Micro: Cybercriminal Operations Revealed
    • session level icon
    speaker photo
    Director, Global Threat Communications, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 25

    Today’s cybercriminals and the organizations they work in are set up to ensure they maximize both their breach success as well as their revenue.  Most criminal syndicates include a cyber arm today due to the amount of profits they can create from targeting business around the world.  In this session we’ll dive into how these organizations are set up, how they pick their targets, infection routines, and how they maximize their access within an organization’s network to maximize their ability to produce profit.  Please join us during this session as you will leave with a better understanding of how cybercriminals work.

    8:30 am
    InfraGard Meeting & Presentation- Open to all Attendees
    • session level icon
    Topic: Integrating Public and Private Sector
    speaker photo
    Board Member & Sector Chief Program Leader, InfraGard Chicago Members Alliance
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater
    Interested in your local associations? Join InfraGard for a chapter meeting and guest presentation. This session is open to all attendees.
    Presentation:
    This session will show how the public/private sector integrates intelligence for mutual benefit.
    8:30 am
    ISACA Meeting: Light Breakfast and Guest Presentation - Open to all Attendees
    • session level icon
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 24

    Join ISACA for their chapter meeting and guest speaker.
    Presentation: To Be Announced Soon

     

    8:30 am
    Comodo Cybersecurity — World Map of Malware: The Geography of Hostile Code
    • session level icon
    speaker photo
    Senior Fellow, Atlantic Council
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 26
    Every nation and economic vertical has its own unique malware fingerprint. Using geographic and network visualization tools, this presentation shows that cyber defenders can benefit from spending more time on strategic cyber defense analysis, which provides actionable intelligence to network security specialists at the tactical level. This research plots a wide range of malware types on world maps and trendlines, including trojans, worms, viruses, backdoors, packed malware and malicious applications. It shows how cities, countries, and geopolitical events each have their own malware profiles that help to make sense of malicious code on any enterprise network.

     

    9:30 am
    Opening Keynote: Risk & Security’s Bright Future: Mapping the Road Ahead
    • session level icon
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    There has never been a better time to be a risk/security professional. Disruptive technologies fundamentally expand the “Art of the Possible;” reshape the solution provider ecosystem [with a new hierarchy of winners & losers]; and discombobulate expectations of how and by whom risk and security should be managed/led.

    In an entertaining and highly interactive session, Thornton May will share with attendees how leading Risk/Security Cartographers chart the future. Like the movers and shakers of the Renaissance, we stand on the shores of a new world –a Mundus Novus as Americo Vespucci labeled it in 1502.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:15 am
    Vetting Your Vendors
    • session level icon
    Understanding the “Chain of Control” of Data, Security Pitfalls in Third-Party Contracts and Service Agreements
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 24

    One of the most important considerations in cybersecurity does not involve your own direct network security; it involves your partners and vendors. In the world of cybersecurity, you are only as strong as the weakest link in your vendor chain. The ease, convenience and cost effectiveness of outsourcing certain business functions frequently overshadows the potential pitfalls lurking in using outside third-parties and vendors. This presentation will discuss the steps your organization needs to take to ensure that any partners or vendors with access to your network systems or company data are meeting (at least) a minimum level of security requirements.

    11:15 am
    [Radware] Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Cybersecurity Manager, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 26

    Throughout 2018 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    Defense Is Not Enough – Proactively Preparing for Incident Response
    • session level icon
    speaker photo
    Director of Information Security, DePaul University
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 27

    Clearly, a robust program for the prevention of security incidents is critical to managing IT risks. Yet, in today’s extraordinarily hostile environment focusing solely on prevention cannot be considered enough. CISOs need to plan ahead for the detection, investigation, and response of the security incident that is surely in their future.
    This presentation will cover:
    • Mitigating future risks through your incident response process
    • Preparing for and streamlining your incident response
    • Building detection capabilities
    • Architecting your plans, your team and your infrastructure for the investigation you will inevitably have to perform

    11:15 am
    baramundi — Innovative Endpoint Management: A Holistic Approach to Vulnerability Management, Patching, OS Upgrades, and Software Distribution
    • session level icon
    speaker photo
    Executive Manager, baramundi software USA, Inc.
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 25
    Windows Fall Anniversary Update, Office 365 Migration, Vulnerability and Patch Management: Are any of these three topics causing your blood pressure to rise? This session will show you how you can automate OS migrations, software deployment projects, and effective security exploit management all from one easy to use Endpoint Management Suite. No university degree or nerd glasses required—buckle up!

     

    12:00 pm
    Advisory Council Round Table (Lunch Served) - VIP / Invite Only
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 31
    12:15 pm
    [LUNCH KEYNOTE] Radware: The 10 Immutable Security Facts for 2020
    • session level icon
    speaker photo
    Security Evangelist, North America, Radware
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    A presentation of top 10 security facts that will disrupt established application and infrastructure security practices. A discussion centered around questions everyone is or should be asking in 2020:

    • What is the attack surface of the public cloud?
    • Why are NIDs, HIDs, and flow collectors not adapted for cloud based infrastructure and applications?
    • How to protect APIs and cloud native applications running in dynamic, end-to-end encrypted service meshes?
    • What is Next Gen WAF and when should I consider it?
    • What are automated threats and how to protect against the 4th generation bots?
    • Is deep learning an inexorable technology as attackers get automated and attacks more sophisticated?
    • What will be the impact of 5G on application security and availability?

    Presentation outline
    A top 10 is subjective in nature, but it wasn’t just pulled out of thin air. The 10 facts are based on trends in recent threats, my own security research, and discussions with CISOs and security leaders.

    The Top 10 security facts for 2019/2020:

    1. The Attack Surface of the Public Cloud is defined by Permissions
    2. The Insider thread of the Public Cloud is the Outsider
    3. HIDs, NIDs, and Flow Collectors are pointless for Securing Cloud-based Applications
    4. WAF does not keep up with Cloud Native Applications
    5. East-West Traffic is getting Encrypted
    6. Attackers are getting Automated
    7. Attacks are getting more Sophisticated
    8. APIs are the new Front-end
    9. Machine and Deep Learning become essential for Threat Detection
    10. 5G will fuel the next IoT Explosion

    Starting the discussion with an overview of the current threat landscape, illustrating with real-world incidents in following categories:

    1. Cloud infrastructure abuse
    2. Data breaches through publicly exposed S3 buckets
    3. Ransom of poorly secured cloud data services
    4. Cloud Infrastructure owning and wiping
    5. Cloudification of DDoS attacks
    6. Automated threats

    A quick run through of the top 10 security facts.

    The rest of the discussion will lead to the 10 facts and is organized in 4 chapters, each centering around a top of mind topic:

    1. Migrating to the cloud
    2. Cloud Native Applications
    3. Automated Threats
    4. 5G/IoT Intersection

    Each chapter is summarized with the top security facts that were demonstrated throughout the discussion

     

    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.
    Panelists:
    Mike Shine, Mimecast
    Ted Shorter, Keyfactor
    John Kellerhals, Wheels Inc.
    Brian Kovick, Mercy Home for Boys & Girls
    Moderator: Edward Marchewka, Gift of Hope

    1:15 pm
    Panel: Battle for the Endpoint Continues
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 25

    What are you doing to keep the network safe for your employees? You’ve got your fancy next-gen firewall and some A/V. Maybe even some biometrics or 2FA thrown in for safekeeping. We also keep hearing the IAM acronym thrown around. And what is Zero Trust? What are you missing? Oh, yeah… remote workers and IoT. Wouldn’t it be cool if you had someone to ask? Now you do. This panel will go through these questions and more. Join the group discussion as we address the challenges in endpoint and network security.
    Panelists:
    John Fatten, Cisco
    Keith Weisman, Endgame
    Gary Patterson, Home Partners of America
    Brandon Meyer, Ensilo
    Ron Pipkins, Alert Logic
    Moderator: Tina Hauri, Bradford Garrett Group

     

    1:15 pm
    Panel: Phishing and Social Engineering Scams
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 24
    1:15 pm
    Featured Session: Effective 2FA – Part 1: The Technical Stuff
    • session level icon
    speaker photo
    Editor in Chief, All Things Auth, Founder, Two Factor Buddy (2FB)
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm
    Location / Room: 26

    Two-factor authentication (2FA) is the most straightforward way for companies to drastically improve the security of their user authentication process. However, not all 2FA implementations are created equal. Thinking of quickly throwing together a workflow using SMS and calling it a day? Think again! Though popular, 2FA via SMS has many security issues and was actually deprecated by NIST in 2017. We will dive into the technical details of the most common 2FA implementations and highlight security and usability trade-offs. You will leave equipped to develop a 2FA implementation strategy that will best serve your users.

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Networking Break — Dash for Prizes and CyberHunt winners announced
    Registration Level:
    2:30 pm - 2:45 pm
    Location / Room: Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors throughout the day. Past prizes have included Kindles, Bose wireless headphones, gift cards, iPads, drones, and more! *Must be present to win.

    3:00 pm
    Visually Thinking About Reporting and Getting Results
    • session level icon
    Move your program forward by understanding how to hack the brain.
    speaker photo
    Director, Information and Technology Services, Gift of Hope Organ and Tissue Donor Network
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 25

    Leverage the largest single system in your brain to present your ideas, your metrics, and your asks to the Board—and be seen and be heard! Understand how the brain works to your advantage to more effectively present on information security topics.

    3:00 pm
    Centrify: Rethink Security with Zero Trust
    • session level icon
    speaker photo
    Sr. Director, Product Marketing, Centrify
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: 26

    Organizations need to recognize that perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity and credential-based threats. Until IT security professionals start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect camouflage for data breaches. This session outlines an entirely new approach — Zero Trust Security. Zero Trust Security assumes that everything — including users, endpoints, networks, and resources — are always untrusted and must be verified to decrease the chance of a major breach. Zero Trust Security ensures secure access to resources while significantly reducing the possibility of access by bad actors.

    3:00 pm
    A Shared Leadership Approach to IT/Security
    • session level icon
    It's time to deputize everyone as IT/Security agents!
    speaker photo
    Co-Founder, The VisionOp Group LLC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 27

    IT/Security is a company-wide responsibility, with company-wide exposure. Our IT/Security teams CAN’T do this alone. I provide tools, templates, visuals, on-boarding procedures, and new job descriptions—all easily implemented to provide a Shared Leadership Approach to IT/Security. We don’t have to pay outside vendors to secure our data when we can do it ourselves, internally! I will be providing a fast-moving, 30-slide presentation with handouts to take back to your company to begin the transformation right now.

    3:00 pm
    Panel: Knowledge is Power – Women in Cybersecurity
    • session level icon
    speaker photo
    Senior Director GRC, Blue Cross Blue Shield of IL
    speaker photo
    Corporate Programs Manager, ISACA
    speaker photo
    CISO, College of American Pathologists (CAP)
    speaker photo
    Vice President, Information Security Strategy, Innovation and Analytics, Allstate Insurance Company
    speaker photo
    IT Audit Specialist , Federal Reserve Bank of Chicago
    speaker photo
    Information Security Officer , CIBC Bank USA
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: 24

    It is often said that true knowledge must be gained through experience; either through one’s own life or through others. Join this opportunity to hear from women who bring perspectives from diverse industries (retail, financial, healthcare, utilities) as they share their different experiences as women living the information security career journey.

     

    4:00 pm
    After Party
    • session level icon
    Join your fellow security professionals for wine, beer and appetizers compliments of Allstate.
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 6:30 pm
    Location / Room: Near Registration

    Join your peers for complimentary hors d’oeuvres, wine, beer and conversation following SecureWorld. This is a great opportunity to network with other security professionals from the Chicago area, and to discuss the hot topics from the day.
    Compliments of Allstate

  • Wednesday, June 6, 2018
    9:00 am
    SecureWorld PLUS - Winning the Risk/Security Revolution: A Bootcamp
    • session level icon
    Join us the day after the conference and earn 6 additional CPEs! 9 a.m. - 3 p.m.
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    speaker photo
    Director, Steiner Electric Company
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: Gibson's Steakhouse (Stephen's Bar Room)

    80%+ of all human existence is now impacted by digital activity. ~100% of all digital activity operates on dated technology platforms NOT designed to be secure. 60%+ of in-place senior executives espouse strongly held (bordering on toxic) misconceptions of risk and security fundamentals. We will dive into strategy development and communication throughout the organization. This workshop is geared toward those who want to be considered a respected source of influence in the industry. Futurist Thornton May and a faculty of local experts will facilitate a highly interactive workshop showcasing the stories, strategies, frameworks, and best practices of leaders who are winning the Risk/Security Revolution.

    9:00 am
    SecureWorld PLUS - Using the NIST Cybersecurity Framework to Build and Mature an Information Security Program
    • session level icon
    9 a.m. - 3 p.m. - Earn 12 CPEs!
    speaker photo
    CISO, Uplight; Co-Host, Colorado = Security podcast
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: Gibson's Steakhouse (Stephen's Fireplace Room)

    Managing a successful Information Security Program requires a plan. In this hands-on workshop, participants will leverage the NIST Cybersecurity Framework as a guide to create or mature their security program. Regardless of industry, the framework provides an ideal platform for planning, communicating and validating your security approach.

Exhibitors
  • Allstate
    Booth: 225

    WE ARE THE GOOD HANDS.
    The Allstate Corporation is the largest publicly held personal lines property and casualty insurer in America, serving more than 16 million households nationwide. Founded in 1931, Allstate has been dedicated to protecting our customers from life’s uncertainties and preparing them for the future for more than 85 years.

    Allstate became a publicly traded company in 1993, and is listed on the New York Stock Exchange under the trading symbol ALL. As of year-end 2015, Allstate had nearly $104.7 billion in total assets.

  • baramundi software USA, Inc.
    Booth: 217

    baramundi Software provides companies and organizations with efficient, secure, and cross-platform management of workstation environments.

    The baramundi Management Suite (bMS) combines all important features for Endpoint Management: Patch Management, Software Deployment, OS-Installation, Enterprise Mobility Management, Vulnerability Assessment, and more. bMS optimizes IT management processes by automating routine tasks and providing an extensive overview of the status of the network and endpoints. In doing so, it relieves pressure on IT administrators and ensures that users always have the necessary rights and applications on all platforms and form factors; whether on PCs, servers, notebooks, mobile devices or Macs.

    Over 3,000 customers around the world benefit from nearly two decades of experience and the easy-to-use software solution.

  • Bay Pay Forum
    Booth: TBD

    The BayPay Forum, a Silicon Valley-based international network composed of over 14,000 payment and commerce executives, entrepreneurs and investors from thousands of different companies, serves as a forum to connect members in identifying and understanding the emerging trends and innovations in the industry.

  • Binary Defense
    Booth: 213

    Binary Defense is a managed security services provider and software developer with leading cybersecurity solutions that include SOC-as-a-Service, Managed Detection & Response, Security Information & Event Management, Threat Hunting and Counterintelligence. Binary Defense believes its unique approach resolves infosec’s biggest challenges such as limited in-house security expertise, lack of innovative resources and the significant budgetary and time investment required to ensure protection from today’s threats.

  • Brinqa
    Booth: 205

    Brinqa is a leading provider of unified risk management – enabling stakeholders, governance organizations, and infrastructure and security teams to effectively manage technology risk at the speed of business. Brinqa software and cloud services leverage an organization’s existing investment in systems, security, and governance programs to identify, measure, manage and monitor risk. With Brinqa, organizations are reducing response time to emerging threats, impact to business, and technology risk and compliance costs by over 50% through real-time risk analytics, automated risk assessments, prioritized remediation, actionable insights and improved communication.

  • Centrify
    Booth: 217

    Centrify provides unified identity management across data center, cloud and mobile environments. Centrify software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and mobile device management.
    Centrify customers can typically reduce their total cost of identity management and compliance by more than 50 percent.

  • Check Point Software Technologies
    Booth: 104

    Check Point Software Technologies is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • CIOReview
    Booth: TBD

    CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIOReview is an excellent platform for the enterprise to showcase their innovative solutions.

  • Comodo Cybersecurity
    Booth: 230

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • CI Security
    Booth: 301

    CI Security provides Managed Detection & Response services, combining purpose—built technology with expert security analysts to perform full-cycle threat detection, investigation, response, and recovery. With clients across healthcare, public sector, and financial services, CI Security’s technology platform, Security Operations Center, and Information Security consulting services minimize the impact of security breaches, and add significant value to existing internal IT teams.

  • CSPi
    Booth: 211

    At CSPi we are committed to helping our customers meet some of computing’s most demanding performance, availability and security challenges.

    Today’s security teams receive a great deal of real-time information and intrusion alerts, generated from their security equipment and tools; yet, the volumes of data make it make it nearly impossible for incident response teams to validate a data breach. With our Myricom nVoy Series solution we offer our customers a new approach to cyber threat identification and investigation – a rapid breach response solution that identifies alerts associated with a specific asset and provides an extraction of the entire set of conversations associated with that breach.This detailed data is crucial in performing timely and accurate analysis needed to comply with data-privacy regulations such as GDPR, PCI DSS, HIPPA, SOX, and 48 different U.S. state laws related to PII.

  • CyberArk Software
    Booth: 200

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Darktrace
    Booth: 500

    Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.

    The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

  • DNS Security Consulting, LLC
    Booth: 400

    DNS, a joint venture between Sevonix and AHD Associates, is focused on providing best in class security assessments and information security risk management. Our services include vulnerability assessments, penetration tests, process assessments, third party and vendor information security risk managed services and internal information security control assessments. Based in the Chicago-land area, DNS has conducted over 300 vendor and third party assessments on a variety of organizations. We utilize a highly flexible methodology that works with any organization regardless of their size.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Endace
    Booth: 310

    Customers choose Endace products for one primary reason: they deliver, where competitor products fail. Whether it is capture accuracy, fidelity of time stamps, write-to-disk performance or speed of traffic retrieval, Endace is famous for delivering the very best performing products. Telcos, broadcasters, governments, defence departments, investment banks and many other large enterprises trust our products to help them manage their critical data networks.

  • eSentire, Inc
    Booth: 111

    eSentire is the largest pure-play Managed Detection and Response (MDR) service provider, keeping organizations safe from constantly evolving cyber-attacks that technology alone cannot prevent. Its 24×7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business-disrupting events. Protecting more than $6 trillion in corporate assets, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.eSentire.com and follow @eSentire on Twitter.

  • Fishtech
    Booth: 311

    Fishtech is a data-driven cybersecurity solutions provider ensuring our clients’ secure digital evolution. We take a consultative approach to identify gaps and introduce next-generation solutions that help your organization minimize risk, maintain compliance, and increase efficiency.

  • Forcepoint
    Booth: 311

    Forcepoint is transforming cybersecurity by focusing on what matters most: people’s behavior as they interact with critical data and systems. Forcepoint behavior-based solutions adapt to risk in real time and are delivered via a converged security platform, protecting the human point for thousands of enterprise and government customers. Our solutions include Cloud Security, Network Security, Data & Insider Threat Security.

  • Global Cyber Alliance
    Booth: TBD

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • InfraGard Chicago
    Booth: TBD

    All InfraGard participants are committed to the proposition that a robust exchange of information about threats to and actual attacks on these critical infrastructures is an important element for successful infrastructure protection efforts. This chapter is governed by our local bylaws.

    The goal of InfraGard is to enable the flow of information so that the owners and operators of infrastructure assets can better protect themselves and so that the United States government can better discharge its law enforcement and national security responsibilities.

  • ISACA Chicago Chapter
    Booth: TBD

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Chicago area.

    Chapter meetings are generally held the third Thursday of each month at The Conference Center at One North Wacker (1 N. Wacker Drive, 2nd Floor, Chicago, Illinois 60606)

    Please check our web site from time to time for the most up-to-date listing of chapter related events and training opportunities.

  • ISC2 Chicago Chapter
    Booth: TBD

    The mission of the Chicago Chapter is to advance the local Chicagoland information security community by providing its members with opportunities to increase knowledge, grow professional networks, share information and advance the profession as a whole by promoting certification, ethical behavior, and social responsibility.

    Our members consist of ISC2 credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification. Our chapter program is focused on sharing knowledge and exchanging ideas among security professionals in the local area.  Ultimately, we want to advance the field of information security by educating practitioners and the public at large on how to protect and defend against security threats.

  • ISSA Chicago Chapter
    Booth: TBD

    The Chicago Chapter of the Information Systems Security Association (ISSA) has a mission to offer a stimulating combination of discussion forums, hands-on learning, CISSP certification training, conferences, and other events which are designed to enhance understanding and awareness of information security issues for information security professionals.

    Whether you are exploring a career in cybersecurity, honing your technical expertise or an established security executive, the ISSA offers you a network of 10,000 colleagues worldwide to support you in managing technology risk and protecting critical information and infrastructure. Enhance your professional stature, expand your peer network and achieve your personal career goals. Your local chapter and ISSA International will provide you with a wealth of resources to keep you current with industry trends and developments in our ever-evolving field.

  • KnowBe4
    Booth: 315

    We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.

    KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

    The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.

    Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.

  • Lastline
    Booth: 305

    Lastline delivers innovative AI-powered network security that detects and defeats advanced threats entering or operating within a network. We protect network, email, cloud, and web infrastructures, minimizing the risk of damaging and costly data breaches with fewer resources and at lower cost.

  • Malwarebytes
    Booth: 117

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.

  • Okta
    Booth: 119

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Oracle
    Booth: 115

    Oracle Dyn is a global business unit focused on the cloud infrastructure that connects users with digital content and experiences across a global Internet. Dyn, a pioneer in DNS, has now added the Zenedge web application firewall (WAF) and DDoS mitigation products to secure applications, networks, databases, and APIs from malicious Internet traffic. Our solutions are powered by a global network that drives 40 billion traffic optimization decisions daily for more than 3,500 enterprise customers, including preeminent digital brands such as Netflix, Twitter, LinkedIn and CNBC.

  • Radware
    Booth: 105

    Radware® (NASDAQ: RDWR) is a global leader of cybersecurity and application delivery solutions for physical, cloud and software-defined data centers (SDDC). Our award-winning solutions portfolio secures the digital experience by providing infrastructure, application and corporate IT protection, and availability services to enterprises globally. Our solutions are deployed by, among others, enterprise customers, carriers, and cloud service providers.

  • Rapid7
    Booth: 108

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • RedSeal
    Booth: 320

    By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.

  • SailPoint
    Booth: 100

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Securonix
    Booth: 109

    Securonix is redefining threat detection and response for today’s hybrid cloud, data-driven enterprise. Securonix Next-Gen SIEM and XDR are powered by the most advanced analytics and built on a scalable, flexible cloud native architecture. Securonix leverages behavioral analytics technology that pioneered the UEBA category to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats.

  • SentinelOne
    Booth: 201

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • Skyhigh Networks
    Booth: 317

    Enterprises are responsible for how they use cloud services. But today’s security is designed for the network and devices, not the cloud. Skyhigh gives enterprises the tools they need to protect data and users in real time across all cloud services without introducing any friction to the user experience. With total control over their data and activities, enterprises can confidently leverage cloud to accelerate their business. It’s security that accelerates business.

  • SSH Communications Security
    Booth: 304

    As the inventor of the SSH protocol, we have a twenty-year history of leading the market in developing advanced security solutions that enable, monitor, and manage encrypted networks. Over 3,000 customers across the globe trust the company’s encryption, access control and encrypted channel monitoring solutions to meet complex compliance requirements, improve their security posture and save on operational costs. SSH Communications Security is headquartered in Helsinki and has offices in the Americas, Europe and Asia. The company’s shares (SSH1V) are quoted on the NASDAQ OMX Helsinki. For more information, visit www.ssh.com

  • Sumo Logic
    Booth: 209

    Sumo Logic was founded in 2010 by experts in log management, scalable systems, big data, and security. Today, our purpose-built, cloud-native service analyzes more than 100 petabytes of data, more than 16 million searches, and delivers 10s of millions of insights daily – positioning Sumo among the most powerful machine data analytics services in the world.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Trend Micro
    Booth: 220

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • TrustedSec
    Booth: 213

    TrustedSec is a leader in attack intelligence and security advisory services. Our team of highly talented, skilled, senior consultants sets us apart from other commodity-service security companies. We form partnerships with our number one goal to help you holistically improve your security program. You’ll find that working with us amounts to more than “just another engagement”—it’s establishing an understanding with your organization, and working to make you more secure, and better as a whole.

     

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Jon Clay
    Director, Global Threat Communications, Trend Micro

    Jon Clay has worked in the cybersecurity space for over 21 years. He is responsible for managing marketing messages and external publication of all the threat research and intelligence within Trend Micro as well as different core technologies. As an accomplished public speaker with hundreds of speaking sessions around the globe, Jon focuses on the threat landscape and the use of big data in protecting against today’s sophisticated threats. Jon is also a volunteer speaker for the Trend Micro Internet Safety for Kids and Families program.

  • speaker photo
    Scott Swanson
    Board Member & Sector Chief Program Leader, InfraGard Chicago Members Alliance

    Scott Swanson is a former cleared national security intelligence professional who has focused for the past decade on Business Risk Intelligence and Financial Crimes as a thought leader and practitioner. He currently works for PwC’s Financial Crimes Unit, is certified in Fraud Investigations, Mobile Forensics, Anti-Money Laundering, and focuses on applying threat intelligence across Cybercrime and Cyber Counterintelligence, Counterterrorism, Corporate/Competitive Intelligence and Crisis/Incident Response preparedness. He has a post-graduate degree from the University of St. Andrews in Security and Counterterrorism, a Master’s Degree in Strategic Intelligence, and undergraduate studies in Foreign Languages.

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Kenneth Geers
    Senior Fellow, Atlantic Council

    Kenneth Geers (PhD, CISSP): NATO Cyber Centre Ambassador, Atlantic Council Senior Fellow, Digital Society Institute-Berlin Affiliate, TSN University of Kyiv Professor, Ukraine. 20 years US Government (US Army, NSA, NCIS, NATO); FireEye Senior Global Threat Analyst. Author “Strategic Cyber Security”, Editor “Cyber War in Perspective”, Editor “The Virtual Battlefield”, Technical Expert “Tallinn Manual”, many articles and chapters on international and cyber security.

  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Pierre-Olivier Fur, CISSP
    Cybersecurity Manager, Radware

    Pierre is a Cybersecurity Manager for Radware, where he brings 20 years of experience in the Information Security space. He holds a Master Degree in Computer Science and is a CISSP. Wearing various hats over the years as programmer, open source security expert, cryptography evangelist, network security architect, and CISO. Pierre is currently involved in designing cutting-edge security solutions to answer the growing challenges of the modern threat landscape.

  • speaker photo
    Arlene Yetnikoff
    Director of Information Security, DePaul University

    Arlene Yetnikoff is the Director of Information Security for DePaul University, which offers numerous degrees in Computer Science, including Masters and Bachelor's in Information Security fields. Arlene has worked in Information Security for many years as a consultant, educator and hands-on practitioner. Today, Arlene leads DePaul's Information Security team, which houses their incident response and forensics capabilities. Arlene also teaches Computer and Network Security in the University of Chicago's Masters Program in Computer Science. Arlene is a CISSP and CISA. She holds a Bachelor's degree in Mathematics from the University of Chicago and a Masters in Computer Science, Telecommunications from DePaul University.

  • speaker photo
    Jonathan Lange
    Executive Manager, baramundi software USA, Inc.

    Jonathan Lange is sales manager for baramundi software USA, Inc. in the US market. Having advised customers in various countries from small businesses to global enterprises, he is well aware of the challenges IT departments face today in order to keep their infrastructure up-to-date, safe and efficient.

  • speaker photo
    Ron Winward
    Security Evangelist, North America, Radware

    As a Security Evangelist at Radware, Mr. Winward is responsible for developing, managing, and increasing the company’s security business in North America.
    Ron’s entire career has been deeply rooted in internet and cybersecurity. For over 20 years, Ron has helped design complex solutions for carriers, enterprises, and cybersecurity providers around the world.
    Ron is an industry-recognized expert in the Mirai IoT botnet and its modern variants. Ron conducted the industry’s first complete analysis of the Mirai attack vectors, producing forensic examples for public distribution of each attack and the specific impact each attack had on networks. His work on IoT attack analysis has been presented at conferences worldwide and has been referenced by NIST.
    Prior to joining Radware, Ron was Director of Network Engineering for a global datacenter provider and ISP. In this role, Ron oversaw the growth and development of a global network infrastructure that delivered services to other ISPs, hosting providers, and enterprises around the world. During this time, Ron assisted some of the world’s top businesses in mitigating cyberattacks on their infrastructure, cultivating an extensive knowledge in DDoS attack methodologies.
    Ron holds a Bachelor of Science degree in Business and has earned many technical certifications throughout his engineering-focused career. Ron acutely understands the impact of technology and security on business and is enthusiastic about their interrelation.

  • speaker photo
    Conor Gilsenan
    Editor in Chief, All Things Auth, Founder, Two Factor Buddy (2FB)

    Conor Gilsenan is a software engineer who has spent the past eight years focusing on security. He has worn many hats, including: programmer, architect, specification author, and UX contributor. He believes that UX is a critical and historically discounted component of any security solution, and is passionate about putting users first. He is the Editor in Chief at All Things Auth and the Founder of Two Factor Buddy (2FB).

  • speaker photo
    Edward Marchewka
    Director, Information and Technology Services, Gift of Hope Organ and Tissue Donor Network

    Edward Marchewka is the Director of Information Technology for Gift of Hope Organ & Tissue Donor Network. He is also the creator of CHICAGO Metrics™, a platform to help manage your company's key IT and Information Security risks. Edward has completed, from Northern Illinois University, an MBA and an MS in Mathematics and, from Thomas Edison State College, a BS in Nuclear Engineering Technologies and a BA in Liberal Studies. He also holds a Certificates in Nonprofit Management and Leadership from the Kellogg School of Management at Northwestern University.

  • speaker photo
    Torsten George
    Sr. Director, Product Marketing, Centrify

    Torsten George is a security evangelist at Centrify and frequent speaker on cybersecurity, identity and access management, and risk management strategies worldwide. He regularly provides commentary and byline articles for media outlets, covering topics such as data breaches, incident response best practices, and effective cybersecurity defense tactics.

  • speaker photo
    Charlie Lobosco
    Co-Founder, The VisionOp Group LLC

    Charlie Lobosco is a Shared Leadership Expert, Certified Agile Expert, and (agile) coach and trainer—with lessons learned in over 25 fortune ranked companies. Since 1973, Charlie has been making a difference in the workplace even as one person!

  • speaker photo
    Moderator: Pamela Nigro
    Senior Director GRC, Blue Cross Blue Shield of IL

    Pamela Nigro, MBA, CRMA, CISA, CGEIT, CRISC, is a multifaceted, highly experienced IT Audit and IT Controls leader who brings unique experience with experience with external Big 4 auditing, and cost-effective management of corporate risk and regulatory compliance with the 4th largest health insurance company. Ms. Nigro is a subject matter expert in IT Controls, and is the Senior Director of Information Security focusing on the GRC practice at Heath Care Service Corporation (HCSC). She is responsible for IT risk and compliance testing for the five Blue Cross Blue Shield Plans comprising HCSC (Illinois, Texas, New Mexico Oklahoma, and Montana). Ms. Nigro is also an Adjunct Professor at Lewis University in Romeoville, IL where she teaches courses on Ethics, Risk, IT Governance and Compliance, and Information Security, in the MSIS and MBA programs.
    Ms. Nigro is the current President of the ISACA Chicago Chapter, and the Chair of the ISACA Chicago Women’s Forum. She is also a Distinguished Toastmaster and a frequent speaker at IT Audit, IT Risk, and Cybersecurity industry conferences, as well as local ISACA and IIA Chapter Meetings.

  • speaker photo
    Moderator: Alisha Wenc
    Corporate Programs Manager, ISACA

    Alisha Wenc is the manager of corporate programs at ISACA. In her first year with ISACA, she launched the SheLeadsTech program, which has engaged over 1,000 members in its first 6 months. SheLeadsTech aims to increase the representation of women in technology leadership roles and the tech workforce. Alisha’s previous experience includes executive director of the Chicago Community ToolBank and director of advancement events at DePaul University. Alisha attended the University of Michigan for undgrad and holds an MBA from DePaul University.

  • speaker photo
    Diana Salazar
    CISO, College of American Pathologists (CAP)

    My experience consulting with organizations, corporate and non-profit, navigate the new digital frontier advising on cyber security issues and building technology strategies that drive performance and business value. I have led and managed implementations for organizations in a wide variety of industries, Global 2000, Fortune 1000, small and medium organizations. The information security frameworks applications have received multi-year certifications. I have participated as an invited speaker at Chicago-area business organizations and universities providing thought leadership on the state of cyber security, technology risk, IT management leadership, and digital careers of the future. Currently I volunteer Developing National Occupational Frameworks for Registered Apprenticeship Programs in Cybersecurity with the Urban Institute in Washington D.C. and Harper College Workforce and Economic Development.

  • speaker photo
    Mia Boom-Ibes
    Vice President, Information Security Strategy, Innovation and Analytics, Allstate Insurance Company

    Mia Boom-Ibes is Vice President, Security Innovation, Strategy and Analytics, ATSV for Allstate Insurance Company. In this role, she is responsible for Allstate's cybersecurity strategy and priorities. She manages relationships with key business and technology stakeholders to ensure alignment and oversees architectural standards to enable consistency across the enterprise.

    Prior to becoming a vice president at Allstate in July of 2017, Mia was a director in Allstate Information Security with responsibility for setting the strategy and direction for information security governance, risk and compliance efforts across the corporation. She spearheaded the creation of the company’s first Enterprise Information Security Policy and Information Security Risk Management program aligned with industry best practices and frameworks. In addition, Mia has designed and built security governance programs to obtain or retain PCI compliance status at multiple institutions.

    Mia began her Allstate career in 2012 as an information security compliance and consulting manager, quickly progressing to roles of increasing leadership. She previously served in information security roles at John Deere Financial, PwC Consulting and Discover Financial Services.

    Mia holds CISSP and CISM certifications and bachelor’s degree from the College of Saint Benedict. As the proud mother of four sons, Mia leads an active lifestyle balancing her work responsibilities, learning new skills in mixed martial arts and enjoying time with her husband and children.

  • speaker photo
    Kim Dale, CISSP, CISA
    IT Audit Specialist , Federal Reserve Bank of Chicago

    Kim Z. Dale is an IT Audit Specialist at the Federal Reserve Bank of Chicago. Her previous work experience includes Northwestern University, the US Government Accountability Office (GAO), US Steel, and Management Science Associates. Additionally, she is a freelance writer, speaker, and playwright. Ms. Dale earned a master’s degree in information security policy and management from Carnegie Mellon University where her primary areas of study were end user education and data privacy. She also has an MBA and a bachelor’s degree in management information systems from Duquesne University.

  • speaker photo
    Judy Quinton
    Information Security Officer , CIBC Bank USA

    Judy Quinton is a driven professional and highly-skilled executive who is responsible for implementing innovative risk-based problems that address cybersecurity requirements while meeting strategic goals. Judy joined The PrivateBank, now known as CIBC Bank USA, as the Information Security Officer in 2011. Before that she worked at Xerox, HSBC, and Aon Corp for 29 years. Within this long career, over 35 years of hands-on experience, she has gained a broad degree of knowledge, with primary focus areas in Information Technology, Compliance, Audit, and Information Security. Judy holds her CISSP, CISA, CRISC, CISM, CISO, and PMP, along with a Master’s in Business, with a concentration in Computer Science.

  • speaker photo
    Happy Hour
  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    John Shaia
    Director, Steiner Electric Company

    John has over 30 years of experience in information technology with leadership in data center operations, software development, change management, network infrastructure, security, business continuity, acquisition integration, and transforming technology teams to become business focused.

    Currently, John is a Director at Steiner Electric Company in Elk Grove Village, Illinois, with overall responsibilities for all business solutions, infrastructure, security, and business continuity.

    John began his career as an Information Systems Officer in the United States Army Signal Corps at Ft. Gordon, Georgia. Since then he has worked in various leadership positions in banking, insurance, manufacturing, and distribution organizations. His career spans publicly traded corporations with SunTrust Corporation, Parker Hannifin Corporation, and Unum Group. In the private sector, John worked as Director of IT with Tom James Company, Wynn’s Precision, and RJ Corman Railroad Group.

    Born and raised in Nashville, Tennessee, John holds a Bachelor of Science degree in Computer Science and is a Distinguished Military Graduate of Tennessee Technological University. John currently resides in the Chicago area with his wife and three children.

  • speaker photo
    Alex Wood
    CISO, Uplight; Co-Host, Colorado = Security podcast

    Alex Wood is currently the CISO for Uplight and has more than 18 years of experience in information security. Previously, he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has an MAS in Information Security from the University of Denver.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
DON'T MISS OUT!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!