- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, June 7, 20239:00 am[PLUS Course] Operationalizing Privacy Laws into Your OrganizationAn Overview of US and Global Privacy LawsFounding Partner & Owner, Fischer Law, LLCRegistration Level:
- SecureWorld Plus
9:00 am - 3:00 pmLocation / Room: 25This SecureWorld PLUS course will focus on key privacy laws and concepts, and how to implement privacy into your organization. The main components that the course will cover include:
- Overview of US and Global Privacy Laws
- Building an Effective and Practical Privacy and Security compliance program
- Creating a process to respond to data subject rights
- Addressing key privacy concepts: data minimization, privacy by design, data protection impact assessments, responding to privacy breaches.
Increasingly, each country, and even each state, is providing unique legal solutions to data privacy and information security. For businesses that cross borders, both national and domestic, this creates distinct challenges to building effective solutions that address legal requirements while also allowing a business to innovate and evolve. These changing privacy, security and technology requirements are impacting the growth and innovation within companies, requiring strategic decisions regarding risk, legal liability, and strategic planning.
Often, understanding the requirements of the law, and translating those requirements into technological solutions can be challenging. However, companies that are operationalizing privacy and information security within their organizations are able to address these evolving legal requirements while balancing growth and new opportunities. This workshop will provide in-depth understanding of those legal requirements, and provide a framework to help the industry incorporate privacy and security within their operations so that the law can work hand-in-hand with the business, and not become a barrier for the businesses growth and evolution.
The course will include both lecture and hands-on exercises. The goal is for attendees to take away tools and strategies to bring this conversation to their teams and departments.
Session 1 of the course will start with an overview of general privacy and security legal and policy principles, and then will focus on the key laws and regulatory decisions that are pushing the privacy and security legal landscape, including the European Union’s General Data Protection Regulation (“GDPR”), the Federal Trade Commission (“FTC”) rules and regulations, the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), and the various U.S. state privacy laws. Using these laws, we will discuss case studies, and how to communicate, plan, and strategize on products and solutions that
incorporate privacy and security requirements. - Thursday, June 8, 20237:30 amRegistration openRegistration Level:
- Open Sessions
7:30 am - 4:30 pmLocation / Room: Registration DeskCome to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
8:00 amExhibitor Hall openRegistration Level:- Open Sessions
8:00 am - 4:30 pmLocation / Room: Exhibitor HallYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:00 amA Whole Lotta BS (Behavioral Science) About CybersecurityExecutive Director, National Cybersecurity AllianceRegistration Level:- Open Sessions
8:00 am - 8:50 amLocation / Room: 26Let’s be honest: people can frustrate us. They don’t always do the things we’d like, and they often do some things we’d rather they didn’t. New research from the National Cybersecurity Alliance reveals insights about the public’s attitudes and beliefs about security. We’ll explore the 2022 “Oh Behave! Cybersecurity Attitudes and Behaviors Report,” and some of the findings may surprise you! We’ll also give you practical, actionable advice on how you can better communicate to influence the behavior change you want to see.
8:00 amWiCyS Chicago Affiliate MeetingOpen to all attendeesExecutive Director, Women in CyberSecurity (WiCyS)Security Engineer, Morningstar Inc.; Events Lead, WiCyS ChicagoRegistration Level:- Open Sessions
8:00 am - 8:50 amLocation / Room: 25Learn about the WiCyS Chicago Affiliate, network with members, and meet your local board members and WiCyS Executive Director Lynn Dohm.8:00 amAdvisory Council Roundtable Breakfast (VIP / Invite only)CISO, Cushman & WakefieldRegistration Level:- VIP / Exclusive
8:00 am - 8:50 amLocation / Room: 30Moderated discussion for SecureWorld Advisory Council members. By invite only.
9:00 am[Panel] Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec LandscapeBISO, The Kraft Heinz CompanyCISO, ThriventVP & Chief Security Officer, Zebra TechnologiesExecutive Director, Women in CyberSecurity (WiCyS)Registration Level:- Open Sessions
9:00 am - 9:45 amLocation / Room: Keynote TheaterOver the last few years, the workforce and the way we work has entirely shifted and evolved. Much like conducting a grand orchestra, cybersecurity executives are now called upon to more than just conduct procedures and make “good music.” Listen to local cybersecurity executives who are in the trenches navigating the “new normal,” the threats impacting the industry, and their different key takeaways and lessons learned along the way. This discussion is followed by a live Q&A, so come prepared to ask your local executives your burning workforce questions!9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:15 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:15 amThese Aren't the Droids You're Looking ForWhere to Find Cyber Talent without Stealing from Your PeersVP & CISO, DeVry UniversityRegistration Level:- Conference Pass
10:15 am - 11:00 amLocation / Room: 27Session description to come.
10:15 amThe Science of Normal: Changing Cybersecurity and Your Poker GameSales CTO & Principal Systems Engineer, ExabeamRegistration Level:- Open Sessions
10:15 am - 11:00 amLocation / Room: 25You wouldn’t play poker blind, so why search for cyberthreats without analytics?
Searching data lakes for cybersecurity threats or vulnerable assets without using scaled analytics is like playing a round of poker while blindfolded! You always want the upper hand, so in this talk, you’ll learn how security related content including pre-built reports, dashboards, and visualizations can handle common security and compliance requirements. Analytics ensure sound security postures so organizations don’t fold to cyber threats.
By simplifying the review of an enterprise data lake using easily implemented data science with scaled analytics, you can eliminate blind spots and significantly improve your organization’s cybersecurity framework. We’ll also show you how the SOC can extract the most value from security data, plus we’ll share many more stealth tips for your advantage.
10:15 amDeriving Insight from Threat Actor InfrastructureSr. Security Engineer, Team CymruRegistration Level:- Open Sessions
10:15 am - 11:00 amLocation / Room: 26From proactively hunting for unknown attacker infrastructure, to placing the exploitation of vulnerabilities on a timeline often obscured by large spikes in activity, this talk will explore ways in which we can enrich our understanding of the threat landscape beyond that which is shared in threat feeds and reports.
11:10 am[Panel] The Future of Privacy and Cyber: AI, Quantum, and Mind ReadersCyber Counsel, HSB InsurancePartner & Chair, Cybersecurity, Data Privacy, and Incident Response, Connell Foley LLPAdjunct Professor, Baylor School of Law; AVP, Cyber Solutions Team Leader, Crum & ForsterFounding Partner & Owner, Fischer Law, LLCRegistration Level:- Conference Pass
11:10 am - 11:55 amLocation / Room: 26In the past year alone, advances in artificial intelligence, the implications of quantum computing, and rapid developments in the ability to convert thoughts to speech have dominated headlines and challenge us to both assess the risks and fashion protections and risk-transfer products. This all-women panel of cyber attorneys examines, explains, and opines on the rapid developments in these technologies, the implications, and what the future may bring. Join them for this not-to-be-missed discussion.11:10 am[Panel] There's a Bad Moon on the Rise – Are You Ready?Identifying the Current Threat LandscapeSr. Solutions Engineer, OktaField CISO, NetwrixSVP, Strategic Initiatives, ZimperiumSolutions Architect, Global Alliances and Partners, ForescoutExecutive Director, Global Information Security, JLLRegistration Level:- Open Sessions
11:10 am - 11:55 amLocation / Room: 27Like the main character in the 1981 horror movie, An American Werewolf in London, cybercriminals continue to morph into something evil, lurking in the night (and day) to cause harm to people, organizations, and governments. Cue the Creedence Clearwater Revival song, Bad Moon Rising.
The cybersecurity community is smart and more than capable of thwarting bad actors, fangs and all. They have tools, technologies, partnerships across private and public entities, and solution vendors to help them along the way. Don’t forget about the consultants working hard to stay ahead of those wanting to do harm, as well.
Hear our panelists’ views on the current threat landscape, solutions they have to offer, and ideas they have for turning a bad moon into a harvest moon.
12:00 pm[Lunch Keynote] When Your Why Is Your What: Thoughts on a Meaningful Career in CybersecurityCISO, City of ChicagoRegistration Level:- Open Sessions
12:00 pm - 12:45 pmLocation / Room: Keynote TheaterCybersecurity is a tough but rewarding career choice. It is easy to become burned out if your purpose is not aligned with the work. Bruce Coffing will share insights learned, many times the hard way, from a 25+ year career in IT and cybersecurity to hopefully make your journey a bit easier.12:00 pmAdvisory Council Roundtable Lunch (VIP / Invite Only)Chief Security Officer & Technology Lead, Trexin GroupRegistration Level:- VIP / Exclusive
12:00 pm - 12:45 pmLocation / Room: 30Moderated discussion for SecureWorld Advisory Council members. By invite only.
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:15 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pm[Keynote] Cyber-Enabled Fraud and Business Email Compromise in 2023Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret ServiceRegistration Level:- Conference Pass
1:15 pm - 2:15 pmLocation / Room: 25This presentation will focus on the BEC fraud playbook and show how technical advancements and applications have reduced the red flags and defenses against cyber fraud, allowing threat actors to increase the efficacy of their attacks.1:15 pmI Can See Clearly Now, the Threats Are GoneThreat Intelligence: The State of InfoSec TodayCIO, Mandelbaum Barrett PCRegistration Level:- Conference Pass
1:15 pm - 2:15 pmLocation / Room: 26Zero Trust is considered by many to be a marketing buzzword, but what it really alludes to is having good, basic cybersecurity hygiene. It’s what any cybersecurity professional worth their salt has been doing, and does, daily. Ransomware, phishing, and BEC grab the headlines, but your run-of-the-mill cyberattacks can’t be ignored because of the shiny new thing garnering all the attention.
The CISO is like a musical conductor that must pay attention to all the resources at his or her disposal—be it people, tools, technologies, systems, and more. How is the organization handling security awareness training? What about staffing shortages affecting the organization, or even the vendors with which CISOs and their teams work?
Join this session to hear insights and takeaways on the state of the information security profession today, including tips for seeing clearly and staying ahead of threats.
1:15 pm[Fireside Chat] Lucy in the CloudsSecuring Your Cloud EnvironmentCISO, The Kraft Heinz CompanyCISO, Follett LearningRegistration Level:- Open Sessions
1:15 pm - 2:15 pmLocation / Room: 27Can you “imagine” if The Beatles, when first starting out, had to deal with having their catalog of music hacked, stolen, and held for ransom simply because it was in an unsecure cloud setting? While it is possible for that to happen with their hit-laden collection of songs today, it’s merely a tiny example of how businesses operate at a minimum in a hybrid cloud environment—many in a cloud-only platform.
With that comes security issues and another major area which cybersecurity professionals must work diligently to protect.
Our panel of experts share the good, the bad, and the ugly of operating in a cloud environment, what it takes to make the move to hybrid or multi-cloud successful, how to protect data from insider and outsider threats, and what it takes to provide the support DevOps teams need.
2:15 pmNetworking BreakRegistration Level:- Open Sessions
2:15 pm - 2:30 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:30 pm[Fireside Chat] Sustainable Cybersecurity and ResiliencyChief of Cybersecurity, Region 5, U.S. Cybersecurity and Infrastructure Security Agency (CISA)Cybersecurity Advisor, Region 5, CISAVP & Chief Security Officer, Claro HealthcareRegistration Level:- Conference Pass
2:30 pm - 3:15 pmLocation / Room: 27As the nation’s cyber defense agency, CISA leads the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure. Since the majority of our nation’s critical infrastructure is privately owned, ensuring the nation’s cybersecurity posture requires continued collaboration between government and the private sector. During this fireside chat, CISA will discuss the current cyber threat landscape, the agency’s latest initiatives to help critical infrastructure owners and operators protect and defend their networks, and the catalog of CISA services available to organizations to become more cyber resilient.
2:30 pmA Modern Security Strategy: Tips on Building Policies for Securing DataPrincipal Product Manager, LookoutRegistration Level:- Open Sessions
2:30 pm - 3:15 pmLocation / Room: 26The world has changed, but have your security policies and tools kept up? What does it mean to have a modern security strategy for securing data in the cloud? An SSE tool can help us address the challenges that organizations face. Here’s how to think, adopt, and integrate with existing solutions.
3:15 pmNetworking Break and Dash for PrizesRegistration Level:- Open Sessions
3:15 pm - 3:45 pmLocation / Room: Exhibitor HallVisit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.
Participating sponsors will announce their Dash for Prizes winners. Must be present to win.
3:15 pmHappy HourSponsored by CRESTRegistration Level:- Open Sessions
3:15 pm - 5:00 pmLocation / Room: Exhibitor HallJoin your peers for conversation and complimentary beer, wine, and soda. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.
Generously sponsored by:
3:45 pm[Closing Keynote] Cyber World on Fire: A Look at Internet Security in Today’s Age of ConflictCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCRegistration Level:- Open Sessions
3:45 pm - 4:30 pmLocation / Room: Keynote TheaterThis informative session analyses the growing threat of cyberattacks and risks to internet security in today’s world. Col. Leighton explores the various types of attacks and vectors, including how bad actors can impact businesses and individuals. The session also examines the role of governments and international organizations—partnering with public and private businesses—in protecting against cyber threats.
Col. Leighton describes how nefarious actions are becoming increasingly more sophisticated and widespread, with hackers targeting not just large corporations but also smaller businesses and even individuals. He emphasizes the need for organizations to take proactive measures to protect their networks and data, including investing in advanced security technologies and providing regular training to employees.
He shares examples of cyber activity—good and bad; offensive and defensive—from Ukraine, China, and around the globe.
- Arctic Wolf + SentinelOneBooth: 350
Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.
SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.
- Clarity SecurityBooth: 160
Meet audit and compliance requirements while saving time and money. Clarity’s simplified access certification, highly granular access governance, and automated lifecycle management create the ultimate all-in-one identity governance platform.
- CloudflareBooth: 220
Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company. It empowers organizations to make their employees, applications, and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.
Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations—from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.
Learn more about Cloudflare’s connectivity cloud at cloudflare.com/connectivity-cloud. Learn more about the latest internet trends and insights at radar.cloudflare.com.
- CofenseBooth: 440
Cofense® provides the world’s most effective email threat detection and remediation solutions. Cofense PhishMe® and the Cofense Phishing Detection and Response Platform (PDR), are powered by over 35 million Cofense-trained employees who report phishing and other dangerous email threats in real time. Exclusive to Cofense, our network detects and eradicates threats other email security systems miss and removes them from our customer inboxes. For more information, visit www.cofense.com or connect with Cofense on X and LinkedIn.
- CRESTBooth: 100
CREST is an international not-for-profit accreditation and certification body that represents and supports the technical information security market. CREST provides internationally recognised accreditations for organisations and professional level certifications for individuals providing penetration testing, cyber incident response, threat intelligence, and Security Operations Centre (SOC) services.
- Cyber Fraud Task Force – U.S. Secret ServiceBooth: n/a
Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.
- ExabeamBooth: 330
Exabeam is a global cybersecurity leader that adds intelligence to every IT and security stack. The leader in Next-gen SIEM and XDR, Exabeam is reinventing the way security teams use analytics and automation to solve Threat Detection, Investigation, and Response (TDIR), from common security threats to the most critical that are difficult to identify. Exabeam offers a comprehensive cloud-delivered solution that leverages machine learning and automation using a prescriptive, outcomes-based approach to TDIR. We design and build products to help security teams detect external threats, compromised users and malicious adversaries, minimize false positives and best protect their organizations.
- FortanixBooth: 210
Fortanix provides a developer and cloud-friendly key management and encryption solution to keep data secure at the application level. Fortanix DSM exclusively manages complete confidential computing environment & enclave lifecycle, including creation, deployment, monitoring, & auditing.
- GuidePoint Security + Forescout TechnologiesBooth: 230
GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com
Forescout Technologies, Inc. actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing. Fortune 1000 companies trust Forescout as it provides the most widely deployed, enterprise-class platform at scale across IT, IoT, and OT managed and unmanaged devices. Forescout arms customers with more device intelligence than any other company in the world, allowing organizations across every industry to accurately classify risk, detect anomalies and quickly remediate cyberthreats without disruption of critical business assets. Don’t just see it. Secure it. For more information, visit: https://www.forescout.com.
- InfraGard ChicagoBooth: 470
All InfraGard participants are committed to the proposition that a robust exchange of information about threats to and actual attacks on these critical infrastructures is an important element for successful infrastructure protection efforts. This chapter is governed by our local bylaws.
The goal of InfraGard is to enable the flow of information so that the owners and operators of infrastructure assets can better protect themselves and so that the United States government can better discharge its law enforcement and national security responsibilities.
- InQuestBooth: 130
The leader in File Detection and Response. Protecting end users from the myriad of attacks of today and the evolving threats of tomorrow.
Founded in 2013 by a well-versed team hailing from both the public and private sectors. Our platform was purpose-built by SOC analysts for SOC analysts and network defenders. With capabilities in attack prevention, breach detection, threat hunting, and data leakage discovery. We’ve automated much of the typically mundane tasks of the SOC analyst. Resulting in analyst-level scrutiny at multi-gigabit speeds, all the while reducing frustration, and in turn, allowing precious human time to be spent where it matters. Since our inception, we have exclusively catered to the federal sector and we’re currently recognized by the Department of Defense (DoD) as well as the Intelligence Community (IC) as a leading security services and solutions provider.
2020 marks the year we expanded our offerings to the private sector, offering enterprises worldwide a SaaS email security solution based on the InQuest platform. A turn-key solution for mitigating threats to your users from phishing, ransomware, fraud/scams, executive impersonation, and more.
Get in touch for a briefing.
- ISC2 Chicago ChapterBooth: 370
The mission of the Chicago Chapter is to advance the local Chicagoland information security community by providing its members with opportunities to increase knowledge, grow professional networks, share information and advance the profession as a whole by promoting certification, ethical behavior, and social responsibility.
Our members consist of ISC2 credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification. Our chapter program is focused on sharing knowledge and exchanging ideas among security professionals in the local area. Ultimately, we want to advance the field of information security by educating practitioners and the public at large on how to protect and defend against security threats.
- ISACA Chicago ChapterBooth: 190
Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Chicago area.
Chapter meetings are generally held the third Thursday of each month at The Conference Center at One North Wacker (1 N. Wacker Drive, 2nd Floor, Chicago, Illinois 60606)
Please check our web site from time to time for the most up-to-date listing of chapter related events and training opportunities.
- ISSA Chicago ChapterBooth: 120
The Chicago Chapter of the Information Systems Security Association (ISSA) has a mission to offer a stimulating combination of discussion forums, hands-on learning, CISSP certification training, conferences, and other events which are designed to enhance understanding and awareness of information security issues for information security professionals.
Whether you are exploring a career in cybersecurity, honing your technical expertise or an established security executive, the ISSA offers you a network of 10,000 colleagues worldwide to support you in managing technology risk and protecting critical information and infrastructure. Enhance your professional stature, expand your peer network and achieve your personal career goals. Your local chapter and ISSA International will provide you with a wealth of resources to keep you current with industry trends and developments in our ever-evolving field.
- LogRhythmBooth: 180
LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.
- LookoutBooth: 320
Lookout is a cybersecurity company that makes it possible for individuals and enterprises to be both mobile and secure. With 100 million mobile sensors fueling a dataset of virtually all the mobile code in the world, the Lookout Security Cloud can identify connections that would otherwise go unseen—predicting and stopping mobile attacks before they do harm.
- Material SecurityBooth: 300
Material Security uses ubiquitous tools in unexpected ways to understand and mitigate risk in cloud office apps. Material is known and loved in the security community for protecting cloud email at global media and financial conglomerates, large tech companies, and highly-targeted public sector organizations. The platform connects in minutes to Microsoft and Google environments to analyze risk, detect threats, automatically investigate incidents, and crowdsource mitigation with end-users via novel integrations with identity providers like Okta, Duo, Ping, and Microsoft Azure AD.
The company was started in response to the 2016 Election hacks, is backed by Andreessen Horowitz, and was recently valued at $1.1B. Material is single-tenant, can be deployed in the customer’s cloud, and Material personnel do not need access to customer data. Material also protects the personal accounts of high-risk VIPs.
- National Cybersecurity AllianceBooth: 310
Our alliance stands for the safe and secure use of all technology. We encourage everyone to do their part to prevent digital wrongdoing of any kind. We build strong partnerships, educate and inspire all to take action to protect ourselves, our families, organizations and nations. Only together can we realize a more secure, interconnected world.
- NetwrixBooth: 240
Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact.
More than 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure. - OktaBooth: 390
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- OortBooth: 430
Oort is an early-stage Boston-area startup focused on the intersection of Edge Computing and Cybersecurity. They are pioneering a new model for efficiently delivering security-as-a-service for remote workers, IoT devices, and branch offices using hundreds of globally-distributed data centers at the Edge of the Internet.
- SecurEnds, IncBooth: 420
SecurEnds provides companies with a tool to automate user access reviews (UAR) across cloud and on-prem applications to meet SOX, ISO27001, PCI, HIPAA, HITRUST, FFEIC, GDPR, and CCPA audit requirements. Utilizing fuzzy logic to pull data from systems of record (SOR), complimentary identity governance and administration (IGA) solutions, and SaaS-based, custom, and legacy downstream applications, SecurEnds provides a complete, end-to-end process for UAR, then automates it out of the box.
- Sprocket SecurityBooth: 380
Sprocket Security was founded to improve the way we approach cybersecurity. Currently the industry performs services in a timeboxed, or point-in-time approach. We think this is fundamentally flawed. We protect your business by monitoring the cybersecurity landscape and performing continuous penetration testing services.
- Team CymruBooth: 200
Team Cymru’s mission is to save and improve human lives. We are unrivalled across three disciplines; digital business risk platforms, free to use community services and support services to over 143 Government CSIRT teams.
Our business risk and threat intelligence platforms empower global organizations with unmatched Threat Reconnaissance and Attack Surface Management capabilities to meet the challenges of today’s cyber threats.
Community Services equip those who run the internet to defend it from criminals who wish to disrupt and cause harm, and CSIRT enables Governments the tools to outmaneuver nation state threat actors.
Since 2005, our reputation remains unchallenged.
- TechTargetBooth: n/a
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- TevoraBooth: 145
Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats. For more information visit https://www.tevora.com.com/.
- ThreatLockerBooth: 170
ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com
- WiCyS Chicago AffiliateBooth: 360
- ZimperiumBooth: 150
Zimperium, the global leader in mobile device and application security, offers the only real-time, on-device, machine learning-based protection against Android, iOS, and Chromebooks threats.
Powered by our patented z9 engine, Zimperium provides protection against device, network, phishing, and malicious app attacks. Our best-in-class solutions include zIPS, which protects mobile devices against risks and attacks without requiring a connection to the cloud and our Mobile Application Protection Suite (MAPS), the only comprehensive solution that protects mobile apps from risks during development, in the app marketplaces, and on end-user devices.
Zimperium was the first MTD provider to be granted an Authority to Operate (ATO) status from the Federal Risk and Authorization Management Program (FedRAMP). Headquartered in Dallas, TX, Zimperium is backed by Liberty Strategic Capital and SoftBank.
- Jordan Fischer, InstructorFounding Partner & Owner, Fischer Law, LLC
Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.
Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.
With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).
Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.
Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.
In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.
Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.
Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.
HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data PrivacyCERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP) - Lisa PlaggemierExecutive Director, National Cybersecurity Alliance
Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.
- Lynn DohmExecutive Director, Women in CyberSecurity (WiCyS)
Lynn Dohm brings more than 25 years of organizational and leadership experience to the WiCyS team as the Executive Director. She has long been committed to cybersecurity education and for the last 14 years held active roles in grant-funded programs and nonprofits that assist in providing educational solutions for the cybersecurity workforce. She is passionate about the need for diverse mindsets, skill sets and perspectives to solve problems that never previously existed and aims to facilitate learning opportunities and discussions on leading with inclusion, equity and allyship. In addition to Lynn being awarded Top 100 Women in Cybersecurity by Cyber Defense Magazine, she accepted the Nonprofit of the Year Award for WiCyS in 2020 and 2021, is on numerous cybersecurity judging panels, advisory boards, and is an inaugural member of (ISC)2’s DEI Task Force. She has been interviewed on TV and radio throughout the nation and is a keynote presenter, panelist and moderator for multiple international conferences, events and organizations.
- Aria Langer, HostSecurity Engineer, Morningstar Inc.; Events Lead, WiCyS Chicago
- Erik Hart, ModeratorCISO, Cushman & Wakefield
Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, InfraGard Chicago Members Alliance and Western Illinois University.
Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries. Erik earned his Bachelors from Western Illinois University and Masters from Western Governors University.
- Sarah BuergerBISO, The Kraft Heinz Company
Sarah Buerger serves as the Business Information Security Officer for The Kraft Heinz Company.
- Mary FaulknerCISO, Thrivent
- Mike ZachmanVP & Chief Security Officer, Zebra Technologies
- Lynn Dohm, ModeratorExecutive Director, Women in CyberSecurity (WiCyS)
Lynn Dohm brings more than 25 years of organizational and leadership experience to the WiCyS team as the Executive Director. She has long been committed to cybersecurity education and for the last 14 years held active roles in grant-funded programs and nonprofits that assist in providing educational solutions for the cybersecurity workforce. She is passionate about the need for diverse mindsets, skill sets and perspectives to solve problems that never previously existed and aims to facilitate learning opportunities and discussions on leading with inclusion, equity and allyship. In addition to Lynn being awarded Top 100 Women in Cybersecurity by Cyber Defense Magazine, she accepted the Nonprofit of the Year Award for WiCyS in 2020 and 2021, is on numerous cybersecurity judging panels, advisory boards, and is an inaugural member of (ISC)2’s DEI Task Force. She has been interviewed on TV and radio throughout the nation and is a keynote presenter, panelist and moderator for multiple international conferences, events and organizations.
- Dr. Fred KwongVP & CISO, DeVry University
Dr. Fred Kwong has been in the information security and technology field for the past 20 years in working in education, financial, telecommunication, healthcare, and insurance sectors. He is an award-winning thought leader in security and currently works at DeVry University where he currently serves as the VP and Chief Information Security Officer. He is a member of several advisory boards and is a frequent speaker at national security forums on cyber security and information technology and is often asked to consult on matters of security and leadership
Fred also serves as an adjunct faculty member at Roosevelt and Benedictine Universities. He received his Bachelor of Arts in psychology and professional communications, Master of Business Administration in management information systems from Roosevelt University, and holds his Doctorate in organization development from Benedictine University. Fred has earned several certifications including the CISSP, CISA, CISM, CDPE, PCIP, PMP and ITILv3f.
- Bob RenySales CTO & Principal Systems Engineer, Exabeam
Bob Reny is a recent addition to the CTO team at Exabeam. His 27 years of experience in information technology starting in systems administration and security in the US Air Force. This started a path for all things security, focusing on computer and networks. Bob has done network security design, firewall architecture, IPS deployment, network access control and end point security architecture. Large program security include zero trust, Operational Architecture safety/security. His expertise has supported customer organizations public and private. This covers scaling for many large federal agencies, global 1000 companies in many business verticals across finance, utilities, service, and technology. Bob has been a CISSP for the past almost 22 years and continues to help organizations evaluate the broad security policy to streamline Security Operations Center activities. This includes improving cross-functional processes for change management, incident response, event escalation, and response.
- Monique FerraroCyber Counsel, HSB Insurance
Monique Ferraro provides legal and technical expertise in support of HSB Global Cyber Products. Ms. Ferraro's cybersecurity and privacy experience spans more than twenty-five years in digital forensics, ediscovery, information security and privacy. Ms. Ferraro holds a master’s degree and a JD. She is a Certified Information Systems Security Professional (CISSP), a Fellow of Information Privacy, Certified Information Privacy Professional/US (CIPP/US), Certified Information Privacy Manager (CIPM) and Chartered Property Casualty Underwriter (CPCU).
- Karen Painter RandallPartner & Chair, Cybersecurity, Data Privacy, and Incident Response, Connell Foley LLP
Karen Painter Randall, partner and Certified Civil Trial attorney at Connell Foley LLP, chairs the firm’s Cybersecurity, Data Privacy and Incident Response Group. Considered a national thought leader, she has extensive experience advising clients on cyber risk mitigation and resiliency, privacy laws and regulations and incident response. The Connell Foley Team has been designated an authorized NetDiligence Breach Coach.
Karen provides counsel across all industries and organizations of all sizes on proactive measures to help identify, protect, detect, respond and recover from cyberattacks, focusing on ransomware, business email compromise insider and third party attacks. She drives strategic solutions on how to safeguard a business’s sensitive data, using security risk assessments, policies and procedures, security awareness training, incident response plans, tabletop exercises and cyber liability insurance. Karen has handled hundreds of incident response matters each year since 2010 for carriers and uninsured businesses. She leads the response effort, working with the client and leading vendors to contain/eradicate the attack, manage crisis communications, evaluate legal, contractual/regulatory notification requirements, manage internal workforce messaging, and prepare consumer notification, effectively utilizing resources to reduce exposure. Karen’s clients span multiple industries – financial services, healthcare, public entities, education, transportation and retail, including lawyers and other licensed professionals.
In addition, Karen oversees Connell Foley’s 24/7 Breach Response and Crisis Management Team, which provides immediate counsel designed for crisis management, preserving critical assets, mitigating harm to the business’s reputation, and limiting legal liability. Post-breach representation also includes defense of class action litigation, regulatory enforcement actions and investigations.
Karen received three presidential appointments to the American Bar Association’s Cybersecurity Legal Task Force, and was named the Task Force’s Private Sector Liaison. She founded/chairs the New Jersey State Bar Association Cybersecurity Legal Task Force and Institute. Additionally, Karen was selected by the University of South Carolina School of Law to lead its Cybersecurity Legal Task Force and serve as Director of its annual National Cybersecurity Institute. She also chairs the USLAW Network Cybersecurity and Data Privacy Group. Among her many honors, Karen has been named by NJBIZ as a “Leader in Law” for Cybersecurity and as a “Digi-Tech Innovator,” and by ROI-NJ to its “Influencers: Law” list for E-discovery/Cyber.
- Violet SullivanAdjunct Professor, Baylor School of Law; AVP, Cyber Solutions Team Leader, Crum & Forster
Violet Sullivan leads cyber consulting services at Crum & Forster. She works with insurance carriers, trade associations, and individual business clients from around the world providing expert guidance on cybersecurity threat management and response. She represents Crum & Forster within the legal, insurance, and risk management channels to develop long-term relationships, recurring revenue, and new business growth. Ms. Sullivan is a licensed attorney in Texas and Pennsylvania and a Certified Information Privacy Professional (CIPP/US), with her JD and MBA degrees from Baylor University. In addition to her full-time role, Violet serves as a professor of Cybersecurity & Privacy Law for Baylor Law School’s LL.M. Degree in Litigation Management, the first of its kind nationwide. Her diverse practice experience at both the individual and policy levels has prepared her for developing new tools and approaches to solving what is fast-becoming a pervasive and costly challenge in modern industry: how to respond to a cybersecurity incident.
Early in her career, Violet worked on the incident responses for some of the largest and most notable data breaches to date, including: Home Depot, Sony, and Anthem. Her experience in managing scaled breach responses led to her expertise and proficiency in proactively preparing organizations for cyber incidents. In the past eight years, she has facilitated over 450 cyber incident simulations (tabletops) for public and private sector companies, including many Fortune 100 companies.
As a cybersecurity and privacy attorney, Violet provides consulting services to respond to the needs of various cybersecurity programs. She reviews and develops customized incident response plans to ensure organizations are prepared to respond efficiently and effectively to a data breach. Violet also helps improve internal coordination by facilitating customized tabletop simulations focused on "pressure-testing" an organization's incident response procedures and protocols. Each of these customer-facing services mentioned has been built and developed for the purpose of creating long-standing relationships that turn to Violet for guidance, referrals, questions, and future projects.
As a cybersecurity and privacy professor, Violet developed the entire curriculum for an innovative course on cybersecurity and privacy law for licensed attorneys working toward their LL.M. degree. The specific focus on litigation management has made Sullivan’s course and her lecture series uniquely valuable to experts across the United States.
- Jordan Fischer, ModeratorFounding Partner & Owner, Fischer Law, LLC
Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.
Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.
With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).
Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.
Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.
In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.
Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.
Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.
HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data PrivacyCERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP) - Ve BuiSr. Solutions Engineer, Okta
Ve is a technologist at heart who graduated University of Iowa during the dot com boom. He started as a software engineer in airlines at Unisys, then moved to ecommerce in 2005 where he implemented omni channel experiences. Since 2011, he's been a solutions engineer helping grow market share for technologies like ATG, Endeca, Oracle, Sitecore, Salesforce, and now Okta.
- Craig RiddellField CISO, Netwrix
Craig Riddell is an ephemeral identity enthusiast and has recently joined the Netwrix team as the North American Field CISO. Prior to joining Netwrix Craig was responsible for all of Identity at HP. He brings a wealth of knowledge and experience around modernizing identity solutions while reducing costs and improving security. Outside of work Craig is an avid reader, semi-retired rugby player and loves spending time with his wife and daughter.
- JT KeatingSVP, Strategic Initiatives, Zimperium
For 30 years, JT Keating has been driven to deliver technology-based solutions that make enterprises more profitable, compliant, and secure. At Zimperium, JT is responsible for leading strategic initiatives/partnerships, tracking/reporting mobile threat data, and guiding product strategies.
- Eric VanderburSolutions Architect, Global Alliances and Partners, Forescout
Eric Vanderbur is a highly skilled computer security professional with a deep understanding of cybersecurity principles and a passion for protecting digital assets. With over 20 years of experience in the field, Eric has developed expertise in network security, endpoint security, cyber, threat intelligence, and incident response.
Throughout his career, Eric has worked with diverse organizations, including multinational corporations, educational and government agencies, to identify and mitigate security risks. Eric specializes in assisting these organizations with identifying risk exposures, implementing robust security technologies, and formulating proactive strategies to safeguard critical systems and data.
As an advocate for cybersecurity awareness, Eric has delivered numerous training sessions and workshops to educate both technical and non-technical stakeholders on best practices for maintaining a secure computing environment. He believes that a strong security posture requires a holistic approach, encompassing technology, processes, and human factors.
- Michael Boucher, ModeratorExecutive Director, Global Information Security, JLL
- Bruce CoffingCISO, City of Chicago
Bruce Coffing is an information security professional with over twenty-five years industry experience in information technology and cybersecurity. He is currently the Chief Information Security Officer for the City of Chicago. Prior to joining the City of Chicago, Mr. Coffing held Senior Vice President information security positions at Bank of America and was a Senior Manager at consulting firm Accenture. Mr. Coffing holds the Certified Information Systems Security Professional (CISSP) certification.
- Glenn Kapetansky, ModeratorChief Security Officer & Technology Lead, Trexin Group
Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.
Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).
- Stephen DoughertyFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.
- Tom BrennanCIO, Mandelbaum Barrett PC
Tom Brennan is the CIO of the national law firm Mandelbaum Barrett PC and leads the U.S. arm of CREST International. In this role, he works with government and commercial organizations to optimize the value of CREST as a cybersecurity accreditation body and industry standards advocate, particularly for companies in the Cybersecurity & Infrastructure Security Agency’s 16 critical infrastructure sectors which are vital to U.S. security, national economy, and public health and safety. As CREST USA Chairman, Brennan spearheads strategic plans for CREST USA’s organizational growth while also serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protection worldwide.
As a proud U.S. Marine veteran, Brennan became involved with CREST International in 2016 while serving the Global Board of Directors for the Open Web Application Security Project (OWASP). Seeing similar goals, he became more active in the CREST organization and was nominated to lead the organization’s U.S. Advisory in 2019. Over his career, Brennan has amassed security expertise across the cybersecurity spectrum, including penetration testing, vulnerability assessment, application security, threat intelligence, and more. In addition to being CREST USA Chairman, he is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the information services advisory Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.
- Ricardo LafosseCISO, The Kraft Heinz Company
Ricardo Lafosse is responsible for IT risk governance, software and product security, incident management, technical disaster recovery, and determining enterprise-wide security policies and procedures. Lafosse regularly presents on security topics at global conferences, including Defcon, MirCon, and ISACA CACS. Lafosse has more than 15 years of experience in information security for the government, finance, legal, and healthcare. Lafosse holds a Master’s in Information Assurance from the Iowa State University. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) designations.
- Greg York, ModeratorCISO, Follett Learning
Greg enjoys inspiring, innovating, and collaborating to drive business value; time with family; backpacking adventures; and craft beer.
- Tony EnriquezChief of Cybersecurity, Region 5, U.S. Cybersecurity and Infrastructure Security Agency (CISA)
Tony serves as a Cybersecurity and Infrastructure Security Agency (CISA) Chief of Cybersecurity for Region 5 (Illinois, Indiana, Michigan, Minnesota, Ohio, and Wisconsin). Based in Chicago, he leads the cyber team, supporting the mission of strengthening the security and resilience of the nation's critical infrastructure. Before becoming the Cyber Chief for Region 5, Tony served as the Region 5 Cybersecurity Advisor (CSA), for six years. Prior to joining CISA, Enriquez served 23 years with the U.S. Secret Service and served eight years with the U.S. Army Signal Corp. Enriquez is a Certified Information Systems Security Professional (CISSP), has a bachelor’s degree from American Military University and a master’s degree from Johns Hopkins University.
- Brian YoshinoCybersecurity Advisor, Region 5, CISA
Brian Yoshino serves as a Cybersecurity Advisor with the Cybersecurity and Infrastructure Security Agency (CISA) where he supports CISA’s mission of strengthening the security and resilience of the nation’s critical infrastructure. As a CSA, Mr. Yoshino is the liaison between federal services and state, local, tribal, and territorial governments, critical infrastructure, and private industry. He conducts various cyber preparedness, risk mitigation, and incident response coordination activities through public and private partnerships and outreach efforts. Mr. Yoshino has over two decades of experience in cybersecurity spanning the federal civilian and private sector communities. Prior to joining CISA, Mr. Yoshino held positions within the National Security Agency and the Executive Office of the President, White House Information Security Directorate. He holds numerous cybersecurity certifications including the SANS GIAC Security Expert (GSE) certification. He holds a bachelor’s degree from Northern Illinois University and a master’s degree in Information Security from Lewis University.
- Tony BeairdVP & Chief Security Officer, Claro Healthcare
- Madhu DoddaPrincipal Product Manager, Lookout
Madhu Dodda is a seasoned security professional who has been contributing to the growth and evolution of the Lookout security solutions for the past 10 years. Dodda has been building network & data security products at scale for over a decade. As Field CTO, he evangelizes on Zero Trust principles and helps organizations defend against modern cyberthreats and data protection.
Being an active member in the NIST SP 800-207 focus working group, he works with multiple cybersecurity vendors to define Zero Trust reference architecture for federal and commercial markets. Over a career spanning 18 years, he has built multiple security products both on-prem and cloud focusing on protecting the data.
- Happy Hour
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes