googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, June 5, 2024
    9:00 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

     

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

  • Thursday, June 6, 2024
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:15 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Participating professional associations and details to be announced.

    8:00 am
    The Future of Work
    • session level icon
    Registration Level:
    • session level iconConference Pass
    8:00 am - 8:45 am

    Over the last few years, the workforce, and the way we work, has entirely shifted focus. Between hybrid work models, attracting and retaining diverse talent, forced digital migrations/transformations, cybersecurity succession planning, and overall mental fatigue, the future of work has dramatically changed. We will discuss how to navigate the “new normal” and lessons learned along the way. This discussion is followed by a Q&A, so come prepared to ask your burning workforce questions!

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    OPENING KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    Securing the Supply Chain
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    A discussion of managing third-party risk and how to manage expectations and contracts with vendors.

    10:15 am
    Ransomware: How to Stay Off the Front Pages
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    10:15 am
    Web Application APIs: Building a Modern Approach to Vulnerability Testing
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Web application programming interfaces (APIs) present a huge, yet still under-protected, attack surface. Although business innovation pathways are crucial for growth, they also dramatically increase the web attack surface, leaving organizations exposed to attacks that target APIs in order to directly access sensitive data and functionality.

    Legacy AppSec approaches have not necessarily kept pace with technical developments, leaving organizations struggling to reconcile multiple testing tools and processes while potentially overlooking web application APIs in their security programs. The state of AppSec maturity directly impacts the ability of organizations to innovate and optimize processes crucial to ensure effective API attack surface coverage.

    Join us for an overview of the importance of including APIs in web application security testing and how you can develop a modern approach towards vulnerability testing that covers the entire attack surface of modern web applications, from development to production. Topics include:

    • The importance of web APIs and web services in software development
    • The challenges of including APIs in application security testing, and how to overcome them
    • The security and efficiency benefits of a mature, comprehensive, and integrated AppSec program
    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Social Engineering: Training the Human Firewall
    • session level icon
    speaker photo
    Team Leader of Information Security, Garmin
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Phishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.

    11:10 am
    How to Build an Insider Threat Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

    Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

    This presentation will explore:

    • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
    • Four attributes of a successful insider threat program
    • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
    • An automated investigation experience that replaces manual routines and effectively guides new insider threat teams
    11:10 am
    [Panel] Unveiling the Threat Landscape and Unmasking Digital Villains
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    In the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.

    Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.

    Our panel provides a comprehensive overview of the current threat landscape.

    12:00 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    Legal and Regulatory Risk: Challenges and Solutions for InfoSec Leaders
    • session level icon
    speaker photo
    First Vice President & Senior Consultant, Alliant Insurance
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm
    Information Security leaders are facing unprecedented challenges in managing core information assets and data alongside responding to increasing legal, regulatory, and insurance risks. This presentation outlines some of the core challenges facing leaders in these areas. Come ready to hear practical recommendations to ensure that leaders understand, manage, and respond to these risks while achieving broader security and organizational objectives.
    1:15 pm
    Securing Your Sensitive Assets in a Cloud-First World
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Key take-away: 
    How to rethink database security controls in a cloud-first world.

    For most organizations, data repositories hold our most sensitive, mission critical assets. As enterprises continue their digital transformation journeys, data repositories and the sensitive assets within are more exposed than ever before for several reasons, including a dramatic rise in the:

    • Amount of data created, collected, and stored
    • Number of repositories storing sensitive data across clouds
    • Number of users and applications that need access to data
    1:15 pm
    [Panel] The Secret Potential of AI and ML: Empowering Cyber Superheroes with Artificial Intelligence
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Artificial intelligence (AI) and machine learning (ML) have emerged as powerful tools for cybersecurity professionals, offering the potential to revolutionize how organizations and individuals detect, analyze, and respond to cyber threats. Join us as we delve into the world of AI- and ML-powered cybersecurity, exploring the hidden potential of these technologies and their ability to transform cybersecurity superheroes into formidable defenders of the digital realm.

    Our panel of experts unravel the intricate world of AI and ML in cybersecurity, shedding light on the latest advancements, emerging applications, and the challenges involved in harnessing the power of these technologies effectively. They discuss the use of AI in threat detection and analysis, ML-powered threat prediction, and the potential of AI-driven automated response capabilities.

    Our panel provides a comprehensive overview of AI and ML in cybersecurity, empowering attendees to understand the hidden potential of these technologies and explore how they can be leveraged to enhance their organization’s cybersecurity posture. Learn how to identify and implement AI and ML solutions, overcome the challenges of data privacy and ethics, and embrace the future of AI-powered cybersecurity.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    Democratizing Threat Modeling Across the Enterprise
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    Key Take-Away: Understand how to better plan, deliver, and execute Threat Modeling across the enterprise.

    This presentation will help answer the following questions and more:

    • How do you apply governance principles to Threat Modeling?
    • How to apply Threat Modeling across multiple engagement types?
    • How do you ensure enterprise stakeholders including cybersecurity teams and different lines of business benefit from Threat Modeling as a service on an ongoing basis?
    2:10 pm
    An Honest Peer-Driven Conversation About Cyber Insurance
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Cyber insurance is no longer a “do I need it?” but a must-have for organizations. This conversation among cybersecurity peers will discusse how to properly assess insurance programs, including a candid look into how the organization should drive what is and is not covered, not the insurance provider.

    2:10 pm
    Benchmarking Your Cybersecurity Framework
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

    3:00 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary hors d’oeuvres and beverages. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    3:30 pm
    [Closing Keynote Panel] The Future of the CISO
    • session level icon
    speaker photo
    CISO, Health Care Service Corporation
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    Location / Room: Keynote Theater

    Session description coming soon.

Exhibitors
  • Rapid7
    Booth: TBD

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • Lacework
    Booth: TBD

    Lacework automates security across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), providing a comprehensive view of risks across cloud workloads and containers. Lacework’s unified cloud security platform provides unprecedented visibility, automates intrusion detection, delivers one-click investigation, and simplifies cloud compliance.

  • Robert Half
    Booth: TBD

    Robert Half, the world’s first and largest specialized talent solutions firm, connects opportunities at great companies with highly skilled job seekers. We offer contract, temporary and permanent placement solutions for roles in finance and accounting, technology, marketing and creative, legal, and administrative and customer support. Named to Fortune’s World’s Most Admired Companies and 100 Best Companies to Work For® lists and a Forbes Best Employer for Diversity, Robert Half is the parent company of Protiviti®. Robert Half is traded on the New York Stock Exchange (symbol: RHI) and is a member of the S&P 500 index.

  • Snyk
    Booth: TBD

    Snyk is a developer-first security company that helps organizations use open source and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Founded in 2015, Snyk is based in London, England.

  • Synopsys
    Booth: TBD

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • Syxsense
    Booth: TBD

    Syxsense is the world’s first software vendor providing cloud-based, automated endpoint and vulnerability management solutions that streamline IT and security operations. With our advanced platform, businesses gain complete visibility and control over their infrastructure, reducing IT risks and optimizing operational efficiency. Our real-time alerts, risk-based vulnerability prioritization, pre-built remediations, and intuitive automation and orchestration engine enable organizations to focus on their core business goals—confident in the knowledge that their enterprise is secure, compliant, and running smoothly. Rely on Syxsense to safeguard your IT infrastructure, so you can concentrate on what you do best—driving your business forward.

  • Tevora
    Booth: TBD

    Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats. For more information visit https://www.tevora.com.com/.

  • ThreatLocker
    Booth: TBD

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • Veriti
    Booth: TBD

    Veriti is a fast-growing security infrastructure innovator that helps organizations maximize their security posture while ensuring business uptime.

    Integrated with the entire security stack, Veriti provides a consolidated management layer that continually and proactively monitors exposure to threats and provides actionable remediation paths for security gaps and high-risk vulnerabilities across the organization’s infrastructure and attack surface.

  • Zafran Security
    Booth: TBD

    Zafran Security

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Reanna Schultz
    Team Leader of Information Security, Garmin

    Reanna Schultz is from Kansas City, MO, and attended the University of Central Missouri (UCM). She graduated in 2018 with her Bachelor of Science in Cybersecurity: Secure Software Development and in 2020 for Master of Science in Cybersecurity: Information Assurance. While being in the industry, Reanna has been exposed to numerous SANS hosted classes. Reanna volunteers as a National Cyber League coach and provides her industry expertise by doing guest speaker talks for numerous colleges and high schools across the Midwest to STEM students. Reanna currently works as a Team Lead at Garmin and directly reports out of their SOC.

  • speaker photo
    Blaise Fello
    Solutions Architect, Syxsense

    Blaise is currently a Solutions Architect at Syxsense and has been working in the IT field for the last 12 years as part of retail, MSP contracted to educational systems, and systems administrator for a spectral imaging startup company. He currently holds A+, Network+, Server+, and Security+ Certifications.

  • speaker photo
    Zafran Representative
  • speaker photo
    Rapid7 Representative
  • speaker photo
    Snyk Representative
  • speaker photo
    Panel Discussion
  • speaker photo
    Dominic Keller
    First Vice President & Senior Consultant, Alliant Insurance

    Dominic Keller has global experience across the cybersecurity, law and risk management fields. Dominic has worked as an attorney in Australia and California, a cyber risk consultant, and a cyber insurance broker with domestic and international companies across many industries. He holds the CISSP certification and has studied Corporate Strategy at the Chicago Booth School of Business.

    Dominic has worked extensively with organizations in developing cyber risk management strategies incorporating cybersecurity, legal, insurance, and business goals. He has advised Boards, C-suites, and organizational leaders in implementing effective cyber risk governance approaches, and is a regular speaker at conferences and industry events.

  • speaker photo
    Panel Discussion
  • speaker photo
    Happy Hour
  • speaker photo
    Ian Schneller, Moderator
    CISO, Health Care Service Corporation

    A 20+ year information security veteran, Ian has served in many leadership positions to include CIO/CISO. Ian also led a multi-billion dollar mission charged with developing and operating advanced cyber capabilities for the Undersecretary of Defense (Intelligence), the DoD Chief Information Officer, and the Secretary of the Air Force. In this role he led high impact global teams and advised the US Congress and Executive Branch, resulting in a coordinated, funded national approach to resolve the highest cyber concerns of Government leadership. In the financial sector, Ian has led strategic capabilities to protect critical infrastructure from cyber-attack.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Best practices & solutions, straight from the source

Join your local cybersecurity community for learning and professional growth!