googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, August 13, 2020
    8:00 am
    Executive Roundtable [VIP invite only]
    • session level icon
    Discussion topic: NOW What Are You Including in Your Incident Response Plan?
    speaker photo
    VP & CISO, Provation Medical
    speaker photo
    Chief Security Officer & Technology Lead, Trexin Group
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This session is for Advisory Council members only.

    The current global threat landscape has shifted dramatically in the past several months due to the COVID-19 pandemic. Security professionals are being tasked with keeping the company’s data safe with an influx of remote workers that we’ve never had to account for. Inevitably something is going to happen. An incident WILL arise. You may have had a great plan in the past, and you probably continuously tested it. But have you tested it now that the IT and InfoSec departments are separated and the employees are everywhere? In either case, it’s time to reevaluate your Incident Response plan to accommodate for this unprecedented shift.

    8:30 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:00 am
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    9:00 am
    [Opening Keynote] Cybersecurity as a Key Element of Enterprise Risk Management
    • session level icon
    speaker photo
    Risk Manager, Corporate Security, Zoom
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    With the increased complexity of cyber threats and lack of skilled professionals to address those threats, the risk and cost of cybercrime is increasing at a staggering rate. Since information technology systems provide the foundation for business operations, enterprise risk management (ERM) is an increasingly essential business strategy to proactively identify and address cybersecurity exposures. We will use a case study to discuss key ERM tactics to minimize the risk associated with cybersecurity incidents.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:00 am
    Security Awareness: Another Brick in the Wall
    • session level icon
    speaker photo
    Americas Lead for Human Cyber Risk and Education, EY
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    Security awareness and training. The Human Element. Change Management. All of these have resulted in extraneous mandatory learning for employees, often without regard to a role- or risk-based education profile. Employees are experiencing learning fatigue at a rapid pace, without significant results on an organization’s overall risk profile. It’s time to stop educating and start engaging, for significant, measurable information security behavior change in your organization. This session will cover learning trends, opportunities for engagement, and examples you can implement immediately.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)
    10:00 am
    Attack on Home Base: Cybercrime Tactics and Techniques
    • session level icon
    speaker photo
    Sr. Sales Engineer, Malwarebytes
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    The coronavirus pandemic has left the world looking very different now than it did at the beginning of the year.

    For starters, millions of workers are out of the office and working from their homes. This change in scenery, combined with safe social distancing efforts that help prevent the spread of COVID-19, has created a crisis for many, but an opportunity for some.

    This special COVID-19 themed Cybercrime Tactics and Techniques report looks at the most prominently spread malware families taking advantage of this crisis, as well as other, related efforts we have observed by cybercriminals.

    Key takeaways include answers to these questions:
    •  What are the most popular malware being spread through COVID-19 phishing attacks?
    •  What does a COVID-19 phishing attack look like?
    •  How has the coronavirus shifted attackers’ focus?

    10:00 am
    Leveraging the Three Lines of Defense to Improve Your Security Position
    • session level icon
    speaker photo
    VP, Technology and Cybersecurity Audit & Advisory Services, Manulife
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am
    Depending on your role, a three lines of defense risk management model can be your best friend or worst enemy. No matter your view, the data produced through these channels can help you better understand your weaknesses, work more effectively with senior management, and respond to a variety of scenarios.
    Presentation Level: MANAGERIAL (security and business leaders)
    10:30 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:45 am
    Hey, Information Security: Be Part of the Digital Transformation or Be Left Behind!
    • session level icon
    speaker photo
    Director, Information Security Education & Consulting, Harvard University
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am
    “Digital transformation” (Dx) as a buzzword may be approaching the end of its life, but the fundamental concept—continuously improving the use of technology and data to provide value to customers—is real and critical to the survival of businesses. If information security teams don’t evolve to deliver the same Dx value and benefits to our organizations, then we risk losing our “customers” to intentional circumvention or preference for shadow IT providers. Make sure your information security team provides the core Dx attributes to your organization to cultivate value, loyalty, and trust.

    Join this session to learn how you can:
    •  Embed security into your culture, technologies and processes
    •  Empower innovation and expedite time-to-market through consistent security risk governance
    •  Assess the impacts, goals and methods of likely cyber attacks and incidents
    •  Align IT and security professionals with business objectives and risk tolerance
    •  Prepare now for effective detection and response to reduce business impacts of incidents

    Presentation level: MANAGERIAL (security and business leaders)

    10:45 am
    [Panel] Identity and Access Management: Zero Trust for the Win?
    • session level icon
    speaker photo
    Principal Security Architect, Okta
    speaker photo
    Field CTO (US) & Principal Sales Engineer, RSA
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Authentication used to be a discreet decision with the purpose of securing a single access point. Today, the ability to utilize many different types of authentication—from passwordless authentication, to certificate-based authentication, to adaptive and multi-factor authentication—is the foundation of a robust access management framework. With all the terms flying around out there—MFA, 2FA, Zero Trust, IAM, etc.—it’s hard to keep track of what is supposed to be working. Our experts will help demystify the jargon, provide best practices, and steer you away from common missteps.

    10:45 am
    The DoD’s Cybersecurity Maturity Model Certification (CMMC) Is Coming – Are You Ready?
    • session level icon
    speaker photo
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Supply chain risks are at the top of everyone’s mind today, and the US Department of Defense (DoD) is no different. That is why the DoD created its Cybersecurity Maturity Model Certification (CMMC). CMMC is a five level, third-party validated maturity certification. CMMC includes both technical and process/procedural requirements. Organizations in the Defense Supply Chain will be required to obtain CMMC certification before contract award. Requests for Proposals (RFPs) containing CMMC requirements are expected in October 2020. This session provides an overview of CMMC and the corresponding industry-led ecosystem that is being created, spearheaded by the CMMC Accreditation Body (CMMC-AB).
    Presentation Level: MANAGERIAL (security and business leaders)

    10:45 am
    Automation in the New Normal: Rapid On/Offboarding of Workers Anywhere, and on Any Device
    • session level icon
    speaker photo
    Sr. Product Marketing Manager, Okta
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    The rapid shift to remote, distributed workforces has forced IT professionals to quickly support new/expanded ways of working. In addition to extending access to resources and enhancing security from more locations and devices, IT now is challenged with rethinking already time-intensive onboarding and offboarding processes.

    According to a recent survey of IT leaders, these manual efforts sap budgets and productivity, and increase your security gaps. In this presentation, we’ll talk about the benefits of automating onboarding and offboarding and how Lifecycle Management can help streamline many of the manual processes that you likely have in place today.

    Learn more about the benefits of:

    1. Creating a single source of truth from multiple directories, and driving identity lifecycles from your HRIS, granting the right access automatically as they join and securely removing access in a timely manner as users leave.
    2. Centralizing and automating lifecycle management across all apps on-premises and in the cloud.
    3. Generating and exporting detailed reports on who has access to what.
    11:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:30 am
    Keynote Fireside Chat: Business Continuity Planning During the COVID-19 Pandemic
    • session level icon
    speaker photo
    VP & CISO, Provation Medical
    speaker photo
    Vice President, Human Resources, Provation Medical
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:15 pm

    Milinda Rambel Stone, VP and CISO, and Susan Hanson, VP of Human Resources, of Provation Medical will share in this interview format led by SecureWorld’s Emmy Award winning journalist, Bruce Sussman.

    Susan and Milinda are Provation COVID-19 Task Force members leading their organization through these challenging times. They will share their experience surrounding the daunting task of Business Continuity planning during the coronavirus pandemic. BC planning can be difficult enough during normal times. What are we missing now that we have a significant global scale event?

    12:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 12:30 pm

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    12:30 pm
    Pivoting Your Information Security Program to the New Normal
    • session level icon
    speaker photo
    CISO, Veterans United Home Loans
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    We are living in different times that demand different ways of thinking. Many existing Information Security tools have lost some visibility and viability. How has your thinking changed about your Information Security program? Maybe more importantly, what are you thinking the future will look like and how are you posturing your next purchase, hire, or action to be prepared for the next pivot? We will talk about some questions you should be asking yourself, your team, your peers, and your executives.

    12:30 pm
    Changing Cyber Landscapes: The Battle of Algorithms
    • session level icon
    speaker photo
    Director of Enterprise Security, Darktrace
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyberattacks exponentially more dangerous and harder to identify. In the near future, we will begin to see supercharged, AI-powered cyberattacks leveraged at scale. To protect against offensive AI attacks, organizations are turning to defensive cyber AI, which can identify and neutralize emerging malicious activity, no matter when, or where, it strikes.

    In this session, learn about:
    • Paradigm shifts in the cyber landscape
    • Advancements in offensive AI attack techniques
    • The Immune System Approach to cyber security and defensive
    • Autonomous Response capabilities
    • Real-world examples of emerging threats that were stopped with Cyber AI

    Presentation level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    12:30 pm
    [Panel] No Perimeter: Security in the Cloud
    • session level icon
    speaker photo
    Cloud Security Architect, Optiv
    speaker photo
    VP, Global Field CISO Team, Fortinet
    speaker photo
    Sr. Product Marketing Manager, Cloud and App-layer Data Protection, Thales Cloud Security
    speaker photo
    Director, WhiteSource
    Registration Level:
    • session level iconOpen Sessions
    12:30 pm - 1:00 pm

    Worldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.

    1:00 pm
    Networking Break
    Registration Level:
    1:00 pm - 1:15 pm

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    New Remote Workforce: Privacy and Security Risks and Mitigations
    • session level icon
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    The sudden growth in the remote workforce exposed critical cybersecurity and privacy concerns that should be considered. This presentation will provide an overview of key legal considerations with remote work when it comes to privacy and security, as well as discuss some solutions to help mitigate risk as your employees work from home.

    1:15 pm
    [Panel] Threat Landscape in Flux: Emerging Threats
    • session level icon
    speaker photo
    Director, Technology Marketing, Trend Micro
    speaker photo
    Solutions Architect, ReliaQuest
    speaker photo
    Sr. Sales Engineer, Malwarebytes
    speaker photo
    CTO, RedSeal Networks
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.

    1:15 pm
    VIPR Report: The Verizon Incident Preparedness and Response Report – Taming the Data Breach
    • session level icon
    speaker photo
    Head of Research, Development, Innovation, Verizon Threat Research Advisory Center
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 1:45 pm

    Preparing for and responding to data breaches and cybersecurity incidents is never easy. It takes knowledge of your environment and its unique threats, effective teamwork, and just as importantly, a rigorous Incident Response (IR) Plan. The VIPR Report is a data and scenario-driven approach to incident preparedness and response; it’s based on three years of Verizon’s IR Plan readiness assessments, and our data breach simulation recommendations. John will present findings with the six phases of incident and in doing so, cover five data breach scenarios illustrating the need for that phase of an IR Plan and its underlying components.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    1:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:00 pm
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:00 pm
    [Closing Keynote] People, Processes, and Tech Strategies: Recruit, Train, and Retain for Success!
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    While most security teams leverage these key resources to reduce risk in our programs, how you leverage these resources will ultimately determine your effectiveness and success.  Come join a leading security practitioner in a collaborative discussion on tips and landmines to avoid

Exhibitors
  • Arctic Wolf Networks
    Booth: https://www.engagez.net/arctic-wolf-swvc

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit  https://www.arcticwolf.com.

  • Checkmarx Inc.
    Booth: https://www.engagez.net/checkmarx

    Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

  • Cloud Security Alliance (CSA)
    Booth: N/A

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Corelight
    Booth: https://www.engagez.net/corelight

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • Darktrace
    Booth: https://www.engagez.net/darktrace-swvc

    Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.

    The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

  • EC-Council
    Booth: N/A

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • Fortinet
    Booth: https://www.engagez.net/fortinet-swvc

    Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

  • Gigamon
    Booth: https://www.engagez.net/gigamon-swvc

    Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realize the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, nine of the 10 largest mobile network providers, and hundreds of governments and educational organizations worldwide. To learn more, please visit gigamon.com. 

  • Global Cyber Alliance
    Booth: N/A

    The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org

  • InfraGard Chicago
    Booth: N/A

    All InfraGard participants are committed to the proposition that a robust exchange of information about threats to and actual attacks on these critical infrastructures is an important element for successful infrastructure protection efforts. This chapter is governed by our local bylaws.

    The goal of InfraGard is to enable the flow of information so that the owners and operators of infrastructure assets can better protect themselves and so that the United States government can better discharge its law enforcement and national security responsibilities.

  • ISACA Chicago Chapter
    Booth: N/A

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Chicago area.

    Chapter meetings are generally held the third Thursday of each month at The Conference Center at One North Wacker (1 N. Wacker Drive, 2nd Floor, Chicago, Illinois 60606)

    Please check our web site from time to time for the most up-to-date listing of chapter related events and training opportunities.

  • ISC2 Chicago Chapter
    Booth: N/A

    The mission of the Chicago Chapter is to advance the local Chicagoland information security community by providing its members with opportunities to increase knowledge, grow professional networks, share information and advance the profession as a whole by promoting certification, ethical behavior, and social responsibility.

    Our members consist of ISC2 credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification. Our chapter program is focused on sharing knowledge and exchanging ideas among security professionals in the local area.  Ultimately, we want to advance the field of information security by educating practitioners and the public at large on how to protect and defend against security threats.

  • ISSA Chicago Chapter
    Booth: N/A

    The Chicago Chapter of the Information Systems Security Association (ISSA) has a mission to offer a stimulating combination of discussion forums, hands-on learning, CISSP certification training, conferences, and other events which are designed to enhance understanding and awareness of information security issues for information security professionals.

    Whether you are exploring a career in cybersecurity, honing your technical expertise or an established security executive, the ISSA offers you a network of 10,000 colleagues worldwide to support you in managing technology risk and protecting critical information and infrastructure. Enhance your professional stature, expand your peer network and achieve your personal career goals. Your local chapter and ISSA International will provide you with a wealth of resources to keep you current with industry trends and developments in our ever-evolving field.

  • Malwarebytes
    Booth: https://www.engagez.net/malwarebytes-swvc

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.

  • Okta
    Booth: https://www.engagez.net/okta-sw

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Optiv & BlackBerry
    Booth: https://www.engagez.net/optiv-blackberry

    Optiv is a security solutions integrator delivering end-to-end cybersecurity solutions that help clients maximize and communicate the effectiveness of their cybersecurity programs. Optiv starts with core requirement of every enterprise—risk mitigation—and builds out from there with strategy, infrastructure rationalization, operations optimization, and ongoing measurement. Learn more at https://www.optiv.com.

  • RedSeal
    Booth: https://www.engagez.net/redseal-sw

    By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.

  • ReliaQuest
    Booth: https://www.engagez.net/reliaquest-sw

    ReliaQuest, the force multiplier of security operations, increases visibility, reduces complexity, and manages risk with its cloud native security operations platform, GreyMatter. ReliaQuest’s GreyMatter is built on an open XDR architecture and delivered as a service anywhere in the world, anytime of the day, by bringing together telemetry from tools and applications across cloud, on-premises and hybrid cloud architectures. Hundreds of Fortune 1000 organizations trust ReliaQuest to operationalize security investments, ensuring teams focus on the right problems while closing visibility and capability gaps to proactively manage risk and accelerate initiatives for the business. ReliaQuest is a private company headquartered in Tampa, Fla., with multiple global locations. For more information, visit www.reliaquest.com.

  • RSA a Dell Technologies Company
    Booth: https://www.engagez.net/rsa-sw

    RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions.  With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.

  • Synopsys
    Booth: https://www.engagez.net/synopsys-sw

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Thales
    Booth: https://www.engagez.net/thales

    As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

  • Trend Micro
    Booth: https://www.engagez.net/trendmicro-swvc

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • Women in CyberSecurity (WiCyS)
    Booth: N/A

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Milinda Rambel Stone
    VP & CISO, Provation Medical

    Milinda Rambel Stone is an executive security leader with extensive experience building and leading security programs, including Information Security Governance, Vulnerability Management, Incident Investigation & Response, Security Awareness, and Risk Management & Compliance. With significant experience in creating and managing large-scale information security programs in technology, healthcare, and financial services, today Milinda puts this expertise to work as a VP and CISO at Provation Medical.

  • speaker photo
    Glenn Kapetansky
    Chief Security Officer & Technology Lead, Trexin Group

    Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.

    Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).

  • speaker photo
    Tamika Puckett
    Risk Manager, Corporate Security, Zoom

    As the City of Chicago’s Chief Risk Officer, Ms. Puckett was responsible for implementing and managing the city’s enterprise risk management governance framework, including the implementation of policies and procedures to identify and manage organizational risks. A career risk manager, Ms. Puckett possesses over 15 years of experience managing complex, public sector enterprise risk management programs. She possesses specialized experience in the areas of risk assessments, workers’ compensation, contractual risk transfer, and training programs. Ms. Puckett was recognized as a 2018 Insurance Business America Leading Risk Manager.

  • speaker photo
    Alexandra Panaretos
    Americas Lead for Human Cyber Risk and Education, EY

    With a background in broadcasting and operational security, Alex specializes in secure communications and education, awareness program development, the psychology of social engineering, human-based risk mitigation, and behavior analytics. She has over 12 years of experience developing and implementing security awareness, communication, and education strategies in Fortune 50/100 companies and other global enterprises. Alex is OPSEC Manager II Certified by the U.S. Army and the Joint Information Operations Warfare Center (JIOWC). She volunteers with local law enforcement agencies educating parents, community groups, and youth organizations on information security and social media safety in her free time.

  • speaker photo
    Kevin Kennedy
    Sr. Sales Engineer, Malwarebytes
  • speaker photo
    Brendan Campbell
    VP, Technology and Cybersecurity Audit & Advisory Services, Manulife
  • speaker photo
    Sandy Silk
    Director, Information Security Education & Consulting, Harvard University

    Sandy Silk is the Director of Information Security Education and Consulting at Harvard University, Founder of Cyber Risk and Resilience Consulting, and a member of the Board of Advisors for the MS in Information Security Leadership at Brandeis University. She excels at bringing together executive leaders, business teams, and IT professionals to align cyber risk management with strategic priorities and culture, risk tolerance levels, and positive customer experience. Sandy is also involved in several WIT organizations and programs. Her prior information security career included positions with Fidelity Investments, Bose Corporation, and Wellington Management Company.

  • speaker photo
    Sami Laine
    Principal Security Architect, Okta
  • speaker photo
    Ben Smith
    Field CTO (US) & Principal Sales Engineer, RSA

    Ben Smith is Field CTO (US East) with RSA, and a technically-focused risk management executive with over 25 years’ experience. He holds the CISSP and CRISC certifications and has presented on RSA's behalf at cybersecurity events sponsored by Gartner, FS-ISAC, ISSA, BSides, ICI, (ISC)2, ISACA, InfraGard, HTCIA and other organizations.

  • speaker photo
    James Goepel
    Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body

    James Goepel is Treasurer and Member, Board of Directors for the CMMC-AB. He is also an adjunct professor of Cybersecurity at Drexel University and CEO of Fathom Cyber, a trusted agent for senior management and developer of defensible cybersecurity strategies. Jim earned his BSECE from Drexel and his JD and LLM degrees from George Mason University. He worked in the IT and security industries for nearly two decades, including as a Network Administrator for the US House of Representatives and as a lawyer and technologist for a wide range of cybersecurity companies, including system developers, research institutions, and software vendors.

  • speaker photo
    Kelsey Nelson
    Sr. Product Marketing Manager, Okta

    Kelsey Nelson is a Senior Product Marketing Manager at Okta, leading workforce IT and security solutions, including getting beyond the buzzword of "Zero Trust." Prior to joining Okta, she led product and business communications at tech startups varying from enterprise software to edtech to consumer music hardware, and prior to that taught secondary school history and English with Teach for America. Today, she lives in San Francisco, though will always call Wisconsin home.

  • speaker photo
    Milinda Rambel Stone
    VP & CISO, Provation Medical

    Milinda Rambel Stone is an executive security leader with extensive experience building and leading security programs, including Information Security Governance, Vulnerability Management, Incident Investigation & Response, Security Awareness, and Risk Management & Compliance. With significant experience in creating and managing large-scale information security programs in technology, healthcare, and financial services, today Milinda puts this expertise to work as a VP and CISO at Provation Medical.

  • speaker photo
    Susan Hanson
    Vice President, Human Resources, Provation Medical

    Susan has over 20 years of healthcare experience in Human Resources and Compliance. Susan joined the Provation team in 2017 and brings her experience of building and growing high-performing teams with a dynamic, results-oriented culture and strong leadership. Susan also has experience in healthcare compliance specifically in HIPAA and HITECH by building a healthcare compliance program in her previous career. Susan has a Bachelor of Science degree in Human Resource Management as well as a Master of Science degree with an emphasis in Leadership, along with an MBA from Capella University in Minneapolis, Minnesota.

  • speaker photo
    Randy Raw
    CISO, Veterans United Home Loans

    Randy Raw is Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.

  • speaker photo
    David Masson
    Director of Enterprise Security, Darktrace

    David Masson is Darktrace’s Director of Enterprise Security, and has over two decades of experience working in fast moving security and intelligence environments in the UK, Canada and worldwide. With skills developed in the civilian, military and diplomatic worlds, he has been influential in the efficient and effective resolution of various unique national security issues. David is an operational solutions expert and has a solid reputation across the UK and Canada for delivery tailored to customer needs. At Darktrace, David advises strategic customers across North America and is also a regular contributor to major media outlets in Canada where he is based, included CBC and The Globe and Mail. He holds a master’s degree from Edinburgh University.

  • speaker photo
    Kevin Dillaway
    Cloud Security Architect, Optiv
  • speaker photo
    Jonathan Nguyen-Duy
    VP, Global Field CISO Team, Fortinet
  • speaker photo
    Eric Wolff
    Sr. Product Marketing Manager, Cloud and App-layer Data Protection, Thales Cloud Security

    Eric Wolff is a Senior Product Marketing Manager for Thales application-layer data protection and solutions for public cloud security. He has over 20 years’ experience in threat intelligence management, network security, application acceleration, enterprise-class storage area networking, storage virtualization, data-management applications, and storage subsystems.

  • speaker photo
    Moderator: Susan St. Clair
    Director, WhiteSource
  • speaker photo
    Jordan Fischer, Instructor
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Myla Pilao
    Director, Technology Marketing, Trend Micro
  • speaker photo
    Ryan Gritt
    Solutions Architect, ReliaQuest
  • speaker photo
    Kevin Kennedy
    Sr. Sales Engineer, Malwarebytes
  • speaker photo
    Mike Lloyd
    CTO, RedSeal Networks

    Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.

    Dr. Mike Lloyd holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.

  • speaker photo
    John Grim
    Head of Research, Development, Innovation, Verizon Threat Research Advisory Center

    John has over 17 years of experience investigating, and leading teams investigating, data breaches and cybersecurity incidents within the government and civilian security sectors. Currently, John heads the Verizon Threat Research Advisory Center (VTRAC) research, development, and innovation effort. In this role, he focuses on researching cybersecurity incidents, performing digital forensic examinations, advising on data breach containment and eradication efforts, and creating data breach response preparedness training and breach simulation exercises for customers worldwide. Prior to joining Verizon, John served 12 years with the U.S. Army investigating security-related incidents with eight years specifically focused on network intrusion investigations and forensic examinations.

  • speaker photo
    Mark Eggleston, CISSP, GSEC, CHPS
    CISO, CSC

    Mark Eggleston is the chief information security officer (CISO) for CSC, responsible for the global security and privacy program design, operations and continual maturation. As a senior executive specializing in security and privacy program development and management, Mark’s unique background and expertise in information technology, program, and people management have positioned him as a thought leader and frequent industry speaker.

    Mark started his career as a program manager and psychotherapist at a hospital serving children and adolescents. Later, Mr. Eggleston helped develop an internal compliance approach—complete with policies and tools—ensuring a geographically dispersed health care provider organization (across 19 states) complied with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Mr. Eggleston then transitioned to applying his HIPAA expertise at an HMO where he has implemented many successful security controls and technologies, including single sign-on (SSO), Identity and Access Management (IAM), Cloud Access security broker (CASB), and a vulnerability assessment program.

    Mark received his Bachelor of Science in psychology from Radford University. Later, Mark received both his Master of social work and his post-baccalaureate certificate in management information systems from Virginia Commonwealth University. In addition, Mark holds CHPS, CHPS, and CISSP certifications.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes