googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, May 15, 2019
    9:00 am
    [SecureWorld PLUS] Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework
    • session level icon
    9 a.m. - 3 p.m. • Earn 12 CPEs!
    speaker photo
    Manager, Cyber and Information Security, Point32Health
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: 202

    The University of Massachusetts has developed a 6-hour SecureWorld PLUS training class that instructs attendees on the best practices for designing, building, and maintaining a cybersecurity program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the Framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program, and a Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M), and Executive Report

    The class will help individuals and organizations acquire knowledge, skills, and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the instructor:

    • Larry Wilson is the CISO for UMass President’s Office since 2009.
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation.
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past five years.
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework.

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
  • Thursday, May 16, 2019
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:30 am
    Building a Better Cyber Awareness Training System with Machine Learning and Artificial Intelligence
    • session level icon
    speaker photo
    Cybersecurity Engineer, CISSP, MS, MCS, MA, U.S. Department of Health and Human Services
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 203

    Cybersecurity awareness training (CAT) should be adaptable to the evolving cyber threat landscape, cost effective, and integrated well with other components. Unfortunately, few CAT systems can satisfy those requirements.

    This presentation introduces a new smart model for conducting cybersecurity trainings based on ML/AI with three main goals: (1) training efforts are initiated by emerging relevant threats and delivered first to the most vulnerable members; (2) training results must be able to provide actionable intelligence to be employed by enterprise risk management, enterprise threat intelligence, and other systems; and (3) the CAT system must be effective and affordable.

    8:30 am
    The Anatomy of a Hack
    • session level icon
    speaker photo
    Security Administrator, 19-facility Healthcare System
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 204
    This presentation will introduce you to the dark side of hacking. We’ll take you through the thought process, the preparation and the actual efforts that a true Black Hat hacker undertakes to compromise your systems. Once you are able to think like a Black Hat, then you can better defend your environment from a Black Hat.
    8:30 am
    Why a SIEM Isn't Always What It Seems
    • session level icon
    speaker photo
    Sr. Security Consultant, Crowe
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 202
    Security Incident and Event Managers (SIEM) are a key tool for any good security program. The problem? SIEMs are often improperly implemented, lack proper configuration and tuning, and are not staffed properly. This leaves organizations with an expensive tool that doesn’t provide much of a return. From a financial and a value standpoint, small- and medium-sized organizations are better off partnering with an outsourced Security Operations Center (SOC).
    9:30 am
    OPENING KEYNOTE: Growing the Cyber Workforce
    • session level icon
    speaker photo
    Advisory CISO, Cisco; Former CISO, The Ohio State University
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:30 am
    Location / Room: Keynote Theater

    We know there is a shortage of talent, so what can a CISO do about it? Let’s explore ways to help the community grow, while helping your own company to find diverse, capable, affordable talent when and where you need it. We will talk about how to keep and develop that talent, and explore the pros and cons of formal education and on-the-job training approaches.

    10:30 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    speaker photo
    CISO, American Financial Group
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: 108

    This session is for Advisory Council members only.

    11:15 am
    Incident Response: Ready, Set, Test!
    • session level icon
    speaker photo
    Director of Compliance and Risk Management, Dinsmore & Shohl LLP
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 203

    Studies show the single most impactful factor to reducing the cost of a cyber breach is an Incident Response Team. Everyone knows the importance of having an Incident Response Plan, but what is the value of having one if it isn’t tested and communicated? This presentation describes how our security team planned, developed and executed our first IR Tabletop as well as will provide guidance on other considerations such as how to get leadership support to hold one for your organization.

    11:15 am
    [Mimecast] Critical Areas to Improve Email Security & Resilience for Office 365
    • session level icon
    speaker photo
    Principal Security Strategist, Mimecast
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 202

    The success of Office 365 as a SaaS application is undeniable. In fact, Microsoft reports that 70% of the Fortune 500 have purchased it in the last year.  If your organization isn’t currently using it there is an excellent chance it will soon! But what of security and resilience?  Does Microsoft provide you everything you need here? In this session I will go through 10 critical security and resilience issues you should consider when using Office 365 in your organization.

    11:15 am
    Social Media and Why It Remains the Most Prevalent Vector
    • session level icon
    speaker photo
    VP, Threat Management & Cybersecurity Operations, GE Aviation
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 204

    Social engineering remains a challenge to cyber professionals as it is a threat surface that is hard to control: human behavior. We will discuss different forms of social engineering and ways to reduce these threats.

    11:15 am
    [Tenable] Quantifying the Attacker’s First-Mover Advantage
    • session level icon
    speaker photo
    Enterprise Security Engineer, Tenable
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 201

    Security professionals are engaged in a continuous arms race with threat actors. In relation to vulnerabilities, this arms race is between attackers’ access to exploits and defenders’ ability to assess, remediate and mitigate them. The attackers gain and maintain the advantage if they can stay at least one step ahead of the defender, resulting in a window of exposure. The race is never-ending and begins again with every new vulnerability discovered. The finish line keeps shifting, with the attacker setting the pace.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    speaker photo
    CISO, American Financial Group
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: 108

    This session is for Advisory Council members only.

    12:15 pm
    LUNCH KEYNOTE: Building a Culture that Engages and Retains Top Talent: A Cincinnati Cybersecurity Start-Up Case Study
    • session level icon
    speaker photo
    CISO, Fifth Third Bank
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    In today’s cybersecurity job market, the talent on your team has a lot of options. In this session we will look at what Morphick, a Cincinnati-based cybersecurity start-up, did to attract, engage, and retain talent even when funding was tight. We will look at specific elements of culture, such as aligning to a mission and vision, creating a sense of team, creating opportunities for growth (even within a 30-40 person company), and more. If a start-up can grow and retain top talent over the course of years, so can you!
    1:15 pm
    Panel: Cloudy With a Chance of Breach
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Everything old is new again. Migrating to the cloud certainly is not a new thing. It is for some smaller companies that are just now able to afford making the move to the cloud. Cloud boasts a secure, disaster proof option for companies to store their data offsite with access to that data from practically anywhere. So, who’s fault is it when the data is compromised? What if your information is stolen from the cloud because another user’s data was at fault? At the end of the day, isn’t the cloud just someone else’s computer? Join this panel discussion as they guide you through the pros and cons in migrating to the cloud.
    Panelists:
    Geoff Rance, Trend Micro
    Kes Jecius, Redseal
    Tim O’Connor, Cadre
    Moderator: Tom Dager

    1:15 pm
    Panel: Building a Better Mouse Trap (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: 201

    To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.
    Panelists:
    Adam Gates, Malwarebytes
    Paul Schofield, enSilo
    Matthew Gardiner, Mimecast
    Donovan Blaylock, Sailpoint
    Moderator: Andy Willingham

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Networking Break — Dash for Prizes and CyberHunt winners announced
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have your badge scanned with participating exhibitors throughout the day. Past prizes have included Kindles, Bose wireless headphones, gift cards, iPads, drones, and more! *Must be present to win.

    3:00 pm
    Star Wars: How an Ineffective Data Governance Program Destroyed the Galactic Empire
    • session level icon
    speaker photo
    Vice President, Greater Cincinnati ISSA
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 202

    This session will be 100% vendor agnostic and focus on exploring the different types of data governance tools and control categories within IT Security. We will actively compare and contrast tools, techniques and tactics to allow an IT Security Practitioner to build actionable policies on how users can store, process, transmit and access data. We will discuss data governance role in the small, medium, large, and enterprise businesses, who the key stakeholders are, and strategies on how to win their support.

    3:00 pm
    PCI’s Evolving Approach to Address NextGen Threats
    • session level icon
    speaker photo
    Chief Technology Officer, PCI Security Standards Council
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 201
    Don’t miss this session for a look into the evolution of payments and security standards. Hear about some opportunities and challenges that have been created by the innovations in technology. This session will also cover how PCI SSC is addressing these changes and how you can help.
    Note: Tools include people (e.g. ISA/QIR), process (DSE, DSS), and technology (P2PE, SPOC, Contactless).
    3:00 pm
    Utilizing Dashboards and Metrics to Drive Performance, Measure Success, and Decrease Vulnerabilities
    • session level icon
    speaker photo
    Head of Information Security and Privacy, Safelite Group
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 203
    Cyber and threat intel teams leverage numerous dashboards and metrics to guide key actions, intelligence and even performance. In a world of limited resources, capitalizing on these feeds and harnessing the business intelligence captured is critical for every security leader. In this session, Grant Sewell will speak on his experiences with operationalizing metrics in real-life scenarios to drive better results in security programs. This talk will emphasize the importance of leveraging the right BI from feeds to drive action across teams, and provide real-world examples of metrics to increase performance and establish more proactive partnerships across technology teams.
Exhibitors
  • Cincinnati Tri-State ASIS
    Booth: TBD

    The Cincinnati Tri-State Chapter and its members are committed to not only their own professional careers, but the security industry as a whole. The chapter promotes networking, education, and friendship with those in the fields of security and law enforcement. Our membership is comprised of professionals that work in different aspects of security and law enforcement.

    If you are interested in joining ASIS, the Cincinnati Chapter, or attending a meeting to see what we are all about please contact us to find out more information. We look forward to hearing from you and growing with you professionally!

  • Cadre Information Security
    Booth: 204

    Data and network security is a critical element for any business, but it is not enough to win. To win, cybersecurity must be viewed through the prism of business process management, align with capabilities and core competencies of the business and be optimized to minimize or eliminate the friction. For more than 25 years, Cadre Information Security enables operationally obsessed, mid-market companies to lower their costs, gain more control and increase the velocity and impact of the efforts. For more information, visit www.cadre.net

  • CDW
    Booth: 306

    CDW is a leading multi-brand technology solutions provider to business, government, education and healthcare organizations in the United States, the United Kingdom and Canada. A Fortune 500 company with multi-national capabilities, CDW was founded in 1984 and employs more than 9,000 coworkers. For the year ended December 31, 2018, the company generated net sales over $16 billion. For more information about CDW, please visit www.CDW.com.

  • Cincinnati Networking Professionals Association
    Booth: TBD

    Established in 1991, the non-profit Network Professional Association (NPA) is a professional association for computer network professionals. Members adhere to a code-of ethics, demonstrate continual professional development and knowledge, adhere to the latest best practice standards, and strive for continual growth. International awards for professionalism honor individuals for outstanding achievements and meeting the values of professionalism.

    The NPA offers a Certified Network Professional CNP credential and provides advocacy for workers in the field. Members receive a certificate of membership, quarterly journal publications, chapters and programs, and opportunities to volunteer and publish.

  • EC-Council
    Booth: TBD

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ECTF
    Booth: TBD

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • enSilo
    Booth: 104

    enSilo protects businesses around the world from data breaches and disruption caused by cyber attacks. The enSilo Endpoint Security Platform comprehensively secures endpoints in real-time pre- and post-infection without alert fatigue, excessive dwell time or breach anxiety while also containing incident response costs by orchestrating automated detection, prevention and incident response actions against advanced malware. enSilo’s patented approach stops advanced malware with a high degree of precision, provides full system visibility and an intuitive user interface and combines next-generation antivirus (NGAV), application communication control, automated endpoint detection and response (EDR) with real-time blocking, threat hunting, incident response, and virtual patching capabilities in a single agent. The platform can be deployed either in the cloud or on-premises and supports multi-tenancy.

  • Gemalto
    Booth: 302

    Today’s enterprises depend on the cloud, data and software to make decisive decisions. That’s why the most respected brands and largest organizations in the world rely on Thales to help them protect their most sensitive information and software wherever it is created, accessed or stored – from the cloud and data centers to devices and across networks. As the global leader in cloud and data protection, our solutions enable organizations to move to the cloud securely, achieve compliance with confidence, and create more value from their software in the devices and services used by millions of consumers every day.

  • InfoSec-Conferences.com
    Booth: n/a

    We’re the InfoSec community’s #1 ‘Go To’ resource for cybersecurity conference listings. Since 2012 we’ve provided cybersecurity professionals with accurate event listings that are manually checked and updated every day.

  • InfraGard Cincinnati
    Booth: TBD

    The mission of the InfraGard Cincinnati Members Alliance is to increase the security of the United States’ national infrastructure through information exchange, education, outreach, and similar efforts. To accomplish our goal, we strive to maintain a close working relationship between federal agencies such as the Federal Bureau of Investigation and the Department of Homeland Security, law enforcement agencies, subject matter experts such as cybersecurity and physical security professionals, industry-specific experts, and numerous other professionals.

  • ISACA Cincinnati
    Booth: TBD

    The Greater Cincinnati ISACA® Chapter is a not-for-profit professional association serving the information technology audit, security, and control community. We support the areas of Cincinnati & Dayton, Ohio and Northern Kentucky. The chapter consists of over 450 professionals that represent a cross-section of the public, private, and not-for-profit business sectors at all levels within those industries.

    Purpose: To promote the education of individuals for the improvement and development of their capabilities relating to the auditing of and/or management consulting in the field of Information Technology audit and control.

  • ISC2 Cincinnati Tri-State Chapter
    Booth: TBD

    Follow us on Twitter: https://twitter.com/Cinci_Tri_ISC2

  • ISSA Greater Cincinnati Chapter
    Booth: TBD

    The Greater Cincinnati Information Systems Security Association is a non-profit group dedicated to providing educational and networking opportunities to promote the exchange of ideas, knowledge, and member’s growth within the information security profession. The Greater Cincinnati Chapter will host monthly meetings with a variety of security professionals. Please check our events page for further information on upcoming events.

  • Ixia, a Keysight Business
    Booth: 201

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Malwarebytes
    Booth: 106

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.

  • Mimecast
    Booth: 202

    Mimecast empowers our customers to help mitigate risk and manage complexities across a threat landscape driven by cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today.

  • Nexum
    Booth: 305

    Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio, and Wisconsin, as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.

  • Okta
    Booth: 406

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • OWASP Cincinnati
    Booth: TBD

    OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas.

    The Cincinnati chapter leads are Andy Willingham and Allison Shubert. Chapter meetings are free and open to anyone interested in information security, risk management, data protection and application security.

  • ProcessUnity
    Booth: 205

    ProcessUnity’s cloud-based solutions help organizations of all sizes automate their risk and compliance programs. Our highly configurable, easy-to-use tools significantly reduce manual administrative tasks, allowing customers to spend more time on strategic risk mitigation. As a software-as-a-service technology, ProcessUnity deploys quickly with minimal effort from customers and their IT resources.

  • RedSeal
    Booth: 223

    By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.

  • RSA a Dell Technologies Company
    Booth: 204

    RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions.  With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.

  • SailPoint
    Booth: 206

    SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.

  • Siemplify
    Booth: 303

    The  Siemplify  team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis,  management  and operations and are backed by experts in data science and applied mathematics.

    WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them  in  rapid decision making.

  • Sonatype
    Booth: 304

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • Symantec
    Booth: 306

    Symantec is the world’s leading cyber security company. Organizations worldwide look to Symantec for strategic, integrated solutions to defend against sophisticated attacks, and more than 50 million people rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home. For more information, please visit www.symantec.com.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: 108

    Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

  • The Circuit
    Booth: TBD

    Our goal is to deliver education and informational programs; enable members to connect and foster collaboration between IT solution and service providers, corporate IT departments, the individuals within these organizations and the businesses that support them.

  • Trend Micro
    Booth: 102

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Manager, Cyber and Information Security, Point32Health

    Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Tam Nguyen
    Cybersecurity Engineer, CISSP, MS, MCS, MA, U.S. Department of Health and Human Services

    Tam Nguyen is an IEEE and ACM peer-reviewed cybersecurity researcher whose with recent publications on Software Defined Network's security (CSNet - Paris, France), and instructional design evaluation of CEH v10 Online Course (IC4E - Tokyo, JP). Tam's research interests include large-scale cyber threat modeling, cyber behavioral science, and applications of quantum computing in cybersecurity. Tam is a CISSP and is working for the Federal Reserve Bank at Cleveland.

  • speaker photo
    David Howard
    Security Administrator, 19-facility Healthcare System

    David Howard is a CISSP, Certified Ethical Hacker, and holder of many other certifications. He also has 20 years of experience and currently is the senior member of the security staff of a regional hospital system. He is the host of Bring Your Own Security Radio, heard on iHeartRadio's app and many of their AM/FM stations nationwide, and is known as Dave The IT Guy on air.

  • speaker photo
    Joseph Thacker
    Sr. Security Consultant, Crowe

    Joseph Thacker, CISSP, is a Senior Staff Member in Crowe’s cybersecurity practice. With experience in software development, automation, and cybersecurity, he is serving in Security Engineer and Analyst roles to assist in the development and maturing of one of Crowe’s cybersecurity programs. He has a Bachelor’s degree in Computer Science and a Master’s degree in Cybersecurity and Information Assurance.

  • speaker photo
    Helen Patton
    Advisory CISO, Cisco; Former CISO, The Ohio State University

    With more years working in the Security, Risk, Privacy and Resiliency professions than she cares to say, Helen Patton advocates using information risk, security and privacy to enable the mission of organizations and to support society at large.

    Helen is an Advisory CISO at Duo Security (now CISCO), where she shares security strategies with the security community. Previously, she was the CISO at The Ohio State University where she was awarded the ISE North American Academic/Public Sector Executive of the Year, and an Executive Director at JPMorgan Chase.

    Helen actively encourages collaboration across and within industries, to enable better information security and privacy practices. She believes in improving diversity and inclusion in the workforce, and mentors people interested in pursuing careers in security, privacy and risk management.

    Helen has a Master’s degree in Public Policy and has earned Certified Information Systems Auditor and Certified In Risk and Systems Control certifications from ISACA. She serves on the State of Ohio Cybersecurity Advisory Board and is a founding board member of the National Technology Security Coalition.

  • speaker photo
    JD Rogers
    CISO, American Financial Group

    JD Rogers is the Chief Information Security Officer for American Financial Group, where he leads the IT security vision, strategy and function for the insurance holding company. JD has more than 20 years of information security experience working in the energy, manufacturing, finance and insurance industries. He joined American Financial Group in 2008 as the Director of Information Security for Great American’s Annuity Group, and assumed leadership of this function enterprise-wide in 2013. In this role, he created a cross-company information security group—the first of its kind for the organization. Previously, he held information security positions at Toyota, Duke Energy and Cinergy. Placing a strong focus on security integration into business process and culture, JD serves as a security evangelist to the 36 different business units within American Financial Group, regularly conducting department-wide presentations and one-on-one conversations, as well as presenting at industry conferences such as Black Hat, SecureWorld and the Dayton Defense Conference. JD Rogers holds a Bachelor of Science in computer science from Northern Kentucky University and a Master of Science in information systems from the University of Denver. He also holds numerous designations, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and GIAC Certified ISO-27000 Specialist (G2700).

  • speaker photo
    Lynn Watson
    Director of Compliance and Risk Management, Dinsmore & Shohl LLP

    Lynn is the Director of Compliance & Risk Management for Dinsmore & Shohl, a national law firm with 1,300 attorneys and employees in 26 offices. Lynn oversees the cybersecurity team and is responsible for all firm security policies, procedures, technology, and initiatives, including the incident response program.

  • speaker photo
    Matthew Gardiner
    Principal Security Strategist, Mimecast

    Matthew Gardiner is a Director of Security at Mimecast and is currently focused on email & web security, phishing, awareness training, malware, and cloud security. With more than 15 years focused in security, Matthew’s expertise in various roles includes threat detection & response, network monitoring, SIEM, endpoint threat detection, threat intelligence, identity & access management, Web access management, identity federation, cloud security, and IT compliance at RSA, Netegrity, and CA Technologies. Previously he was President and a member of the board of trustees of the security industry non-profit, the Kantara Initiative. Matthew has a BS in Electrical Engineering from the University of Pennsylvania and an SM in Management from MIT's Sloan School of Management.

  • speaker photo
    Lori Anello
    VP, Threat Management & Cybersecurity Operations, GE Aviation

    Lori Anello is an adaptive leader with broad background in leading large enterprise teams in the areas of infrastructure, security technology, application architecture, and business solutions. She started her career working for the National Institutes of Health and then moved into private industry in the areas of consulting and manufacturing companies. Lori is presently Executive VP of Threat Management and Cyber Operations for GE Aviation.

  • speaker photo
    Paul Russo
    Enterprise Security Engineer, Tenable

    Paul is a passionate technologist focusing on solutions at the intersection of business and technology. He has over 20 years of industry experience architecting, deploying and consulting on enterprise solutions. In his current role as a Sr. Security Engineer for Tenable he helps organizations reduce risk due to Cyber Exposure.

  • speaker photo
    JD Rogers
    CISO, American Financial Group

    JD Rogers is the Chief Information Security Officer for American Financial Group, where he leads the IT security vision, strategy and function for the insurance holding company. JD has more than 20 years of information security experience working in the energy, manufacturing, finance and insurance industries. He joined American Financial Group in 2008 as the Director of Information Security for Great American’s Annuity Group, and assumed leadership of this function enterprise-wide in 2013. In this role, he created a cross-company information security group—the first of its kind for the organization. Previously, he held information security positions at Toyota, Duke Energy and Cinergy. Placing a strong focus on security integration into business process and culture, JD serves as a security evangelist to the 36 different business units within American Financial Group, regularly conducting department-wide presentations and one-on-one conversations, as well as presenting at industry conferences such as Black Hat, SecureWorld and the Dayton Defense Conference. JD Rogers holds a Bachelor of Science in computer science from Northern Kentucky University and a Master of Science in information systems from the University of Denver. He also holds numerous designations, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and GIAC Certified ISO-27000 Specialist (G2700).

  • speaker photo
    Brian Minick
    CISO, Fifth Third Bank

    Brian Minick is CISO at Fifth Third Bank. Brian has responsibility for the bank’s information protection program. Brian is a noted speaker and published author. He brings 20 years of technology and cybersecurity leadership and experience to this position. Prior, Brian was VP of Managed Threat Services at Booz Allen Hamilton following the acquisition of Morphick, a pioneer in the Managed Detection and Response market, where Brian was Co-Founder and CEO. Before founding Morphick, he was CISO at General Electric’s Aviation, Energy and Transportation businesses where he was responsible for developing and implementing advanced cybersecurity strategies.

  • speaker photo
    Micah Brown
    Vice President, Greater Cincinnati ISSA

    Micah K. Brown is a member of the IT Security Engineering team at American Modern Insurance, part of the Munich RE Group. Over the past two years he has served as the lead Engineer on the DLP implementation for Data Loss Prevention for the Munich RE organizations located in North and South America. In this role Micah has learned the many intricacies of what works in a successful DLP project. In his free time, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President. Micah graduated from the University of Cincinnati and holds an active CISSP.

  • speaker photo
    Troy Leach
    Chief Technology Officer, PCI Security Standards Council

    : Troy Leach is the Chief Technology Officer for the PCI Security Standards Council. In his role, Mr. Leach partners with Council representatives, Participating Organizations and industry leaders to develop comprehensive standards and strategies to secure payment card data and the supporting infrastructure. He is a congressional subject matter expert on payment security and holds advanced degrees from Syracuse University in network management and information security.

  • speaker photo
    Grant Sewell
    Head of Information Security and Privacy, Safelite Group

    Grant Sewell manages the Information Security and Privacy program at Safelite Group, the largest provider of vehicle glass repair, replacement, and calibration services in the United States. He serves on the board of directors for the Retail & Hospitality ISAC, the Central Ohio Chapter of (ISC)², and has held information security leadership roles with several Fortune 500 companies and U.S. Government agencies. Grant has more than a decade of experience in security, holds numerous industry certifications, and is a frequent speaker at regional and national conferences.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes