Open Sessions
Conference Pass
SecureWorld Plus
VIP / Exclusive
- Thursday, August 28, 202510:30 amExhibitor Hall openRegistration Level:
Open Sessions
10:30 am - 5:00 pmLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
11:00 am[Opening Keynote] The Broken Trust: Securing the IT/OT Boundary Where Attacks SucceedSr. Consultant, MandiantSr. Strategic Security Consultant, MandiantRegistration Level:Open Sessions
11:00 am - 11:45 amNearly every major OT security incident we investigate shares a common theme: a failure at the boundary between the corporate (IT) and industrial (OT) networks. This critical chasm, once protected by a physical air gap, is now a highly permeable and poorly monitored digital bridge. Adversaries know this and exploit it as their primary pathway to impacting physical operations.
This presentation is a deep dive into the “seven deadly sins” of IT/OT integration that Mandiant consistently observes in the field. Using anonymized case studies, we will expose the common architectural flaws, misconfigurations, and broken trust relationships that allow attackers to pivot from an IT compromise to an OT shutdown. We will cover flawed firewall rules, insecure jump hosts, shared credentials, and unmonitored protocol usage. More importantly, we’ll provide a clear, defensible architecture model—based on Purdue Model principles and a zero-trust mindset—that you can use to build a boundary that is both functional and secure.
11:45 amNetworking BreakRegistration Level:Open Sessions
11:45 am - 12:00 pmLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pmDigital Profiling to Secure Critical InfrastructureCyber Behavioral Profiler, FBI (Ret.) and Modus CyberandiRegistration Level:Open Sessions
12:00 pm - 12:45 pmSession details to come.
12:00 pmZero Trust in Action: A Practical Roadmap for Security TransformationFounder & Fractional Chief Digital and Transformation Officer, Wired for ChangeRegistration Level:Open Sessions
12:00 pm - 12:45 pmZero Trust is more than a buzzword—it’s a mindset shift that reshapes how organizations protect assets. In this session, digital transformation and cybersecurity expert Amy Yee presents a clear, actionable roadmap for adopting Zero Trust. You’ll explore foundational principles and organizational drivers, learn how to assess maturity and identify quick wins, and understand common pitfalls—like fragmented identity policies—before they derail your progress.
Amy dives into key ingredients: identity security, supply chain resilience, essential cross-team conversations, and navigating blockers/enablers. Packed with real-world examples and practical exercises, this talk will leave CISOs, IT leaders, and security teams equipped to design, implement, and sustain a Zero Trust strategy that scales with business needs.
12:00 pmAI-Driven Cybersecurity: The Good, the Bad, and the UglyRegistration Level:Open Sessions
12:00 pm - 12:45 pmSession description to come.
12:00 pmInvesting in Your Application Security ProgramsRegistration Level:Open Sessions
12:00 pm - 12:45 pmSession description to come.
12:45 pmNetworking BreakRegistration Level:Open Sessions
12:45 pm - 1:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:00 pmGuardians of the Grid: Navigating the New Era of Cyber Threats to InfrastructureCybersecurity and Compliance Engineer, May MobilityRegistration Level:Open Sessions
1:00 pm - 1:45 pmAs critical infrastructure systems become more connected and reliant on digital technologies, they also become prime targets for cyberattacks. From power grids and water systems to healthcare networks and transportation, these essential services face a growing array of cyber threats—ransomware, nation-state actors, insider threats, and supply chain vulnerabilities among them.
This presentation explores the evolving cyber risk landscape impacting critical infrastructure, highlighting real-world incidents, common attack vectors, and systemic weaknesses. It also outlines the strategic imperatives for resilience, including stronger public-private partnerships, regulatory modernization, workforce readiness, and investment in advanced cybersecurity technologies. Attendees will gain a deeper understanding of the urgency and complexity of defending infrastructure that underpins national security, economic stability, and public safety.
1:00 pmEngaging with and Driving Innovation in CybersecurityRegistration Level:Open Sessions
1:00 pm - 1:45 pmSession description to come.
1:00 pmHarnessing Data Analytics for Robust Fraud Detection and PreventionRegistration Level:Open Sessions
1:00 pm - 1:45 pmSession description to come.
1:00 pmMicro Segmentation: What You Need to KnowRegistration Level:Open Sessions
1:00 pm - 1:45 pmSession description to come.
1:45 pmNetworking BreakRegistration Level:Open Sessions
1:45 pm - 2:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pmAirgapped... but Still Compromised: Adversarial Tactics and Building Defensible IsolationSr. Offensive Security Engineer, ConfidentialRegistration Level:Open Sessions
2:00 pm - 2:45 pmAir-gapped systems are often considered the pinnacle of security, but are they truly untouchable? This talk challenges the myth of absolute isolation, exploring real-world breaches—from Stuxnet to electromagnetic and acoustic attacks. Attendees will gain insight into modern threats, including supply chain risks and social engineering, while learning practical strategies to fortify air-gapped environments. Through physical security, procedural controls, and advanced detection methods, this session will reshape how you think about “unhackable” systems. Whether you secure critical infrastructure or simply love cybersecurity, you’ll leave with a deeper understanding of air-gap vulnerabilities and how to defend against them.
Attendees will learn that air-gapped systems are not inherently secure and require continuous vigilance, layered defenses, and proactive threat mitigation to prevent sophisticated breaches.
2:00 pmUsing GenAI to Turbocharge Your GRC TeamsRegistration Level:Open Sessions
2:00 pm - 2:45 pmTraditional methods of managing Governance, Risk Management, and Compliance (GRC) programs often lack the efficiency and scalability needed in today’s fast-paced environment. This talk will demonstrate the use of Generative AI technologies to transform and turbocharge GRC teams, offering significant advancements in processing capabilities, decision-making speed, and overall accuracy. We will explore practical applications of Generative AI in automating routine GRC tasks such as policy drafting, efficient risk assessment, threat modeling, and writing your own GPTs to automate workflows.
2:00 pm[Panel] Protecting Data and Systems in the CloudRegistration Level:Open Sessions
2:00 pm - 2:45 pmSession description to come.
2:45 pmNetworking BreakRegistration Level:Open Sessions
2:45 pm - 3:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
3:00 pmCyber Intel Briefing: Critical InfrastructureCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)Registration Level:Open Sessions
3:00 pm - 3:45 pmThis presentation will provide a comprehensive overview of the current cyber landscape, focusing on both global and domestic government-related threats and incidents. We will delve into recent high-profile attacks, explore emerging trends, and discuss the evolving tactics employed by cybercriminals and nation-states. Additionally, the presentation will examine the ongoing challenges faced by governments in protecting critical infrastructure, securing sensitive data, and mitigating the risks posed by cyber espionage. By understanding the latest developments in the cyber threat environment, attendees will gain valuable insights into safeguarding critical networks and systems.
3:00 pm[Panel] The Current Threats to Critical InfrastructureICS/OT Principal Security Consultant, MandiantRegistration Level:Open Sessions
3:00 pm - 3:45 pmSession details to come.
3:00 pmIntegrating Transformative OT Cybersecurity ProgramsRegistration Level:Open Sessions
3:00 pm - 3:45 pmSession description to come.
3:45 pmNetworking BreakRegistration Level:Open Sessions
3:45 pm - 4:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
4:00 pmCLOSING KEYNOTERegistration Level:Open Sessions
4:00 pm - 4:45 pm

- Google CloudBooth:
Google Cloud Security provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.
- Chris PlesiukSr. Consultant, Mandiant
Chris Plesiuk, M.Sc., a Senior Consultant specializing in strategic cybersecurity services at Mandiant, brings over 15 years of comprehensive expertise to the critical infrastructure sector. Chris's experience spans both IT and ICS/OT environments, addressing the unique challenges of diverse critical infrastructure industries. His core specializations include Security Program Assessments, Crown Jewel Assessments, Tabletop Exercises, and the development of robust Incident Management Programs and associated documentation. Notably, Chris excels in delivering tailored solutions through threat modeling and strategic preparedness.
- James YoungSr. Strategic Security Consultant, Mandiant
James Young, a Senior Strategic Security Consultant based in Toronto, Ontario, offers over 25 years of extensive cybersecurity expertise. His career spans critical areas such as architecture, incident response, operations, and risk management, demonstrating a well-rounded understanding of the field. James's experience extends across diverse and demanding sectors, including energy, mining, manufacturing, logistics, banking, and investments. His core focus centers on the development and management of comprehensive IT and OT Security Programs, as well as specialized skills in Threat Modeling, Incident Response Planning, and Security Program Assessments.
- Cameron H. MalinCyber Behavioral Profiler, FBI (Ret.) and Modus Cyberandi
Cameron Malin, JD, CISSP, is the founder of Modus Cyberandi, a bespoke Cyber Behavioral Profiling consultancy specializing in the assessment of cyber threat actor decision making, adversary tradecraft, cyber deception, and cognitive vulnerabilities. As a retired Behavioral Profiler with the Federal Bureau of Investigation (FBI), he has more than 22 years of experience investigating, analyzing, and profiling cyber adversaries across the spectrum of criminal to national security attacks.
During his tenure in the FBI, he was the founder of both the FBI Behavioral Analysis Unit's (BAU) Cyber Behavioral Analysis Center (CBAC), the FBI BAU's methodology and application of science-based behavioral profiling and assessment to national security and criminal cyber offenders—and the BAU’s Deception and Influence Group (DIG), a uniquely trained and experienced cadre of Behavioral Profilers specialized in analyses and countermeasures to adversary cyber deception campaigns and influence operations.
He is a co-author of the authoritative cyber deception book, "Deception in the Digital Age: Exploiting and Defending Human Targets Through Computer-Mediated Communications" (published by Academic Press, an imprint of Elsevier, Inc.), and co-author of the Malware Forensics book series: "Malware Forensics: Investigating and Analyzing Malicious Code," "Malware Forensics Field Guide for Windows Systems," and "Malware
Forensics Field Guide for Linux Systems" (all published by Syngress, an imprint of Elsevier, Inc.). - Amy YeeFounder & Fractional Chief Digital and Transformation Officer, Wired for Change
Amy E. Yee is a Fractional Chief Digital and Transformation Officer and the founder of Wired for Change, a podcast exploring digital impact and innovation. With more than eight years in senior executive roles, she has led enterprise-wide digital and cybersecurity transformations across sectors, including healthcare. Amy brings deep expertise in human-centered design, digital strategy, and product development, and has advised Fortune 500 companies, tech startups, and venture capital initiatives. A recognized speaker and thought leader, she also serves on nonprofit and academic boards, including Carleton University’s Systems and Engineering advisory board and the board of Kemptville District Hospital.
- Hemanth TadepalliCybersecurity and Compliance Engineer, May Mobility
Hemanth Tadepalli serves as the Senior Cybersecurity & Compliance Subject Matter Expert (SME) at May Mobility, a company revolutionizing mobility through advanced autonomous vehicle technology. His career spans notable roles at prestigious organizations, including management consulting firm AlixPartners, cybersecurity leader Mandiant, tech giant Google, and Michigan-based cybersecurity startup SensCy.
Hemanth’s research focuses on advancing cybersecurity in critical areas such as autonomous vehicle security, Internet of Things (IoT) security, threat intelligence, risk management, security operations, API security, and election security. He was appointed by Michigan Secretary of State Jocelyn Benson to the Advisory Task Force overseeing statewide election security and integrity. Throughout his career, Hemanth has consistently demonstrated expertise in implementing and maintaining security measures to safeguard systems, networks, and data from cyber threats.
In addition to his technical contributions, Hemanth has published numerous articles on cybersecurity and emerging technologies, showcasing his thought leadership. He is a sought-after speaker, invited to present at prominent cybersecurity conferences, serve as a distinguished panelist, and share insights on technology-focused podcasts. His impactful work has earned him accolades, including the 40 Under 40 recognition from Oakland County, Michigan, and the Governor’s Service Award for his philanthropic efforts and community service in cybersecurity.
Hemanth holds a bachelor’s degree in Computer Science from Kettering University, with a concentration in cybersecurity and minors in Pre-Law, Innovation, and Entrepreneurship. He also earned his Master’s in Cybersecurity and Information from the University of California, Berkeley. Currently, Hemanth serves in public office for the City of Troy and sits on the Board of Directors for Kettering University. In addition to his professional and civic work, he is a violist with the Troy Metro Symphony Orchestra. Hemanth is also a Ph.D. candidate at Dakota State University, where his research focuses on Cyber Defense.
- Sean BehanSr. Offensive Security Engineer, Confidential
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
- VJ ViswanathanFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)
With more than 25 years at the forefront of AI, cloud, enterprise technologies, cybersecurity, privacy, and risk management, VJ is a proven leader, trusted advisor, and strategic investor. He has a demonstrated history of building and scaling successful programs for global enterprises and transforming innovative concepts into impactful products.
As a trusted Board advisor and subject matter expert, VJ guides organizations through intricate digital landscapes, fostering both innovation and strategic foresight. He brings particular value to Audit & Risk Management committees, where he rigorously evaluates and audits technology and cybersecurity organizations and programs, ensuring their veracity, efficiency, resilience, and strategic effectiveness.
A sought-after advisor across expert, incubator, and accelerator networks, VJ empowers VC and PE firms with incisive market analysis, competitive intelligence, and opportunity mapping.
VJ currently applies his diverse skills as the Founding Partner of CYFORIX, a strategic defense and technology risk advisory group, and as CEO of TORQE, a specialized firm focused on solution engineering and transformation.
- Camille Felx LeducICS/OT Principal Security Consultant, Mandiant
Camille Felx Leduc is an ICS/OT Principal Security Consultant at Mandiant, now part of Google Cloud, where she stands out as a leading expert in securing industrial control systems. With a robust background in electrical engineering and a Master's degree in Computer Science from Université de Montréal, Camille brings a deep, multi-faceted understanding to critical infrastructure security.
Her extensive experience includes providing strategic support and advanced consulting to clients across vital sectors such as energy, water and wastewater, and manufacturing. Camille is particularly adept at detection and response within operational technology (OT) environments, helping organizations build formidable defenses against sophisticated cyber threats. Her work consistently focuses on strengthening the ability of these critical entities to not only detect and respond to attacks but also to effectively contain them, directly addressing the unique and complex challenges inherent in operational environments.
- Panel Discussion

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Join your InfoSec peers for high-quality training and collaboration. Reserve your spot today!
