Open Sessions
Conference Pass
SecureWorld Plus
VIP / Exclusive
- Wednesday, October 2, 20249:00 am[PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0vCISO & Managing Director, Cyber Risk Opportunities LLCRegistration Level:
SecureWorld Plus
9:00 am - 3:00 pmHave you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?
In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.
You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:
- What are the components of the framework?
- Why is the framework is valuable?
- What type of organizations can use the framework?
Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.
You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.
Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.
We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.
9:00 am[PLUS Course] Protecting the Organization from a Ransomware AttackManager, Cyber and Information Security, Point32HealthRegistration Level:SecureWorld Plus
9:00 am - 3:00 pmThe threat of ransomware to global businesses, institutions, and governments has reached pandemic proportions. If you are the victim of a ransomware attack, your business will have a tough choice: either pay the attacker and hopefully gain control of your critical computer systems and information, or don’t pay and hopefully minimize the impact of data loss and recover the critical IT systems with minor damage. Law enforcement agencies recommend not paying, because doing so encourages continued criminal activity. In some cases, paying the ransom could even be illegal, because it provides funding for criminal activity.
Many of today’s ransomware attacks exfiltrate data, which means that attackers could have access to a victim’s confidential data, files, login credentials, and emails. Organizations cannot 100% prevent ransomware attacks. The best thing you can do is assume you will be hit and have plans in place that enable a quick response.
This course helps organizations design, build, operate, and maintain a comprehensive ransomware program. The focus is to: (1) prevent a successful attack (best case scenario); (2) reduce the impact of an attack by protecting critical assets; and (3) recover from an attack with minimal downtime and data loss.
- Thursday, October 3, 20247:30 amRegistration openRegistration Level:
Open Sessions
7:30 am - 4:15 pmLocation / Room: Registration DeskCome to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
8:00 amExhibitor Hall openRegistration Level:Open Sessions
8:00 am - 4:30 pmLocation / Room: Exhibitor HallYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:00 amAdvisory Council Roundtable Breakfast – (VIP / Invite only)Registration Level:VIP / Exclusive
8:00 am - 8:45 amThis roundtable discussion is for our Advisory Council members only.
8:00 amAssociation Chapter MeetingsRegistration Level:Open Sessions
8:00 am - 8:45 amParticipating professional associations and details to be announced.
8:00 amThe Rise of Bossware: A Privacy ParadoxSr. Information Systems Auditor, Parkland HealthRegistration Level:Open Sessions
8:00 am - 8:45 amThe rise of “bossware” has surged due to remote work. Employers seek insights into productivity, security, and compliance. These concerns resulted in a privacy paradox: bossware provides valuable data but raises crucial privacy concerns that center around balancing surveillance with employee rights. Bossware features include keystroke logging, screen recording, and webcam activation increase the risk of trust erosion, legal implications, and employee morale. Transparency and informed consent are essential elements of navigating the Legal Landscape with data protection laws (GDPR, CCPA, etc.).
This presentation provides ideas on best practices for achieving transparent communication by educating employees about monitoring, achieving privacy by design by implementing privacy-friendly bossware, and the importance of regular audits to assess the impact and effectiveness of the bossware implementation. Security professionals must address the bossware dilemma strategically. This session helps find the sweet spot where smart security meets employee trust, ensuring a productive and respectful work environment.
8:45 amNetworking BreakRegistration Level:Open Sessions
8:45 am - 9:00 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
9:00 am[Opening Keynote] A CISO PanelCISO, City of ArlingtonDeputy CISO, Toyota Financial Savings BankCo-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane LLPRegistration Level:Open Sessions
9:00 am - 9:45 amLocation / Room: Keynote TheaterSession description to come.
9:45 amNetworking BreakRegistration Level:Open Sessions
9:45 am - 10:15 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:15 amThe Dark Side of AI: Using AI to Enable AttacksSr. Security Researcher, NokiaRegistration Level:Conference Pass
10:15 am - 11:00 amDue to the rise of generative AI, AI has become more accessible to the public. Therefore, more and more people are using AI to perform various tasks. Unfortunately, although AI can be used for many good things such as powerful data analytics, criminals are using AI to help them perform various attacks from generating more convincing phishing emails to stealing passwords. In this presentation, learn about the different techniques that criminals are using to attack systems with the help of AI, and discuss what organizations and individuals can do to prepare and protect themselves from this threat.
10:15 amPCI SecurityPartner, IT Advisory, WeaverITAS Senior Associate , WeaverRegistration Level:Conference Pass
10:15 am - 11:00 amSession description coming soon.
10:15 amSOC Essentials: Assembling Your First Response TeamRegistration Level:Open Sessions
10:15 am - 11:00 amThe Security Operations Center (SOC) is an organization’s first eyes and ears to security threats and risks. For the SOC to support being an organization’s first response team, the team must have the proper resources for continuous growth and monitoring to keep an organization secure. This discussion focuses on key foundational elements for developing and maturing a SOC. Attendees will learn how to establish processes, procedures, and growth plans for their SOC. Additionally, use metrics to show maturity opportunities within a SOC and identify cyber security risks in a business.
11:00 amNetworking BreakRegistration Level:Open Sessions
11:00 am - 11:10 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:10 amInstrumenting Your Security ProgramCISO, Health Care Service CorporationRegistration Level:Conference Pass
11:10 am - 11:55 amWith the foundation of how the aviation industry has achieved very high safety records, you will learn a new perspective on how to instrument your information security program to reduce risk. This is NOT a presentation about what metrics you should measure, but a framework for identifying meaningful metrics and, more importantly, how to use them to ensure effective attack surface management at scale, moving past compliance and into operational excellence.
11:10 amThe New Privacy Landscape in Texas and BeyondData Privacy & Cyber Partner, Spencer Fane LLPRegistration Level:Conference Pass
11:10 am - 11:55 am“Everything is bigger in Texas,” and that now includes privacy protections. Texas has rolled out its version of a comprehensive privacy law that aims to reshape data privacy and security in the Lone Star State. This discussion unpacks key changes and compliance tips ushered in by this legislation, detailing implications for businesses and individuals. Learn about key consumer rights, data handling obligations, and compliance strategies to avoid violations.
11:10 am[Panel] Unveiling the Threat Landscape and Unmasking Digital VillainsCIO/CISO, FUTU US Inc.Registration Level:Open Sessions
11:10 am - 11:55 amIn the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.
Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.
Our panel provides a comprehensive overview of the current threat landscape.
12:00 pm[Lunch Keynote] One Patch Leads to Another: Building Enterprise Cyber Resilience Using Lessons Learned from Aircraft CybersecurityCyber Fellow, Aeronautics Cyber Range, Lockheed Martin , Lockheed MartinRegistration Level:Open Sessions
12:00 pm - 12:45 pmLocation / Room: Keynote Theater12:00 pmAdvisory Council Lunch Roundtable – (VIP / Invite Only)Registration Level:VIP / Exclusive
12:00 pm - 12:45 pmModerated discussion for SecureWorld Advisory Council members. By invite only.
12:45 pmNetworking BreakRegistration Level:Open Sessions
12:45 pm - 1:15 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pmIntegrate Transformative OT Cybersecurity Programs to Increase EffectivenessPrincipal, CI5O Advisory Services LLCRegistration Level:Conference Pass
1:15 pm - 2:00 pmAt the operational field, plant, or edge level, growing risks like cybersecurity must be managed amid a need to democratize and expand technology within an increasingly connected workplace. Traditional approaches of handling cyber, analytics, edge, and others as separate IT projects and not addressing these needs as various pieces of a major holistic change effort (including many non-technology aspects) are causing them to fail outright or have poor results. Operational management frameworks are designed to provide consistency and reliability at the field level for various reasons, including safety and environmental priorities, and can create friction with innovative techniques and large-scale change. Culture clashes between OT, IT, and Operations teams and priorities worsen this situation.
It’s important to appreciate how transformative OT cybersecurity programs are in order to integrate those objectives and ways of working into existing frameworks. This also allows cybersecurity teams to take advantage of new models and emerging technology which can accelerate progress. Finding and supporting these solutions is not enough though; companies need to apply a different approach to leading their internal change to overcome resistance and improve engagement.
1:15 pmNavigating the Cybersecurity Maze in M&A: A CISO's Perspective on Integration ChallengesSVP & CISO, Sunflower Bank, N.A.Registration Level:Conference Pass
1:15 pm - 2:00 pmThis session explores the critical cybersecurity challenges faced by CISOs during mergers and acquisitions from the acquiring company’s viewpoint. Just days after Legal Day 1 of a merger, Parrish will delve into the complexities of integrating disparate security cultures, technologies, and practices while maintaining a robust security posture throughout the M&A process. Key topics include assessing the target company’s security landscape, managing risk during transition, and strategies for harmonizing security policies and controls. Special attention will be given to the intricate task of consolidating third-party vendor relationships and associated risks. Gain practical insights on fostering a unified security culture, streamlining technologies, and ensuring compliance across the newly formed entity.
1:15 pm[Panel] Elevating Security Through Threat Intelligence, Cloud Resilience, and AI InnovationsPartner, IT Advisory, WeaverRegistration Level:Open Sessions
1:15 pm - 2:00 pmIn the dynamic realm of cybersecurity, the battle between defenders and digital villains is an ongoing saga. This forward-looking session will explore the evolution of cyber threats, forecasting the next wave of challenges that organizations and individuals may face. We aim to unmask the upcoming generation of digital villains, examining their sophisticated tactics and exploiting vulnerabilities that may become prevalent in the future.
Our distinguished panel of cybersecurity experts will dissect the motivations driving these threats, from the ever-adapting strategies of profit-driven cybercriminals to the evolving techniques employed by state-sponsored actors wielding cyberweapons. As we peer into the future, we will also address the role of emerging technologies in reshaping the threat landscape, providing insights that empower organizations to proactively defend against tomorrow’s cyber challenges.
Join us in this exploration of the unseen, as we strive to anticipate and understand the threats that lie beyond the shadows of the current cybersecurity landscape.
2:00 pmNetworking BreakRegistration Level:Open Sessions
2:00 pm - 2:10 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:10 pmLoaves and Phishes: Establishing Purpose in the Nebulous and Evolving Terrain of CybersecurityCommissioner, City of Austin's Community Technology and Telecommunications CommissionRegistration Level:Conference Pass
2:10 pm - 2:55 pmAfter spending time in the Army, Gabriel began to transition into the cybersecurity sector, safeguarding digital infrastructures against evolving threats. He felt a calling to serve his country in a more direct and tangible manner. The decision to transition was not easy, as it required leaving behind a guaranteed path for the unknown challenges of civilian life. However, he was driven by a desire to apply his expertise in a different context, one where the stakes were even higher, and the impact more immediate.
During this journey, he encountered various challenges, from adapting to the rigorous physical training regimen to learning the intricacies of security protocol. Yet, through perseverance and a willingness to learn, he was able to overcome these obstacles and find his footing in this new environment. This experience taught him the importance of adaptability and resilience, qualities that are as crucial in the military as they are in the ever-changing landscape of cybersecurity.
2:10 pmIntegrating Threat Intelligence with Penetration Testing: A Simulation-Driven Approach to Cyber ResilienceSr. Threat Intel Analyst, Fortune 500 Convenience RetailRegistration Level:Conference Pass
2:10 pm - 2:55 pmThis presentation explores the integration of attack simulation tools with real-time threat intelligence to mimic sophisticated cyberattacks accurately. It highlights adaptive threat modeling, automation in penetration testing, and the role of machine learning in predicting and automating testing processes. The discussion emphasizes the enhancements in security postures, incident response, and resource allocation, alongside addressing challenges like scaling simulations and reducing false positives. It concludes with future trends in leveraging AI for advancing penetration testing and threat intelligence, offering a blend of technical depth and strategic insights for an audience keen on both practical and theoretical aspects of cybersecurity.2:10 pmCybersecurity in the Age of Machine Learning and Artificial IntelligenceRegistration Level:Open Sessions
2:10 pm - 2:55 pmArtificial Intelligence (AI) coupled with Machine Learning (ML) has tremendous potential to strengthen defenses, but the benefits of ML/AI in cust be contextualized against the risks it poses. The usage of ML/AI has increased exponentially, but security and privacy governance and policies have not expanded at the same rate. Moreover, the pace of instituting AI and privacy regulations varies across the globe, creating a rather complex governance structure for cybersecurity personnel to operate under. This presentation delves into the security and privacy implications of using ML/AI in the organization, whether it is using ML/AI-based security tools or ensuring security of ML/AI-based products developed by the organization.
3:00 pmNetworking Break and Dash for PrizesRegistration Level:Open Sessions
3:00 pm - 3:30 pmLocation / Room: Exhibitor HallVisit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.
Participating sponsors will announce their Dash for Prizes winners. Must be present to win.
3:00 pmHappy HourRegistration Level:Open Sessions
3:00 pm - 3:45 pmLocation / Room: Exhibitor HallJoin your peers for conversation and complimentary hors d’oeuvres and beverages. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.
3:30 pm[Closing Keynote] When Enterprise and World Events Collide: Driving Outcome-Based Cybersecurity TransformationCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)Registration Level:Open Sessions
3:30 pm - 4:15 pmLocation / Room: Keynote TheaterThe cybersecurity landscape is no longer defined by APTs and static defenses; it’s a dynamic battlefield where agility, strategic insights and creative risk reduction executed with technical veracity drive differentiating outcomes. Our co-presenters provide differentiating insights at the intersection of national defense, global security trends, and cybersecurity risk management.
This session helps you reimagine your security posture and provides you with a battle plan to protect your organizational assets. Col. Leighton and VJ delve into the defining trends of cybersecurity transformation, including using AI to shift from detection to prediction; addressing the evolving human factor risk with advanced security training and creating a culture of security; embracing integration and breaking down siloed data and disparate tools; and building future-proof defenses with automation and threat intelligence platforms.
- Aqua SecurityBooth: TBD
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed. Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions, and cloud VMs.
- Cato NetworksBooth: TBD
Cato Networks pioneered the convergence of networking and security into the cloud. Aligned with Gartner’s Secure Access Service Edge (SASE) and Security Service Edge (SSE) frameworks, Cato’s vision is to deliver a next generation secure network architecture that eliminates the complexity, costs, and risks associated with legacy IT approaches based on disjointed point solutions. With Cato, organizations securely and optimally connect any user to any application anywhere on the globe. Our cloud-native architecture enables Cato to rapidly deploy new capabilities and maintain optimum security posture, without any effort from the IT teams. With Cato, your IT organization and your business are ready for whatever comes next. For more information, visit https://www.catonetworks.com.
- Cyversity DallasBooth: TBD
Our mission is to achieve the consistent representation of women and underrepresented minorities in the cybersecurity industry through programs designed to diversify, educate, and empower. Cyversity tackles the “great cyber divide” with scholarship opportunities, diverse workforce development, innovative outreach, and mentoring programs.
- EntrustBooth: TBD
Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.
- Envision Technology AdvisorsBooth: TBD
Envision Technology Advisors is a business and technology consultancy specializing in Digital Transformation, Cybersecurity, Business Continuity, Infrastructure Consulting, Web Design and Development, and much more. With offices in Rhode Island and the Boston area, Envision serves clients throughout New England and beyond.
- GuruculBooth: TBD
Gurucul is a global cybersecurity company that is changing the way organizations protect their most valuable assets, data and information from insider threats and external cyberattacks, both on-premises and in the cloud. Gurucul’s real-time Cloud-native Next-Gen Security Analytics and Operations Platform provides customers with Next Generation SIEM, UEBA, Open XDR, and Identity & Access Analytics. It leverages machine learning behavior profiling with predictive risk-scoring algorithms to predict, detect and prevent data breaches, fraud and insider threats. It also reduces the attack surface for accounts and eliminates unnecessary access rights and privileges to increase data protection.
Gurucul is backed by an advisory board comprised of Fortune 500 CISOs, and world-renowned experts in government intelligence and cybersecurity. The company was founded in 2010 by seasoned entrepreneurs with a proven track record of introducing industry-changing enterprise security solutions. Gurucul’s mission is to help organizations protect their intellectual property, regulated information, and brand reputation from insider threats and sophisticated external intrusions.
Gurucul technology is used by Global 1000 companies and government agencies to fight cybercrimes, IP theft, insider threat and account compromise. It is also used for log aggregation, compliance and risk-based security orchestration and automation for real-time extended detection and response. Gurucul is headquartered in Los Angeles, CA.
- KeysightBooth: TBD
Keysight’s portfolio of network security solutions simulate threats, eliminate blind spots, taking control of a rapidly-changing attack surface. Be a hero, not a headline, by proving your network is secure simulating attacks, exposing gaps early, and course correct with step-by-step fixes; protecting users and applications with increased the efficiency, performance, and reliability of your security systems; patrolling every packet eliminating vulnerable blind spots and decrypt threats hiding in SSL traffic; and practice your cyber skills enhancing your security and attack response skills against real-world threats.
- KMicro Tech, Inc.Booth: TBD
KMicro Tech Inc. provides a suite of scalable IT managed services combining streamlined cloud and on premise solutions that are specific to the needs of our enterprise customers. We enable our clients to focus on their business and not IT. We do that by working closely with our clients to understand their business and help them navigate through information technology so their companies are positioned to thrive in today’s competitive marketplace.
- Pure Storage, Inc.Booth: TBD
Pure Storage is pioneering a new class of enterprise storage that has been designed from the ground up to take full advantage of flash memory. The company’s products accelerate random I/O-intensive applications like server virtualization, desktop virtualization (VDI), database (OLTP, rich analytics/OLAP, SQL, NoSQL), and cloudcomputing.
Pure Storage makes it cost-effective to broadly deploy flash within the data center, enabling organizations to manage growth within existing power and space constraints. Launching later this year, the company’s products are in private beta with select customers. Pure Storage is funded by Greylock Partners and Sutter Hill Ventures.
- ThreatLockerBooth: TBD
ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com
- Varonis Systems, Inc.Booth: TBD
Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.
- Glen Sorensen, InstructorvCISO & Managing Director, Cyber Risk Opportunities LLC
Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.
Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.
- Larry Wilson, CISSP, CISA, InstructorManager, Cyber and Information Security, Point32Health
Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.
- Michael R. SmithSr. Information Systems Auditor, Parkland Health
Michael R. Smith, MBA, CISSP, CFE, CISA, CIA, PMP, ITIL, is a Healthcare Information Technology Professional with over thirty years of IT experience. Michael is a Sr. I.S. Auditor at Parkland in Dallas, Texas, specializing in performing information security assessments and audits focused around IT governance and regulatory compliance.
Industry Certifications, Licensure, & Training
Certified Information Security Specialist (CISSP)
Certified Internal Auditor (CIA)
Project Management Professional (PMP)
Certified Fraud Examiner (CFE)
Certified Information Systems Auditor (CISA)
Information Library Information Technology (ITIL) - Bryce CarterCISO, City of Arlington
Bryce Carter is a nationally-recognized leader known for his transformative impact on organizational culture and his ability drive cybersecurity as a key business enabler. Bryce has not only developed groundbreaking security strategies that safeguard data, but has also focused on the broader welfare of communities. His visionary approach has earned him positions on multiple advisory boards, where he helps shapes next-generation policies and technologies. In addition, Bryce contributes to the growth of future leaders by mentoring upcoming executives and technology professionals. His achievements have helped lay the groundwork for a more innovative, resilient, and inclusive future.
- Brandi JohnsonDeputy CISO, Toyota Financial Savings Bank
- Shawn E. Tuma, ModeratorCo-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane LLP
Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.
- Anmol AgarwalSr. Security Researcher, Nokia
Anmol Agarwal is a security researcher at a Fortune 500 Company and is focused on securing AI and Machine Learning in 5G and 6G. She holds a doctoral degree in cybersecurity analytics from George Washington University and a master’s degree in computer science from the University of Texas at Dallas. She previously worked at the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in the High Value Asset Program Management Office. In her free time, she enjoys giving back to the community and is an active industry mentor.
- Sybrand CnossenITAS Senior Associate , Weaver
Sybrand has more than three years of experience in information technology and IT risk advisory services. He has consulted with a wide range of clients, including Fortune 50 companies and government agencies. He is well versed in controls testing performed in UNIX / LINUX, and Microsoft (Windows Server and Active Directory) environments, utilizing the NIST, ISO and CMMC. His focus includes Payment Card Industry (PCI) consulting and cybersecurity maturity evaluations.
- Ian SchnellerCISO, Health Care Service Corporation
A 20+ year information security veteran, Ian has served in many leadership positions to include CIO/CISO. Ian also led a multi-billion dollar mission charged with developing and operating advanced cyber capabilities for the Undersecretary of Defense (Intelligence), the DoD Chief Information Officer, and the Secretary of the Air Force. In this role he led high impact global teams and advised the US Congress and Executive Branch, resulting in a coordinated, funded national approach to resolve the highest cyber concerns of Government leadership. In the financial sector, Ian has led strategic capabilities to protect critical infrastructure from cyber-attack.
- Jeremy RuckerData Privacy & Cyber Partner, Spencer Fane LLP
Jeremy Rucker leads businesses through the evolving and complex landscape of data privacy, security, and incident response. As a data privacy and cybersecurity attorney, Jeremy regularly counsels clients in all industries on the emerging federal, state, and international data laws and regulations, and also serves as a breach coach to guide organizations through national data breach notification processes and resultant regulator investigations.
Jeremy is a frequent speaker on data privacy and cybersecurity matters and is certified by the International Association of Privacy Professionals as a Privacy Law Specialist. Additionally, Jeremy holds double certifications as a Certified Information Privacy Professional for United States law (CIPP/US) and European law (CIPP/E); and a certification as a Certified Information Privacy Manager (CIPM – IAPP).
- Panel Discussion
- William Floyd, ModeratorCIO/CISO, FUTU US Inc.
- Teresa MerklinCyber Fellow, Aeronautics Cyber Range, Lockheed Martin , Lockheed Martin
Teresa Merklin is a Principal Information Assurance Engineer for Cybersecurity Engineering at Lockheed Martin Aeronautics, where she is responsible for technology identification and evaluation for aeronautics platforms. Teresa holds a BS in Electrical Engineering from Oklahoma State University, a Masters of Software Engineering from Texas Christian University, an MBA in Information Assurance from the University of Dallas. She is a CISSP and CSSLP.
- Al LindsethPrincipal, CI5O Advisory Services LLC
- Parrish GunnelsSVP & CISO, Sunflower Bank, N.A.
Parrish is currently SVP & CISO of Sunflower Bank and has more than 25 years of technology experience and more than 14 years in cybersecurity. During this time, Parrish has worked in various functions of technology, risk management, infrastructure services and support, audit and compliance, incident response, and cybersecurity / information security. His experience also includes working in multiple industries including financial services, telecommunications, chemical manufacturing, real estate, and retail. In addition, he has worked in both global Fortune 500 companies and small start-up-based companies.
During his tenure as a CISO, he has been involved in the creation, staffing, building, and management of comprehensive information security programs for various companies across diverse locations and personnel. In all these companies, he has implemented programs based on risk and threat analysis and has implemented controls, services, and processes that have not only met the needs of the company but also the regulatory and compliance requirements of the company including incident response capabilities.
Parrish holds a Master of Business Administration from Texas Christian University and certifications as a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Professional Project Manager (PMP).
- Panel Discussion
- Gabriel NwajiakuCommissioner, City of Austin's Community Technology and Telecommunications Commission
Gabriel Nwajiaku is a seasoned cybersecurity expert, army veteran, and community leader. Holding a diverse array of certifications including CISM, PMP, Security+, and CySA+, Gabriel brings a wealth of knowledge and experience to the table. His journey began in the military, where he honed his skills in strategic planning and risk management, serving his country with distinction.
After transitioning from the military, Gabriel continued his pursuit of excellence in cybersecurity, earning multiple certifications to further solidify his expertise. His commitment to continuous learning and professional development has enabled him to stay ahead of the curve in the ever-evolving landscape of cybersecurity threats and challenges.
In addition to his impressive professional achievements, Gabriel is also deeply engaged in his community. As the Commissioner of the City of Austin's Community Technology and Telecommunications Commission, he plays a vital role in shaping policies and initiatives that promote digital inclusion and access to technology for all residents.
With a passion for empowering individuals and organizations to navigate the complexities of cybersecurity, Gabriel brings a unique perspective to the table. His insights into establishing purpose and direction in this nebulous terrain are sure to inspire and enlighten audiences at the conference.
- Jonathan CiaramellaSr. Threat Intel Analyst, Fortune 500 Convenience Retail
Accomplished Senior Threat Intelligence Analyst and expert threat hunter with a robust background in cybersecurity, holding certifications in Penetration Testing and Bug Bounty. Proficient in Incident Response, Threat Hunting, Intelligence, Computer Forensics, Red Teaming, Penetration Testing, Vulnerability Assessment, and Audits. Skilled in designing SOCs, managing SIEM systems, conducting Risk Analysis, and developing Global Security Policies. Demonstrates expertise in Malware Analysis and Remediation, adept at enhancing security across complex IT environments to mitigate risks and protect organizational assets.
- Happy Hour
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
- VJ ViswanathanFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)
VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.
With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.
VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.
VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.
![](https://events.secureworld.io/wp-content/uploads/2019/11/app-phone2020.png)
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Join your local cybersecurity community for learning and professional growth!
![](https://cdn2.hubspot.net/hubfs/2221756/icons/sticky-side-cta-x.png)