- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Thursday, October 6, 20227:00 amRegistration openRegistration Level:
- Open Sessions
7:00 am - 4:30 pmLocation / Room: Registration DeskCome to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
8:00 amExhibitor Hall openRegistration Level:- Open Sessions
8:00 am - 4:30 pmLocation / Room: Exhibitor Hall (Daniel’s Great Hall)Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:00 amAdvisory Council Roundtable Breakfast – (VIP / Invite only)Discussion Topic: Making Your Organization ResilientCISO, The Anschutz CorporationRegistration Level:- VIP / Exclusive
8:00 am - 8:50 amLocation / Room: 3rd Floor BoardroomSam Masiello will moderate a roundtable discussion on the topic of making our organizations cyber resilient.
For our Advisory Council members only.
8:00 amDemystifying the Partnership with the FBI – InfraGard Chapter MeetingOpen to all attendeesSpecial Agent, FBIRegistration Level:- Open Sessions
8:00 am - 8:50 amLocation / Room: Barbara Bresnan Boardroom9:00 am[Opening Keynote] The Whole-of-State Approach to Cybersecurity for ColoradoCISO, State of ColoradoRegistration Level:- Open Sessions
9:00 am - 9:45 amLocation / Room: Keynote Theater (Malone)More than half of all ransomware attacks are targeted to municipalities. Why? Because municipalities are usually the easiest targets. The “whole-of-state” approach helps governmental entities leverage their combined resources and expertise. Ray Yepes explains the strategy behind this holistic approach to cybersecurity, including the importance of breaking down silos while enabling real-time, cross-jurisdictional collaboration and partnerships. These occur across the entire state to improve the cybersecurity posture of all stakeholders, including these targeted municipalities.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:15 amLocation / Room: Exhibitor Hall (Daniel’s Great Hall)Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:15 amRevisiting Deception Systems: Enterprise Use CasesCISO, FirstBankRegistration Level:- Conference Pass
10:15 am - 11:00 amLocation / Room: Delaplaine Newsroom10:15 amWas Mudge Right? Exploring Moral Injury in CybersecurityMember, Board of Directors, Colorado Technology AssociationRegistration Level:- Conference Pass
10:15 am - 11:00 amLocation / Room: SaemanFormer CISOs are in the news—Uber’s Joe Sullivan, Twitter’s Peiter “Mudge” Zatko—and their actions raise an alarm bell for the cyber industry. Join industry veteran and former chaplain Karen Worstell to take a deep dive into what these events and others like them are telling you about moral distress and moral injury in cyber and what you can do about it to protect yourself, your career, and your team.
10:15 amBuilding an Effective Vulnerability Management Strategy and ProgramPrincipal Security Architect, InsightRegistration Level:- Open Sessions
10:15 am - 11:00 amLocation / Room: Barbara Bresnan BoardroomThis session focuses on key vulnerability management program components spanning people, process, and technology. We’ll discuss a strategy that helps avoid and mitigate common problems with people and technology, while reducing organizational risk. We will also explore ways to align with the organizational goals, and how to both identify and utilize a relevant, scalable framework. The session will also discuss methods to protect against various threats as well as effectively leveraging Critical Threat Intelligence.
11:10 amNegotiating Data Processing TermsManaging Partner, Scott & Scott, LLPRegistration Level:- Conference Pass
11:10 am - 11:55 amLocation / Room: SaemanGiven the explosion of state, federal, and international privacy and security regulations, data processing terms have become a priority for those buying and selling IT services. From ransomware attacks to sophisticated business email compromise (BEC) schemes, more attention is being paid to the agreements that clearly define the services that are included and excluded, make clear that providers are not responsible for failure of third-party solutions, or the criminal acts of third parties, and that include the appropriate data processing agreements to comply with applicable regulatory requirements such as GDPR, CCPA, HIPAA, and GLBA. Scott & Scott, LLP has developed a comprehensive new approach to customer contracting. During this presentation you will learn:
- How to standardize your data processing obligations into one set of Data Processing Agreements
- How to handle disputes over which regulations apply and which ones don’t at the time of contracting
- How to prevent data processing terms negotiations from becoming renegotiations of the master terms and conditions
- How to properly incorporate your Data Processing Agreement by reference into a sales order or statement of work
11:10 amA CISO Perspective: Discover, Protect, and Control Your Organization's Most Critical AssetsChannel Account Manager, ThalesCISO | Executive Advisor, EVOTEKRegistration Level:- Open Sessions
11:10 am - 11:55 amLocation / Room: Barbara Bresnan BoardroomJoin reps from Thales and EVOTEK as they discuss how organizations can simplify the way they protect what matters most. Learn about platforms that help to discover, protect, and control sensitive data, wherever it is—in the cloud, on premise, and across networks. They will also share insight into tools that deliver consistent visibility of sensitive data, unified protection and centralized control of data, and user access security policies.
Jacob Rubin, former CISO of Red Robin, will also provide his invaluable knowledge of the IT landscape based on his experience across multiple companies and industries.
12:00 pm[Lunch Keynote] Demystifying Zero Trust and Its Role in CybersecurityCyber Hero, ThreatLockerRegistration Level:- Open Sessions
12:00 pm - 12:45 pmLocation / Room: Keynote Theater (Malone)The Zero Trust framework is based on the principle of “never trust, always verify.” Join us to learn about Zero Trust, how to adopt it, and the technologies you need to take control of your environment in the fight against ransomware.
12:00 pmAdvisory Council Roundtable Lunch – (VIP / Invite only)The Landscape of True Threat IntelligenceCISO, State of ColoradoRegistration Level:- VIP / Exclusive
12:00 pm - 12:45 pmLocation / Room: 3rd Floor BoardroomFor Advisory Council members only.
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:15 pmLocation / Room: Exhibitor Hall (Daniel’s Great Hall)Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pm[Panel] Incident Response!Principal Solutions Architect, ExpelSr. Product Manager, Red CanaryManager, Risk Consulting, RSM US LLPCISO, InsurityRegistration Level:- Open Sessions
1:15 pm - 2:15 pmLocation / Room: Keynote Theater (Malone)Security teams are struggling to keep up with the myriad of attack vectors looming. As we emerge from the pandemic, now is the time to focus and adjust your Incident Response plan. There is a new set of tools and technologies helping squash attacks, but what happens when they fail? What’s in your IR plan that addresses the unknown, and how are your preparing? What has worked and what has not? Join our panel of experts in a valuable discussion focusing on current threats and how your company can be better equipped during these unprecedented times.
1:15 pm[Panel] The Current Threat LandscapeSr. MDR Security Consultant, Critical StartSecurity Solutions Advisor, IllumioSr. Sales Engineer, Open SystemsFederal Government Director of Sales, Prophecy Americas, Inc.Chief Product Architect, FastlySr. Cybersecurity Scientist, L3 HarrisRegistration Level:- Open Sessions
1:15 pm - 2:15 pmLocation / Room: Barbara Bresnan BoardroomIf we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?
It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.
2:30 pmPhysical and Digital Cyber Defense: Building Culture and CollaborationChief Security Officer, Paper ExcellenceRegistration Level:- Conference Pass
2:30 pm - 3:15 pmLocation / Room: Delaplaine NewsroomThis session offers a perspective from the “other” security: physical protection and risk mitigation. We will discuss the many ways our duties and responsibilities overlap and how the converged security functions create a much safer organization. Much of the presentation will focus on collaborating with ALL departments and building effective security culture to force-multiply a strategic proactive solution.
2:30 pmPlanning, Conducting, and Reporting on Cloud Audit EngagementsDirector, Enterprise Security Architecture, Colorado Governor's Office of ITRegistration Level:- Conference Pass
2:30 pm - 3:15 pmLocation / Room: SaemanThis session will immerse attendees in the new demand to conduct a comprehensive audit in the cloud. Using proven, engaging learning techniques, attendees will leave the course with a solid understanding of how to plan, conduct, and report on cloud audit engagements.
This session will be delivered by one of the world’s cloud audit experts using cloud-native , on-premises, and leading cloud providers recommended approaches. Mohamed Malki is a CISA and a global CSA CCAK and ISO/IEC 27001 Lead Auditor instructor.
2:30 pmCreate a Purpose-Driven 'Cyber Tribe' to Improve RetentionBanking, Insider Threat OperationsRegistration Level:- Open Sessions
2:30 pm - 3:15 pmLocation / Room: Barbara Bresnan BoardroomTroubles attracting and retaining the right cyber talent? And when you finally add some quality talent, once you’ve trained them, they leave for higher-paying positions, taking their training (your investment) and organizational tribal knowledge with them? Following this session, walk away with three strategies and a hands-on exercise for creating a fierce, purpose-driven tribe of cyber professionals serving with energy and passion. Learn why hunting can’t compete with farming.3:15 pmNetworking Break and Dash for PrizesRegistration Level:- Open Sessions
3:15 pm - 3:45 pmLocation / Room: Exhibitor Hall (Daniel’s Great Hall)Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.
Participating sponsors will announce their Dash for Prizes winners. Must be present to win.
3:45 pm[Closing Fireside Chat] BEC Attacks, Crypto, and the Investigative Powers of the Secret ServiceFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret ServiceNetwork Intrusion Forensic Analyst, U.S. Secret ServiceCISO, Uplight; Co-Host, Colorado = Security podcastRegistration Level:- Open Sessions
3:45 pm - 4:30 pmLocation / Room: Keynote Theater (Malone)
- BlackCloak, IncBooth: 460
BlackCloak provides digital protection for corporate executives, Board Members, and high-profile and high-net-worth individuals and their families. Its award-winning Concierge Cybersecurity & Privacy™ Platform combines proprietary software with white-glove client service to prevent cyberattacks originating in an enterprise leader’s personal life from moving laterally into the organization. The Platform also protects individuals and their families from financial fraud, identity theft, targeted cyberattacks, reputational damage and other threats to privacy and security. Thousands of CISOs, CIOs, CFOs, and General Counsels trust BlackCloak to protect the personal privacy, devices, and homes of their most important personnel so they can continue to focus exclusively on what they do best: protecting the enterprise from cyberattack.
- BlueVoyantBooth: 420
At BlueVoyant, we recognize that effective cybersecurity requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem.
Accuracy. Actionability. Timeliness. Scalability.
- Colorado Technology AssociationBooth: 400
The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.
At the Colorado Technology Association, we:
– Lead an inclusive network that benefits our member community
– Advocate for a pro-business and technology-friendly climate
– Influence the development of a robust talent pipeline
– Lead initiatives to help companies grow. - Critical StartBooth: 350
Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.
- ExpelBooth: 250
Expel provides transparent managed security, on-prem and in the cloud. It’s the antidote for companies trapped in failed relationships with their managed security service provider (MSSP) and those looking to avoid the frustration of working with one in the first place. To learn more, go to https://www.expel.io.
- FastlyBooth: 220
Expectations for websites and apps are at an all-time high. If they aren’t fast, secure, and highly personalized, users take their business elsewhere. But today’s most innovative companies are thriving by meeting this challenge head on: they’re choosing Fastly and an investment in their developers.
With Fastly’s powerful edge cloud platform, developers get the tools they need to build the most groundbreaking apps — all optimized for speed, security, and scale — so businesses can effectively transform to compete in today’s markets. Together, we’re building the future of the web.
- IllumioBooth: 240
We built the Illumio Adaptive Security Platform (ASP)™ to provide unprecedented visualization and control of enterprise applications. Our system constantly inspects and adapts to the computing environment it is protecting, without pause.
Moreover, since 75 percent of computing interactions never leave the data center, our customers can now have complete visibility behind the firewall, whether it is running in their data center or the vibrant public cloud services of Amazon Web Services, Microsoft Azure, Google Compute Engine, Rackspace, and many others. - InfraGard Colorado – Denver Members AllianceBooth: 100
InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.
The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.
- InsightBooth: 300
Insight is a comprehensive solutions integrator that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. With a client-focused approach to delivery, we recommend the most appropriate solutions to drive digital transformation and modernization for innovation. As clients look for ways to optimize data for better business, empower speed and scale of service, and drive next-gen security, Insight delivers expertise that is grounded, unbiased, and refreshingly straightforward.
- ISSA Denver ChapterBooth: 110
ISSA Denver Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.
- NetsurionBooth: 440
Netsurion® delivers an adaptive managed security solution that integrates our XDR platform with your existing security investments and technology stack, easily scaling to fit your business needs. Netsurion’s managed offering includes our 24×7 SOC that operates as your trusted cybersecurity partner, working closely with your IT team to strengthen your cybersecurity posture. Our solution delivers managed threat protection so you can confidently focus on your core business.
Headquartered in Ft. Lauderdale, FL, with a global team of security analysts and engineers, Netsurion is a leader in Managed Extended Detection & Response (MXDR). Learn more at www.netsurion.com.
- Open SystemsBooth: 230
The escalated threat level, the cyber talent shortage, and the sheer complexity of deploying and managing a multitude of security solutions, are the perfect storm for security and IT teams. We are deeply passionate about protecting organizations from that storm.
We provide a set of AI-based, cloud-delivered security solutions that are simple to deploy and manage, and provide the highest level of protection. And Mission Control, our integrated NOC and SOC, is staffed by experts, not only in threat hunting and cyber hygiene, but also in the proper configuration and maintenance of the Microsoft security stack. So we can leverage what you already own.
The combination is changing the lives of our customers, giving them security traditionally reserved for only the largest organizations. We give them “shelter from the storm”. That is our passion.
- Prophecy AmericasBooth: 200
Prophecy International Holdings Limited (ASX: PRO) is the holding company for:
• Snare, which develops a suite of advanced threat intelligence software solutions used around the world across industries ranging from defence, financial services and manufacturing to government agencies, transport and retail.• eMite, which develops advanced real-time analytics and dashboard solutions which can be rapidly deployed into nearly every IT environment. eMite is used to correlate disparate sources of information into a single, customisable view and is used in a variety of industries where real-time data dashboards are critical, including contact centres and IT service management.
Prophecy International Holdings Limited Ltd was established in 1980 and services markets in the USA, Europe, Asia and Australia. - Recorded FutureBooth: 430
Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.
- Red CanaryBooth: 330
Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.
- RiskReconBooth: 340
RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
enabling organizations to efficiently operate scalable, third-party risk management programs for
dramatically better risk outcomes. Request a demo to learn more about our solution. - RSMBooth: 450
RSM is the leading provider of audit, tax and consulting services to the middle market. With over 13,000 professionals across the U.S. and Canada and a global presence in 123 countries, our purpose is to deliver the power of being understood to our clients, colleagues and communities. As first-choice advisors, we are focused on developing leading professionals and innovative services to meet our clients’ evolving needs in today’s ever-changing business environment.
- Cyber Fraud Task Force – U.S. Secret ServiceBooth: 120
Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.
- Security JourneyBooth: 370
HackEDU’s spring 2022 acquisition of Security Journey brings together two powerful platforms to provide application security education for developers and the entire SDLC team. The two officially became one in August 2022 and are now Security Journey. Two platforms, one path to build a security-first development culture.
- SonatypeBooth: 210
Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally
- TechTargetBooth: N/A
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- Thales + EVOTEKBooth: 320
As the global leader in cloud and data protection, Thales helps the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud, and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.
EVOTEK is North America’s premier enabler of digital business. With services practices that span an integrated set of technical domains, EVOTEK provides a cohesive approach to digital initiatives while driving business impact. For more information, visit https://www.evotek.com.
- ThreatLockerBooth: 310
ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com
- WiCyS Colorado AffiliateBooth: 410
- Sam MasielloCISO, The Anschutz Corporation
Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to The Anschutz Corporation, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.
Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).
- Ray YepesCISO, State of Colorado
Yepes is the Chief Information Security Officer for the State of Colorado Governor's Office of Information Technology. Before his current role, Ray served as the CISO for the Texas Department of Family and Protective Services, the third largest agency in the Lone Star State. Ray holds a Master of Science in criminal justice and a Bachelor of Science in computer science from Sam Houston State University.
- Brenden SmithCISO, FirstBank
Brenden Smith is the Chief Information Security Officer at FirstBank. Having spent the last 10 years at FirstBank he is passionate about their community involvement and “Banking for Good” philosophy. In his current role Brenden is focused on aligning security with the needs of the business to help drive better business outcomes through better partnership. His passions include dark web research and the ever evolving space of data privacy.
- Karen WorstellMember, Board of Directors, Colorado Technology Association
Karen Worstell began her cyber career 30 years ago when her Programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question.
She has provided cybersecurity support for programs like the Advanced Tactical Fighter prototype and B2 Bomber, developed the first computer security manual for the Boeing Company, and led research in secure distributed computing for Boeing’s Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide, SRI Consulting, Bank of America, AT&T Wireless, Microsoft and Russell Investments. She was the CEO for AtomicTangerine, the SRI International spinoff focused on security that served international Fortune 100 companies in security strategy and major technology implementations. She co-chaired major security events for SRI International, Forbes.com, and Georgetown University Law Center.
She held positions at NIST for OSI security architecture, the security subcommittee of the Aerospace Industries Association, US Department of Commerce Security and Privacy Advisory Board, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld, IIA, ISSA, ISACA, AusCERT, Security Conference Israel, and RSA.
She is the author of “Governance and Internal Controls for Cutting Edge IT” published by ITG, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms” by Pike & Fisher.
Her technical expertise spans Identity and Access Management, Intrusion Detection and Response, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks.” Today she focuses on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leadership roles for enterprises who are serious about cyber security.
- Donald IkhtiariPrincipal Security Architect, Insight
Don possesses over 30 years of technical, executive, and team leadership contributions in information security and IT Infrastructure. He is an ethical and trusted security advisor who builds and fosters positive working relationships with clients while delivering innovative value-driven security solutions that improve the security maturity of organizations. In addition, Don assists clients in developing and enhancing their Governance, Risk Management, and Compliance (GRC) and security programs, adhering to regulatory compliance, and improving their overall security posture through strategy, process, and technology enhancements.
- Robert ScottManaging Partner, Scott & Scott, LLP
Robert represents mid-market and large enterprise companies in software license transactions and disputes with major software publishers such as Adobe, IBM, Microsoft, Oracle and SAP. He has defended over 250 software audit matters initiated by software piracy trade groups such as the BSA and SIIA. He is counsel to some of the world’s largest corporations, such as Schlumberger, PepsiCo, Iron Mountain and American Express, on information technology matters including intellectual property licensing, risk management, data privacy, and outsourcing.
- Danielle GoodChannel Account Manager, Thales
Danielle is an innovative channel account manager with a deep background in delivering effective partner and customer experiences in high-growth and fast-paced environments. She is passionate about helping organizations reach peak security performance through customer-focused leadership, people development, team collaboration, and data-driven results. Prior to joining Thales, Good held positions as a Director of Customer Success at Crossfuze, a ServiceNow elite partner, and a Director of Operations at Giannuzzi Lewendon LLP, a M&A law firm, in New York City.
- Dr. Jacob RubinCISO | Executive Advisor, EVOTEK
Jacob Rubin is a successful security and risk executive with broad Fortune-class experience in technology, manufacturing, hospitality, healthcare, and consulting. Academically, Jacob holds a Doctorate of Philosophy and double Master’s degrees with a primary field of study in Behavioral Cyber Security. Jacob focused his dissertation work on the application of Economics Rational Choice Theory to analyze employee decisions when committing non-malicious security violations. Jacob also holds a series of security certifications, including CISSP, CISM, and CISA.
- Chad MaskillCyber Hero, ThreatLocker
Chad Maskill has two decades of experience in consultation and client management. In his current role, Chad reaches out to assist businesses in hardening their environment preventing ransomware and malicious attacks. Chad has devoted his career to implementing client driven solutions, working with everyone from Ford Motor Company, Tesla, Infinity Ward, as well as numerous municipalities throughout the U.S. and countless SMBs. Previously, he worked with local government in designing and sourcing emergency apparatus and can still parallel park a Ladder Truck.
- Ray YepesCISO, State of Colorado
Yepes is the Chief Information Security Officer for the State of Colorado Governor's Office of Information Technology. Before his current role, Ray served as the CISO for the Texas Department of Family and Protective Services, the third largest agency in the Lone Star State. Ray holds a Master of Science in criminal justice and a Bachelor of Science in computer science from Sam Houston State University.
- Tyler FornesPrincipal Solutions Architect, Expel
Tyler Fornes is a Principal Solutions Architect at Expel. Tyler formally led Expel's Global Response Team in performing incident response for both Expel's enterprise and cloud offerings. Prior to Expel, Tyler worked at FireEye after receiving a M.S. in Computing Security at the Rochester Institute of Technology.
- Dave M. CollinsManager, Risk Consulting, RSM US LLP
Dave brings over 30 years of IT, governance, risk, security/privacy, and compliance experience and consultation services to a variety of businesses and industries. Areas of focus include financial, insurance, retail, and healthcare. Dave has worked with organizations from small business to Fortune 100.
A former CISO/director in the private sector, Dave presently delivers advice and consultation regarding IT and organizational risk management, information security and privacy controls, as well as governance and compliance requirements and initiatives. Additionally, Dave is engaged as part of the office of the vCISO, helping clients build and enhance their overall IT security programs and posture.
Dave's professional affiliations and credentials include: HiTrust CCSFP certified, CISSP certified, ISACA, and InfraGard. His education includes: Unix administration certificate, University of Illinois/O’Reilly; Business/individualized studies, Lourdes College; Music education studies, Cumberland College.
- Jay Wilson, ModeratorCISO, Insurity
- Dwayne CollierSr. Sales Engineer, Open Systems
For most people, cybersecurity doesn't sound very interesting. For me, cybersecurity is a passion I’ve been chasing for 10+ years. Most recently, my work has landed me a position as a Sales Engineer with Open Systems where I’m focused on solving client security requirements.
- Bill JessenFederal Government Director of Sales, Prophecy Americas, Inc.
As an accomplished technology and public sector sales leader, Bill Jessen has worked with large Fortune 500 companies like AT&T, Verizon, and Motorola as well as small to medium business throughout the US. Throughout his career, he has worked with notable municipalities and enterprise organizations including the Executive Office of the President, FBI, ATF, Colorado State Patrol, Department of Defense, IBM, Hertz, and the Palo Verde Nuclear Power Plant. As Director of U.S. Federal Sales, Jessen’s primary goal is maintaining and growing the company’s relationships with agencies and strategic partners within the U.S. government and military & defense sectors.
- Sean LeachChief Product Architect, Fastly
Sean is the Chief Product Architect at Fastly, where he focuses on building and scaling products around large scale, mission critical infrastructure. He was previously VP, Technology for Verisign, where he provided strategic direction along with product and technical architecture and was a primary company spokesperson. Sean was previously CTO of name.com, a top 15 domain registration and web hosting company as well as a Sr. Director at Neustar. He holds a BS in Computer Science from the University of Delaware. His current research focus is on DNS, DDOS, Web/network performance, Internet infrastructure and combating the massive Internet security epidemic.
- Moderator: Derek IsaacsSr. Cybersecurity Scientist, L3 Harris
Author, speaker, and SME. Specialties and certifications include: CISSP, CRISC, CGEIT, Security+, C|EH, C|NDA, ITILv.3, C|CISO
- Jason MillerChief Security Officer, Paper Excellence
Jason is the Chief Security Officer (North America) for Paper Excellence, where he manages all aspects of physical security. His diverse career spans over 25 years in US Special Operations and Corporate Enterprise, including roles as the Vice President of the Risk division for the largest security company in the world and Board of Directors of a non-profit company focused on helping veterans with PTSD. Before beginning his career in the security industry, Mr. Miller served honorably as a U.S. Navy SEAL officer. He attended Rice University (Bachelor’s Degree in Economics & Managerial Studies) and University of Denver (Master’s Degree in Security Management).
- Mohamed MalkiDirector, Enterprise Security Architecture, Colorado Governor's Office of IT
Mohamed Malki, director of enterprise security architecture and HIPAA officer, has been key in transforming the State of Colorado’s security landscape. He’s been critical in building Colorado’s cybersecurity plan, designing Colorado's public cloud architecture and building the requirements for Colorado's Blockchain center of excellence. Mohamed holds multiple degrees, speaks four languages, and has more than 50 certifications, including CSA CCSAK, ISACA CCAK, ISO/IEC 27001 lead Implementer and Auditor Instructor, AWS Cloud Architect, CISSP, CISM, PMP,Google GCP Architect, and Certified Ethical Hacker. A certified security trainer, Mohamed has helped hundreds of individuals achieve various certifications and proactively offers sessions for employees. Mohamed was recognized as “State Cybersecurity Leader of the Year 2019," the state leader who demonstrates a passion and focus on keeping systems secure and thinking about security in the big picture of state IT. More at: https://statescoop.com/2019-statescoop-50-awards-recognize-state-it-leaders-projects
- Gregg BrauntonBanking, Insider Threat Operations
A strategic security partner blended with deep operational, architecture, and compliance expertise. Innovative, strategic, and tactical security leadership utilizing "business aligned" and "data-driven" cybersecurity models and frameworks. Gregg has 20+ years extensive cyber expertise leading and delivering cybersecurity operations, architecture, and security risk life-cycle management in highly compliant driven risk frameworks: HIPAA, FISMA, NIST, HiTrust. TOP SECRET CLEARANCE.
- Stephen DoughertyFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.
- Patrick "Suess" BeyerNetwork Intrusion Forensic Analyst, U.S. Secret Service
- Alex WoodCISO, Uplight; Co-Host, Colorado = Security podcast
Alex Wood is currently the CISO for Uplight and has more than 18 years of experience in information security. Previously, he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has an MAS in Information Security from the University of Denver.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes