Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, October 5, 2022
    9:00 am
    [PLUS Course] Cloud Audit
    • session level icon
    speaker photo
    Director, Enterprise Security Architecture; HIPAA Privacy & Security Officer, State of Colorado, Governor's Office of IT
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
  • Thursday, October 6, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Demystifying the Partnership with the FBI – InfraGard Chapter Meeting
    • session level icon
    Open to all attendees
    speaker photo
    Special Agent, FBI
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am
    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    9:00 am
    [Opening Keynote] Leading Cybersecurity with the Human Element
    • session level icon
    speaker photo
    CISO, State of Colorado
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    Revisiting Deception Systems: Enterprise Use Cases
    • session level icon
    speaker photo
    CISO, FirstBank
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    10:15 am
    Conquering Cloud Complexity
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Cloud security is hard, not least because cloud platforms change so quickly.  This talk presents several lessons learned from security teams struggling to get their arms around the sprawl of modern infrastructure, using practical analogies from pandemics and earthquakes.

    10:15 am
    Paving the Way to AppSec Program Success
    • session level icon
    How to build a scaleable enterprise-wide application security program.
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    This presentation offers a fundamental approach to creating a foundation for an application security program that holistically addresses findings by creating a conduit between the information security teams—who often discover the issues—and the development teams, who know the application better than anyone and can re-mediate issues in the best possible fashion.

    11:10 am
    Insider Threats: A Multi-Pronged Approach to Protecting Your Organization
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    Insider threats are a real danger and cannot be overlooked. While deploying the latest secure system to fight against cyber threats is a decent strategy, you must also implement an effective insider threat system for an overall cybersecurity solution. An insider threat program cannot be brought off the shelf, but is a continuous process to identify and detect an incident as it occurs.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    11:10 am
    Cyber Incidents, Forensics, and Insurance: Are All Three up to Snuff?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    2020 was the year of ransomware and the pandemic, and many organizations realized their IR wasn’t up to snuff, and others did not listen to external professionals helping and were re-compromised. Have you really tested your Incident Response processes? How about having a detailed post-mortem after an event? Have you looked at your cyber insurance policy to see who you are supposed to be using for assistance? This session will review going through an actual incident and what was good and what was missing in the recovery, alerting (oops, the customers are involved), and finding the root cause, and whether cyber insurance was worth it.

    11:10 am
    Ransomware Incident Command and Lessons Learned for Managers
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    This presentation presents a practical approach to incident command for managers at all levels, irrelevant of cyber expertise. Managers of all types are asked to take charge in critical situations and can benefit from leveraging proven crisis management processes during ransomware response.

    12:00 pm
    [Lunch Keynote] Demystifying Zero Trust and Its Role in Cybersecurity
    • session level icon
    speaker photo
    CEO & Co-Founder, ThreatLocker
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    The Zero Trust framework is based on the principle of “never trust, always verify.” Join us to learn about Zero Trust, how to adopt it, and the technologies you need to take control of your environment in the fight against ransomware.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    [Panel] Tales from the Cloud: Doing More with Less
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

    1:15 pm
    [Panel] The Current Threat Landscape
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    2:30 pm
    Physical and Digital Cyber Defense
    • session level icon
    speaker photo
    Chief Security Officer, Paper Excellence
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    2:30 pm
    How to Build an Effective Security Awareness Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    2:30 pm
    Going Passwordless: Authentication Fact or Fiction?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    Are your internal customers tired of passwords? Are you tired of easily breaking their passwords? Well, look no further. Passwordless authentication is upon us and can be achieved for multi-factor authentication (MFA), while making our internal customers happy. How is this possible? Come and listen with your colleagues as I share how we rolled it out, describe the lessons learned, and share who the players are.

    Passwords are one of the most loathed controls in the wild. If you can’t beat ’em, join ’em. Learn who the passwordless alphas are and the lessons learned to achieve a win-win strategy within your company.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    [Closing Fireside Chat] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    Registration Level:
    • session level iconConference Pass
    3:45 pm - 4:30 pm
Exhibitors
  • BlackCloak, Inc
    Booth:

    BlackCloak provides digital protection for corporate executives, Board Members, and high-profile and high-net-worth individuals and their families. Its award-winning Concierge Cybersecurity & Privacy™ Platform combines proprietary software with white-glove client service to prevent cyberattacks originating in an enterprise leader’s personal life from moving laterally into the organization. The Platform also protects individuals and their families from financial fraud, identity theft, targeted cyberattacks, reputational damage and other threats to privacy and security. Thousands of CISOs, CIOs, CFOs, and General Counsels trust BlackCloak to protect the personal privacy, devices, and homes of their most important personnel so they can continue to focus exclusively on what they do best: protecting the enterprise from cyberattack.

  • Colorado Technology Association
    Booth:

    The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.

    At the Colorado Technology Association, we:

    – Lead an inclusive network that benefits our member community
    – Advocate for a pro-business and technology-friendly climate
    – Influence the development of a robust talent pipeline
    – Lead initiatives to help companies grow.

  • Critical Start
    Booth:

    Critical Start is a cybersecurity company with a holistic, customer-focused approach. We work with our customers to understand the impact of IT on their business and determine the associated risks. Using this risk profile, we can offer big-picture guidance on the strategies and controls that will enable them to effectively manage risk and improve security. Critical Start is 100% employee owned by a team of experts who are passionate about security, quality and service. For more information on what sets us apart, visit criticalstart.com.

  • Expel
    Booth:

    Expel provides transparent managed security, on-prem and in the cloud. It’s the antidote for companies trapped in failed relationships with their managed security service provider (MSSP) and those looking to avoid the frustration of working with one in the first place. To learn more, go to https://www.expel.io.

  • HackEDU
    Booth:

    HackEDU provides secure coding training to companies ranging from startups to the Fortune 5. HackEDU’s mission is to provide best in class interactive cybersecurity training. Whether you are someone brand new to the field looking to break in or a developer looking to code more securely, we are passionate about teaching. Our aim is to lower barriers to learn security and give safe and legal environments for exploration. Only then will the industry flourish with more cybersecurity professionals and security champions.

    Our decades of cybersecurity experience helps us shape our platform and curriculum. We are always looking for cybersecurity experts that are passionate about teaching. If you are interested in joining our team please check out our careers page.

  • Illumio
    Booth:

    We built the Illumio Adaptive Security Platform (ASP)™ to provide unprecedented visualization and control of enterprise applications. Our system constantly inspects and adapts to the computing environment it is protecting, without pause.
    Moreover, since 75 percent of computing interactions never leave the data center, our customers can now have complete visibility behind the firewall, whether it is running in their data center or the vibrant public cloud services of Amazon Web Services, Microsoft Azure, Google Compute Engine, Rackspace, and many others.

  • Insight
    Booth:

    Insight is a comprehensive solutions integrator that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. With a client-focused approach to delivery, we recommend the most appropriate solutions to drive digital transformation and modernization for innovation. As clients look for ways to optimize data for better business, empower speed and scale of service, and drive next-gen security, Insight delivers expertise that is grounded, unbiased, and refreshingly straightforward.

  • (ISC)2 Denver Chapter
    Booth:

    (ISC)²® is the largest not-for-profit membership body of certified information security professionals worldwide, with nearly 80,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates.

  • Open Systems
    Booth:

    The escalated threat level, the cyber talent shortage, and the sheer complexity of deploying and managing a multitude of security solutions, are the perfect storm for security and IT teams. We are deeply passionate about protecting organizations from that storm.

    We provide a set of AI-based, cloud-delivered security solutions that are simple to deploy and manage, and provide the highest level of protection. And Mission Control, our integrated NOC and SOC, is staffed by experts, not only in threat hunting and cyber hygiene, but also in the proper configuration and maintenance of the Microsoft security stack. So we can leverage what you already own.

    The combination is changing the lives of our customers, giving them security traditionally reserved for only the largest organizations. We give them “shelter from the storm”. That is our passion.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth:

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • RiskRecon
    Booth:

    RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
    easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
    solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
    enabling organizations to efficiently operate scalable, third-party risk management programs for
    dramatically better risk outcomes. Request a demo to learn more about our solution.

  • Sonatype
    Booth:

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Thales
    Booth:

    As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

  • ThreatLocker
    Booth:

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Mohamed Malki
    Director, Enterprise Security Architecture; HIPAA Privacy & Security Officer, State of Colorado, Governor's Office of IT

    Mohamed Malki, director of enterprise security architecture and HIPAA officer, has been key in transforming the State of Colorado’s security landscape. He’s been critical in building Colorado’s cybersecurity plan, designing Colorado's public cloud architecture and building the requirements for Colorado's Blockchain center of excellence. Mohamed holds multiple degrees, speaks four languages, and has more than 50 certifications, including CSA CCSAK, ISACA CCAK, ISO/IEC 27001 lead Implementer and Auditor Instructor, AWS Cloud Architect, CISSP, CISM, PMP,Google GCP Architect, and Certified Ethical Hacker. A certified security trainer, Mohamed has helped hundreds of individuals achieve various certifications and proactively offers sessions for employees. Mohamed was recognized as “State Cybersecurity Leader of the Year 2019," the state leader who demonstrates a passion and focus on keeping systems secure and thinking about security in the big picture of state IT. More at: https://statescoop.com/2019-statescoop-50-awards-recognize-state-it-leaders-projects

  • speaker photo
    Chad Alvarado
    Special Agent, FBI
  • speaker photo
    Ray Yepes
    CISO, State of Colorado

    Yepes is the Chief Information Security Officer for the State of Colorado. Before joining the Governor’s Office for the State of Colorado, Ray served as the Chief Information Security Officer for the Texas Department of Family and Protective Services, the third largest agency in the Lone Star State. Ray holds a Master of Science in criminal justice and a Bachelor of Science in computer science from Sam Houston State University.

  • speaker photo
    Brenden Smith
    CISO, FirstBank

    Brenden Smith is the Chief Information Security Officer at FirstBank. Having spent the last 10 years at FirstBank he is passionate about their community involvement and “Banking for Good” philosophy. In his current role Brenden is focused on aligning security with the needs of the business to help drive better business outcomes through better partnership. His passions include dark web research and the ever evolving space of data privacy.

  • speaker photo
    Danny Jenkins
    CEO & Co-Founder, ThreatLocker

    Danny Jenkins is the CEO and Co-Founder of ThreatLocker, a cybersecurity firm providing Zero Trust endpoint security. Danny is a leading expert in cybersecurity with over two decades of experience in building and securing corporate networks, including many roles on red teams and blue teams. He is dedicated to educating industry professionals about the latest cyber threats and frequently speaks on the topics of ransomware and Zero Trust. Before ThreatLocker, Danny co-founded MXSweep, a global provider of email and internet security SaaS applications that sold exclusively through the channel. Danny was also the CEO at Sirrustec, specializing in whitelabeled channel delivered email security.

  • speaker photo
    Panel Discussion
  • speaker photo
    Panel Discussion
  • speaker photo
    Jason Miller
    Chief Security Officer, Paper Excellence
  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
INVEST IN YOUR GROWTH!

Join us for high-quality, affordable cybersecurity training and networking. Register today!