googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, October 6, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall (Daniel’s Great Hall)

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Discussion Topic: Making Your Organization Resilient
    speaker photo
    CISO, The Anschutz Corporation
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am
    Location / Room: 3rd Floor Boardroom

    Sam Masiello will moderate a roundtable discussion on the topic of making our organizations cyber resilient.

    For our Advisory Council members only.

    8:00 am
    Demystifying the Partnership with the FBI – InfraGard Chapter Meeting
    • session level icon
    Open to all attendees
    speaker photo
    Special Agent, FBI
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am
    Location / Room: Barbara Bresnan Boardroom
    9:00 am
    [Opening Keynote] The Whole-of-State Approach to Cybersecurity for Colorado
    • session level icon
    speaker photo
    CISO, State of Colorado
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater (Malone)

    More than half of all ransomware attacks are targeted to municipalities. Why? Because municipalities are usually the easiest targets. The “whole-of-state” approach helps governmental entities leverage their combined resources and expertise. Ray Yepes explains the strategy behind this holistic approach to cybersecurity, including the importance of breaking down silos while enabling real-time, cross-jurisdictional collaboration and partnerships. These occur across the entire state to improve the cybersecurity posture of all stakeholders, including these targeted municipalities.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall (Daniel’s Great Hall)

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    Revisiting Deception Systems: Enterprise Use Cases
    • session level icon
    speaker photo
    CISO, FirstBank
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Location / Room: Delaplaine Newsroom
    10:15 am
    Was Mudge Right? Exploring Moral Injury in Cybersecurity
    • session level icon
    speaker photo
    CEO & Founder, W Risk Group LLC
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Location / Room: Saeman

    Former CISOs are in the news—Uber’s Joe Sullivan, Twitter’s Peiter “Mudge” Zatko—and their actions raise an alarm bell for the cyber industry. Join industry veteran and former chaplain Karen Worstell to take a deep dive into what these events and others like them are telling you about moral distress and moral injury in cyber and what you can do about it to protect yourself, your career, and your team.

    10:15 am
    Building an Effective Vulnerability Management Strategy and Program
    • session level icon
    speaker photo
    Principal Security Architect, Insight
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    Location / Room: Barbara Bresnan Boardroom

    This session focuses on key vulnerability management program components spanning people, process, and technology. We’ll discuss a strategy that helps avoid and mitigate common problems with people and technology, while reducing organizational risk. We will also explore ways to align with the organizational goals, and how to both identify and utilize a relevant, scalable framework. The session will also discuss methods to protect against various threats as well as effectively leveraging Critical Threat Intelligence.

    11:10 am
    Negotiating Data Processing Terms
    • session level icon
    speaker photo
    Managing Partner, Scott & Scott, LLP
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    Location / Room: Saeman

    Given the explosion of state, federal, and international privacy and security regulations, data processing terms have become a priority for those buying and selling IT services. From ransomware attacks to sophisticated business email compromise (BEC) schemes, more attention is being paid to the agreements that clearly define the services that are included and excluded, make clear that providers are not responsible for failure of third-party solutions, or the criminal acts of third parties, and that include the appropriate data processing agreements to comply with applicable regulatory requirements such as GDPR, CCPA, HIPAA, and GLBA. Scott & Scott, LLP has developed a comprehensive new approach to customer contracting. During this presentation you will learn:

    • How to standardize your data processing obligations into one set of Data Processing Agreements
    • How to handle disputes over which regulations apply and which ones don’t at the time of contracting
    • How to prevent data processing terms negotiations from becoming renegotiations of the master terms and conditions
    • How to properly incorporate your Data Processing Agreement by reference into a sales order or statement of work
    11:10 am
    A CISO Perspective: Discover, Protect, and Control Your Organization's Most Critical Assets
    • session level icon
    speaker photo
    Channel Account Manager, Thales
    speaker photo
    CISO | Executive Advisor, EVOTEK
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    Location / Room: Barbara Bresnan Boardroom

    Join reps from Thales and EVOTEK as they discuss how organizations can simplify the way they protect what matters most. Learn about platforms that help to discover, protect, and control sensitive data, wherever it is—in the cloud, on premise, and across networks. They will also share insight into tools that deliver consistent visibility of sensitive data, unified protection and centralized control of data, and user access security policies.

    Jacob Rubin, former CISO of Red Robin, will also provide his invaluable knowledge of the IT landscape based on his experience across multiple companies and industries.

    12:00 pm
    [Lunch Keynote] Demystifying Zero Trust and Its Role in Cybersecurity
    • session level icon
    speaker photo
    Cyber Hero, ThreatLocker
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater (Malone)

    The Zero Trust framework is based on the principle of “never trust, always verify.” Join us to learn about Zero Trust, how to adopt it, and the technologies you need to take control of your environment in the fight against ransomware.

    12:00 pm
    Advisory Council Roundtable Lunch – (VIP / Invite only)
    • session level icon
    The Landscape of True Threat Intelligence
    speaker photo
    CISO, State of Colorado
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm
    Location / Room: 3rd Floor Boardroom

    For Advisory Council members only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall (Daniel’s Great Hall)

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    [Panel] Incident Response!
    • session level icon
    speaker photo
    Principal Solutions Architect, Expel
    speaker photo
    Sr. Product Manager, Red Canary
    speaker photo
    Manager, Risk Consulting, RSM US LLP
    speaker photo
    CISO, Insurity
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater (Malone)

    Security teams are struggling to keep up with the myriad of attack vectors looming. As we emerge from the pandemic, now is the time to focus and adjust your Incident Response plan. There is a new set of tools and technologies helping squash attacks, but what happens when they fail? What’s in your IR plan that addresses the unknown, and how are your preparing? What has worked and what has not? Join our panel of experts in a valuable discussion focusing on current threats and how your company can be better equipped during these unprecedented times.

    1:15 pm
    [Panel] The Current Threat Landscape
    • session level icon
    speaker photo
    Sr. MDR Security Consultant, Critical Start
    speaker photo
    Security Solutions Advisor, Illumio
    speaker photo
    Sr. Sales Engineer, Open Systems
    speaker photo
    Federal Government Director of Sales, Prophecy Americas, Inc.
    speaker photo
    Chief Product Architect, Fastly
    speaker photo
    Sr. Cybersecurity Scientist, L3 Harris
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Barbara Bresnan Boardroom

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    2:30 pm
    Physical and Digital Cyber Defense: Building Culture and Collaboration
    • session level icon
    speaker photo
    Chief Security Officer, Paper Excellence
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Location / Room: Delaplaine Newsroom

    This session offers a perspective from the “other” security: physical protection and risk mitigation. We will discuss the many ways our duties and responsibilities overlap and how the converged security functions create a much safer organization. Much of the presentation will focus on collaborating with ALL departments and building effective security culture to force-multiply a strategic proactive solution.

    2:30 pm
    Planning, Conducting, and Reporting on Cloud Audit Engagements
    • session level icon
    speaker photo
    Director, Enterprise Security Architecture, Colorado Governor's Office of IT
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Location / Room: Saeman

    This session will immerse attendees in the new demand to conduct a comprehensive audit in the cloud. Using proven, engaging learning techniques, attendees will leave the course with a solid understanding of how to plan, conduct, and report on cloud audit engagements.

    This session will be delivered by one of the world’s cloud audit experts using cloud-native , on-premises, and leading cloud providers recommended approaches. Mohamed Malki is a CISA and a global CSA CCAK and ISO/IEC 27001 Lead Auditor instructor.

    2:30 pm
    Create a Purpose-Driven 'Cyber Tribe' to Improve Retention
    • session level icon
    speaker photo
    Banking, Insider Threat Operations
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    Location / Room: Barbara Bresnan Boardroom
    Troubles attracting and retaining the right cyber talent? And when you finally add some quality talent, once you’ve trained them, they leave for higher-paying positions, taking their training (your investment) and organizational tribal knowledge with them? Following this session, walk away with three strategies and a hands-on exercise for creating a fierce, purpose-driven tribe of cyber professionals serving with energy and passion. Learn why hunting can’t compete with farming.
    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall (Daniel’s Great Hall)

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    [Closing Fireside Chat] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    speaker photo
    Special Agent, U.S. Secret Service
    speaker photo
    Network Intrusion Forensic Analyst, U.S. Secret Service
    speaker photo
    CISO, Uplight; Co-Host, Colorado = Security podcast
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    Location / Room: Keynote Theater (Malone)
Exhibitors
  • BlackCloak, Inc
    Booth: 460

    BlackCloak provides digital protection for corporate executives, Board Members, and high-profile and high-net-worth individuals and their families. Its award-winning Concierge Cybersecurity & Privacy™ Platform combines proprietary software with white-glove client service to prevent cyberattacks originating in an enterprise leader’s personal life from moving laterally into the organization. The Platform also protects individuals and their families from financial fraud, identity theft, targeted cyberattacks, reputational damage and other threats to privacy and security. Thousands of CISOs, CIOs, CFOs, and General Counsels trust BlackCloak to protect the personal privacy, devices, and homes of their most important personnel so they can continue to focus exclusively on what they do best: protecting the enterprise from cyberattack.

  • BlueVoyant
    Booth: 420

    At BlueVoyant, we recognize that effective cybersecurity requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem.

    Accuracy. Actionability. Timeliness. Scalability.

  • Colorado Technology Association
    Booth: 400

    The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.

    At the Colorado Technology Association, we:

    – Lead an inclusive network that benefits our member community
    – Advocate for a pro-business and technology-friendly climate
    – Influence the development of a robust talent pipeline
    – Lead initiatives to help companies grow.

  • Critical Start
    Booth: 350

    Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.

  • Expel
    Booth: 250

    Expel provides transparent managed security, on-prem and in the cloud. It’s the antidote for companies trapped in failed relationships with their managed security service provider (MSSP) and those looking to avoid the frustration of working with one in the first place. To learn more, go to https://www.expel.io.

  • Fastly
    Booth: 220

    Expectations for websites and apps are at an all-time high. If they aren’t fast, secure, and highly personalized, users take their business elsewhere. But today’s most innovative companies are thriving by meeting this challenge head on: they’re choosing Fastly and an investment in their developers.

    With Fastly’s powerful edge cloud platform, developers get the tools they need to build the most groundbreaking apps — all optimized for speed, security, and scale — so businesses can effectively transform to compete in today’s markets. Together, we’re building the future of the web.

  • Illumio
    Booth: 240

    We built the Illumio Adaptive Security Platform (ASP)™ to provide unprecedented visualization and control of enterprise applications. Our system constantly inspects and adapts to the computing environment it is protecting, without pause.
    Moreover, since 75 percent of computing interactions never leave the data center, our customers can now have complete visibility behind the firewall, whether it is running in their data center or the vibrant public cloud services of Amazon Web Services, Microsoft Azure, Google Compute Engine, Rackspace, and many others.

  • InfraGard Colorado – Denver Members Alliance
    Booth: 100

    InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

    The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.

  • Insight
    Booth: 300

    Insight is a comprehensive solutions integrator that helps organizations transform technology, operations, and service delivery to meet challenges and future-proof the business. With a client-focused approach to delivery, we recommend the most appropriate solutions to drive digital transformation and modernization for innovation. As clients look for ways to optimize data for better business, empower speed and scale of service, and drive next-gen security, Insight delivers expertise that is grounded, unbiased, and refreshingly straightforward.

  • ISSA Denver Chapter
    Booth: 110

    ISSA Denver Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • Netsurion
    Booth: 440

    Netsurion® delivers an adaptive managed security solution that integrates our XDR platform with your existing security investments and technology stack, easily scaling to fit your business needs. Netsurion’s managed offering includes our 24×7 SOC that operates as your trusted cybersecurity partner, working closely with your IT team to strengthen your cybersecurity posture. Our solution delivers managed threat protection so you can confidently focus on your core business.

    Headquartered in Ft. Lauderdale, FL, with a global team of security analysts and engineers, Netsurion is a leader in Managed Extended Detection & Response (MXDR). Learn more at www.netsurion.com.

  • Open Systems
    Booth: 230

    The escalated threat level, the cyber talent shortage, and the sheer complexity of deploying and managing a multitude of security solutions, are the perfect storm for security and IT teams. We are deeply passionate about protecting organizations from that storm.

    We provide a set of AI-based, cloud-delivered security solutions that are simple to deploy and manage, and provide the highest level of protection. And Mission Control, our integrated NOC and SOC, is staffed by experts, not only in threat hunting and cyber hygiene, but also in the proper configuration and maintenance of the Microsoft security stack. So we can leverage what you already own.

    The combination is changing the lives of our customers, giving them security traditionally reserved for only the largest organizations. We give them “shelter from the storm”. That is our passion.

  • Prophecy Americas
    Booth: 200

    Prophecy International Holdings Limited (ASX: PRO) is the holding company for:
    • Snare, which develops a suite of advanced threat intelligence software solutions used around the world across industries ranging from defence, financial services and manufacturing to government agencies, transport and retail.

    • eMite, which develops advanced real-time analytics and dashboard solutions which can be rapidly deployed into nearly every IT environment. eMite is used to correlate disparate sources of information into a single, customisable view and is used in a variety of industries where real-time data dashboards are critical, including contact centres and IT service management.
    Prophecy International Holdings Limited Ltd was established in 1980 and services markets in the USA, Europe, Asia and Australia.

  • Recorded Future
    Booth: 430

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth: 330

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • RiskRecon
    Booth: 340

    RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
    easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
    solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
    enabling organizations to efficiently operate scalable, third-party risk management programs for
    dramatically better risk outcomes. Request a demo to learn more about our solution.

  • RSM
    Booth: 450

    RSM is the leading provider of audit, tax and consulting services to the middle market. With over 13,000 professionals across the U.S. and Canada and a global presence in 123 countries, our purpose is to deliver the power of being understood to our clients, colleagues and communities. As first-choice advisors, we are focused on developing leading professionals and innovative services to meet our clients’ evolving needs in today’s ever-changing business environment.

  • Cyber Fraud Task Force – U.S. Secret Service
    Booth: 120

    Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.

  • Security Journey
    Booth: 370

    HackEDU’s spring 2022 acquisition of Security Journey brings together two powerful platforms to provide application security education for developers and the entire SDLC team. The two officially became one in August 2022 and are now Security Journey. Two platforms, one path to build a security-first development culture.

  • Sonatype
    Booth: 210

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Thales + EVOTEK
    Booth: 320

    As the global leader in cloud and data protection, Thales helps the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud, and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

    EVOTEK is North America’s premier enabler of digital business. With services practices that span an integrated set of technical domains, EVOTEK provides a cohesive approach to digital initiatives while driving business impact. For more information, visit https://www.evotek.com.

  • ThreatLocker
    Booth: 310

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • WiCys Colorado Affiliate
    Booth: 410
Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Sam Masiello
    CISO, The Anschutz Corporation

    Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to Beckage, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.

    Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).

  • speaker photo
    Chad Alvarado
    Special Agent, FBI
  • speaker photo
    Ray Yepes
    CISO, State of Colorado

    Yepes is the Chief Information Security Officer for the State of Colorado Governor's Office of Information Technology. Before his current role, Ray served as the CISO for the Texas Department of Family and Protective Services, the third largest agency in the Lone Star State. Ray holds a Master of Science in criminal justice and a Bachelor of Science in computer science from Sam Houston State University.

  • speaker photo
    Brenden Smith
    CISO, FirstBank

    Brenden Smith is the Chief Information Security Officer at FirstBank. Having spent the last 10 years at FirstBank he is passionate about their community involvement and “Banking for Good” philosophy. In his current role Brenden is focused on aligning security with the needs of the business to help drive better business outcomes through better partnership. His passions include dark web research and the ever evolving space of data privacy.

  • speaker photo
    Karen Worstell
    CEO & Founder, W Risk Group LLC

    Karen Worstell began her cyber career 30 years ago when her Programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question.

    She has provided cybersecurity support for programs like the Advanced Tactical Fighter prototype and B2 Bomber, developed the first computer security manual for the Boeing Company, and led research in secure distributed computing for Boeing’s Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide, SRI Consulting, Bank of America, AT&T Wireless, Microsoft and Russell Investments. She was the CEO for AtomicTangerine, the SRI International spinoff focused on security that served international Fortune 100 companies in security strategy and major technology implementations. She co-chaired major security events for SRI International, Forbes.com, and Georgetown University Law Center.

    She held positions at NIST for OSI security architecture, the security subcommittee of the Aerospace Industries Association, US Department of Commerce Security and Privacy Advisory Board, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld, IIA, ISSA, ISACA, AusCERT, Security Conference Israel, and RSA.

    She is the author of “Governance and Internal Controls for Cutting Edge IT” published by ITG, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms” by Pike & Fisher.

    Her technical expertise spans Identity and Access Management, Intrusion Detection and Response, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks.” Today she focuses on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leadership roles for enterprises who are serious about cyber security.

    Karen tweets at https://twitter.com/karenworstell and blogs at karenworstell.com.

  • speaker photo
    Donald Ikhtiari
    Principal Security Architect, Insight

    Don possesses over 30 years of technical, executive, and team leadership contributions in information security and IT Infrastructure. He is an ethical and trusted security advisor who builds and fosters positive working relationships with clients while delivering innovative value-driven security solutions that improve the security maturity of organizations. In addition, Don assists clients in developing and enhancing their Governance, Risk Management, and Compliance (GRC) and security programs, adhering to regulatory compliance, and improving their overall security posture through strategy, process, and technology enhancements.

  • speaker photo
    Robert Scott
    Managing Partner, Scott & Scott, LLP

    Robert represents mid-market and large enterprise companies in software license transactions and disputes with major software publishers such as Adobe, IBM, Microsoft, Oracle and SAP. He has defended over 250 software audit matters initiated by software piracy trade groups such as the BSA and SIIA. He is counsel to some of the world’s largest corporations, such as Schlumberger, PepsiCo, Iron Mountain and American Express, on information technology matters including intellectual property licensing, risk management, data privacy, and outsourcing.

  • speaker photo
    Danielle Good
    Channel Account Manager, Thales

    Danielle is an innovative channel account manager with a deep background in delivering effective partner and customer experiences in high-growth and fast-paced environments. She is passionate about helping organizations reach peak security performance through customer-focused leadership, people development, team collaboration, and data-driven results. Prior to joining Thales, Good held positions as a Director of Customer Success at Crossfuze, a ServiceNow elite partner, and a Director of Operations at Giannuzzi Lewendon LLP, a M&A law firm, in New York City.

  • speaker photo
    Dr. Jacob Rubin
    CISO | Executive Advisor, EVOTEK

    Jacob Rubin is a successful security and risk executive with broad Fortune-class experience in technology, manufacturing, hospitality, healthcare, and consulting. Academically, Jacob holds a Doctorate of Philosophy and double Master’s degrees with a primary field of study in Behavioral Cyber Security. Jacob focused his dissertation work on the application of Economics Rational Choice Theory to analyze employee decisions when committing non-malicious security violations. Jacob also holds a series of security certifications, including CISSP, CISM, and CISA.

  • speaker photo
    Chad Maskill
    Cyber Hero, ThreatLocker

    Chad Maskill has two decades of experience in consultation and client management. In his current role, Chad reaches out to assist businesses in hardening their environment preventing ransomware and malicious attacks. Chad has devoted his career to implementing client driven solutions, working with everyone from Ford Motor Company, Tesla, Infinity Ward, as well as numerous municipalities throughout the U.S. and countless SMBs. Previously, he worked with local government in designing and sourcing emergency apparatus and can still parallel park a Ladder Truck.

  • speaker photo
    Ray Yepes
    CISO, State of Colorado

    Yepes is the Chief Information Security Officer for the State of Colorado Governor's Office of Information Technology. Before his current role, Ray served as the CISO for the Texas Department of Family and Protective Services, the third largest agency in the Lone Star State. Ray holds a Master of Science in criminal justice and a Bachelor of Science in computer science from Sam Houston State University.

  • speaker photo
    Tyler Fornes
    Principal Solutions Architect, Expel

    Tyler Fornes is a Principal Solutions Architect at Expel. Tyler formally led Expel's Global Response Team in performing incident response for both Expel's enterprise and cloud offerings. Prior to Expel, Tyler worked at FireEye after receiving a M.S. in Computing Security at the Rochester Institute of Technology.

  • speaker photo
    Sam Straka
    Sr. Product Manager, Red Canary
  • speaker photo
    Dave M. Collins
    Manager, Risk Consulting, RSM US LLP

    Dave brings over 30 years of IT, governance, risk, security/privacy, and compliance experience and consultation services to a variety of businesses and industries. Areas of focus include financial, insurance, retail, and healthcare. Dave has worked with organizations from small business to Fortune 100.

    A former CISO/director in the private sector, Dave presently delivers advice and consultation regarding IT and organizational risk management, information security and privacy controls, as well as governance and compliance requirements and initiatives. Additionally, Dave is engaged as part of the office of the vCISO, helping clients build and enhance their overall IT security programs and posture.

    Dave's professional affiliations and credentials include: HiTrust CCSFP certified, CISSP certified, ISACA, and InfraGard. His education includes: Unix administration certificate, University of Illinois/O’Reilly; Business/individualized studies, Lourdes College; Music education studies, Cumberland College.

  • speaker photo
    Jay Wilson, Moderator
    CISO, Insurity
  • speaker photo
    Brad Andersen
    Sr. MDR Security Consultant, Critical Start
  • speaker photo
    Derek Washburn
    Security Solutions Advisor, Illumio
  • speaker photo
    Dwayne Collier
    Sr. Sales Engineer, Open Systems

    For most people, cybersecurity doesn't sound very interesting. For me, cybersecurity is a passion I’ve been chasing for 10+ years. Most recently, my work has landed me a position as a Sales Engineer with Open Systems where I’m focused on solving client security requirements.

  • speaker photo
    Bill Jessen
    Federal Government Director of Sales, Prophecy Americas, Inc.

    As an accomplished technology and public sector sales leader, Bill Jessen has worked with large Fortune 500 companies like AT&T, Verizon, and Motorola as well as small to medium business throughout the US. Throughout his career, he has worked with notable municipalities and enterprise organizations including the Executive Office of the President, FBI, ATF, Colorado State Patrol, Department of Defense, IBM, Hertz, and the Palo Verde Nuclear Power Plant. As Director of U.S. Federal Sales, Jessen’s primary goal is maintaining and growing the company’s relationships with agencies and strategic partners within the U.S. government and military & defense sectors.

  • speaker photo
    Sean Leach
    Chief Product Architect, Fastly

    Sean is the Chief Product Architect at Fastly, where he focuses on building and scaling products around large scale, mission critical infrastructure. He was previously VP, Technology for Verisign, where he provided strategic direction along with product and technical architecture and was a primary company spokesperson. Sean was previously CTO of name.com, a top 15 domain registration and web hosting company as well as a Sr. Director at Neustar. He holds a BS in Computer Science from the University of Delaware. His current research focus is on DNS, DDOS, Web/network performance, Internet infrastructure and combating the massive Internet security epidemic.

  • speaker photo
    Moderator: Derek Isaacs
    Sr. Cybersecurity Scientist, L3 Harris

    Author, speaker, and SME. Specialties and certifications include: CISSP, CRISC, CGEIT, Security+, C|EH, C|NDA, ITILv.3, C|CISO

  • speaker photo
    Jason Miller
    Chief Security Officer, Paper Excellence

    Jason is the Chief Security Officer (North America) for Paper Excellence, where he manages all aspects of physical security. His diverse career spans over 25 years in US Special Operations and Corporate Enterprise, including roles as the Vice President of the Risk division for the largest security company in the world and Board of Directors of a non-profit company focused on helping veterans with PTSD. Before beginning his career in the security industry, Mr. Miller served honorably as a U.S. Navy SEAL officer. He attended Rice University (Bachelor’s Degree in Economics & Managerial Studies) and University of Denver (Master’s Degree in Security Management).

  • speaker photo
    Mohamed Malki
    Director, Enterprise Security Architecture, Colorado Governor's Office of IT

    Mohamed Malki, director of enterprise security architecture and HIPAA officer, has been key in transforming the State of Colorado’s security landscape. He’s been critical in building Colorado’s cybersecurity plan, designing Colorado's public cloud architecture and building the requirements for Colorado's Blockchain center of excellence. Mohamed holds multiple degrees, speaks four languages, and has more than 50 certifications, including CSA CCSAK, ISACA CCAK, ISO/IEC 27001 lead Implementer and Auditor Instructor, AWS Cloud Architect, CISSP, CISM, PMP,Google GCP Architect, and Certified Ethical Hacker. A certified security trainer, Mohamed has helped hundreds of individuals achieve various certifications and proactively offers sessions for employees. Mohamed was recognized as “State Cybersecurity Leader of the Year 2019," the state leader who demonstrates a passion and focus on keeping systems secure and thinking about security in the big picture of state IT. More at: https://statescoop.com/2019-statescoop-50-awards-recognize-state-it-leaders-projects

  • speaker photo
    Gregg Braunton
    Banking, Insider Threat Operations

    A strategic security partner blended with deep operational, architecture, and compliance expertise. Innovative, strategic, and tactical security leadership utilizing "business aligned" and "data-driven" cybersecurity models and frameworks. Gregg has 20+ years extensive cyber expertise leading and delivering cybersecurity operations, architecture, and security risk life-cycle management in highly compliant driven risk frameworks: HIPAA, FISMA, NIST, HiTrust. TOP SECRET CLEARANCE.

  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Derek Booth
    Special Agent, U.S. Secret Service
  • speaker photo
    Suess Beyer, Special Guest
    Network Intrusion Forensic Analyst, U.S. Secret Service
  • speaker photo
    Alex Wood
    CISO, Uplight; Co-Host, Colorado = Security podcast

    Alex Wood is currently the CISO for Uplight and has more than 18 years of experience in information security. Previously, he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has an MAS in Information Security from the University of Denver.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes