Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Tuesday, September 19, 2023
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    ISC2 Denver Chapter Meeting: Lessons from a Ransomware Survivor
    • session level icon
    Open to all attendees
    speaker photo
    IT Director, JBS; Secretary, ISC2 Denver Chapter
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am
    Location / Room: ACA/Triax
    In the digital age, the threat of ransomware looms large, with cybercriminals targeting individuals, businesses, and organizations alike. “Lessons from a Ransomware Survivor” presents a compelling business perspective, recounting a harrowing encounter with ransomware and the invaluable insights derived from this experience.
    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Remaining Resilient and Identifying the Next Transformation Facing Cybersecurity Professionals
    speaker photo
    CISO and Senior Director, Boom Supersonic
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am
    Location / Room: Saeman

    Join this invitation-only meeting for SecureWorld Denver Advisory Council members to discuss:

    • The next transformation that is going to “bite cybersecurity professionals in the @ss” and the shifts to take note of in the cybersecurity landscape
    • What transformations are coming in the next 5-10 years that cybersecurity professionals, and business leaders in general, should be thinking about
    • Resilience. How do we stress the importance of resilience when it comes to data centers?
    • What keeps cybersecurity professionals like you up at night is what you can’t even imagine is coming next.

    Come prepared to add to the discussion. The more voices, the better.

    9:00 am
    [Opening Keynote] Lessons from a CISO: Increasing Your Cybersecurity Footprint Despite Worn Soles
    • session level icon
    speaker photo
    CISO, State of North Dakota
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater
    In a time of decreasing budgets, CISOs are increasingly faced with the challenge of doing more with less. In this informative keynote, Michael Gregg discusses how he grew his state’s cyber coverage from 25,000 to 250,000 endpoints. Learn how he optimized SOC operations and embraced AI to increase efficiencies and improve response times while reducing costs.
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    Hush Up and Scan: A Shared Journey of Discovery, Pain, and Experience
    • session level icon
    speaker photo
    Principal Engineer - Enterprise Security, UnitedHealth Group
    speaker photo
    Sr. Director, Rugged DevOps & Enterprise DevOps Ambassador, Alight Solutions
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Location / Room: Bresnan Boardroom

    Hear a rugged DevOps journey of self-discovery and what it means to develop, lead, and deploy a modern sustainable and adaptable DevOps program by listening and partnering with our customers and teaching through gamified learning. If security is everyone’s responsibility (an adage pervasively affirmed by security practitioners), then embracing, facilitating, and participating in the DevOps process is the responsibility of security practitioners.

    John Prewett and Shua (Joshua) Gamradt are security practitioners with a mission to demystify DevOps for security professionals. Prior to working on the same team, each became interested in the role they should play in the software development lifecycle, and separately they’ve experienced victories and challenges along the way. Despite their individual shortcomings, both are proud to be Rugged DevOps ambassadors in the industry. See more about them in their individual bios.

    10:15 am
    Demystifying External Exposure Management
    • session level icon
    speaker photo
    Chief Product Officer, CyCognito
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    Location / Room: Delaplaine

    Organizations are increasingly recognizing that unmanaged or under-managed, exposed assets represent the path of least resistance for attackers to execute successful attacks. Yet, the typical G2K organization is unaware of between one to two thirds of exposed assets. Moreover, these assets, which may include business critical web apps with PII data are rarely if ever tested for security vulnerabilities. The combination of unknown exposed assets and inadequate testing with the reality of siloed security programs is a perfect storm that creates a gaping hole that Gartner suggests organizations address as part of an External Exposure Management program. Join this session to learn more about the state of exposure management; it’s key challenges and effective solutions.

    10:15 am
    The Future of AI in Security
    • session level icon
    speaker photo
    Director, Product Marketing, Exabeam
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    Location / Room: ACA/Triax

    There seems to be a new article every day covering the intersection of artificial intelligence (AI), machine learning (ML), and the security industry. Vendors are suggesting that AI has the potential to act as a team member, replace missing expertise, and reduce headcount for detecting, investigating, responding to, and predicting new cyberthreats. The concept of a fully computerized SOC may be a dream in a world lacking cybersecurity professionals, but can it be realized?

    Increasing the autonomy of the SOC is a noble goal, especially for smaller organizations struggling to hire and retain the necessary cybersecurity skills. However, the need for self-learning and self-repairing capabilities in an autonomous SOC raises an important concern: If your IT and security system becomes self-referential and self-healing, how can you investigate to ensure it’s getting it right? Who watches the watchers?

    This discussion will explore:

    • The history of AI, ML, and automation already in your security stack
    • The dangers and challenges of unrestricted GPT and other chat bots as information sources
    • Ways humans and AI can work together
    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Social Engineering: Training the Human Firewall
    • session level icon
    speaker photo
    Team Leader of Information Security, Garmin
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    Location / Room: ACA/Triax

    Phishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.

    11:10 am
    [Panel] Symphony of Cyber Defense: Confronting the Crescendo of Threats in the Digital Orchestra
    • session level icon
    Identifying the Current Threat Landscape
    speaker photo
    Chief Operating Officer, Envision
    speaker photo
    Director of Systems Engineering, Illumio
    speaker photo
    Leader of Solution Engineering, Outshift by Cisco
    speaker photo
    CISO, The Anschutz Corporation
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    Location / Room: Bresnan Boardroom

    In the ever-changing symphony of the cyber realm, a cacophony of threats echoes throughout. Ranging from ransomware to data breaches, phishing, and intricate APTs, the orchestra of cyber threats grows in complexity. Emerging risks like IoT, cloud computing’s unpredictability, AI’s deceptiveness, and cryptocurrency add new layers to our musical security tapestry.

    Threat actors—wielding exploit kits and Zero-Day vulnerabilities—orchestrate their attacks, preying on human vulnerabilities in perfect synchronization with state-sponsored cyber operations. To counter this threat, collaboration is essential. Proactive security practices, training cadences, and threat intelligence sharing must happen. The interplay of public and private sectors is key to a resilient digital effort.

    Let us march to the beat of constant vigilance, adaptability, and investment in a fortified infrastructure. Together, we will compose a symphony of cybersecurity, safeguarding the digital soundscape and ensuring a melodious future.

    11:10 am
    Behind the Scenes of Teams and OneDrive: The Secret Life of Shared Files
    • session level icon
    speaker photo
    VP, Revenue Operations, tenfold Software North America
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    Location / Room: Delaplaine

    With the accelerated use of Microsoft 365, we are shooting more sensitive and confidential data into the cloud than we are aware of. Keeping track of what files users are sharing among each other in Teams and OneDrive and knowing who else has access to seems an impossible task. What can you do about it? Find out in this talk.

    Topics covered include:

    • What goes on in the background when we share data in Teams & OneDrive.
    • Why more people have access to shared files than we think.
    • How tenfold helps you keep track of permissions and shared files once and for all
    12:00 pm
    [Lunch Keynote] Drag Racing & Cybersecurity: The Crossover
    • session level icon
    speaker photo
    CISO, United Musculoskeletal Partners
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    You’d be amazed what you can learn from everyday hobbies or obstacles to help you become a better practitioner. Krista Arndt shares a very personal story of survival after a bad drag racing accident in 2015. It was a life-altering experience and provided perspective on her personal and professional life that drives her every day as a loving mom and wife, volunteer, and successful CISO.
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    The Challenges and Opportunities of Digital Forensics
    speaker photo
    Network Intrusion Forensic Analyst, U.S. Secret Service
    speaker photo
    CISO, Uplight; Co-Host, Colorado = Security podcast
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm
    Location / Room: Saeman

    Digital forensics is an essential tool for security professionals to investigate incidents and identify the root cause of breaches. The U.S. Secret Service employs teams of forensics experts to work directly with those who have been compromised in a breach. Join this invitation-only roundtable for Advisory Council members to discuss the importance of digital forensics – the challenges and opportunities with using it. Suess Beyer, Network Intrusion Forensic Analyst, U.S. Secret Service, adds his unique perspective and shares his years of expertise to help tackle such topics as:

    • The role of digital forensics in incident response
    • The challenges of collecting and preserving digital evidence
    • What data or reporting is used in court cases as a NIFA
    • What you can expect from working with the U.S.S.S.

    Come ready to share your experiences and learn from each other.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    API Security: A CISO Perspective
    • session level icon
    speaker photo
    VP, ISSA Denver Chapter; Information Security Lead, Trace3 Mountain State Region
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm
    Location / Room: ACA/Triax

    In today’s rapidly evolving digital landscape, APIs have become integral components of business operations, propelling innovation and interconnectivity. However, they also pose unique security challenges that must be managed strategically. This talk provides a CISO’s perspective on API security, exploring the balance between technological advancement and robust protection. The session examines the risks associated with APIs, current best practices in API security, and strategies that a CISO can employ to mitigate threats, ensuring the secure and effective utilization of APIs within an organization. This session aims to provide insights into creating a strong security culture that can adapt to the dynamic nature of API technologies while protecting valuable business assets.

    How are CISOs and security leadership developing API security and incident response readiness governance?

    Key questions addressed include:

    • How are APIs tied to business success?
    • Why having an API strategy is essential?
    • How to develop API lifecycle management?
    1:15 pm
    AI: The Good, the Bad, and the Ugly
    • session level icon
    speaker photo
    Board Member and International Healthcare Cybersecurity Luminary; Teaching Professor, University of Denver
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm
    Location / Room: Delaplaine

    AI and generative AI have become the buzzwords du jour since the launch of ChapGPT4 last year, but AI has been in widespread and popular use for the better part of the past decade. We use it every day at home, in the office, and when we visit the doctor or go for an X-Ray.

    AI has been applied in many positive ways to make things easier for most of us, but it has also more recently been applied in very nefarious ways, some of which may lead to significant damage including our safety as humans.

    This presentation looks at the development of Offensive AI and makes a case for greater development of Defensive AI. It will suggest that as cybersecurity professionals, we need “fire” to “fight fire” and that our current security toolsets are not equipped to defend us from the attacks of tomorrow.

    Learning objectives from this session:

    • Consider the “Maturity Paradox” and “Attackers Arbitrage,” the gap between new technology being implemented and the security controls necessary to protect that new technology. What risks are we exposing ourselves and our organizations to?
    • Examine the arming of malicious bots and malware using AI.
    • Gain a better understanding of the power and dangers of Offensive AI.
    • Consider the benefits of employing AI Defensive tools to protect us from Offensive AI. How will this change that way that cybersecurity work?
    1:15 pm
    [Panel] Cloud Sonata: Orchestrating Security in the Digital Sky
    • session level icon
    Securing Your Cloud Environment
    speaker photo
    Solutions Engineering Manager, Uptycs
    speaker photo
    Sr. Security Engineer, BI Incorporated
    speaker photo
    CISO, Insurity
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Bresnan Boardroom

    In the symphony of modern cybersecurity, the cloud environment plays a key role as both a conductor of efficiency and a source of potential vulnerabilities. As organizations increasingly embrace the cloud to unlock agility and scalability, it is crucial to harmonize the protective measures that safeguard these virtual landscapes.

    This panel discussion delves into the intricate nuances of securing cloud environments. These experts will share their orchestration of robust security frameworks, best practices, and cutting-edge technologies that fortify the digital sky against threats. From encryption and access controls to identity management and incident response, they will explore the melodies of defense that resonate within the cloud and how they can impact any organization.

    2:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 2:30 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:30 pm
    Unlocking Business Opportunities with Privacy and Trust
    • session level icon
    speaker photo
    Security GRC Manager, Rightway Healthcare
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Location / Room: ACA/Triax
    This case study delves into a project that involved launching a new product to a population with significant perceived and real privacy risks. There were many challenges, change in approach warranted, and fundamental shift in how the organization tackled the project, all of which ultimately led to a successful implementation. Walk away with key privacy considerations to help make business opportunities successful.
    2:30 pm
    [Panel] Preparing for a Post-Quantum World
    • session level icon
    speaker photo
    Deputy CISO, Open Technology Solutions, LLC
    speaker photo
    Sr. Director, Information Security, State of Colorado Governor's Office of Information Technology
    speaker photo
    Sr. Demand and Delivery Director, Data Protection
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    Location / Room: Bresnan Boardroom

    Quantum computing is gaining momentum for use within certain industries, and while quantum computing provides extensive benefits for researchers, the sheer processing power of quantum may jeopardize current state encryption algorithms. This panel discussion provides an overview of the current state of quantum computing, the potential threats quantum poses to current state encryption algorithms, the approaches industry bodies and vendors are taking to address quantum computing, the current reality and potential future for the use of quantum to break encryption, and approaches organizations should take to prepare for a post-quantum world.

    2:30 pm
    How (and Why) to Think Like a Threat Actor in the Cloud
    • session level icon
    speaker photo
    Solutions Engineering Manager, Uptycs
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    Location / Room: Delaplaine
    Security leaders have had to choose between endpoint, container, and cloud security solutions for far too long. Your developers are a target, and if you can correlate information between their laptops and their cloud activity you can unlock a new level of security visibility and protection. In this presentation, we explain how to use one tool to secure everything, from laptop to cloud.
    3:00 pm
    Happy Hour
    • session level icon
    Sponsored by Uptycs
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 5:00 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary beer, wine, soda, and hors d’oeuvres. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    Generously sponsored by Uptycs. A drink ticket is included on your attendee badge.

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    [Closing Keynote] Career Pathing: How to Get Started and Move up the Ranks in Cybersecurity (and Not Necessarily to Become a CISO)
    • session level icon
    Live Podcast Recording
    speaker photo
    President & CEO, Colorado Technology Association
    speaker photo
    Board Member and International Healthcare Cybersecurity Luminary; Teaching Professor, University of Denver
    speaker photo
    CISO, Uplight; Co-Host, Colorado = Security podcast
    speaker photo
    Co-Host, Colorado = Security Podcast
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    Location / Room: Keynote Theater

    This session will be recorded for the Colorado = Security Podcast for airing after the event.

    Our panel of experts shares ideas for helping young professionals get their start in the cybersecurity profession, as well as tips for those looking to move out of middle management and up the ranks—even if the goal is not necessarily to be a CISO. Employers: Hear tips for filling the talent pipeline, including how and where to find eager and willing individuals. This session is a win-win for those looking to hire and those looking to fill roles or move up the career ladder.

  • Wednesday, September 20, 2023
    9:00 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm
    Location / Room: Hyatt Place Denver/Cherry Creek (4150 East Mississippi Ave, Glendale, CO 80246), Meeting Room 3 (1st floor)

     

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

Exhibitors
  • AuditBoard, Inc
    Booth: 360

    AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. Its integrated suite of easy-to-use audit, risk, and compliance solutions streamlines internal audit, SOX compliance, controls management, risk management, and security compliance. AuditBoard’s clients range from prominent pre-IPO to Fortune 50 companies looking to modernize, simplify, and elevate their functions. AuditBoard is the top-rated audit management and GRC software on G2, and was recently ranked for the second year in a row as one of the 100 fastest-growing technology companies in North America by Deloitte.

  • BlackBerry Corporation
    Booth: 370

    BlackBerry Cybersecurity is a leader in endpoint security, endpoint management, encryption, and embedded systems, protecting enterprises and governments around the world. Our end-to-end approach is deeply rooted in Cylance® AI and machine learning, providing continuous preventative protection, detection, and instant response. We extend protection for your organization against current and future cyberthreats by combining network and endpoint telemetry and by delivering innovative solutions in the areas of cybersecurity, safety, and data privacy.

  • Clarity Security
    Booth: 420

    Meet audit and compliance requirements while saving time and money. Clarity’s simplified access certification, highly granular access governance, and automated lifecycle management create the ultimate all-in-one identity governance platform.

  • Colorado Technology Association
    Booth: TBD

    The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.

    At the Colorado Technology Association, we:

    – Lead an inclusive network that benefits our member community
    – Advocate for a pro-business and technology-friendly climate
    – Influence the development of a robust talent pipeline
    – Lead initiatives to help companies grow.

  • Critical Start
    Booth: 220

    Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.

  • CyCognito
    Booth: 210

    CyCognito empowers companies to take full control over their attack surface by uncovering and eliminating the critical security risks they didn’t even know existed. Welcome to the Shadow Risk Revolution.

  • Data Theorem
    Booth: 340

    Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. Data Theorem is headquartered in Palo Alto, Calif., with offices in New York, Paris, France, and Bangalore, India.

  • Envision Technology Advisors
    Booth: 120

    Envision Technology Advisors is a business and technology consultancy specializing in Digital Transformation, Cybersecurity, Business Continuity, Infrastructure Consulting, Web Design and Development, and much more. With offices in Rhode Island and the Boston area, Envision serves clients throughout New England and beyond.

  • Exabeam
    Booth: 300

    Exabeam is a global cybersecurity leader that adds intelligence to every IT and security stack. The leader in Next-gen SIEM and XDR, Exabeam is reinventing the way security teams use analytics and automation to solve Threat Detection, Investigation, and Response (TDIR), from common security threats to the most critical that are difficult to identify. Exabeam offers a comprehensive cloud-delivered solution that leverages machine learning and automation using a prescriptive, outcomes-based approach to TDIR. We design and build products to help security teams detect external threats, compromised users and malicious adversaries, minimize false positives and best protect their organizations.

  • Illumio
    Booth: 350

    We built the Illumio Adaptive Security Platform (ASP)™ to provide unprecedented visualization and control of enterprise applications. Our system constantly inspects and adapts to the computing environment it is protecting, without pause.
    Moreover, since 75 percent of computing interactions never leave the data center, our customers can now have complete visibility behind the firewall, whether it is running in their data center or the vibrant public cloud services of Amazon Web Services, Microsoft Azure, Google Compute Engine, Rackspace, and many others.

  • ISC2 Denver Chapter
    Booth: TBD

    ISC2 is the largest not-for-profit membership body of certified information security professionals worldwide, with nearly 80,000 members in more than 135 countries. Globally recognized as the Gold Standard, ISC2 issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates.

  • ISACA Denver Chapter
    Booth: TBD

    The Denver Chapter of ISACA® (formerly EDPAA) was founded in June 1976 with just a handful of members. Today, the Denver chapter with over 1,040 members, is one of the largest chapters within the Southwestern Region. The Denver Chapter contributes to the international organization with financial support and periodic hosting of the International Conference.

    The Denver Chapter of ISACA® is a non-profit organization dedicated to the continued development and enhancement of the information systems audit and control profession by providing benefits to its members and to the professional community-at-large.

  • ISSA Denver Chapter
    Booth: TBD

    ISSA Denver Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • LogRhythm
    Booth: 250

    LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.

  • One Identity
    Booth: 260

    One Identity, a Quest Software business, helps organizations achieve an identity-centric security strategy with a uniquely broad and integrated portfolio of identity management offerings developed with a cloud-first strategy including AD account lifecycle management, identity governance and administration, and privileged access management. One Identity empowers organizations to reach their full potential, unimpeded by security, yet safeguarded against threats without compromise regardless of how they choose to consume the services. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data—on-prem, cloud, or hybrid.

  • Outshift by Cisco
    Booth: 240

    Outshift by Cisco is the incubation engine for Cisco’s emerging technologies exploring innovation in cloud native development, AI/ML, API security, observability, network automation, and more.

    Backed by Cisco’s unrivaled portfolio of end-to-end security solutions, Panoptica offers a differentiated experience for complete code to cloud security coverage.

    Panoptica is Outshift by Cisco’s cloud native application security solution. It secures modern applications and workloads to ensure end-to-end security and compliance in multicloud environments. Utilizing advanced visual contextual insights along attack paths, Panoptica boosts visibility, accurately prioritizes risks, and offers actionable remediation guidance, securing your entire cloud application stack.

  • PopCykol
    Booth: TBD

    PopCykol is an emerging cyber security awareness company for kids. It stands for Protecting Our Precious Curious Kids Online. PopCykol teaches cyber security concepts in a fun and interactive style. The foundational topics are designed to be clear and factual. PopCykol curricula and consultative services transform people into informed, secure ambassadors of a digital world resulting in positive interactions online.

  • TechTarget
    Booth: n/a

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • tenfold Software North America
    Booth: 130

    The access management solution tenfold enables organizations to manage all access rights and user accounts across their on-prem, cloud and third-party systems and apps centrally from within one platform. Not only does this accelerate approval processes, it also protects data against theft and misuse. Thanks to seamless logs and on-demand reports, compliance regulations are also kept at bay. tenfold is quick and easy to install, user-friendly and integrates with numerous systems, making it the perfect fit for mid-size organizations.

  • ThreatLocker
    Booth: 320

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • Uptycs
    Booth: 200

    Inspired by CRM and business process analytics, the Uptycs vision is to empower security teams with the same real-time decision making, driven by structured telemetry and powerful analytics.

    By providing a unified view of cloud and endpoint telemetry from a common solution, making every user and platform action auditable, and having an open and extensible API, we eliminate black-box operations, reduce tool sprawl, and ultimately arm modern defenders with the insights they need across their cloud-native attack surfaces.

  • Varonis Systems, Inc.
    Booth: 310

    Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.

  • Veeam Software
    Booth: 430

    Veeam provides a single platform for modernizing backup, accelerating hybrid cloud and securing data. Veeam has 400,000+ customers worldwide, including 82% of the Fortune 500 and 69% of the Global 2,000. Veeam’s 100% channel ecosystem includes global partners, as well as HPE, NetApp, Cisco and Lenovo as exclusive resellers, and boasts more than 35K transacting partners worldwide.

    With offices in more than 30 countries and over 200 industry awards, Veeam is unquestionably the leader in data protection across all environments. In fact, Veeam has been positioned by Gartner, Inc. in the Leaders quadrant of the 2022 Magic Quadrant for Enterprise Backup and Recovery Solutions. Not only does this mark the sixth consecutive time Gartner has recognized Veeam as a Magic Quadrant Leader, but it is the third consecutive year Veeam is positioned highest overall in ability to execute.

  • WiCys Colorado Affiliate
    Booth: TBD
Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Lumakar Challa
    IT Director, JBS; Secretary, ISC2 Denver Chapter

    Lumakar Challa is a transformational technical leader who transforms application and database infrastructure for large, complex Global Fortune 500 companies. His greatest talent is creating Trusted Advisor relationships with senior technology, corporate, and business line stakeholders. He defines strategies to deliver savings and improvements across regional and global application ecosystems. Colleagues know him for creating world-class teams and driving enterprise-critical initiatives.

  • speaker photo
    Chris Roberts, Moderator
    CISO and Senior Director, Boom Supersonic

    Chris is the CISO for Boom Supersonic and works as an advisor for several entities and organizations around the globe. His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Over the years, he's founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration, and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)

    Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by several European entities.)

    He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also gotten a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 15 years. (To interesting effect.)

    Chris has led or been involved in information security assessments and engagements for the better part of 25 years and has a wealth of experience with regulations such as GLBA, GDPR, HIPAA, HITECH, FISMA, and NERC/FERC. He has also worked with government, state, and federal authorities on standards such as CMS, ISO, CMMC, and NIST.

    Chris has been credentialed in many of the top IT and information security disciplines and as a CyberSecurity advocate and passionate industry voice, he is regularly featured in national newspapers, television news, industry publications and several documentaries. He can typically be found waving arms on a stage somewhere on this planet…or hacking into whatever’s taken his fancy… (Cows and camels being two of the more bizarre things, we’ll ignore things in space for now.)

    As one of the well-known hackers and researchers, Chris is routinely invited to speak at industry conferences. CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, Wall Street Journal, and numerous others have covered him in the media.

    And worst case, to jog the memory, Chris was the researcher who gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that allowed the exploitation of attacks against flight control system.

  • speaker photo
    Michael Gregg
    CISO, State of North Dakota

    Michael Gregg is the state of North Dakota’s Chief Information Security Officer. The state CISO is responsible for establishing and leading the strategic direction of cyber security for the state and advising the governor and legislators on key cyber issues.

    With Michael’s cyber experience span being over a period of two decades, he has been a pioneer of helping people interested in becoming IT professionals as well as seasoned IT professionals achieve by sharing knowledge by means of authoring over 25 IT cyber security books. He enjoys contributing his time and talents where there is a need to help others learn and grow by holding board, committee, and advisory positions for non-profit organizations. He holds a Bachelors degree, Masters degree, and many security certifications.

  • speaker photo
    John Prewett
    Principal Engineer - Enterprise Security, UnitedHealth Group

    John Prewett is a security technologist with over 20 years’ experience helping private sector, government agencies, and educational institutions identify risk and improve their security postures. John's latest passion is code writing, software engineering best practice, and otherwise improving the overall relationship between security practitioners and application developers. Outside of work, John cherishes early morning walks with his wife (during which time they solve all the world's problems), completing home improvement projects, and generally enjoying the beautiful state (Colorado) in which he and his family live.

  • speaker photo
    Shua Gamradt
    Sr. Director, Rugged DevOps & Enterprise DevOps Ambassador, Alight Solutions

    Joshua "Shua" Gamradt is set on influencing culture change and introducing security by investing in others through the development and delivery of gamified security, engineering customer centric security solutions, focusing on risk, and utilizing continuous feedback and data to drive decisions. Shua began this journey of shifting empathy left and focusing on the customer as a leader at UnitedHealthcare in the Rugged DevOps and application security space. He now wants to share this experience and success with everyone who wants to see positive changes in their company. Faith, family, and fun are what drives him. I am happiest with my wife Laura and raising three kids in the fine town of Nashville, Tennessee.

  • speaker photo
    Ansh Patnaik
    Chief Product Officer, CyCognito

    Ansh Patnaik, Chief Product Officer, has over 20 years of cross functional experience in cybersecurity and data analytics. Most recently, Ansh was Director, Cloud Security Products for Google Cloud Platform, and Chief Product Officer for Chronicle, prior to the acquisition of Chronicle by Google. Previously, he was VP of Product Management at Oracle Cloud where he defined and launched their security analytics cloud service offering. Ansh has held product management, product marketing and sales engineering leadership roles at several market leading software companies including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec).

  • speaker photo
    Jeannie Warner
    Director, Product Marketing, Exabeam

    Jeannie Warner, CISSP, Director of Product Marketing at Exabeam, is an information security professional with over twenty years in infrastructure operations/security. Jeannie started her career in the trenches working in various Unix helpdesk and network operations centers. She began in Security Operations for IBM MSS and quickly rose through the ranks to technical product and security program manager for a variety of software companies such as Symantec, Fortinet, and NTT (formerly WhiteHat) Security. She served as the Global SOC Manager for Dimension Data, building out their multi-SOC “follow the sun” approach to security. Jeannie was trained in computer forensics and practices. She also plays a lot of ice hockey.

  • speaker photo
    Reanna Schultz
    Team Leader of Information Security, Garmin

    Reanna Schultz is from Kansas City, MO, and attended the University of Central Missouri (UCM). She graduated in 2018 with her Bachelor of Science in Cybersecurity: Secure Software Development and in 2020 for Master of Science in Cybersecurity: Information Assurance. While being in the industry, Reanna has been exposed to numerous SANS hosted classes. Reanna volunteers as a National Cyber League coach and provides her industry expertise by doing guest speaker talks for numerous colleges and high schools across the Midwest to STEM students. Reanna currently works as a Team Lead at Garmin and directly reports out of their SOC.

  • speaker photo
    Jason Albuquerque
    Chief Operating Officer, Envision

    With more than 20 years of experience in the technology field, Jason has served in numerous leadership role in his career leading to the Chief Operating Officer position with Envision.

    Jason takes pride in leading the charge, and in building a culture that is innovative and secure by design for the business and its clients. He brings the strategic insight, industry knowledge, and agility that today’s industry requires to effectively respond to the rapidly changing technology, threat, risk, and business landscapes.

    He has been the recipient of several prestigious recognitions and awards in technology and leadership, including being named a “2021 Top Cybersecurity Leader" by Security Magazine partnered with (ISC), Rhode Island’s 40 under Forty Award, and Rhode Island’s Tech 10 Award. He is also a seven-time National Public Technology Institute Solutions Award winner.

    Jason currently co-hosts the Business Security Weekly podcast and serves on Congressman Langevin’s (Congressional Cybersecurity Caucus co-chair) Cybersecurity Advisory Committee. He also serves on the Tech Collective Board of Directors and the Rhode Island Joint Cyber Task Force.

  • speaker photo
    Sumi Gorla
    Director of Systems Engineering, Illumio

    Sumi Gorla is the Director of Systems Engineering at Illumio. Her responsibilities include executing Illumio strategic product vision, field engineering enablement, and enterprise customer selling and support across US West.

    Prior to Illumio, Sumi has held several engineering and technical sales leadership roles in companies such as EMC, Brocade, Citrix and BigSwitch Networks. As a sales leader, Sumi brings a unique approach to problem solving, from both a technical and a business perspective. Sumi’s strengths are in her ability to explain how technical features can meet business requirements for all levels of audience.

  • speaker photo
    Michael Silva
    Leader of Solution Engineering, Outshift by Cisco

    Michael Silva is the Leader of Solution Engineering within Cisco’s Outshift team. He is a technology leader with over 17 years of experience. He joined Cisco via the acquisition of Lightspin, where he was the Director of Technical Solutions. At Lightspin, Michael designed the technical go-to-market strategy, developed strategic partnerships, and helped grow the business from its inception into the U.S. market.

    Michael has led a variety of teams from sales engineering at companies Nutanix and Progress Software (formerly Chef) to technical teams at Cisco and various managed service providers. His knowledge is deeply rooted in public cloud security across all major cloud service providers as well as Kubernetes security. Using the combined expertise of technical and customer facing roles, Michael has developed the ability to relate to customers, understand their pain points, and help define a strategy that will map to successful execution of business requirements.

    Aside from professional experience, Michael holds many professional and specialty certifications from AWS, GCP, SANS, and Nutanix, and is a veteran of the U.S. Marine Corps.

  • speaker photo
    Sam Masiello, Moderator
    CISO, The Anschutz Corporation

    Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to Beckage, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.

    Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).

  • speaker photo
    Helmut Semmelmayer
    VP, Revenue Operations, tenfold Software North America

    In his role as VP Revenue Operations at the Austrian IAM software company tenfold, Helmut has been responsible for partner sales and product marketing across Europe and North America since 2012.

    Right at the start of his tenfold career, he launched the company’s direct sales and was later strongly involved in developing its channel sales strategy.

    From 2015, Helmut, who holds a degree in Business Informatics, drove forward the company’s expansion to Germany and Switzerland and additionally expanded sales to include the UK and North America from 2019.

    He is in charge of tenfold’s North American branch “tenfold Software North America Corp”.

  • speaker photo
    Krista Arndt
    CISO, United Musculoskeletal Partners

    Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

    Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

    Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

    Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

  • speaker photo
    Suess Beyer, Special Guest
    Network Intrusion Forensic Analyst, U.S. Secret Service
  • speaker photo
    Alex Wood, Moderator
    CISO, Uplight; Co-Host, Colorado = Security podcast

    Alex Wood is currently the CISO for Uplight and has more than 18 years of experience in information security. Previously, he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has an MAS in Information Security from the University of Denver.

  • speaker photo
    Gina Yacone
    VP, ISSA Denver Chapter; Information Security Lead, Trace3 Mountain State Region

    Gina, based in Denver, severs as the information security lead for Trace3's mountain state region. Additionally, Gina offers valuable guidance to Trace3 clients on implementing innovative security solutions, enabling companies to safeguard their most valuable digital assets. Furthermore, she is an accomplished public speaker and a mentor in the field. Gina hold seven security certifications and has obtained her Master’s Degree in Cybersecurity from the School of Engineering at the University of New Hampshire.

    In her previous role as a vCISO, Gina was entrusted with safeguarding numerous organizations. She oversaw the overall security strategy and operations, including the implementation and guidance of protective and detective controls, security operations, threat intelligence, incident response, governance, risk and compliance (GRC), risk assessments, audits, architecture and integration, as well as secure software development
    life cycle (SDLC). Her expertise spans across diverse industries, including healthcare, biotech, pharmaceuticals, hedge funds, alternative investments, insurance, education, manufacturing, technology, and local government.

    Additionally, Gina played a crucial role in a startup that established a Security Operations Center (SOC) specializing in Managed Detection and Response (MDR) and threat intelligence services. Later on, these services were acquired by Sophos.

    Gina actively engages with the information security community and holds membership in several professional governing bodies, including ISSA, ISACA and WiCyS. She is frequently seen on conference stages, having delivered insightful presentations on information security at over 50 events.

  • speaker photo
    Richard Staynings
    Board Member and International Healthcare Cybersecurity Luminary; Teaching Professor, University of Denver

    Richard Staynings is a globally renowned thought leader, author, public speaker, and advocate for improved cybersecurity across the Healthcare and Life Sciences industry. He has served on various industry and international cybersecurity committees and presented or lectured on cybersecurity themes or concerns all over the world. He has advised numerous government and industry leaders on their healthcare security strategy and defensive posture and has served as a subject matter expert on government Committees of Inquiry into some of the highest profile healthcare breaches.

    Richard is currently Chief Security Strategist for Cylera, a pioneer in the space of medical device and HIoT security. He is also author of Cyber Thoughts, a leading healthcare cybersecurity blog, teaches postgraduate courses in cybersecurity, health informatics and healthcare management at the University of Denver University College, and is a retained advisor to a number of governments and private companies.

    A recovering CISO, with more than 25 years’ experience of both cybersecurity leadership and client consulting in healthcare, Richard has lived in over 30 countries and delivered innovative solutions to organizations in all of them. When he’s not on a plane or speaking at an event, he can usually be found in the Rocky Mountains of Colorado, USA

    Some of his more notable successes include work for: Amgen, Cisco, CSC (now DxC), PricewaterhouseCoopers, Intel, Microsoft, Zurich Financial, and a long list of hospital and health systems.

  • speaker photo
    Julian Wayte
    Solutions Engineering Manager, Uptycs

    Julian Wayte is a highly skilled cybersecurity professional specializing in cloud security. With over a decade of experience in the industry, Julian has become an expert in protecting digital assets and ensuring the security and integrity of cloud-based systems.

    Julian's passion for technology and security began early in his life, sparking his interest in pursuing a career in cyber security. He obtained his Bachelor's degree in Computer Science with a focus on information security from a renowned university, where he developed a strong foundation in both theoretical and practical aspects of the field.

    Throughout his career, Julian has worked with a diverse range of organizations, from start-ups to multinational corporations, assisting them in securing their cloud infrastructures and mitigating cyber threats. His exceptional analytical skills and attention to detail have enabled him to identify vulnerabilities and protect critical data.

    As a cloud security professional, Julian possesses extensive knowledge of leading cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). He is well-versed in the latest cloud security best practices and understands the unique challenges associated with securing cloud environments.

    In addition to his technical expertise, Julian is an excellent communicator and collaborator. He has conducted numerous training sessions and workshops, educating both technical and non-technical stakeholders on the importance of cloud security and promoting a culture of security awareness within organizations. His ability to translate complex technical concepts into easily understandable terms has earned him accolades from colleagues and clients alike.

    Julian is also dedicated to staying up to date with the rapidly evolving cybersecurity landscape. He actively participates in industry conferences, seminars, and online forums to exchange knowledge and learn from fellow experts. His commitment to continuous learning allows him to stay ahead of emerging threats and implement cutting-edge security strategies.

  • speaker photo
    Joe Wilson
    Sr. Security Engineer, BI Incorporated

    With over 15 years in IT and 5 years in cybersecurity, Joe is a recognized leader in safeguarding global digital landscapes. His experience and commitment IT and cybersecurity has seen him contributing to large and high-profile assignments such as the 2020 US Census Bureau Project through the Department of Commerce to his current task with the ISAP program under Department of Homeland Security.

    In 2011, Joe co-founded Nerdtap, an IT startup providing hands-on support and solutions to the greater Grand Junction area. It was those the foundational years of Nerdtap when Joe learned how to best partner his knowledge of IT and cybersecurity to create entrepreneurial opportunities assisting others with building and maintaining functioning and secure enterprise infrastructure. While no longer involved with the day to day of the business, he has retained ownership and continues to serve as an advisor to the company’s management.

    Joe received his CSSIP in 2018 and specializes in Zero-Trust, DLP, endpoint security, and secure cloud migrations. He enjoys connecting with IT and security professionals and is a leader of TechYeet networking community. Outside of his professional endeavors, Joe spends time traveling with his wife and one year old daughter.

  • speaker photo
    Jay Wilson, Moderator
    CISO, Insurity
  • speaker photo
    Michael Stephen
    Security GRC Manager, Rightway Healthcare

    Michael Stephen is a 20+ year Cybersecurity and Privacy professional who has worked in multiple industries including telecommunications, healthcare, state and local government, finance and restaurant. His experience includes designing, building and supporting security solutions, and successfully implementing compliance and privacy programs to support business goals. He holds active certifications CISSP, SABSA, prior multiple Cisco network and security, and his last position was Privacy & Security Officer at Connect for Health Colorado.

  • speaker photo
    Edgar Acosta
    Deputy CISO, Open Technology Solutions, LLC
  • speaker photo
    Craig Hurter
    Sr. Director, Information Security, State of Colorado Governor's Office of Information Technology

    Craig has worked in the IT industry for over 25 years and has focused on security for the past 15 years. He started in security as a forensic analyst and incident handler. After doing that for several years he moved into leadership in the InfoSec space and has been leading security teams in different capacities for the past 12 years. Craig has experience in Higher Education, Healthcare, Software Companies, and State government as well as some non-profit experience. Craig is passionate about creating the Office of Know instead of the Office of No. Craig currently serves as the right hand to the CISO as Sr. Director of Information Security for the State of Colorado Governor’s Office of Information Technology.

  • speaker photo
    Toby Zimmerer
    Sr. Demand and Delivery Director, Data Protection

    Toby Zimmerer is a Senior Demand and Delivery Director in Optiv’s Data Governance, Privacy, and Protection practice, where he assists organizations with building programs and implementing solutions focused on protecting high value information and assets. He has more than 24 years of professional experience developing information security strategies, designing information security programs, developing information security solutions and leading teams with deploying and operating information security programs. Toby has an MBA, a BS in electrical engineering, a CISSP certification, a CCSK from the Cloud Security Alliance, and is a US Navy veteran.

  • speaker photo
    Julian Wayte
    Solutions Engineering Manager, Uptycs

    Julian Wayte is a highly skilled cybersecurity professional specializing in cloud security. With over a decade of experience in the industry, Julian has become an expert in protecting digital assets and ensuring the security and integrity of cloud-based systems.

    Julian's passion for technology and security began early in his life, sparking his interest in pursuing a career in cyber security. He obtained his Bachelor's degree in Computer Science with a focus on information security from a renowned university, where he developed a strong foundation in both theoretical and practical aspects of the field.

    Throughout his career, Julian has worked with a diverse range of organizations, from start-ups to multinational corporations, assisting them in securing their cloud infrastructures and mitigating cyber threats. His exceptional analytical skills and attention to detail have enabled him to identify vulnerabilities and protect critical data.

    As a cloud security professional, Julian possesses extensive knowledge of leading cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). He is well-versed in the latest cloud security best practices and understands the unique challenges associated with securing cloud environments.

    In addition to his technical expertise, Julian is an excellent communicator and collaborator. He has conducted numerous training sessions and workshops, educating both technical and non-technical stakeholders on the importance of cloud security and promoting a culture of security awareness within organizations. His ability to translate complex technical concepts into easily understandable terms has earned him accolades from colleagues and clients alike.

    Julian is also dedicated to staying up to date with the rapidly evolving cybersecurity landscape. He actively participates in industry conferences, seminars, and online forums to exchange knowledge and learn from fellow experts. His commitment to continuous learning allows him to stay ahead of emerging threats and implement cutting-edge security strategies.

  • speaker photo
    Happy Hour
  • speaker photo
    Frannie Matthews
    President & CEO, Colorado Technology Association

    Frannie is a passionate leader who drives energy and innovation in everything she touches. With over 35 years of experience in the technology sector, Frannie provides clarity in the face of complexity and uncertainty. She believes that transformation is the key to success in today's business climate. Frannie is continuously scanning for refinement and improvement. She identifies trends and connections early and moves quickly to find opportunities and anticipate risk.

  • speaker photo
    Richard Staynings
    Board Member and International Healthcare Cybersecurity Luminary; Teaching Professor, University of Denver

    Richard Staynings is a globally renowned thought leader, author, public speaker, and advocate for improved cybersecurity across the Healthcare and Life Sciences industry. He has served on various industry and international cybersecurity committees and presented or lectured on cybersecurity themes or concerns all over the world. He has advised numerous government and industry leaders on their healthcare security strategy and defensive posture and has served as a subject matter expert on government Committees of Inquiry into some of the highest profile healthcare breaches.

    Richard is currently Chief Security Strategist for Cylera, a pioneer in the space of medical device and HIoT security. He is also author of Cyber Thoughts, a leading healthcare cybersecurity blog, teaches postgraduate courses in cybersecurity, health informatics and healthcare management at the University of Denver University College, and is a retained advisor to a number of governments and private companies.

    A recovering CISO, with more than 25 years’ experience of both cybersecurity leadership and client consulting in healthcare, Richard has lived in over 30 countries and delivered innovative solutions to organizations in all of them. When he’s not on a plane or speaking at an event, he can usually be found in the Rocky Mountains of Colorado, USA

    Some of his more notable successes include work for: Amgen, Cisco, CSC (now DxC), PricewaterhouseCoopers, Intel, Microsoft, Zurich Financial, and a long list of hospital and health systems.

  • speaker photo
    Alex Wood
    CISO, Uplight; Co-Host, Colorado = Security podcast

    Alex Wood is currently the CISO for Uplight and has more than 18 years of experience in information security. Previously, he has had managerial, program, and technical roles at several major companies in different verticals. Additionally, Alex has served on the Board of Directors for ISSA International and is a host of the Colorado = Security podcast. Alex is a CISSP and has an MAS in Information Security from the University of Denver.

  • speaker photo
    Robb Reck, Moderator
    Co-Host, Colorado = Security Podcast
  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes