googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, October 9, 2024
    9:00 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0
    • session level icon
    speaker photo
    Cyber Risk Analyst, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

     

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    9:00 am
    [PLUS Course] Preventing, Detecting, Responding, and Recovering from a Ransomware Attack
    • session level icon
    speaker photo
    Sr. Cybersecurity Consultant, Wilson Cyber
    Registration Level:
    • session level iconSecureWorld Plus
    9:00 am - 3:00 pm

    Today’s ransomware attacks have a severe impact on the operating capability of organizations. If an organization is prepared and has functional back-ups, restoring affected systems could take hours. If an organization is not prepared, restoring systems could take weeks to return to full operating capacity. Organizations cannot 100% prevent ransomware attacks. The best thing you can do is assume you will be hit and have plans in place that focus on planning, protecting, detecting, responding, and recovering from an attack.

    This course helps organizations design, build, operate, and maintain a comprehensive ransomware program. The key areas of focus include:

    1. How to prepare the organization for a ransomware attack by understanding the stages of a human-operated ransomware attack (initial access, privilege escalation, lateral movement, exfiltration, and encryption), maintaining and securing back-ups, detecting and mitigating vulnerabilities, cybersecurity training and education, and a detailed incident response plan;
    2.  How to protect the organization from a ransomware attack by implementing an asset management solution, deploying endpoint detection and response capability, establishing a zero-trust architecture, maintaining email and DNS filtering, hardening systems based on secure configurations, managing user accounts and privileged accounts;
    3. How to detect a ransomware attack in the early stages with continuous security monitoring, anomaly detection, and threat intelligence solutions;
    4. How to respond to a ransomware attack by isolating impacted systems, malware eradication / containment, focusing on critical assets; and
    5. How to recover from a ransomware attack with minimal downtime and data loss by restoring from back-ups, initiating recovery efforts, and reporting the incident.

    The class is based on best practices and guidance detailed in the U.S. CISA #StopRansomware Guide. The guide includes two primary resources: Part 1: Ransomware and Data Extortion Prevention Best Practices; Part 2: Ransomware and Data Extortion Response Checklist. Part 1 provides guidance for all organizations to reduce the impact and likelihood of ransomware incidents and data extortion, including best practices to prepare for, prevent, and mitigate these incidents. Prevention best practices are grouped by common initial access vectors. Part 2 includes a checklist of best practices for responding to these incidents.

  • Thursday, October 10, 2024
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:15 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    ISSA Chapter Meeting [Open to all attendees]
    • session level icon
    A Look at Pig Butchering: A Crypto Contributor to $4.5B of Investment Scam Losses Annually
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Investment scams, a multi-channel problem, topped the annual list of monetary losses in the FBI 2023 Crime Report at over $4.5 billion last year. The FBI has reported that crypto scams, called “pig butchering,” have been sweeping the US, so it’s unsurprising to see investment scams resulting in the costliest scams on record.

    We will discuss how pig-butchering crypto scams take place outside of email. They start on dating or social media apps and continue through well-scripted touch points to build trust and rapport with victims, who invest more and more money into the fraudulent funds until the cybercriminal steals the funds and disappears.

    We will also discuss the concept, provide real-life examples, pinpoint pig-butchering touch points, and suggest ways to combat malicious activity.

    8:00 am
    An Honest Peer-Driven Conversation About Cyber Insurance
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Cyber insurance is no longer a “do I need it?” but a must-have for organizations. This conversation among cybersecurity peers will discusse how to properly assess insurance programs, including a candid look into how the organization should drive what is and is not covered, not the insurance provider.

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] Cyber World on Fire: A Look at Internet Security in Today’s Age of Conflict
    • session level icon
    speaker photo
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    This informative session analyses the growing threat of cyberattacks and risks to internet security in today’s world. Col. Leighton explores the various types of attacks and vectors, including how bad actors can impact businesses and individuals. The session also examines the role of governments and international organizations—partnering with public and private businesses—in protecting against cyber threats.

    Col. Leighton describes how nefarious actions are becoming increasingly more sophisticated and widespread, with hackers targeting not just large corporations but also smaller businesses and even individuals. He emphasizes the need for organizations to take proactive measures to protect their networks and data, including investing in advanced security technologies and providing regular training to employees.

    He shares examples of cyber activity—good and bad; offensive and defensive—from Ukraine, China, and around the globe.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    [Panel] Mental Health vs. Mental Wellbeing: How to Cultivate Resilient Security Teams
    • session level icon
    speaker photo
    Member, Board of Directors, Colorado Technology Association
    speaker photo
    CSO, Traceable AI
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    This panel discussion will confront the challenge of building infosec teams with the skills to manage stress under pressure. Three cybersecurity executive leaders will explore how to create team cultures, practices, and processes for proactively building mental well-being instead of addressing mental health from a reactive position. Much like building a security program, the group will look at the role mindfulness can play in helping defenders increase job satisfaction, improve focus, and lower the risk of burnout. Attendees can expect to gain actionable insights and practical steps that can be implemented within their organizations to cultivate this type of resilience.
    10:15 am
    What's More Complex, the Internet or the Galaxy?
    • session level icon
    The Intersection of Cybersecurity and Space
    speaker photo
    Director of IT Security, York Space Systems
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Session description coming soon.

    10:15 am
    Cybersecurity and Resilience: It's Not Just Bob's Job Anymore
    • session level icon
    speaker photo
    Director Technical Strategy, Cyber Resiliency, Pure Storage
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    In today’s rapidly evolving digital landscape, cybersecurity is no longer solely the responsibility of backup administrators. It demands a collective effort and a streamlined approach to ensure comprehensive protection across an organization. This presentation delves into the critical themes of modern data protection: broadening responsibility beyond backup administrators, tightening security cycles, and maintaining simplicity in implementation.

    We will explore the significance of a tiered data protection architecture—a modern methodology that safeguards data across multiple geographies while ensuring high accessibility. This approach is essential for organizations seeking robust and resilient data protection strategies.

    Pure Storage offers innovative solutions that empower customers to consolidate modern data applications onto a single, scalable platform. By eliminating complex and inefficient infrastructure silos, our solutions provide unparalleled investment protection and operational efficiency. Join us to discover how Pure Storage can help your organization achieve new heights in data security and management.

     

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Building a Robust Privacy Framework: Mastering ‘Forget Me’ and Subject Access Requests
    • session level icon
    speaker photo
    Executive Director of Cybersecurity & Infrastructure, Focus on the Family
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    In today’s data-driven world, organizations face increasing pressure to protect personal information while complying with complex privacy regulations. This session offers practical insights and strategies for developing a comprehensive privacy program that effectively manages ‘Forget Me’ requests and Subject Access Requests (SARs). Drawing from real-world experiences, we’ll explore how to leverage people, processes, and technology to create a privacy framework that meets regulatory requirements and builds trust with customers and stakeholders.

    Key Takeaways:

    1. Roadmap to Success: Learn how to develop a strategic project roadmap for implementing a robust privacy program, including key milestones and dependencies.
    2. Streamlined SAR Management: Discover efficient processes for handling Subject Access Requests, from initial receipt to final delivery of information.
    3. Effective ‘Forget Me’ Protocols: Explore best practices for implementing and managing data erasure requests in compliance with GDPR and other privacy regulations.
    4. Data Discovery and Classification: Understand techniques for conducting thorough data inventories and classification to support privacy initiatives.
    5. Technology Integration: Learn how to leverage technology solutions to automate and enhance privacy processes, including data mapping and request management.
    6. Training and Culture: Develop strategies for fostering a privacy-aware culture through comprehensive employee training and engagement.
    7. Balancing Compliance and Operations: Gain insights on striking the right balance between regulatory compliance and operational efficiency.
    8. Continuous Improvement: Explore methods for monitoring, auditing, and continuously improving your privacy program to adapt to evolving regulations and threats.

    This session will equip privacy professionals, IT leaders, and compliance officers with actionable strategies to enhance their organization’s privacy posture and effectively manage data subject rights in an increasingly complex regulatory landscape.

    11:10 am
    How to Build an Insider Threat Program
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

    Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

    This presentation will explore:

    • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
    • Four attributes of a successful insider threat program
    • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
    • An automated investigation experience that replaces manual routines and effectively guides new insider threat teams
    11:10 am
    [Panel] Unveiling the Threat Landscape and Unmasking Digital Villains
    • session level icon
    speaker photo
    Vice President, Savvy
    speaker photo
    Solutions Architect, CyberArk
    speaker photo
    Digital Security Consultant, Americas DPS, Entrust
    speaker photo
    Board Member and International Healthcare Cybersecurity Luminary; Teaching Professor, University of Denver
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    In the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.

    Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.

    Our panel provides a comprehensive overview of the current threat landscape.

    12:00 pm
    [Lunch Keynote] Building Cyber Resilience Through Leadership and the Power of Perspective
    • session level icon
    speaker photo
    Co-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane LLP
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    Session description coming soon.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    A Risk Management Strategy for AI that Won't Drive You Bananas
    • session level icon
    speaker photo
    Member, Board of Directors, Colorado Technology Association
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    AI is the fourth event horizon of our technology lifetime !  Karen will provide an AI backgrounder and share the risk management strategy that will ensure you aren’t caught in the compliance hamster wheel of pain as legislators and regulators respond to the explosive AI revolution.

    1:15 pm
    Securing Your Sensitive Assets in a Cloud-First World
    • session level icon
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Key take-away: 
    How to rethink database security controls in a cloud-first world.

    For most organizations, data repositories hold our most sensitive, mission critical assets. As enterprises continue their digital transformation journeys, data repositories and the sensitive assets within are more exposed than ever before for several reasons, including a dramatic rise in the:

    • Amount of data created, collected, and stored
    • Number of repositories storing sensitive data across clouds
    • Number of users and applications that need access to data
    1:15 pm
    [Panel] Beyond the Shadows: Anticipating Tomorrow's Cyber Threats
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    In the dynamic realm of cybersecurity, the battle between defenders and digital villains is an ongoing saga. This forward-looking session will explore the evolution of cyber threats, forecasting the next wave of challenges that organizations and individuals may face. We aim to unmask the upcoming generation of digital villains, examining their sophisticated tactics and exploiting vulnerabilities that may become prevalent in the future.

    Our distinguished panel of cybersecurity experts will dissect the motivations driving these threats, from the ever-adapting strategies of profit-driven cybercriminals to the evolving techniques employed by state-sponsored actors wielding cyberweapons. As we peer into the future, we will also address the role of emerging technologies in reshaping the threat landscape, providing insights that empower organizations to proactively defend against tomorrow’s cyber challenges.

    Join us in this exploration of the unseen, as we strive to anticipate and understand the threats that lie beyond the shadows of the current cybersecurity landscape.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    Recent Cybercrime Trends by the U.S. Secret Service
    • session level icon
    speaker photo
    Special Agent, U.S. Secret Service
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    We’ll discuss trends in e-fraud, cybercrime , and the evolution of recent attacks in the Rocky Mountain region.

    2:10 pm
    Embracing ‘Yes’: Empowering New Cybersecurity Engineers to Thrive
    • session level icon
    speaker photo
    Technical Security Engineer, Yahoo
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm
    Are you a leader dealing with an increasing number of new engineers starting their first cybersecurity roles? You’re not alone! Many new cybersecurity engineers face imposter syndrome and are hesitant to be open with their leaders, which slows down their growth and work output.
    We have always heard saying ‘yes’ can open unexpected doors and lead to diverse opportunities. This has been true for me. Come join me as I share my journey from graduation to navigating the challenges of entering the industry, emphasizing the transformative power of embracing the “yes” attitude that helped me overcome new challenges and experiences.
    I’ll discuss how I conquered imposter syndrome, improved my skills through real-world scenarios, and connected with people who could help enhance my skill set—all by embracing one simple word—YES!
    Furthermore, I’ll share how leaders can support their new hires by promoting the “Yes” mentality and its benefits. This helps them embrace new opportunities, leverage diverse experiences, and evolve with each challenge.
    Let’s collaborate to create a thriving community of confident and capable cybersecurity professionals.
    2:10 pm
    Developing a Crisis Management Playbook
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    When a data breach or other cyber incident happens, having a plan in place can mean the difference between a quick recovery and unwanted headlines and irreparable harm to stakeholder trust.

    3:00 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary beverages. This is a great opportunity to network with other security professionals from the area and discuss the hot topics from the day.

     

    3:30 pm
    [Closing Keynote] Radical Transparency Needed to Build Trust
    • session level icon
    speaker photo
    CISO, Ruby; Co-Host, Bare Knuckles & Brass Tacks Podcast
    speaker photo
    Co-Founder, Mind Over Cyber, Podcast Co-Host,, Bare Knuckles & Brass Tacks
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    Location / Room: Keynote Theater

    Session description coming soon.

Exhibitors
  • Anvilogic
    Booth: TBD

    Anvilogic is a cloud-based modern Security Operations Platform for threat detection, investigation, and incident response (TDIR) to optimize and unify the detection, hunting, and triage lifecycle to more efficiently and effectively respond to threats across hybrid and multi-cloud workloads and security data lakes.

  • baramundi software USA, Inc.
    Booth: TBD

    baramundi Software provides companies and organizations with efficient, secure, and cross-platform management of workstation environments.

    The baramundi Management Suite (bMS) combines all important features for Endpoint Management: Patch Management, Software Deployment, OS-Installation, Enterprise Mobility Management, Vulnerability Assessment, and more. bMS optimizes IT management processes by automating routine tasks and providing an extensive overview of the status of the network and endpoints. In doing so, it relieves pressure on IT administrators and ensures that users always have the necessary rights and applications on all platforms and form factors; whether on PCs, servers, notebooks, mobile devices or Macs.

    Over 3,000 customers around the world benefit from nearly two decades of experience and the easy-to-use software solution.

  • Colorado Technology Association
    Booth: TBD

    The Colorado Technology Association leads the network of companies and professionals fueling Colorado’s economy, through technology.

    At the Colorado Technology Association, we:

    – Lead an inclusive network that benefits our member community
    – Advocate for a pro-business and technology-friendly climate
    – Influence the development of a robust talent pipeline
    – Lead initiatives to help companies grow.

  • CyberArk Software
    Booth: 340

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Entrust
    Booth: 220

    Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.

  • Fortinet
    Booth: 210

    Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

  • Gurucul
    Booth: 250

    Gurucul is a global cybersecurity company that is changing the way organizations protect their most valuable assets, data and information from insider threats and external cyberattacks, both on-premises and in the cloud. Gurucul’s real-time Cloud-native Next-Gen Security Analytics and Operations Platform provides customers with Next Generation SIEM, UEBA, Open XDR, and Identity & Access Analytics. It leverages machine learning behavior profiling with predictive risk-scoring algorithms to predict, detect and prevent data breaches, fraud and insider threats. It also reduces the attack surface for accounts and eliminates unnecessary access rights and privileges to increase data protection.

    Gurucul is backed by an advisory board comprised of Fortune 500 CISOs, and world-renowned experts in government intelligence and cybersecurity. The company was founded in 2010 by seasoned entrepreneurs with a proven track record of introducing industry-changing enterprise security solutions. Gurucul’s mission is to help organizations protect their intellectual property, regulated information, and brand reputation from insider threats and sophisticated external intrusions.

    Gurucul technology is used by Global 1000 companies and government agencies to fight cybercrimes, IP theft, insider threat and account compromise. It is also used for log aggregation, compliance and risk-based security orchestration and automation for real-time extended detection and response. Gurucul is headquartered in Los Angeles, CA.

  • Hunters
    Booth: TBD
    Hunters SOC Platform transforms security ops with AI and automation, providing a superior alternative to traditional SIEM systems. It streamlines threat detection and auto-investigation, empowering analysts with deeper insights and efficiency.

     

  • ISACA Denver Chapter
    Booth: TBD

    The Denver Chapter of ISACA® (formerly EDPAA) was founded in June 1976 with just a handful of members. Today, the Denver chapter with over 1,040 members, is one of the largest chapters within the Southwestern Region. The Denver Chapter contributes to the international organization with financial support and periodic hosting of the International Conference.

    The Denver Chapter of ISACA® is a non-profit organization dedicated to the continued development and enhancement of the information systems audit and control profession by providing benefits to its members and to the professional community-at-large.

  • ISSA Denver Chapter
    Booth: TBD

    ISSA Denver Chapter: Developing and Connecting Cybersecurity Leaders Globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

  • Keysight
    Booth: 270

    Keysight’s portfolio of network security solutions simulate threats, eliminate blind spots, taking control of a rapidly-changing attack surface. Be a hero, not a headline, by proving your network is secure simulating attacks, exposing gaps early, and course correct with step-by-step fixes; protecting users and applications with increased the efficiency, performance, and reliability of your security systems;  patrolling every packet eliminating vulnerable blind spots and decrypt threats hiding in SSL traffic; and practice your cyber skills enhancing your security and attack response skills against real-world threats.

  • Okta
    Booth: 130

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Pondurance
    Booth: TBD

    Pondurance delivers world-class Managed Detection & Response (MDR), Incident Response (IR), Vulnerability Management, and Advisory Services to industries facing today’s most pressing and dynamic cybersecurity challenges. Our U.S. based Security Operations Center (SOC) offers personal, proactive, and around-the-clock cybersecurity to protect the human experience. We take a risk-based approach to cybersecurity; so you know you are protecting your most valuable assets and reducing your cyber risk.

    Our mission is to ensure that every organization is able to detect and respond to cyber threats—regardless of size, industry or current in-house capabilities. We believe AI and automation alone aren’t enough, you need ingenious human experience because attackers aren’t machines, they are people. We combine our advanced platform with decades of human intelligence to speed detection and response and contain cybersecurity threats quickly to ultimately decrease risk to your mission.

  • Pure Storage, Inc.
    Booth: 330

    Pure Storage is pioneering a new class of enterprise storage that has been designed from the ground up to take full advantage of flash memory. The company’s products accelerate random I/O-intensive applications like server virtualization, desktop virtualization (VDI), database (OLTP, rich analytics/OLAP, SQL, NoSQL), and cloudcomputing.

    Pure Storage makes it cost-effective to broadly deploy flash within the data center, enabling organizations to manage growth within existing power and space constraints. Launching later this year, the company’s products are in private beta with select customers. Pure Storage is funded by Greylock Partners and Sutter Hill Ventures.

  • Rapid7
    Booth: 310

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • Rubrik
    Booth: TBD

    Rubrik, the Zero Trust Data Security Company, delivers data security and operational resilience for enterprises. Rubrik’s big idea is to provide data security and data protection on a single platform, including Zero Trust Data Protection, ransomware investigation, incident containment, sensitive data discovery and orchestrated application recovery. This means data is ready at all times so you can recover the data you need and avoid paying a ransom. Because when you secure your data, you secure your applications, and you secure your business.

  • Savvy Security
    Booth: 260

    Savvy automatically discovers and remediates your most toxic combinations of SaaS identity risk. It also allows you to guide users at scale towards proper security hygiene using just-in-time security guardrails.

  • WiCys Colorado Affiliate
    Booth: TBD
Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Rob Finch, Instructor
    Cyber Risk Analyst, Cyber Risk Opportunities LLC
  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Sr. Cybersecurity Consultant, Wilson Cyber

    Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Col. Cedric Leighton
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC

    Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

  • speaker photo
    Karen Worstell
    Member, Board of Directors, Colorado Technology Association

    Karen Worstell began her cyber career 30 years ago when her Programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question.

    She has provided cybersecurity support for programs like the Advanced Tactical Fighter prototype and B2 Bomber, developed the first computer security manual for the Boeing Company, and led research in secure distributed computing for Boeing’s Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide, SRI Consulting, Bank of America, AT&T Wireless, Microsoft and Russell Investments. She was the CEO for AtomicTangerine, the SRI International spinoff focused on security that served international Fortune 100 companies in security strategy and major technology implementations. She co-chaired major security events for SRI International, Forbes.com, and Georgetown University Law Center.

    She held positions at NIST for OSI security architecture, the security subcommittee of the Aerospace Industries Association, US Department of Commerce Security and Privacy Advisory Board, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld, IIA, ISSA, ISACA, AusCERT, Security Conference Israel, and RSA.

    She is the author of “Governance and Internal Controls for Cutting Edge IT” published by ITG, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms” by Pike & Fisher.

    Her technical expertise spans Identity and Access Management, Intrusion Detection and Response, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks.” Today she focuses on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leadership roles for enterprises who are serious about cyber security.

  • speaker photo
    Richard Bird
    CSO, Traceable AI
  • speaker photo
    Alex Young
    Director of IT Security, York Space Systems
  • speaker photo
    Jason Walker
    Director Technical Strategy, Cyber Resiliency, Pure Storage

    Jason has been with Pure Storage since 2019, bringing Pure Storage’s Cyber Resiliency message to the market.

    At Pure Storage, Jason is the face, voice, and conscience of the practice and has consulted with thousands of customers on the best approach for their desired outcomes.

    Jason has 25+ years of experience in this space and has worked with many data protection, storage, and security solutions. He has appeared on hundreds of webinars, meetings, and events as an expert in the field.

    A graduate of the University of Florida, Jason currently resides in Daytona Beach Shores, FL.

  • speaker photo
    Rhett Saunders
    Executive Director of Cybersecurity & Infrastructure, Focus on the Family

    Rhett served the Federal Reserve, and while there, led regular Enterprise Risk Management discussions between the Federal Reserve and U.S. Treasury with a focus on cybersecurity. He is a former NSA cryptoanalyst and a U.S. Army veteran, having served multiple joint intelligence communities, both foreign and domestic government agencies in international locations.

    Rhett is a public speaker on the topic of privacy and identity theft prevention. He lectures on cybersecurity and cryptography topics at University of Colorado Colorado Springs (UCCS) and Flatiron School. He also serves on the SecureWorld Advisory Council. Rhett earned a Master of Business Administration from LeTourneau University and holds the CISSP credential.

  • speaker photo
    Debra Brown
    Vice President, Savvy

    Debra Brown brings over 25 years of experience in cybersecurity. Starting her career at Xerox and then honing her experience in high-growth startups like Ping Identity and Chainalysis, Debra excels in introducing innovative security technologies to the market. Her dedication extends beyond her professional sphere as she is also a passionate learner, book lover, and a devoted mother and wife in a loving, blended family.

  • speaker photo
    Dennis Mastin
    Solutions Architect, CyberArk

    Dennis Mastin, CISSP, is a security professional focused on securing the identities of humans and automated workloads. He has been in industry for over 30 years as a software engineer, field sales specialist, and consultant. The past two decades, Dennis focused on Identity and Access Management while at Netscape, Sun Microsystems, and Oracle. Currently, Dennis helps CyberArk customers realize the benefits of securing identities across a wide range of industries.

  • speaker photo
    Ed Reynolds
    Digital Security Consultant, Americas DPS, Entrust

    Ed has over 20 years’ experience in cybersecurity, covering SSL/VPN, Intel chip security technologies, endpoint protection, DLP, data at rest/in motion encryption technologies, key management, and managed security services. Based in Austin, Texas, Ed is a member of the Entrust Digital Security Solutions Center of Excellence for Data Protection Solutions. Prior to Entrust, Ed served in strategic alliance roles at Thales DIS and Symantec, where he worked with Global System Integrators. Earlier, he held leadership roles software products at Dell, semiconductors at Britestream Networks, and networking products at Compaq and Motorola.

  • speaker photo
    Richard Staynings, Moderator
    Board Member and International Healthcare Cybersecurity Luminary; Teaching Professor, University of Denver

    Richard Staynings is a globally renowned thought leader, author, public speaker, and advocate for improved cybersecurity across the Healthcare and Life Sciences industry. He has served on various industry and international cybersecurity committees and presented or lectured on cybersecurity themes or concerns all over the world. He has advised numerous government and industry leaders on their healthcare security strategy and defensive posture and has served as a subject matter expert on government Committees of Inquiry into some of the highest profile healthcare breaches.

    Richard is currently Chief Security Strategist for Cylera, a pioneer in the space of medical device and HIoT security. He is also author of Cyber Thoughts, a leading healthcare cybersecurity blog, teaches postgraduate courses in cybersecurity, health informatics and healthcare management at the University of Denver University College, and is a retained advisor to a number of governments and private companies.

    A recovering CISO, with more than 25 years’ experience of both cybersecurity leadership and client consulting in healthcare, Richard has lived in over 30 countries and delivered innovative solutions to organizations in all of them. When he’s not on a plane or speaking at an event, he can usually be found in the Rocky Mountains of Colorado, USA

    Some of his more notable successes include work for: Amgen, Cisco, CSC (now DxC), PricewaterhouseCoopers, Intel, Microsoft, Zurich Financial, and a long list of hospital and health systems.

  • speaker photo
    Shawn E. Tuma
    Co-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane LLP

    Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

  • speaker photo
    Karen Worstell
    Member, Board of Directors, Colorado Technology Association

    Karen Worstell began her cyber career 30 years ago when her Programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question.

    She has provided cybersecurity support for programs like the Advanced Tactical Fighter prototype and B2 Bomber, developed the first computer security manual for the Boeing Company, and led research in secure distributed computing for Boeing’s Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide, SRI Consulting, Bank of America, AT&T Wireless, Microsoft and Russell Investments. She was the CEO for AtomicTangerine, the SRI International spinoff focused on security that served international Fortune 100 companies in security strategy and major technology implementations. She co-chaired major security events for SRI International, Forbes.com, and Georgetown University Law Center.

    She held positions at NIST for OSI security architecture, the security subcommittee of the Aerospace Industries Association, US Department of Commerce Security and Privacy Advisory Board, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld, IIA, ISSA, ISACA, AusCERT, Security Conference Israel, and RSA.

    She is the author of “Governance and Internal Controls for Cutting Edge IT” published by ITG, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms” by Pike & Fisher.

    Her technical expertise spans Identity and Access Management, Intrusion Detection and Response, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks.” Today she focuses on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leadership roles for enterprises who are serious about cyber security.

  • speaker photo
    Panel Discussion
  • speaker photo
    Derek Booth
    Special Agent, U.S. Secret Service

    U.S. Secret Service Supervisory Special Agent Derek Booth is a founding member and coordinator of the Mountain West Cyber Fraud Task Force (MWCFTF) which consists of 300+ members of federal, state and local law enforcement, network security personnel, private business owners, and academia partners in the Rocky Mountain Region. The MWCFTF’s mission is to investigate cybercrime in the Mountain West States while supporting our task force partners’ investigations including Ransomware, Business Email Compromise & Network Intrusion attacks, Credit Card Skimming, and Computer/Cellphone Forensics. Derek became a Computer/Cellphone Forensic Examiner in 2012 after spending his first 13 years on the job protecting a plethora of dignitaries including President George W. Bush and family full-time.

  • speaker photo
    Sanjana Mahadeshwar
    Technical Security Engineer, Yahoo

    A dedicated Security Engineer with a passion for safeguarding Yahoo resources against cyber threats. With more than three years of experience in the realm of cybersecurity, I have honed my skills in securing applications, identifying vulnerabilities, and implementing robust solutions. With a Master's degree in Cybersecurity, my expertise extends beyond traditional security paradigms; I am well-versed in emerging technologies and industry best practices. My academic background, coupled with hands-on experience, enables me to navigate the ever-evolving landscape of Security Programs.

  • speaker photo
    Happy Hour
  • speaker photo
    George Al-Koura
    CISO, Ruby; Co-Host, Bare Knuckles & Brass Tacks Podcast
  • speaker photo
    George Kamide
    Co-Founder, Mind Over Cyber, Podcast Co-Host,, Bare Knuckles & Brass Tacks
Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Best practices & solutions, straight from the source

Join your local cybersecurity community for learning and professional growth!