googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, September 12, 2018
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Advisory Council Breakfast - (VIP / INVITE ONLY)
    • session level icon
    Topic: How to Build Your Personal Brand
    speaker photo
    Program Director, Baker College of Auburn Hills
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 9:15 am
    Location / Room: Lookout

    This session is for Advisory Council members only.

    8:00 am
    SecureWorld PLUS Part 1 - Security’s New Know: Strategic Skills for the Digital Age
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    speaker photo
    CEO, IT Management Resources
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 203A

    Security’s Dark Age is coming to an end. A sub-set of organizations has moved beyond the misunderstandings, stigmatizations, dysfunctional economics and toxic mindsets regarding the practice of security. A new age is upon us – an age that requires new thinking, new skills and new practices. This session – part Harvard MBA-in-a-box, part Amish barn raising and part therapy session features Futurist Thornton May and a faculty of local experts detailing what the positive path to the future might look like.

    8:00 am
    [SecureWorld PLUS] Part 1 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    Earn 16 CPEs With This in-Depth 3-Part Course
    speaker photo
    Manager, Cyber and Information Security, Point32Health
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 203BC

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:30 am
    IoT Archaeology: Dig Security Lessons
    • session level icon
    speaker photo
    Automotive Solutions Director, Sec eDGE
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Theater

    The Internet of Things just turned 100 years old! This session will go back even farther to track related security issues. Easy to remember incidents and issues build the case for common controls. Modern IoT is complex; architectures have many common emergent issues, but it is possible to make good decisions if you choose the right trade-offs.
    Seven common attack themes:
    1. Inbound traffic vs Outbound only
    2, In-Band
    3. Replay
    4. Unintended
    5. Untrusted supplier
    6. Privacy
    7. Class Break
    Get the basics right, common controls

    8:30 am
    AI is Your Friend
    • session level icon
    Methods and Practical Applications for AI Implementation to Supplement the InfoSec Labor Shortage
    speaker photo
    Cybersecurity Lab Engineer, Thomas Edison State University
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Suite 3

    The InfoSec needs continue to grow as each day passes. Seemingly the offensive actors grow at an alarming rate, as their focus continues to be on exfiltrating data to sell or leverage, or their 15 minutes of fame. The blue team, or defensive side of the coin, has historically had issue with keeping pace with the attacks. One avenue beginning to be applied to InfoSec in an attempt to alleviate the massive strain on resources is AI. The presentation will elaborate, elucidate, and expound on the methods and practical application of AI to alleviate the massive strain on our field.

    8:30 am
    Cisco: The Zero Trust Journey
    • session level icon
    speaker photo
    Security Technical Solutions Architect, Cisco
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: 103

    Zero Trust is more than network segmentation; it’s a complete and holistic approach that includes processes and technologies for protecting data, networks, user access, workloads, and devices via analytics, automation, and orchestration. This session focuses on the Strategy and Design (processes and technology) for your Organization’s Zero Trust journey.

     

    8:30 am
    Cyber Risk in the Supply Chain: Where Is Your Weakest Link?
    • session level icon
    speaker photo
    Managing Director, UHY Consulting
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 105

    Every organization has a supply chain, and many don’t know which members are the weakest link in the chain. Cybersecurity is no longer limited to what you do within your own organization. Many of the largest breaches in recent history have been the result of inadequate security with vendors and other members of the supply chain. This session will provide you with the risks and some possible remedies for how your organization can better manage the organizations that make up your supply chain and other business partners.

    9:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    9:30 am
    Opening Keynote: Risk & Security’s Bright Future: Mapping the Road Ahead
    • session level icon
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater

    There has never been a better time to be a risk/security professional. Disruptive technologies fundamentally expand the “Art of the Possible;” reshape the solution provider ecosystem [with a new hierarchy of winners & losers]; and discombobulate expectations of how and by whom risk and security should be managed/led.

    In an entertaining and highly interactive session, Thornton May will share with attendees how leading Risk/Security Cartographers chart the future. Like the movers and shakers of the Renaissance, we stand on the shores of a new world –a Mundus Novus as Americo Vespucci labeled it in 1502.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable: (VIP / Invite Only)
    • session level icon
    Topic: Vendor Risk Management
    speaker photo
    Chief Information Security & Privacy Officer, WorkForce Software
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: Boardroom

    This session is for Advisory Council members only.

    11:15 am
    baramundi — Innovative Endpoint Management: A Holistic Approach to Vulnerability Management, Patching, OS Upgrades, and Software Distribution
    • session level icon
    speaker photo
    Executive Manager, baramundi software USA, Inc.
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 101
    Windows Fall Anniversary Update, Office 365 Migration, Vulnerability and Patch Management: Are any of these three topics causing your blood pressure to rise? This session will show you how you can automate OS migrations, software deployment projects, and effective security exploit management all from one easy to use Endpoint Management Suite. No university degree or nerd glasses required—buckle up!

     

    11:15 am
    Using Agile to Create a Value-Add Audit Practice
    • session level icon
    speaker photo
    Deputy CISO, State of Washington
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Theater

    A 2017 PwC study reported that 44% of respondents say internal audit adds value. This was due to audits focused on compliance rather than value-added activities. Additionally, poor coordination between audit and business workflows reduced its ability to provide insights.

    This presentation is an audit Agile transformation case study, including Kanban enabled flexibility, a shift to continuous delivery, and reduced rework. It will also set the stage for relationship improvements with other business units.

    11:15 am
    Hey Smart City, Locate My Car!
    • session level icon
    speaker photo
    Advisory Manager / Security Researcher, Deloitte
    speaker photo
    Technical Specialist Manager, Deloitte
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Suite 3

    As you are driving through the future of tomorrow, you will notice that your EV is charging as you are driving down the road, then all of a sudden your vehicle stops at the red light by itself. Now you have realized that the vehicle has communicated with the traffic signal indicating when to stop and proceed.

    As the threat landscape of the vehicle emerges due to increased technology components, privacy and global regulations become more complex. Vehicle-to-infrastructure (V2I) allows vehicle data, location, GPS, and speed to be recorded and stored in a centralized database that could potentially be breached, allowing attackers to profile your driving habits. There are numerous ancient systems that have been designed years ago that don’t take security measures to protect against cybersecurity attacks. These legacy systems are now designed to communicate with third-party systems hosted in the cloud, which gives the attackers the ability to own the complete vehicle ecosystem. How will consumers react to this?

     

    11:15 am
    Security and Complexity: There Is a Real Link (with Mathematics)
    • session level icon
    speaker photo
    Director of Cloud Services and Research, Department of Technology, Management, and Budget, State of Michigan
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: 105
    11:15 am
    Wombat — End-User Cybersecurity Behaviors: The Importance of Training Beyond the Phish
    • session level icon
    speaker photo
    Chief Architect, Wombat Security, a division of Proofpoint
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 103

    Phishing has long been a headline threat for infosec teams — but email is just one entry point for cybercriminals. Attendees will learn why it’s important to assess and train their end users about cybersecurity threats beyond email-based social engineering, and see how data insights from knowledge assessments and training activities differ from those related to simulated phishing attacks.

     

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Topic: Vulnerability and Patch Management
    speaker photo
    Technical Leader, Cyber Threat Intelligence, Ford Motor Company; President, Michigan InfraGard Members Alliance
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: Boardroom

    This session is for Advisory Council members only.

    12:15 pm
    [LUNCH KEYNOTE] Radware: The 10 Immutable Security Facts for 2020
    • session level icon
    speaker photo
    Security Evangelist, North America, Radware
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater

    A presentation of top 10 security facts that will disrupt established application and infrastructure security practices. A discussion centered around questions everyone is or should be asking in 2020:

    • What is the attack surface of the public cloud?
    • Why are NIDs, HIDs, and flow collectors not adapted for cloud based infrastructure and applications?
    • How to protect APIs and cloud native applications running in dynamic, end-to-end encrypted service meshes?
    • What is Next Gen WAF and when should I consider it?
    • What are automated threats and how to protect against the 4th generation bots?
    • Is deep learning an inexorable technology as attackers get automated and attacks more sophisticated?
    • What will be the impact of 5G on application security and availability?

    Presentation outline
    A top 10 is subjective in nature, but it wasn’t just pulled out of thin air. The 10 facts are based on trends in recent threats, my own security research, and discussions with CISOs and security leaders.

    The Top 10 security facts for 2019/2020:

    1. The Attack Surface of the Public Cloud is defined by Permissions
    2. The Insider thread of the Public Cloud is the Outsider
    3. HIDs, NIDs, and Flow Collectors are pointless for Securing Cloud-based Applications
    4. WAF does not keep up with Cloud Native Applications
    5. East-West Traffic is getting Encrypted
    6. Attackers are getting Automated
    7. Attacks are getting more Sophisticated
    8. APIs are the new Front-end
    9. Machine and Deep Learning become essential for Threat Detection
    10. 5G will fuel the next IoT Explosion

    Starting the discussion with an overview of the current threat landscape, illustrating with real-world incidents in following categories:

    1. Cloud infrastructure abuse
    2. Data breaches through publicly exposed S3 buckets
    3. Ransom of poorly secured cloud data services
    4. Cloud Infrastructure owning and wiping
    5. Cloudification of DDoS attacks
    6. Automated threats

    A quick run through of the top 10 security facts.

    The rest of the discussion will lead to the 10 facts and is organized in 4 chapters, each centering around a top of mind topic:

    1. Migrating to the cloud
    2. Cloud Native Applications
    3. Automated Threats
    4. 5G/IoT Intersection

    Each chapter is summarized with the top security facts that were demonstrated throughout the discussion

     

    1:15 pm
    Panel: What Will They Think of Next? (Emerging Threats)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    It would seem the more we “build a better mousetrap” the better the threats become. Will machine learning and AI be used against us in the future? Will these and other innovations be hacked and used for gain? Will the Crime as a Business platform take off where business competitors are utilizing these attacks for the upper hand? Perhaps the cars that are being hacked will evolve into driverless vehicles that are hacking companies from inside there own parking lots. What about drones? So many questions, let’s see what our experts say on this panel.
    Panelists:
    Patrick Vowles, IBM
    Leigh Frederick, Darktrace
    Matt Rose, Checkmarx
    Ron Winward, Radware
    John Fahey, Comodo

    1:15 pm
    Panel: Phishing and Social Engineering Scams 2.0
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Suite 3

    Phishing continues to be the #1 attack vector for the bad guys. Why? Simply put: it works. These attacks keep getting more realistic and sophisticated. In the future we should expect nothing less. Criminals will do more homework on their potential victims and possible pose as business leads or clients to gain our trust. What sales person doesn’t want email from a potential client who wants a new solution? Or they may just lay in wait until they’ve collected enough information to strike. Will they actually come to your business and drop thumb drives like pen testers do? Use drones to do their dirty work? Our experts will discuss the current state of affairs and brainstorm possible new scenarios.
    Panelists:
    Jon Clay, Trend Micro
    Jeremy Briglia, Qualys
    Kurt Wescoe, Wombat
    Brandon Reid, Mimecast
    Jeff Ostermiller, Zscaler

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    3:00 pm
    Nothing of Value: Predict Cybercrimes, Prepare Defenses, and Make Organizations Less of a Target
    • session level icon
    speaker photo
    Advisory CISO, Duo Security, Cisco
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Suite 3
    “We have nothing of value to a hacker,” the businessperson responds to the cybersecurity professional. “Why invest in security?” At the same time, money in cybercrime has exceeded the drug trade. Attacks are up, from ransomware to crypto mining. In this presentation, we will break out the different types of threats: from the curious to the criminal. The session explore the economics behind the tactics and present ways to make our organizations less of a target. At the same time, we will cover making the business case for security improvements and maximizing the budget we win.
    3:00 pm
    SOC2, GDPR, SOX, PCI, ABC, DEFDGH, JH, bla, bla, bla: Come Share Your Success (or not) in Becoming Compliant
    • session level icon
    speaker photo
    CEO & President, Cybercrime Support Network
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 105

    How are we keeping up with all of the alphabet requirements? Got ideas to share, or tools that help you stay up to date? There has to be a way to standardize, communicate, and best of all reach “appropriate” levels of compliance. Barb Hiemstra, Privacy Engineer at Steelcase, will facilitate a roundtable discussion for security compliance and crowd source-minded individuals.

    3:00 pm
    Mimecast— The Human Firewall Is on Fire: What Do You Do When the Smoke Clears?
    • session level icon
    speaker photo
    Sales Engineer, Mimecast
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: 103

    Many enterprises are focused on prevention and are too busy with day-to-day firefights to look beyond the flames and think about how to recover. Beyond preventing attacks, organizations need to focus on detection and response. It’s no longer a matter of if you’re going to be attacked, but when. Join this session to:
    • Learn the cutting edge tactics of these digital thieves
    • Identify and combat these attacks
    • Learn how to recover, should an attack break through your defenses

    3:00 pm
    Approaches to Justifying Cybersecurity Spending
    • session level icon
    speaker photo
    Chief Information Security & Privacy Officer, WorkForce Software
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Theater
    Practical tips and examples for getting your security initiatives approved and funded, whether you’re talking to your manager or the CFO.

     

    3:00 pm
    SecureWorld PLUS Part 2 - Security’s New Know: Strategic Skills for the Digital Age
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    speaker photo
    CEO, IT Management Resources
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: 203A

    Security’s Dark Age is coming to an end. A sub-set of organizations has moved beyond the misunderstandings, stigmatizations, dysfunctional economics and toxic mindsets regarding the practice of security. A new age is upon us – an age that requires new thinking, new skills and new practices. This session – part Harvard MBA-in-a-box, part Amish barn raising and part therapy session features Futurist Thornton May and a faculty of local experts detailing what the positive path to the future might look like.

    3:00 pm
    [SecureWorld PLUS] Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Manager, Cyber and Information Security, Point32Health
    Registration Level:
    • session level iconSecureWorld Plus
    3:00 pm - 4:30 pm
    Location / Room: 203BC

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    4:00 pm
    After Party: Enjoy Bites and Beverages with Fellow Security Professionals Compliments of GuidePoint Security
    • session level icon
    Stop by booth #500 to RSVP
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 6:00 pm
    Location / Room: Look Out Room (Inside the Venue)

    Need to relax after a great day at SecureWorld? Join us to mingle with cybersecurity professionals and enjoy delicious bites, and beverages.
    4-6 p.m.
    The Apparatus Room (in the Detroit Foundation Hotel)
    250 W Larned St.
    Detroit, MI 48226

  • Thursday, September 13, 2018
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 3:00 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    SecureWorld PLUS Part 3 - Security’s New Know: Strategic Skills for the Digital Age
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company
    speaker photo
    CEO, IT Management Resources
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 203A

    Security’s Dark Age is coming to an end. A sub-set of organizations has moved beyond the misunderstandings, stigmatizations, dysfunctional economics and toxic mindsets regarding the practice of security. A new age is upon us – an age that requires new thinking, new skills and new practices. This session – part Harvard MBA-in-a-box, part Amish barn raising and part therapy session features Futurist Thornton May and a faculty of local experts detailing what the positive path to the future might look like.

    8:00 am
    [SecureWorld PLUS] Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework
    • session level icon
    SecureWorld PLUS Registrants ONLY
    speaker photo
    Manager, Cyber and Information Security, Point32Health
    Registration Level:
    • session level iconSecureWorld Plus
    8:00 am - 9:30 am
    Location / Room: 203BC

    The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

    This innovative education and training program includes the following key elements:

    • An introduction to the key components of the NIST Cybersecurity Framework
    • How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy
    • An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications
    • How to use the framework to protect critical information assets
    • A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program
    • A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

    The class will help individuals and organizations acquire knowledge, skills and abilities to:

    • Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment
    • Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework
    • Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed
    • Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps
    • Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps
    • Identify required workforce skills and develop career pathways for improving skills and experience

    About the Instructor – Larry Wilson:

    • Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017
    • Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation
    • Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years
    • Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

    The program and its author have won the following industry awards:

    • Security Magazine’s Most Influential People in Security, 2016
    • SANS People Who Made a Difference in Cybersecurity Award, 2013
    • Information Security Executive (ISE) North America Program Winner for Higher Education, 2013
    8:30 am
    The Weaponization of AI
    • session level icon
    speaker photo
    Chair, Undergraduate Information Technology, Capella University
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Suite 3
    Although AI is being hailed as the new silver bullet for cyber defense, it is also the source of many fears as to its weaponization and use in the hands of cyber criminals and other malicious attackers. Risks include the creation and use of highly intelligent malware. Risks also include both the increasing autonomous nature of vehicles and others devices. This session will explore these risks and their potential impact on our society and world.
    8:30 am
    Branding Cybersecurity Awareness
    • session level icon
    speaker photo
    Cybersecurity Awareness Program Leader
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: Theater
    People have an affinity for brands and those who love using a given product or service will often promote those brands to others through word of mouth. When awareness programs are branded and executed correctly, employees are more engaged and will likely share information with their coworkers. This session will cover how branding your cybersecurity awareness program creates an opportunity to build trust with your users while influencing behaviors and the way they think about protecting information.
    8:30 am
    7 Ways to Boost InfoSec’s Influence (and Yours) by Communicating Differently
    • session level icon
    speaker photo
    Director of Media & Content, Podcast Host, SecureWorld
    Registration Level:
    • session level iconConference Pass
    8:30 am - 9:15 am
    Location / Room: 103

    Grow your personal influence, your leadership possibilities and move your InfoSec objectives forward (faster) by thinking differently about how you communicate. Whether your audience is the board, your team, or any part of the business, this session will help you and your communication stand out. Lead by a long-time TV reporter turned cybersecurity journalist who shares a framework for powerful communication you can implement immediately.

    8:30 am
    InfraGard Michigan Chapter Meeting
    • session level icon
    InfraGard Members Only
    speaker photo
    Connected Vehicle Cyber Security Technical Manager, Ford Motor Company
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 9:15 am
    Location / Room: Keynote Theater

    Join InfraGard for their chapter meeting.
    This session is for InfraGard members only.

    9:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    9:30 am
    OPENING KEYNOTE: Leveraging SDN Technology to Improve Enterprise Security
    • session level icon
    speaker photo
    Vice President, Marketing and Business Development, Pluribus Networks
    Registration Level:
    • session level iconOpen Sessions
    9:30 am - 10:15 am
    Location / Room: Keynote Theater
    With increasing numbers of high profile breaches, focusing on securing the perimeter is no longer sufficient. New traffic types and the proliferation of diverse end-points along with increased mobility and wireless access fuels a dramatic increase in untrusted traffic entering the network. In addition, the growth of multi-cloud environments and cloud services requiring access to Enterprise resources pose additional challenges. As mixed-use networks continue to grow and Internet of Things (IoT) traffic is introduced to the network, security organizations need a more dynamic approach to secure the increases of unsecure and untrusted traffic.

    Imagine being able to build a simple, automated and secure network overlay that empowers the enterprise with cloud-scale, elasticity and adaptability and enables independence from network operations. This session will discuss the evolution of Software-Defined Networking (SDN) technologies and explore how to leverage a dynamic SDN architecture to enable dynamic traffic segmentation, distributed policy enforcement, shared security services and increased operational intelligence to reduce risk, contain infiltrations and prevent attack proliferation.

    10:15 am
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:15 am
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    11:00 am
    Advisory Council Roundtable - (VIP / Invite Only)
    • session level icon
    Topic: Converging all Aspects of the Cybersecurity Operation (Electronic, Physical and Personnel) Under One Roof
    speaker photo
    Sr. Manager, Third-Party Risk, Raytheon Technologies
    Registration Level:
    • session level iconVIP / Exclusive
    11:00 am - 12:00 pm
    Location / Room: Boardroom

    This session is for Advisory Council members only.

    11:15 am
    [Radware] Cybersecurity Pushed to the Limit
    • session level icon
    speaker photo
    Security Evangelist, North America, Radware
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 103

    Throughout 2018 mainstream headlines highlighted cyber-attacks and security threats that included possible interference in the U.S. presidential election, worldwide malware outbreaks and the Equifax data breach. These and other high-profile events spurred greater cyber-defense investment by everyone from nation states and global corporations to individuals purchasing anti-malware solutions for personal devices. Yet even as investments increase so do threats, hacks and vulnerabilities. This session will help you understand these complex and challenging dynamics. Based on findings from Radware’s research and a global industry survey, the session will show real attack data and customer stories to paint a picture of where we are and what security professionals can do.

    Join the session to learn more about:
    • The threat landscape deep dive—the who, what and why of attacks
    • Potential impact on your business, including associated costs of different cyber-attacks
    • Critical attacks in the midst: DNS, IoT and risks lurking in the cloud
    • Emerging threats and how to protect against them
    • A look ahead – predictions and what to prepare for

    11:15 am
    So THIS is Cybersecurity! The Authoritative Definition of the Field From the People Who Know
    • session level icon
    speaker photo
    Professor and Director, Graduate Program, University of Detroit Mercy
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Suite 3
    The content of the field of cybersecurity is in the eye of the beholder. That’s a serious problem because failure to counter all potential avenues of attack, leaves you vulnerable to exploitation. Hence, the Societies that dictate the legitimate shape of computing, have come together to produce a single joint recommendation, which unifies the diverse elements of cybersecurity into a single commonly accepted definition. This talk will explain each of those areas and the specific contribution each brings to the party. JTF recommendations were formally rolled out this June and the Speaker was a former SME on that Taskforce.

     

    11:15 am
    Cyber Insurance: A Legal, Practical Look
    • session level icon
    speaker photo
    Founder & CEO, Ossian Law P.C.
    Registration Level:
    • session level iconConference Pass
    11:15 am - 12:00 pm
    Location / Room: Theater
    Considering purchasing cyber insurance? How and when could cyber insurance fill gaps or provide protection to your organization in the event of an incident? What steps should your organization need to take before securing cyber insurance? Information Technology Attorney Kathy Ossian will discuss these questions and walk through examples of cyber insurance clauses in relation to your organization’s overall information security plan.
    11:15 am
    Trend Micro: Cybercriminal Operations Revealed
    • session level icon
    speaker photo
    Director, Global Threat Communications, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 12:00 pm
    Location / Room: 105

    Today’s cybercriminals and the organizations they work in are set up to ensure they maximize both their breach success as well as their revenue.  Most criminal syndicates include a cyber arm today due to the amount of profits they can create from targeting business around the world.  In this session we’ll dive into how these organizations are set up, how they pick their targets, infection routines, and how they maximize their access within an organization’s network to maximize their ability to produce profit.  Please join us during this session as you will leave with a better understanding of how cybercriminals work.

    12:00 pm
    Advisory Council Lunch Roundtable - (VIP / Invite Only)
    • session level icon
    Topic: Protecting Your Company Data While Traveling Abroad-China?
    speaker photo
    AVP, Information Security, Amerisure Insurance
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 1:00 pm
    Location / Room: Boardroom

    This session is for Advisory Council members only.

    12:15 pm
    LUNCH KEYNOTE: Establishing Academic Programs and Career Pathways for the Cyber Workforce
    • session level icon
    speaker photo
    Manager, Cyber and Information Security, Point32Health
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: Keynote Theater
    As the former CISO for the University of Massachusetts, I have had many opportunities to interact with IT professionals, IT managers, business leaders and other management / operations personnel who would benefit with a baseline knowledge, skills and abilities in the Cybersecurity field. As we continue to move to a more digital / cloud based world, the need for advanced skills in cybersecurity will only increase. This presentation will focus on developing academic curriculum that meets the changing workforce needs as well as establishing career pathways for individuals who are interested in a career in cybersecurity.

     

    12:15 pm
    ISSA and (ISC)2 Joint Meeting
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Location / Room: The Lookout

    Interested in your local associations? Join ISSA and (ISC)2 for a social meet and greet and chapter news.

    1:15 pm
    Panel: Stopping the Attacks (Incident Response)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater

    Security teams are struggling to keep up with the myriad of attack vectors that exist. Future InfoSec professionals will take a more adversarial approach to incident response. Will we have artificial intelligence helping threat hunters squash attacks before they can do any significant damage on the network while alerting the authorities in real time? Can a true partnership form between organizations and law enforcement to share information? Join our experts as they discuss challenges modern security teams face and how we can build a better plan for tomorrow.
    Panelists:
    Phillip Maddux, Signal Sciences
    Steve Shalita, Pluribus Networks
    Jim Labiszak, FireEye
    David Sterns, baramundi
    Grant Moerschel, SentinelOne
    Matthew Aubert, Cisco

     

    1:15 pm
    Panel: Become Mentors for the Next Generation with the Michigan CyberPatriot Program
    • session level icon
    speaker photo
    Sr. Cybersecurity Researcher, GE Digital
    speaker photo
    CIS - Cybersecurity Program Lead, CyberPatriot Mentor, Henry Ford College
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Theater

    In this panel discussion you will learn how easy it is to help our industry seed the pipeline with qualified professionals by getting involved with the Michigan CyberPatriot Program.  Even if you only have 1 hour a month you can make a difference.  We will walk you thru the CyberPatriot program and how easy it is to help your school set-up team(s) and how to become a Mentor and/or Coach.  Then we will help you tap into State funding for your schools CyberPatriot program with the Michigan Department of Education’s Tech Plan 99K Grant and their current MEG account. CyberPatriot will be celebrating their 11th year as the top Middle School and High School national Cybersecurity Competition, join us to get into the game!

    1:15 pm
    Panel: Extortion-as-a-Service? (Ransomware and Beyond)
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Suite 3

    Remember when ransomware just seized up your computer and wanted you to send Bitcoin to unlock it? With the advances in cybercrime, the thieves are not only locking and encrypting your files, but they are also finding your dirty little secrets. You may not pay for the run of the mill files you have backed up, but you might be more inclined to pay even more to make sure no one finds out about you and a certain someone in accounting you are messaging. Or, what about all the credit card numbers you aren’t storing correctly? It would be a shame if your boss knew you were sending out resumes… Will these attacks also be available for purchase on the dark web?Join the discussion with our experts and come up with a plan to mitigate this problem.
    Panelists:
    Chris Olive, Thales
    Wolfgang Goerlich, cbi Secure
    Kierk Sanderlin, Check Point Security
    Mike Drummond, Carbon Black
    Rob Walk, Tenable

    2:15 pm
    Conference Break / Exhibitor Product Demonstration
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
    Location / Room: SecureWorld Exhibitor Floor

    Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

    2:30 pm
    Dash for Prizes & CyberHunt
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 2:45 pm
    Location / Room: SecureWorld Exhibitor Floor

    Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

    3:00 pm
    The Trials of a GRC Consultant in a State Government
    • session level icon
    speaker photo
    GRC Consultant, Comp-West, LLC
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: 105
    Working as a Compliance consultant can be trying if the company you are working for is concerned with One of the following standards; PCI, HIPAA, IRS 1075. Consider being a GRC consultant for a company that does all these plus FEDRAMP, FISMA, Criminal Justice, Corrections, and many more. This presentation will talk about how to approach a multi-compliance standard environment. Using knowledge gleaned from previous work to enable the company to meet their compliance concerns.

     

    3:00 pm
    Hackers Are Doing Things the Easy Way
    • session level icon
    speaker photo
    Sr. Manager, IT Security, BorgWarner
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Theater

    Companies are buying sophisticated new tools but are often overlooking the little things that are enabling hackers to live off the land and execute the same attacks they’ve been doing for years. We will discuss real examples of attacks and what can be done to prevent or mitigate.

    3:00 pm
    Presenting the State of Security and Cybersecurity Risk Management to the Board
    • session level icon
    speaker photo
    CISO, Meritor
    Registration Level:
    • session level iconConference Pass
    3:00 pm - 3:45 pm
    Location / Room: Suite 3
    There are industry standard tools and templates available to help you quantify and describe your organization’s State of Security and your Cybersecurity Risk Management Program—even for the smallest and youngest of programs.

    In this session, we will review an approach to create a comprehensive communication utilizing some of those tools and templates. We will discuss tactics for stakeholder engagement to drive a complete, accurate, and successful presentation, as well as a few speaking tips and tricks for communicating with Board-level stakeholders.

Exhibitors
  • ACP Michigan
    Booth: 208

    The Association of Continuity Professionals (ACP) is a non-profit trade association dedicated to fostering continued professional growth and development in effective Contingency & Business Resumption Planning. ACP is the recognized premier international networking and information exchange organization in the business continuity industry.

  • Agari
    Booth: 278

    Agari is transforming the legacy Secure Email Gateway with its next-generation Secure Email Cloud powered by predictive AI. Leveraging data science and real-time intelligence from trillions of emails, the Agari Identity Graph™ detects, defends and deters costly advanced email attacks including business email compromise, spear phishing and account takeover.

  • Allgress
    Booth: 308

    Allgress streamlines compliance by helping enterprise security and risk professionals assess, understand, and manage corporate risk.

    Allgress and AWS have joined forces to offer a way to establish clear mappings of common security frameworks. The result for regulated customers within the AWS Cloud will be minimized business impact, increased security effectiveness, and reduced risk

  • Avecto
    Booth: 282

    Avecto is a leader in Privilege Elevation and Delegation Management. Since 2008, the company has enabled over 8 million users to successfully work without admin rights, enabling many of the world’s biggest brands to achieve the balance between overlocked and underlocked environments.

    Avecto’s Defendpoint software has been deployed in the most highly regulated industries, enabling organizations to achieve compliance, gain operational efficiency and stop internal and external attacks.

    Defendpoint combines privilege management and application control technology in a single lightweight agent. This scalable solution allows global organizations to eliminate admin rights across the entire business – across Windows and Mac desktops and even in the data center.

    Actionable intelligence is provided by Defendpoint Insights, an enterprise class reporting solution with endpoint analysis, dashboards and trend data for auditing and compliance.

  • Automation Alley
    Booth: TBD

    Automation Alley is a nonprofit technology and manufacturing business association and Michigan’s Industry 4.0 knowledge center, with a global outlook and a regional focus. We connect industry, academia and government to fuel Michigan’s economy and accelerate innovation. We offer programs and services in business growth, entrepreneurship, talent development, defense and international business, providing resources and knowledge to help our members grow and prosper in the digital age.
    Our Mission
    The mission of Automation Alley is to position Michigan as a global leader in Industry 4.0 by helping our members increase revenue, reduce costs and think strategically during a time of rapid technological change.
    Our Vision
    Michigan is the leading applied technology and innovation state in the world.

  • baramundi software USA, Inc.
    Booth: 268

    baramundi Software provides companies and organizations with efficient, secure, and cross-platform management of workstation environments.

    The baramundi Management Suite (bMS) combines all important features for Endpoint Management: Patch Management, Software Deployment, OS-Installation, Enterprise Mobility Management, Vulnerability Assessment, and more. bMS optimizes IT management processes by automating routine tasks and providing an extensive overview of the status of the network and endpoints. In doing so, it relieves pressure on IT administrators and ensures that users always have the necessary rights and applications on all platforms and form factors; whether on PCs, servers, notebooks, mobile devices or Macs.

    Over 3,000 customers around the world benefit from nearly two decades of experience and the easy-to-use software solution.

  • Binary Defense
    Booth: 232

    Binary Defense is a managed security services provider and software developer with leading cybersecurity solutions that include SOC-as-a-Service, Managed Detection & Response, Security Information & Event Management, Threat Hunting and Counterintelligence. Binary Defense believes its unique approach resolves infosec’s biggest challenges such as limited in-house security expertise, lack of innovative resources and the significant budgetary and time investment required to ensure protection from today’s threats.

  • CA Technologies
    Booth: 304

    CA Technologies helps customers succeed in a future where every business— from apparel to energy— is being rewritten by software. With CA software at the center of their IT strategy, organizations can leverage the technology that changes the way we live— from the data center to the mobile device.

    Our business management software and solutions help our customers thrive in the new application economy by delivering the means to deploy, monitor and secure their applications and infrastructure. Our goal is to help organizations develop applications and experiences that excite and engage and, in turn, open up money-making opportunities for their businesses.

  • Carbon Black
    Booth: 298

    Carbon Black is Transforming Security Through Big Data and Analytics in the Cloud Growing trends in mobility and cloud have made the endpoint the new perimeter. New and emerging attacks are beating traditional defenses, and security teams are too reactive and held back by their technologies. Carbon Black is leveraging the power of big data and analytics to solve the challenges surrounding endpoint security. With the Cb Predictive Security Cloud platform, we are transforming cybersecurity to deliver a new generation of cloud-delivered security solutions designed to protect against the most advanced threats.

     

  • CBI
    Booth: 292

     

    CBI manages IT risk and ensures your data is secure, compliant, and available. No matter your industry our Subject Matter Experts, tailored assessments and custom solutions help safeguard your organization’s information. Our proven process helps you manage and navigate issues that can damage your business and reputation.

    For more than 20 years, our customers have come to rely on CBI as their trusted advisor to meet their unique needs with solutions from the best professionals in the industry. Our broad Subject Matter Expertise ensures we deliver on our promise to help defend and secure your network and endpoints; test and monitor areas of operational risk; and protect your data.

    We invite you to talk to usengage with us, and let us help generate the needed dialogue to plot the unique, tailored path to help ensure your data is secure, compliant and available.

  • Checkmarx Inc.
    Booth: 276

    Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

  • Check Point Software Technologies
    Booth: 228

    Check Point Software Technologies is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Cisco
    Booth: 274

    Cisco builds truly effective security solutions that are simple, open and automated. Drawing on unparalleled network presence as well as the industry’s broadest and deepest technology and talent, Cisco delivers ultimate visibility and responsiveness to detect more threats and remediate them faster. With Cisco, companies are poised to securely take advantage of a new world of digital business opportunities.

  • Comodo Cybersecurity
    Booth: 272

    In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

     

  • CyberArk Software
    Booth: 222

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Cylance
    Booth: 302

    Cylance® is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Our technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

  • Darktrace
    Booth: 212

    Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. Its self-learning AI is modeled on the human immune system and used by over 3,500 organizations to protect against threats to the cloud, email, IoT, networks, and industrial systems.

    The company has over 1,200 employees and headquarters in San Francisco and Cambridge, UK. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.

  • Duo
    Booth: 222

    Duo was founded with the belief that security can only be effective if it is easy to use. Through that vision, Duo has built a world-class security platform that is actually enjoyable to use. Duo supports thousands of customers and millions of users in organizations like Accenture, Boston Medical, Emblem Health, Facebook, Toyota, Twitter, Virginia Tech, Yelp and others, and enjoys the highest NPS score in the industry.

  • EC-Council
    Booth:

    International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

  • ECTF
    Booth:

    As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.

  • eSentire, Inc
    Booth: 218

    eSentire is the largest pure-play Managed Detection and Response (MDR) service provider, keeping organizations safe from constantly evolving cyber-attacks that technology alone cannot prevent. Its 24×7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business-disrupting events. Protecting more than $6 trillion in corporate assets, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.eSentire.com and follow @eSentire on Twitter.

  • ExtraHop
    Booth: 312

    ExtraHop is a force multiplier for IT teams struggling with increasing complexity. With the ExtraHop platform, organizations can regain control over the security and performance of their applications and infrastructure, and capitalize on their data analytics opportunity to improve business operations and results. Learn more at www.extrahop.com

  • FireEye
    Booth: 296

    FireEye (https://www.fireeye.com/) is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,100 customers across 67 countries, including more than 45 percent of the Forbes Global 2000.

  • Fortinet
    Booth: 220

    Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

  • Gemalto
    Booth: 280

    Today’s enterprises depend on the cloud, data and software to make decisive decisions. That’s why the most respected brands and largest organizations in the world rely on Thales to help them protect their most sensitive information and software wherever it is created, accessed or stored – from the cloud and data centers to devices and across networks. As the global leader in cloud and data protection, our solutions enable organizations to move to the cloud securely, achieve compliance with confidence, and create more value from their software in the devices and services used by millions of consumers every day.

  • Gigamon
    Booth: 216

    Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realize the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, nine of the 10 largest mobile network providers, and hundreds of governments and educational organizations worldwide. To learn more, please visit gigamon.com. 

  • GuidePoint Security LLC
    Booth: 284

    GuidePoint Security LLC provides innovative and valuable cyber security solutions and expertise that enable organizations to successfully achieve their mission. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: http://www.guidepointsecurity.com

  • HTCIA Michigan
    Booth: 204

    We are the Michigan chapter of the worldwide High Technology Crime Investigation Association. Our membership consists of people from the private and public sectors. We have members from the U.S. Attorney’s Office, The State of Michigan, FBI, Treasury, and Customs. We also have members who represent cities, counties and townships, as well as universities and law enforcement.

  • IBM
    Booth: 252

    Digital is the wires, but digital intelligence, or artificial intelligence as some people call it, is about much more than that. This next decade is about how you combine those and become a cognitive business. It’s the dawn of a new era.

  • InfraGard Michigan
    Booth: 202

    InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. With thousands of vetted members nationally, InfraGard’s membership includes business executives, entrepreneurs, military and government officials, computer professionals, academia and state and local law enforcement; each dedicated to contributing industry specific insight and advancing national security.

  • ISC2 Greater Detroit
    Booth: 206

    ISC2 is consists of over 80,000 members worldwide. Our chapter program provides members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resource and educational programs to keep our members informed of the latest advances in technology and techniques. The Greater Detroit chapter was been established in 2012 to help bring together local professionals. Our members consist of ISC2 credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification.

  • ISACA Detroit
    Booth: 306

    Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Detroit area.

  • ISSA Motor City
    Booth: 210

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals. The Motor City chapter is located in the automotive capital of the United States, Detroit, MI. Our chapter is committed to educating, consulting, advising, and overall improving information security for our technology infrastructures.

  • Ixia, a Keysight Business
    Booth: 310

    We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

  • Malwarebytes
    Booth: 224

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.

  • Merit
    Booth: 200a/b

    Merit Network is a non-profit, member-owned organization governed by Michigan’s public universities. Founded in 1966, Merit owns and operates America’s longest-running regional research and education network. After 50 years of innovation, Merit continues to provide high-performance services to the educational communities in Michigan and beyond.

    Merit continues to leverage its experience managing NSFNET, the precursor to the modern Internet, to catapult Michigan into the forefront of networking technologies. Through Merit, organizations have access to leading-edge network research, state and national collaborative initiatives and international peering.

  • Mimecast
    Booth: 258

    Mimecast empowers our customers to help mitigate risk and manage complexities across a threat landscape driven by cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today.

  • Mobile Technology Association of Michigan
    Booth:

    The Mobile Technology Association of Michigan (MTAM) is a non-profit trade association for Michigan’s mobile/wireless (connected) technologies industry, businesses that provide these technologies, and the businesses – in all industries – that use these technologies. We are the first state-based mobile/wireless (connected) technologies trade association in the U.S. and we are focused on increasing demand for Michigan-based mobile/wireless technology products and services within the state, nationally and globally, thereby generating increased entrepreneurial and enterprise-level opportunities and creating sustainable jobs in Michigan.

  • Netskope
    Booth: 240

    The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

  • Nexum
    Booth: 216

    Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio, and Wisconsin, as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.

  • Okta
    Booth: 294

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Optiv
    Booth: 246

    Optiv is a security solutions integrator delivering end-to-end cybersecurity solutions that help clients maximize and communicate the effectiveness of their cybersecurity programs. Optiv starts with core requirement of every enterprise—risk mitigation—and builds out from there with strategy, infrastructure rationalization, operations optimization, and ongoing measurement. Learn more at https://www.optiv.com.

  • Pluribus Networks
    Booth: 262

    Pluribus Networks delivers a programmable software-defined security fabric with a distributed architecture to integrate and orchestrate multiple security functionalities for internal security protections. The Fabric enables establishing a transparent and secure control layer to segment and control all traffic across the enterprise independent of the underlying physical network infrastructure. The Fabric enables network virtualization and segmentation with adaptive security policies, enables security service insertion and provides real-time visibility to identify emerging threats and speed cyber incident response.

  • Proofpoint
    Booth: 214

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Qualys, Inc.
    Booth: 250

    Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions with over 9,300 customers in more than 120 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance and protection for IT systems and web applications on premises, on endpoints and elastic clouds. Founded in 1999 as one of the first SaaS security companies, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL Technologies, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance. For more information, please visit www.qualys.com.

  • Radware
    Booth: 248

    Radware® (NASDAQ: RDWR) is a global leader of cybersecurity and application delivery solutions for physical, cloud and software-defined data centers (SDDC). Our award-winning solutions portfolio secures the digital experience by providing infrastructure, application and corporate IT protection, and availability services to enterprises globally. Our solutions are deployed by, among others, enterprise customers, carriers, and cloud service providers.

  • Rapid7
    Booth: 256

    Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.

  • RSA a Dell Technologies Company
    Booth: 244

    RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions.  With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.

  • Securonix
    Booth: 230

    Securonix is redefining threat detection and response for today’s hybrid cloud, data-driven enterprise. Securonix Next-Gen SIEM and XDR are powered by the most advanced analytics and built on a scalable, flexible cloud native architecture. Securonix leverages behavioral analytics technology that pioneered the UEBA category to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats.

  • SentinelOne
    Booth: 234

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • Signal Sciences
    Booth: 238

    Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform. Built by practitioners, for practitioners, it is the only solution that works seamlessly across any cloud and infrastructure.  The company is headquartered in Culver City, CA. For more information, please visit www.signalsciences.com.

  • Skybox Security
    Booth: 304

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • Splunk
    Booth: 284

    You see servers and devices, apps and logs, traffic and clouds. We see data—everywhere. Splunk® offers the leading platform for Operational Intelligence. It enables the curious to look closely at what others ignore—machine data—and find what others never see: insights that can help make your company more productive, profitable, competitive and secure. What can you do with Splunk?
    Just ask.

  • Symantec
    Booth: 290

    Symantec is the world’s leading cyber security company. Organizations worldwide look to Symantec for strategic, integrated solutions to defend against sophisticated attacks, and more than 50 million people rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home. For more information, please visit www.symantec.com.

  • TechTarget
    Booth: TBD

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: 226

    Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

  • Thales
    Booth: 254

    As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

  • Tools4ever
    Booth: 300

    Tools4ever is one of the largest vendors in Identity Governance & Administration (also known as Identity & Access Management) with more than 5 million managed user accounts.

    Since 1999 Tools4ever has developed and delivered several software solutions and consultancy services such as User Provisioning, Downstream Provisioning, Workflow Management, Employee Self-Service and Access Governance (RBAC). In the area of Password Management, Tools4ever offers Single Sign-On and Self-Service Password Reset among others.

    Tools4ever’s Identity Governance & Administration (IGA) solutions are installed in organizations from various sectors ranging in size from 300 to over 200,000 user accounts.

  • Trend Micro
    Booth: 264

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • TrustedSec
    Booth: 232

    TrustedSec is a leader in attack intelligence and security advisory services. Our team of highly talented, skilled, senior consultants sets us apart from other commodity-service security companies. We form partnerships with our number one goal to help you holistically improve your security program. You’ll find that working with us amounts to more than “just another engagement”—it’s establishing an understanding with your organization, and working to make you more secure, and better as a whole.

     

  • Walsh College
    Booth:

    At Walsh College, we blend business theory and real-world experience to deliver educational programs that boost career success. Our faculty are not only dedicated teachers, but also business professionals who integrate their experience into what you learn in class. Administrative staff deliver personal service in a professional learning environment.

    Founded in 1922 and celebrating more than 90 years of business education, we offer 16 business and related technology degree programs at the bachelor’s and master’s levels that are responsive to student, employer, and community needs. Walsh is a private, not-for-profit institution offering courses and services at locations in Troy, Novi, Clinton Township, Port Huron, and online.

  • Wombat Security Technologies
    Booth: 270

    Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS cyber security education solution includes a platform of integrated broad assessments, and a library of simulated attacks and brief interactive training modules, to reduce employee susceptibility to attack, even phishing attacks, over 80%.

  • Zscaler
    Booth: 236

    Zscaler’s Cloud-delivered security solution provides policy-based secure internet access for any employee, on any device, anywhere. Our proxy and scanning scalability ensures ultra-low latency in a 100% SaaS security solution requiring no hardware, software or desktop all while providing complete control over security, policy and DLP.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Ken Piggott
    Program Director, Baker College of Auburn Hills
  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Co-Presenter: Joseph Szmadzinski
    CEO, IT Management Resources

    Joseph R. Szmadzinski has served as interim and permanent CIO (over 12 times) or as an advisor to the chief executive teams/ officers to troubleshoot, restructure, and manage client systems during turnaround, growth, and profit improvement efforts. Joe has served clients in a wide variety of industries, including financial services, transportation, consumer products, manufacturing, airlines, and retail. He is a leading and frequent speaker and writer on current technologies, including cloud, security, mobility, and big data.

    Joe recently served as CIO of Methanex, Daymon, Surgical Care Affiliates, Polar Industries, Barr Pharmaceuticals/Laboratories (2006-8), Hayes Lemmerz (2005), and Champion Enterprises (2003-4), where he rationalized the financial and operating systems, consolidated and directed the IT groups, and assisted the companies in locating a permanent CIO.

    He also held the position of IT Restructuring Officer and Deputy CIO during the Turnaround of Worldcom (now MCI). Previous assignments include performing as the interim CIO for GMAC, GeoLogistics, Ryder System, Deutsche Telecom (in Germany), Hayes-Lemmerz, Budget Group and IFCO Systems, Inc. He served in most these roles while the lead Principal at AlixPartners, a leading global turnaround and transformation firm.

    Joe is also a former Consulting Partner and Practice Lead at both KPMG and PwC. He began his career over thirty years ago with EDS. He hails from Michigan with an undergraduate in Physics from Grand Valley State University and University of Michigan for his MBA. He is a Fellow of the American Institute of Industrial Engineers and APICS.

  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Manager, Cyber and Information Security, Point32Health

    Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Chad Childers, Moderator
    Automotive Solutions Director, Sec eDGE

    Internationally recognized security thought leader. Expert on Threat Modeling, IoT Security, Threat Analysis and Risk Assessment (TARA), Cryptography, Application Security, and Agile Development Security.

    Chad is a voting member of SAE Vehicle Cybersecurity Committee TEVEES18A that shapes the future of automotive security and leading a TARA standardization sub-committee.

  • speaker photo
    Charles Parker II
    Cybersecurity Lab Engineer, Thomas Edison State University

    Charles Parker, II has been in the computer science/InfoSec industry for over a decade in working with medical, sales, labor, OEM and Tier 1 manufacturers, and other industries. Presently, he is a Cybersecurity Lab Engineer at a Tier 1 manufacturer and professor. To further the knowledge base for others in various roles in other industries, he published in blogs and peer reviewed journals. He has completed several graduate degrees (MBA, MSA, JD, LLM, and PhD (ABD)), completed certificate programs in AI from MIT and other institutions, and researches AI’s application to InfoSec, FinTech, and other areas, and is highly caffeinated.

  • speaker photo
    Dan Collins
    Security Technical Solutions Architect, Cisco

    Dan Collins is a Security Technical Solutions Architect for Cisco Systems. Dan has over 25 years in the Information Security industry, including nine of those years serving in the United States Air Force, focusing on Information Security.

  • speaker photo
    David Barton
    Managing Director, UHY Consulting

    David Barton is a Managing Director with UHY Consulting and practice leader of the Technology, Risk, and Compliance practice, which provides cybersecurity consulting and compliance services focused around information technology. He has over 30 years of practical experience in information systems and technology risk and controls.
    David is frequently asked to speak at national and regional events, such as SecureWorld and the Cloud Security Alliance Congress. He is the primary author of the CSA position paper on AICPA Service Organization Control Reports. He regularly provides his input and opinions for national publications such as Compliance Week, Accounting Today, and the Atlanta Journal Constitution.
    David holds an MBA and BS in Business Administration from Appalachian State University. He is Certified in Risk and Information Systems Control (CRISC), received the Certified Information Systems Auditor (CISA) designation in 1988, and is a member of the Atlanta chapter of the Cloud Security Alliance. David has active civic memberships with the Atlanta chapter of the Porsche Club of America and the Tire Rack Street Survival® program for teen driver education. He is also a certified high-performance driving instructor and former Porsche Club racer.

  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Michael Muha, PhD, CISSP, CISM, CIPM, Certified GDPR Practitioner
    Chief Information Security & Privacy Officer, WorkForce Software

    Mike drove the global expansion of WorkForce Software’s cloud-based workforce management products from one data center to eight across the US, Europe, Canada, and Australia, and directed all compliance efforts (starting with SAS 70 and moving onto SOC 1, ISAE 3402, SOC 2, ISO 27001 certification, and EU-US Privacy Shield certification). Having led the company’s GDPR journey, he’s currently implementing a “Personal Information Management System” and additional global security controls to protect company and customer data.

  • speaker photo
    Jonathan Lange
    Executive Manager, baramundi software USA, Inc.

    Jonathan Lange is sales manager for baramundi software USA, Inc. in the US market. Having advised customers in various countries from small businesses to global enterprises, he is well aware of the challenges IT departments face today in order to keep their infrastructure up-to-date, safe and efficient.

  • speaker photo
    Steven F. Fox
    Deputy CISO, State of Washington

    Steven F. Fox provides security guidance to ensure risk-informed compliance with federal standards and requirements as a Deputy CISO for the State of Washington. He brings a cross-disciplinary, international perspective to the practice of information security, combining his experience as a security consultant, an IT Audit leader, and a systems engineer with principles from behavioral/organizational psychology to address security challenges.

  • speaker photo
    Zee Abdelnabi
    Advisory Manager / Security Researcher, Deloitte

    Zee is a security researcher and a manager experienced in managing large, complex global teams that focus on: advanced penetration testing, connected car security, SIEM, vulnerability management, threat modeling, and mobile security. Zee is an active security community member.

  • speaker photo
    Sanur Sikdar
    Technical Specialist Manager, Deloitte

    Sanur is experienced in enterprise and solution architecture, security architecture and design, cloud architecture, threat modeling, Secure DevOps, application development, software testing, and connected vehicle security.

  • speaker photo
    Paul Groll
    Director of Cloud Services and Research, Department of Technology, Management, and Budget, State of Michigan

    Paul Groll is a dislodged UP'er and a recovering coral reef theoretical ecologist. At some point, he got roped into a broad array of computer-related research projects at both the University of Hawaii (1984) and Michigan State University (1981, 1990). SCUBA tanks are heavy, so he eventually switched fields and moved into computer science (hey, floppy disks). He worked for many years at MSU, focusing on scientific and engineering computing, and also built up a software and network consulting firm, working throughout Michigan and Ohio.

    After joining the State in the 90s, Mr. Groll has worked in nearly every facet of IT, including running a data center, firewalls, agency services, software design and development, secure medical data messaging, Enterprise Information Management, Data Architecture, and more recently, Big Data, Cloud Computing, and Analytics.

    Through all this, his passion remains cybersecurity, in which he holds a number of professional certifications. He continues to consult, travel, and lecture on a range of technical and scientific topics, reads extensively about cybercrime and Number Theory, and throws spinning things into the air for Kai The Wonderdog.

  • speaker photo
    Kurt Wescoe
    Chief Architect, Wombat Security, a division of Proofpoint

    As Chief Architect at Wombat Security, Kurt is responsible for ensuring Wombat's software and systems are built on a sound foundation. He brings over 10 years of experience in engineering, across multiple industries. He also serves as a faculty member in the School of Computer Science’s master’s program in e-Business at Carnegie Mellon University. Kurt earned his M.Sc. in E-Commerce from CMU, and a B.S. in Computer Engineering from the University of Pittsburgh.

  • speaker photo
    Stephanie Scheuermann
    Technical Leader, Cyber Threat Intelligence, Ford Motor Company; President, Michigan InfraGard Members Alliance
  • speaker photo
    Ron Winward
    Security Evangelist, North America, Radware

    As a Security Evangelist at Radware, Mr. Winward is responsible for developing, managing, and increasing the company’s security business in North America.
    Ron’s entire career has been deeply rooted in internet and cybersecurity. For over 20 years, Ron has helped design complex solutions for carriers, enterprises, and cybersecurity providers around the world.
    Ron is an industry-recognized expert in the Mirai IoT botnet and its modern variants. Ron conducted the industry’s first complete analysis of the Mirai attack vectors, producing forensic examples for public distribution of each attack and the specific impact each attack had on networks. His work on IoT attack analysis has been presented at conferences worldwide and has been referenced by NIST.
    Prior to joining Radware, Ron was Director of Network Engineering for a global datacenter provider and ISP. In this role, Ron oversaw the growth and development of a global network infrastructure that delivered services to other ISPs, hosting providers, and enterprises around the world. During this time, Ron assisted some of the world’s top businesses in mitigating cyberattacks on their infrastructure, cultivating an extensive knowledge in DDoS attack methodologies.
    Ron holds a Bachelor of Science degree in Business and has earned many technical certifications throughout his engineering-focused career. Ron acutely understands the impact of technology and security on business and is enthusiastic about their interrelation.

  • speaker photo
    J. Wolfgang Goerlich
    Advisory CISO, Duo Security, Cisco

    J. Wolfgang Goerlich is an active part of the Michigan security community. He hosts a YouTube video series and the Encode/Decode Security podcast. Wolfgang regularly advises on and presents on the topics of risk management, incident response, business continuity, secure development life cycles, and more.

    Prior to his current role, Wolfgang led IT and IT security in the healthcare and financial services verticals. He has held VP positions at several consulting firms, leading advisory and assessment practices. He is an active part of the security community, and regularly advises on and presents on the topics of security architecture and design.

  • speaker photo
    Moderator: Kristin Judge
    CEO & President, Cybercrime Support Network

    Kristin Judge founded the nonprofit Cybercrime Support Network in 2017 to be a voice for cybercrime victims. She's a national speaker, sharing cybersecurity best practices with elected officials, businesses, and consumers. She's appeared on the C-SPAN Network and local news outlets, and been called on by numerous technology publications, to share advice for online safety. Previously at MS-ISAC and National Cyber Security Alliance, she worked as a "technology interpreter" helping nontechnical people become more secure. Kristin was an SC Media "Women in IT Security Influencer" in 2017, and authored the LinkedIn course, "Cybersecurity for Small and Medium Businesses: Essential Training."

  • speaker photo
    Brandon Reid
    Sales Engineer, Mimecast

    Mimecast Enterprise Sales Engineer with over 12 years’ experience in Information Technology and Security. Brandon has spent the better part of his career helping enterprise customer identify, architect and deploy cloud solutions. Most recently, he is focused on Mimecast’s enterprise customers in the Midwest. His goal is to ensure his customers have a comprehensive Cyber Resilience for Email strategy, that allows them to protect their end-users from email-born attacks, maintain availability of their services during disruptions, then remediate and recover their services after.

  • speaker photo
    Michael Muha, PhD, CISSP, CISM, CIPM, Certified GDPR Practitioner
    Chief Information Security & Privacy Officer, WorkForce Software

    Mike drove the global expansion of WorkForce Software’s cloud-based workforce management products from one data center to eight across the US, Europe, Canada, and Australia, and directed all compliance efforts (starting with SAS 70 and moving onto SOC 1, ISAE 3402, SOC 2, ISO 27001 certification, and EU-US Privacy Shield certification). Having led the company’s GDPR journey, he’s currently implementing a “Personal Information Management System” and additional global security controls to protect company and customer data.

  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Co-Presenter: Joseph Szmadzinski
    CEO, IT Management Resources

    Joseph R. Szmadzinski has served as interim and permanent CIO (over 12 times) or as an advisor to the chief executive teams/ officers to troubleshoot, restructure, and manage client systems during turnaround, growth, and profit improvement efforts. Joe has served clients in a wide variety of industries, including financial services, transportation, consumer products, manufacturing, airlines, and retail. He is a leading and frequent speaker and writer on current technologies, including cloud, security, mobility, and big data.

    Joe recently served as CIO of Methanex, Daymon, Surgical Care Affiliates, Polar Industries, Barr Pharmaceuticals/Laboratories (2006-8), Hayes Lemmerz (2005), and Champion Enterprises (2003-4), where he rationalized the financial and operating systems, consolidated and directed the IT groups, and assisted the companies in locating a permanent CIO.

    He also held the position of IT Restructuring Officer and Deputy CIO during the Turnaround of Worldcom (now MCI). Previous assignments include performing as the interim CIO for GMAC, GeoLogistics, Ryder System, Deutsche Telecom (in Germany), Hayes-Lemmerz, Budget Group and IFCO Systems, Inc. He served in most these roles while the lead Principal at AlixPartners, a leading global turnaround and transformation firm.

    Joe is also a former Consulting Partner and Practice Lead at both KPMG and PwC. He began his career over thirty years ago with EDS. He hails from Michigan with an undergraduate in Physics from Grand Valley State University and University of Michigan for his MBA. He is a Fellow of the American Institute of Industrial Engineers and APICS.

  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Manager, Cyber and Information Security, Point32Health

    Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Happy Hour
  • speaker photo
    Thornton May
    Futurist, Author & Professor, Named "One of the top 50 brains in technology today" by Fast Company

    Thornton is one of America’s premier executive educators, designing and delivering high impact curricula at UCLA, UC-Berkeley, Arizona State University, The Ohio State University, Harvard University, the University of Kentucky, Babson, and the Olin College of Engineering. His programs mine the knowledge of the audience delivering practical insights in an engaging and interactive manner.

    As a futurist, Thornton writes columns on technology for three leading publications, researches at four think tanks, and advises major organizations and government agencies on how to think differently about technology—all the while conducting seminal anthropological field research into technology-use behaviors of the various tribes comprising modern society.

    No stranger to the risk and infosec tribe, Thornton has written for CSO Magazine and frequently advises, lectures, and always learns from professionals in the various agencies of the American intelligence community. In a previous life, Thornton served as the Chief Awareness Officer (CAO) for one of the world’s first managed security services firm.

    Thornton brings a scholar's patience for empirical research, a second-to-none gift for storytelling, and a stand-up comedian’s sense of humor to his audiences. His recent book, "The New Know: Innovation Powered by Analytics," examines the intersection of the analytic and IT tribes.

    The editors at eWeek honored Thornton, including him on their list of Top 100 Most Influential People in IT. The editors at Fast Company labeled him "one of the top 50 brains in technology today."

  • speaker photo
    Co-Presenter: Joseph Szmadzinski
    CEO, IT Management Resources

    Joseph R. Szmadzinski has served as interim and permanent CIO (over 12 times) or as an advisor to the chief executive teams/ officers to troubleshoot, restructure, and manage client systems during turnaround, growth, and profit improvement efforts. Joe has served clients in a wide variety of industries, including financial services, transportation, consumer products, manufacturing, airlines, and retail. He is a leading and frequent speaker and writer on current technologies, including cloud, security, mobility, and big data.

    Joe recently served as CIO of Methanex, Daymon, Surgical Care Affiliates, Polar Industries, Barr Pharmaceuticals/Laboratories (2006-8), Hayes Lemmerz (2005), and Champion Enterprises (2003-4), where he rationalized the financial and operating systems, consolidated and directed the IT groups, and assisted the companies in locating a permanent CIO.

    He also held the position of IT Restructuring Officer and Deputy CIO during the Turnaround of Worldcom (now MCI). Previous assignments include performing as the interim CIO for GMAC, GeoLogistics, Ryder System, Deutsche Telecom (in Germany), Hayes-Lemmerz, Budget Group and IFCO Systems, Inc. He served in most these roles while the lead Principal at AlixPartners, a leading global turnaround and transformation firm.

    Joe is also a former Consulting Partner and Practice Lead at both KPMG and PwC. He began his career over thirty years ago with EDS. He hails from Michigan with an undergraduate in Physics from Grand Valley State University and University of Michigan for his MBA. He is a Fellow of the American Institute of Industrial Engineers and APICS.

  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Manager, Cyber and Information Security, Point32Health

    Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Barbara L. Ciaramitaro
    Chair, Undergraduate Information Technology, Capella University

    Dr. Barbara L. Ciaramitaro is the Chair of the Undergraduate Information Technology program at Capella University. She has taught graduate and undergraduate courses on a variety of topics including cybersecurity, emerging technology, complex systems dynamics, software engineering and project management. Dr. Ciaramitaro is a frequent speaker and author on cybersecurity, current technology issues, business intelligence, data and decision-making, and cyber physical systems. She has authored and edited books on quality assurance, virtual world technologies, mobile technology, privacy, security, social engineering and forensics.

  • speaker photo
    Victoria Thomas
    Cybersecurity Awareness Program Leader

    Victoria L. Thomas is an award-winning senior leader with talent for designing, developing and implementing world-class, global cybersecurity awareness programs. With nearly 10 years experience, she brings a strong creative perspective to the field and provides practical solutions that not only build awareness, but also cultivate advocacy and foster behavioral change. Her unique blend of marketing strategies, corporate communications and change management have led to increased visibility and employee commitment for major companies, including Kimberly-Clark Corporation, General Motors, Ally Financial, and other Fortune companies. She has an undergraduate degree in Communications/Public Relations from University of Michigan, graduate degree from Eastern Michigan University in Integrated Marketing Communications, and is a Prosci® Certified Change Practitioner.

  • speaker photo
    Bruce Sussman
    Director of Media & Content, Podcast Host, SecureWorld

    Emmy-winning journalist Bruce Sussman spent more than 20 years on TV screens in Portland, Oregon. During his "second career," he became fascinated by cybersecurity while working with CISOs at Gartner. He joined SecureWorld in 2017 to help grow its media division. Currently, he hosts the Remote Sessions daily web conference series and SecureWorld podcast published each Tuesday, and oversees news content for secureworldexpo.com. Sussman graduated from the University of Missouri School of Journalism back in the dark ages. Message him on LinkedIn if you'd like to connect!

  • speaker photo
    Michael Westra
    Connected Vehicle Cyber Security Technical Manager, Ford Motor Company

    Michael Westra is the Connected Vehicle Cyber Security Technical Manager at Ford Motor Company focused on cybersecurity for connectivity into vehicles and connected technology, including embedded modems, infotainment, cloud, and mobile systems. Mike has 20 years at Ford, with roles including leading software architect for SYNC, Solution Architect for Security IT projects, leading a software team developing supercomputer engineering modeling applications, and various software development roles. Mike has over 20 patents issued or in various stages of filing. He has a MS from University of Michigan in Software Engineering and a BS from Calvin College in Computer Science.

  • speaker photo
    Steven Shalita
    Vice President, Marketing and Business Development, Pluribus Networks

    Steven Shalita has 20+ years of technology experience across the Enterprise, Cloud and Service Provider technology segments. He has market and technology expertise spanning across Cybersecurity, network security, forensics, SDN/NFV, and IT infrastructure. He has spent a considerable amount of time in the performance monitoring marker and was a key evangelist for adapting network monitoring technology for security use cases to identify zero-attacks. Steven is currently Vice President at Pluribus Networks and is a frequent featured speaker at leading industry events. He has held senior technology marketing leadership positions at NetScout, Check Point Software Technologies, Alcatel-Lucent, Cisco, and HP Networking.

  • speaker photo
    Mary Rowley
    Sr. Manager, Third-Party Risk, Raytheon Technologies

    Mary’s several years of leadership experience encompasses many areas of cybersecurity with a focus on IT risk management, IT audit, security awareness training, vulnerability management and incident response. Her extensive information security background includes working at Henry Ford Health System, Comerica Bank, WorkForce Software, Learning Care Group and most recently, Raytheon Technologies, where she continues to build and mature the company’s Cyber 3rd party risk program. Mary is a graduate from Walsh College with a Master’s degree in Business Information Technology, Information Assurance and holds several certifications including CISSP, CISA and CRISC.

  • speaker photo
    Ron Winward
    Security Evangelist, North America, Radware

    As a Security Evangelist at Radware, Mr. Winward is responsible for developing, managing, and increasing the company’s security business in North America.
    Ron’s entire career has been deeply rooted in internet and cybersecurity. For over 20 years, Ron has helped design complex solutions for carriers, enterprises, and cybersecurity providers around the world.
    Ron is an industry-recognized expert in the Mirai IoT botnet and its modern variants. Ron conducted the industry’s first complete analysis of the Mirai attack vectors, producing forensic examples for public distribution of each attack and the specific impact each attack had on networks. His work on IoT attack analysis has been presented at conferences worldwide and has been referenced by NIST.
    Prior to joining Radware, Ron was Director of Network Engineering for a global datacenter provider and ISP. In this role, Ron oversaw the growth and development of a global network infrastructure that delivered services to other ISPs, hosting providers, and enterprises around the world. During this time, Ron assisted some of the world’s top businesses in mitigating cyberattacks on their infrastructure, cultivating an extensive knowledge in DDoS attack methodologies.
    Ron holds a Bachelor of Science degree in Business and has earned many technical certifications throughout his engineering-focused career. Ron acutely understands the impact of technology and security on business and is enthusiastic about their interrelation.

  • speaker photo
    Daniel Shoemaker
    Professor and Director, Graduate Program, University of Detroit Mercy

    Daniel P. Shoemaker, PhD, is a Full Professor and Director of the Graduate Program in Cybersecurity at the University of Detroit Mercy, where he has worked for over 35 years. He has retired from his administrative position as Department Chair, PI for the NSA Center and Subject Matter Expert for DHS and NIST. He is enjoying more time with his students and writing. He has published over 200 cybersecurity papers and articles as well as this list of books:
    • Cybersecurity “The Essential Body of Knowledge”
    • “The CSSLP Certification All-in-One Exam Guide”
    • Cybersecurity “Engineering a More Secure Software Organization”
    • “A Guide to the National Initiative for Cybersecurity Education (NICE) Framework: The Complete Guide to Cybersecurity Risk & Controls in Cyber Security”
    • ”Implementing Cybersecurity: A Guide to the NIST Risk Management Framework”,
    • “Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Product”
    • “How to Build A Cyber Resilient Organization”
    • “The Complete Guide to Cybersecurity Risks and Controls”
    • Information Assurance for the Enterprise: A Roadmap to Information Security”
    • “The Cybersecurity Body of Knowledge”
    • “The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity”

  • speaker photo
    Kathy Ossian
    Founder & CEO, Ossian Law P.C.

    Kathy Ossian is Founder and CEO of Ossian Law, P.C., a firm focused exclusively on Information Technology Law. Kathy has practiced for 35 years; over 22 in Information Technology law. She is a frequent author and speaker on timely IT law topics and the Managing Editor of “Social Media and the Law” published by PLI. Kathy is also an Adjunct Faculty Member at Oakland University and the University of Detroit Mercy Law School. She has been named for many years as a Best Lawyer in America and a Michigan Super Lawyer in information technology law.

  • speaker photo
    Jon Clay
    Director, Global Threat Communications, Trend Micro

    Jon Clay has worked in the cybersecurity space for over 21 years. He is responsible for managing marketing messages and external publication of all the threat research and intelligence within Trend Micro as well as different core technologies. As an accomplished public speaker with hundreds of speaking sessions around the globe, Jon focuses on the threat landscape and the use of big data in protecting against today’s sophisticated threats. Jon is also a volunteer speaker for the Trend Micro Internet Safety for Kids and Families program.

  • speaker photo
    Bob Bacigal
    AVP, Information Security, Amerisure Insurance

    Bob Bacigal is the Assistant Vice President of Information Security at Amerisure Insurance. He has over 30 years of experience in information security management, risk management, incident response, disaster recovery, and business continuity planning. Prior to joining Amerisure, he held security management positions with Great Lakes BanCorp, the Federal Reserve Bank of Chicago, and Delphi Corporation. Bob is an active member of the InfoSec community and has served as President and Chairman of the InfraGard Michigan Members Alliance (IMMA) and is currently serving on its Board of Directors. He is an active member of the State of Michigan CSO Kitchen Cabinet, Detroit CISO Executive Council Governing Body, and the SecureWorld Detroit Advisory Council. Bacigal earned his bachelor’s degree in Criminology form Eastern Michigan University and is both a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM).

  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Manager, Cyber and Information Security, Point32Health

    Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Chris Sorensen
    Sr. Cybersecurity Researcher, GE Digital

    Chris Sorensen has been in the IT industry for over 30 years practicing a wide range of specialties in multiple industries. He started in the Defense industry as a system administrator and developer before progressing to the Education sector where he taught system administration and security. From there he moved into the Automotive world where he started to focus on security full time performing forensics and eDiscovery. He moved to his current company 10 years ago to continue leading investigations, incident response, and eDiscovery in the Global Corporate and Financial sectors. He also ran a very successful Security Awareness program for 5 years, before transitioning into the Power business to mentor application developers who were implementing a secure SDLC. He is currently a global manager for Security Awareness, Training, and Education at GE Digital. In his spare time, he teaches High School AP Computer Science and is an Adjunct Instructor at the University of Detroit Mercy teaching the Cybersecurity Masters Program.

  • speaker photo
    Marrci Conner
    CIS - Cybersecurity Program Lead, CyberPatriot Mentor, Henry Ford College

    Marrci has been a Full-time Faculty member of Henry Ford College for the past 10 years. She has over 15 years’ experience as an IT Professional specializing in computer Security. She currently teaches computer programming, digital forensics and cybersecurity courses. Her educational background includes a Bachelor's degree in Business Information Systems from the University of Detroit-Mercy and a Master's in Business Administration/Information Assurance from Walsh College. She holds a Computer Information Systems Security Profession (CISSP) and CompTia Network+ certifications. Her favorite quote is: I don’t know if students will remember everything I taught them but I hope they remember how I made them feel about computer & cybersecurity!

  • speaker photo
    Clark R. Crain
    GRC Consultant, Comp-West, LLC

    I have been a CISSP for more that 19 years, CISM for more that 14, and a CRISC for more that 7. I have worked as a compliance consultant for PCI, HIPAA-HITECH, NERC, NRC and others.

  • speaker photo
    Ryan Mostiller
    Sr. Manager, IT Security, BorgWarner

    Ryan has nearly 10 years of experience in defending large enterprise environments, specializing in Windows and Active Directory environments. Ryan has responsibility for Incident Response, Vulnerability Management, and the Management of all Security Tools and Controls. Ryan is a proud double alumnus from Oakland University as well as husband and father.

  • speaker photo
    Christine Wheaton
    CISO, Meritor

    Christy Wheaton currently serves as the Sr. Director & CISO for Meritor, overseeing the enterprise cybersecurity and GRC programs, globally. Wheaton previously served as global identity and access management lead for GE Capital, overseeing global IAM programs. Her role expanded to also oversee the information security intelligence program, information security risk, governance and compliance programs. Prior to this, she rotated through the director and CIO roles for Ally Bank holding several roles in motors insurance, corporate security, and global sales and service management, overseeing various IT departments and IT and InfoSec, data protection, governance, risk and compliance programs.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes