Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, September 28, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 1
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Ransomware is a specific and extremely harmful type of malware used by cybercriminals to extort money from individuals, organizations, and businesses. The infections block access to your data until you make a ransom payment, at which point you’re supposed to regain access. In reality, nearly 40% of the victims who pay the ransom never get their data back and 73% of those who pay the ransom are targeted again later – which is why everyone must protect against ransomware. In the past year, targeted ransomware attacks against government agencies, educational establishments, and healthcare providers have raised the stakes for those charged with protecting organizations. Ransomware attacks not only damage business, but also put health, safety, and lives at risk.

    Active Directory has become a popular pathway for ransomware attacks. The main reason cybercriminals target Active Directory is because it serves as a gateway to the rest of the network as a service for managing, networking, grouping, authenticating, and securing users across corporate domain networks. Users and computers rely on Active Directory to access various network resources. As such, cybercriminals understand that ransomware attacks on Active Directory can wreak havoc on any organization, making it an excellent extortion mechanism.

    In the fight against ransomware, organizations need to strategically prepare to protect against and respond to attacks. However, many IT organizations struggle to prioritize the appropriate initiatives to combat and mitigate the impact of ransomware. With more tools, technologies and processes than ever, a comprehensive ransomware security program is a must to help detect, prevent, respond and limit the overall exposure to ransomware and other destructive attacks. This comprehensive training course will help organizations to design, build, and manage a comprehensive Ransomware Security Program.

    Part 1: Ransomware Overview (90 Minutes)

    1.1 – Background & Introduction

    • What is ransomware?
    • How do ransomware attacks work?
    • How ransomware attacks have evolved (2016) – WannaCry and Petya / NotPetya
    • How ransomware attacks have evolved (2021) – REvil and Ryuk
    • Top six Ransomware Attacks of 2021 / 2022

    1.2 – Today’s Ransomware Problem

    • Human Operated Ransomware Attacks (Double Extortion)
    • Supply Chain Attacks
    • Ransomware as a Service (RaaS)
    • Attacking Unpatched Systems
    • Phishing Emails
    • Penetration Testing Tools (Cobalt Strike)

    1.3 – Ransomware Attacks against Information Technology (IT) Networks and Systems

    • Ransomware attack stages (initial access, lateral movement, privilege escalation, extortion, encryption)
    • The Ireland Health Service Elective (HSE) ransomware attack
    • How Conti Ransomware works
    • Lessons learned from the HSE Ransomware Attack

    1.4 – Ransomware Attacks against Operational Technology (OT) Networks and Systems

    • Ransomware attack stages (initial access, lateral movement, privilege escalation, extortion, encryption)
    • The Colonial Pipeline ransomware attack
    • How DarkSide Ransomware works
    • Lessons learned from the Colonial Pipeline Ransomware Attack

    Part 2: Understanding Ransomware Attacks (90 Minutes)

    2.1 – The MITRE ATT&CK Framework

    • What are the current Attack Models and how do they work?
    • What is the MITRE ATT&CK Framework?
    • What are MITRE Tactics?
    • What are MMITRE Techniques?
    • What are MITRE Procedures?
    • What is the MITRE D3FEND Matrix?

    2.2 – Mapping Ransomware Tactics, Techniques, Procedures (TTPs) to MITRE ATT&CK

    • Mapping REvil Ransomware to the MITRE ATT&CK Framework
    • Mapping Conti Ransomware to the MITRE ATT&CK Framework
    • Mapping Maze Ransomware to the MITRE ATT&CK Framework
    • Mapping Ryuk Ransomware to the MITRE ATT&CK Framework
    • Mapping DarkSide Ransomware to the MITRE ATT&CK Framework

    2.3 – Pen Testing Tools and the MITRE ATT&CK Framework

    • The Pen Testing Execution Standard (PTES)
    • NIST SP 800-115 Technical Guide to Information Security Testing and Assessment
    • The Cobalt Strike Penetration Testing Platform
    • Mapping Cobalt Strike to the MITRE ATT&CK Framework

    2.4 – Understanding Cyber Threat Intelligence (CTI)

    • What is Cyber Threat Intelligence (CTI)?
    • How does Cyber Threat Intelligence Work?
    • Who are the main providers of Cyber Threat Intelligence?
    • What are the main themes of Cyber Threat Intelligence in 2021?

    Part 3: Building a Ransomware Security Program (90 Minutes)

    3.1 – Ransomware Security Controls / Guides

    • CISA_MS-ISAC Ransomware Guide
    • Higher Education Ransomware Playbook
    • CSBS Ransomware Self-Assessment Tool
    • NIST IR 8374 – NIST Cybersecurity Framework (CSF) Guidance on Ransomware
    • US Government Interagency Technical Guidance – How to Protect your Networks from Ransomware
    • Canadian Centre for Cyber Security Ransomware Playbook

    3.2 – NIST SP 1800 Practice Guides on Ransomware

    • NIST SP1800-25 – Identifying and Protecting Assets Against Ransomware and Other Destructive Events
    • NIST SP 1800-26 – Detecting and Responding to Ransomware and Other Destructive Events.
    • NIST SP 1800-11 – Recovering from Ransomware and Other Destructive Events

    3.3 – Free Cybersecurity Tools and Services > https://www.cisa.gov/free-cybersecurity-services-and-tools

    • Tools that focus on reducing the likelihood of a damaging cyber incident
    • Tools that focus on detecting malicious activity quickly
    • Tools that focus on responding effectively to confirmed incidents
    • Tools that focus on maximizing resilience to a destructive cyber event

    3.4 – Building a Ransomware Security Program

    • Cybersecurity Program Assessment: based on CIS Security Controls Scorecard
    • Ransomware Program Assessment: based on CISA MS-ISAC Ransomware Controls Scorecard
    • Develop a Plan of Action and Milestones (POA&M)
    • Document an Executive Summary
    • Conduct Read Team, Blue Team, Purple Team and Table-Top Exercises
    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am

    Participating professional associations and details to be announced.

    9:00 am
    [Breakfast Fireside Chat] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    Building and Maturing a Security Awareness Program
    • session level icon
    speaker photo
    Information Security Team Leader, Rocket Central
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    10:15 am
    Conquering Cloud Complexity
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Cloud security is hard, not least because cloud platforms change so quickly.  This talk presents several lessons learned from security teams struggling to get their arms around the sprawl of modern infrastructure, using practical analogies from pandemics and earthquakes.

    10:15 am
    Paving the Way to AppSec Program Success
    • session level icon
    How to build a scaleable enterprise-wide application security program.
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    This presentation offers a fundamental approach to creating a foundation for an application security program that holistically addresses findings by creating a conduit between the information security teams—who often discover the issues—and the development teams, who know the application better than anyone and can re-mediate issues in the best possible fashion.

    11:10 am
    [Panel] Automotive Cybersecurity—It Isn't Optional
    • session level icon
    speaker photo
    Professor and Director, Graduate Program, University of Detroit Mercy
    speaker photo
    Cybersecurity Training Leader, The Automotive Information Sharing and Analysis Center (Auto-ISAC)
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    11:10 am
    Cyber Incidents, Forensics, and Insurance: Are All Three up to Snuff?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    2020 was the year of ransomware and the pandemic, and many organizations realized their IR wasn’t up to snuff, and others did not listen to external professionals helping and were re-compromised. Have you really tested your Incident Response processes? How about having a detailed post-mortem after an event? Have you looked at your cyber insurance policy to see who you are supposed to be using for assistance? This session will review going through an actual incident and what was good and what was missing in the recovery, alerting (oops, the customers are involved), and finding the root cause, and whether cyber insurance was worth it.

    11:10 am
    Ransomware Incident Command and Lessons Learned for Managers
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    This presentation presents a practical approach to incident command for managers at all levels, irrelevant of cyber expertise. Managers of all types are asked to take charge in critical situations and can benefit from leveraging proven crisis management processes during ransomware response.

    12:00 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    [Panel] Tales from the Cloud: Doing More with Less
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    The cloud saved many businesses when the pandemic hit. Some were already there and found new ways to thrive. For others, it was their first jump. It’s been almost two years now. Our panel will share what we’ve learned in this journey to the cloud—from doing more with less, to the ever-present insider threat risk, to supporting our DevOps teams like never before.

    1:15 pm
    [Panel] Incident Response!
    • session level icon
    speaker photo
    Manager-Threat IR & Forensic, Trend Micro
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    Security teams are struggling to keep up with the myriad of attack vectors looming. As we emerge from the pandemic, now is the time to focus and adjust your Incident Response plan. There is a new set of tools and technologies helping squash attacks, but what happens when they fail? What’s in your IR plan that addresses the unknown, and how are your preparing? What has worked and what has not? Join our panel of experts in a valuable discussion focusing on current threats and how your company can be better equipped during these unprecedented times.

    2:30 pm
    The Road to IT Governance Using KRIs
    • session level icon
    speaker photo
    Director of Cybersecurity, Little Caesars Enterprises
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Having an effective governance program is no easy task. It is partially due to a lack of visibility concerning organizational strategic and operational risks. In this presentation, we will review some examples to measure and track risk. These key risk indicators (KRIs) will provide early warning signals when risks move in a direction that may impact or prevent the achievement of organizational goals.
    2:30 pm
    How to Build an Effective Security Awareness Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    Day 1 Closing Session
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:45 pm - 4:30 pm
    3:45 pm
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 2
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm
  • Thursday, September 29, 2022
    7:00 am
    Registration open
    Registration Level:
    7:00 am - 4:30 pm

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 3
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am
    8:00 am
    Exhibitor Hall open
    Registration Level:
    8:00 am - 4:30 pm

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    InfraGard Chapter Meeting
    • session level icon
    Open to all attendees
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 pm

    Discussion topic and agenda TBD.

    9:00 am
    OPENING KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    Registration Level:
    9:45 am - 10:15 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    Talent Development in a 'Drought' of Cybersecurity Talent
    • session level icon
    speaker photo
    Security & Compliance Practice Director, AHEAD
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    10:15 am
    An Enlightened Path to AppSec Nirvana from Code to Cloud
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Key Takeaway:
    You’ll leave with an executable roadmap to improving the security of your applications.

    This session will be high-level and cover the various elements of a comprehensive application security program and how the pieces fit together. We’ll also review the various secure development models to equip you with a choice of standards you can adopt. Finally, we’ll cover sequencing and speed so you can follow a path to achieving your own AppSec nirvana.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:15 am
    Threat Detection: Beyond Prevention
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    11:10 am
    Transforming Risk into Opportunity
    • session level icon
    speaker photo
    Deputy CISO, State of Washington
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    This session uses the story of traversing a gorge wall leading to the base of a Central American waterfall to convey the principles of risk management.  The story illustrates a practical way to structure risk management to prepare practitioners and managers to identify and create opportunities.

    Attendees will learn three risk management principles that enable organizations to recognize business and enterprise opportunities.

    11:10 am
    5 Steps to Zero Trust
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Protecting the edge of your network isn’t enough in a world where anyone can access data from anywhere. The principles of Zero Trust turn the traditional perimeter-centric model on its head and focus on securing what matters most: the data.

    See how a data-centric approach to security can help you defend against ransomware, APTs, and insider threats.

    We’ll break down how to get to Zero Trust, covering how to:

    • Identify sensitive data with scalable classification
    • Create an audit trail around sensitive data
    • Architect microperimeters by limiting who has access to data
    • Monitor for potential threats
    • Use automation for remediation and response

    Learn about what Zero Trust means and concrete steps you can take to implement it in practice.

    11:10 am
    Third-Party Risk: Creating and Managing a Program that Works!
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Every organization is concerned with third-party risk. No one wants to be the next Target breach. This session will examine the components of third-party risk management and give you some leading practices on how to develop a workable and sustainable process.

     

    12:00 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Advisory Council – VIP / INVITE ONLY

    12:45 pm
    Networking Break
    Registration Level:
    12:45 pm - 1:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    [Panel] Securing the Code: AppSec and DevOps 101
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    Everyone says you’ve got to bake security into the development process, but it doesn’t always get done. Speed to market and “other considerations” can get in the way of good, clean secure code. Some developers share code or borrow from open-source platforms on the internet. Is that safe? How do you work with your DevOps teams to create a collaborative, proactive environment where they have the time and resources to build that security in from the beginning? How do you deal with burnout and fatigue? Our panel will address these concerns and more to help you get a handle on securing the code.

    1:15 pm
    [Panel] The Current Threat Landscape
    • session level icon
    speaker photo
    Security Research, Principal Lead, Akamai
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    2:30 pm
    The Last 2%: The Defense in Depth Layers No One Wants to Talk About
    • session level icon
    Perception Management, Value, and Trust
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm

    Having an effective security program is more than just having great technology. It’s about turning data into information and information into action. True success comes in the form of the business “wanting” you involved because they trust you and value the services your team provides. It doesn’t happen overnight and like any other part of your program, it needs to be deliberately designed in.

    2:30 pm
    Reducing Implicit Trust in Your Cloud Service Provider
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    As organizations embark on a cloud-first strategy, they often find they’re placing excessive trust in their cloud service provider to protect the sensitivity of their organization’s assets, especially sensitive data. During this presentation, we provide an overview of how the cloud service provider requires you to participate in a shared security model and how your organization can retain control of your sensitive data encryption. In other words: your data, their cloud! We’ll discuss and show how using newer tools and techniques—that include split trust, ubiquitous data encryption, and contextual access—reduce and mitigate implicit trust in your cloud provider along with allowing you to manage your own encryption and manage access to your data in the cloud.

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    CLOSING KEYNOTE
    • session level icon
    Registration Level:
    • session level iconConference Pass
    3:45 pm - 4:30 pm
    3:45 pm
    [PLUS Course] Developing a Comprehensive Ransomware Security Program
    • session level icon
    Part 4
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm
Exhibitors
  • Akamai Technologies
    Booth:

    Akamai is the leading content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • Checkmarx Inc.
    Booth:

    Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.

  • Cybereason
    Booth:

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • Expel
    Booth:

    Expel provides transparent managed security, on-prem and in the cloud. It’s the antidote for companies trapped in failed relationships with their managed security service provider (MSSP) and those looking to avoid the frustration of working with one in the first place. To learn more, go to https://www.expel.io.

  • Nozomi Networks
    Booth:

    Nozomi Networks is the leader in OT & IoT security. We accelerate digital transformation by protecting the world’s critical infrastructure, industrial and government organizations from cyber threats. Our solution delivers exceptional network and asset visibility, threat detection, and insights for OT and IoT environments. Customers rely on us to minimize risk and complexity while maximizing operational resilience. Its Threat Intelligence is now available for use with third-party cybersecurity platforms.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • RiskRecon
    Booth:

    RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
    easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
    solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
    enabling organizations to efficiently operate scalable, third-party risk management programs for
    dramatically better risk outcomes. Request a demo to learn more about our solution.

  • TechTarget
    Booth: N/A

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Trend Micro
    Booth:

    Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.

  • Team Cymru
    Booth:

    Give your security analysts visibility they can’t get anywhere else. With Pure Signal RECON, analysts can extend threat hunting far beyond the enterprise perimeter to trace, map and monitor malicious infrastructures. Block cyber attacks, close threat detection gaps, improve incident response and enforce supply chain security.

  • Venafi
    Booth:

    Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

    With more than 30 patents, Venafi delivers innovative solutions for the world’s most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms;  four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa. Venafi is backed by top-tier investors, including TCV, Foundation Capital, Intel Capital, QuestMark Partners, Mercato Partners and NextEquity.

    For more information, visit: www.venafi.com.

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Mark Majewski
    Information Security Team Leader, Rocket Central
  • speaker photo
    Daniel Shoemaker
    Professor and Director, Graduate Program, University of Detroit Mercy

    Daniel P. Shoemaker, PhD, is a Full Professor and Director of the Graduate Program in Cybersecurity at the University of Detroit Mercy, where he has worked for over 35 years. He has retired from his administrative position as Department Chair, PI for the NSA Center and Subject Matter Expert for DHS and NIST. He is enjoying more time with his students and writing. He has published over 200 cybersecurity papers and articles as well as this list of books:
    • Cybersecurity “The Essential Body of Knowledge”
    • “The CSSLP Certification All-in-One Exam Guide”
    • Cybersecurity “Engineering a More Secure Software Organization”
    • “A Guide to the National Initiative for Cybersecurity Education (NICE) Framework: The Complete Guide to Cybersecurity Risk & Controls in Cyber Security”
    • ”Implementing Cybersecurity: A Guide to the NIST Risk Management Framework”,
    • “Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Product”
    • “How to Build A Cyber Resilient Organization”
    • “The Complete Guide to Cybersecurity Risks and Controls”
    • Information Assurance for the Enterprise: A Roadmap to Information Security”
    • “The Cybersecurity Body of Knowledge”
    • “The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity”

  • speaker photo
    Tamara Shoemaker
    Cybersecurity Training Leader, The Automotive Information Sharing and Analysis Center (Auto-ISAC)

    Tamara Shoemaker is a diligent and self-motivated Cyber Security Specialist offering 25 years of combined experience in Cyber Security and Administrative Management for large and small corporations aiming to amplify the use and knowledge of security. Relentless dedication to leading teams to balance meticulous attention to quality with a sense of urgency to "get the job done" in alignment with preset deadlines.

    She is a dynamic, hardworking, intelligent, passionate, resourceful, resilient, jovial, insightful, team player. Working with her, an organizational team will experience a kind hearted, courageous, spirited yet direct leadership style. She has a strong ability to communicate and work effectively with people from all levels and sectors of the business, education, government and technological communities.

    Dedication to address the all encompassing cybersecurity challenge of getting enough properly trained and education people into the workforce. Recognized as a leader with outstanding skills in cybersecurity awareness training, education and outreach. Seeking to deliver her skills/experiences as a liaison for your company to increase the number of students in the field of cybersecurity and build your brand.

  • speaker photo
    Panel Discussion
  • speaker photo
    Chris LaFleur
    Manager-Threat IR & Forensic, Trend Micro

    Chris LaFleur has spent the last three years working to prevent and eradicate threat actors such as Ryuk, Conti, and Lockbit. Chris began his career at Trend Micro in Threat Support, and is now running the Incident Response team. He was a key part of the making a method on how to predict customer attacks with the Smart Protection Early warning Service from Trend Micro. Chris has built a team of dedicated personal that can go into any environment and hunt out threats without needing to rely on just vendor only EDR/XDR tooling to kill the threat actors ability to cause damage.

    Chris has an AS degree in IT solutions from Keiser University, along with AWS and VMWare certifications, coupled with his hands-on experience over the last decade. Chris has always led with the belief that the customer comes first no matter who or what may have caused it. Keeping an attitude that IR work is much like working in a trauma center as a doctor. We don't get to choose what comes next or how long it will take, but we do not stop until the job is complete.

  • speaker photo
    Panel Discussion
  • speaker photo
    Juman Doleh-Alomary
    Director of Cybersecurity, Little Caesars Enterprises

    Juman Doleh-Alomary is the Director of Cybersecurity GRC at Little Caesar's Enterprises and an active volunteer board member of the ISACA Detroit and the CSA-Detroit Boards.  With over 15 years of experience in audit, security, investigation, compliance, and privacy policy/standards, Juman most recently held the position of Director of IT Audit, Wayne State University, and the IT Audit and Risk Management at Ford Motor Company. She has served on the ISACA Detroit Chapter Board for several years and most recently as the past President of the chapter and chaired the IIA/ISACA Spring Conference with its record-setting attendance. In addition, she was appointed to the ISACA International Audit & Risk Committee. She is recognized as an expert in the subject of IT audits, risk, governance, security, and compliance.  Juman holds a Bachelors's and a Master's from the University of Michigan, and certifications in CISA, CISM, CRISC, CDPSE, and ISO 27001.

  • speaker photo
    Steven Aiello
    Security & Compliance Practice Director, AHEAD

    Mr. Aiello holds a BA in Technology Management and a Master's of Science with a concentration in Information Assurance. Currently, he is a Security & Compliance Practice Director with AHEAD, a consulting firm based in Chicago. Steven works closely with clients working across storage, virtualization and security silos.

  • speaker photo
    Steven Fox
    Deputy CISO, State of Washington
  • speaker photo
    Panel Discussion
  • speaker photo
    Or Katz
    Security Research, Principal Lead, Akamai
  • speaker photo
    Panel Discussion
Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Invest in your growth!

Join your cybersecurity community for high-quality, affordable training and networking. Register today!