- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Tuesday, September 17, 20249:00 am[PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0vCISO & Managing Director, Cyber Risk Opportunities LLCRegistration Level:
- SecureWorld Plus
9:00 am - 3:00 pmLocation / Room: The Baronette Renaissance Detroit-Novi Hotel (27790 Novi Road, Novi, MI 48377) - Level 1: Grand Oak 3&4Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?
In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.
You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:
- What are the components of the framework?
- Why is the framework is valuable?
- What type of organizations can use the framework?
Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.
You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.
Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.
We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.
- Wednesday, September 18, 20247:30 amRegistration openRegistration Level:
- Open Sessions
7:30 am - 4:15 pmLocation / Room: Registration Desk - Foyer Main EntranceCome to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
8:00 amExhibitor Hall openRegistration Level:- Open Sessions
8:00 am - 4:30 pmLocation / Room: Exhibitor HallYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:00 amAdvisory Council Roundtable Breakfast (VIP / Invite only)Massaging the Mind: Forging Sustainable Security Leadership and TeamsAVP, Information Security Services, Amerisure InsuranceRegistration Level:- VIP / Exclusive
8:00 am - 8:45 amLocation / Room: PearlHow do we achieve work-life balance as cybersecurity leaders, and how do we make sure our teams are doing the same? Come join this closed-door discussion with your Advisory Council peers and VIP guests and be ready to share your thoughts and ideas for thriving, not just surviving, a profession that lends itself to its share of stress. This roundtable discussion is for our Advisory Council members only.
8:00 amAre You in a Dysfunctional Relationship with the HR Department?Executive Director, National Cybersecurity AllianceRegistration Level:- Conference Pass
8:00 am - 8:45 amLocation / Room: EmeraldWhen HR and security teams understand their respective roles, value each other, and have an open, productive partnership, life is good. They can help each other be more effective and complement each other’s functions. Unfortunately, that symbiotic state can be hard to achieve. For security teams, HR folks can be hard to understand. Sometimes they seem like a great advocate for security, and at other times they can seem more like a blocker of our efforts to better secure the organization.
For HR professionals, dealing with the security team can be a challenge. For example, the security team might send out an emotionally-triggering simulated phish to everyone in the organization, causing numerous employee complaints that HR has to manage. So what can you do if you don’t have the best relationship with the HR team?
This talk, based on years of experience navigating the relationship between HR and security teams, will cover the issues that cause the biggest disconnects between HR and security. We’ll look at the issues from both sides and cover proposed solutions for each. Improving the relationships for both departments can lead to happier HR and security professionals who are more effective in their roles, and a company that’s better protected and prepared against cyber threats.
8:00 amInfraGard Michigan Members Alliance Meeting [Open to all attendees]How to Handle an Active Shooter SituationBoard Member, InfraGard Michigan Members AllianceSpecial Agent, Active Shooter Coordinator, FBI DetroitRegistration Level:- Open Sessions
8:00 am - 8:45 amLocation / Room: AmethystThis will continue the InfraGard Michigan Members Alliance June meeting, focused on the Gilroy festival shooting. Tim Hearl from the FBI’s active shooter program team gives a presentation on Run/Hide/Fight. This impactful session provides tactics to empower us with what to do if we encounter a similar situation. It is open to anyone.
8:00 amMichigan WiCyS Affiliate 'Get to Know You' MeetingOpen to all attendeesPresident, Michigan WiCyS Regional AffiliateRegistration Level:- Open Sessions
8:00 am - 8:45 amLocation / Room: JadeThe newly formed Michigan WiCyS Regional Affiliate cordially invites you to attend our “Get to Know You” meeting. This is a wonderful opportunity for us to introduce ourselves and for you to learn more about the mission and vision of WiCyS Global.
We are excited to share our goals and initiatives aimed at advancing the role of women in cybersecurity, both globally and within Michigan. This meeting will also provide you with the chance to meet our leadership team, who are dedicated to fostering a supportive and inclusive community for women in the cybersecurity field.
Join us to connect, engage, and explore how we can work together to make a meaningful impact in the cybersecurity industry. We look forward to seeing you there!
8:45 amNetworking BreakRegistration Level:- Open Sessions
8:45 am - 9:00 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
9:00 am[Opening Keynote] The Hidden Costs of Cybersecurity: Unveiling the True Price of ProtectionCyber & Information Security Director, Inteva ProductsGlobal IT Security Governance Manager, Yazaki North AmericaVP, Information Security & PMO, Penske Automotive GroupRegistration Level:- Open Sessions
9:00 am - 9:45 amLocation / Room: Keynote TheaterWith cyber threats evolving at an unprecedented pace, organizations are increasingly aware of the need for robust cybersecurity measures. However, the true cost of cybersecurity extends far beyond the visible expenses of software licenses and security personnel. This keynote panel delves into the often-overlooked aspects of cybersecurity that can significantly impact an organization’s bottom line and operational efficiency. The panel explores:
- The multifaceted nature of cybersecurity costs, beginning with the critical yet often underestimated areas of incident response (IR) readiness and preparedness.
- The importance of comprehensive business continuity planning, highlighting how inadequate planning can lead to substantial financial losses and reputational damage. The panel cites real-world examples, including the recent CrowdStrike outage, to illustrate the cascading effects of service disruptions on both providers and their clients.
- The legal aspects of cybersecurity, exploring how regulatory compliance, potential liabilities, and the cost of legal counsel in the aftermath of a breach contribute to the hidden costs of security. Don’t forget the often-underestimated impact of third-party risk and the importance of robust vendor management practices.
- How to challenge the conventional wisdom of relying heavily on a single security vendor, advocating for a diversified approach that can enhance resilience and reduce dependency risks. The panel also addresses the counterintuitive problem of implementing too many security controls, which can paradoxically slow recovery efforts after an incident and increase operational complexity.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:15 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:15 am[Panel] Mental Health vs. Mental Wellbeing: How to Cultivate Resilient Security TeamsChief Security & Trust Officer, DotmaticsVP, Human Resources, NuspireSr. Director, Enterprise Security (CISO), Delta Faucet CompanyCo-Founder, Mind Over CyberRegistration Level:- Conference Pass
10:15 am - 11:00 amLocation / Room: EmeraldThis panel discussion will confront the challenge of building infosec teams with the skills to manage stress under pressure. Four cybersecurity executive leaders will explore how to create team cultures, practices, and processes for proactively building mental well-being instead of addressing mental health from a reactive position. Much like building a security program, the group will look at the role mindfulness can play in helping defenders increase job satisfaction, improve focus, and lower the risk of burnout. Attendees can expect to gain actionable insights and practical steps that can be implemented within their organizations to cultivate this type of resilience. Moderated by Carlos Guerrero, Co-founder and Community Director for Mind Over Cyber.
10:15 amCybersecurity and Resilience: It's Not Just Bob's Job AnymoreConsulting Field Solutions Architect, Pure StorageRegistration Level:- Open Sessions
10:15 am - 11:00 amLocation / Room: JadeIn today’s rapidly evolving digital landscape, cybersecurity is no longer solely the responsibility of backup administrators. It demands a collective effort and a streamlined approach to ensure comprehensive protection across an organization. This presentation delves into the critical themes of modern data protection: broadening responsibility beyond backup administrators, tightening security cycles, and maintaining simplicity in implementation.
We will explore the significance of a tiered data protection architecture—a modern methodology that safeguards data across multiple geographies while ensuring high accessibility. This approach is essential for organizations seeking robust and resilient data protection strategies.
Pure Storage offers innovative solutions that empower customers to consolidate modern data applications onto a single, scalable platform. By eliminating complex and inefficient infrastructure silos, our solutions provide unparalleled investment protection and operational efficiency. Join us to discover how Pure Storage can help your organization achieve new heights in data security and management.
10:15 amHomegrown Security: How Michigan Businesses Are Navigating the Cybersecurity RapidsCTO & Co-Founder, BlumiraRegistration Level:- Open Sessions
10:15 am - 11:00 amLocation / Room: AmethystFrom iconic food empires to bustling county governments, Michigan businesses are proving you don’t need Silicon Valley budgets to build world-class cybersecurity. This session from Matt of Ann Arbor’s own Blumira pulls back the curtain and show you how local organizations are leveraging automation and cloud-native tools to punch above their weight class in the cybersecurity arena.
Drawing on his own experience helping secure businesses in the Great Lakes State, Matt explores:
- How to assess your current security maturity and identify key areas for improvement
- Avoiding the potholes of response-only and compliance-driven security approaches
- The role of automation in enhancing threat detection and response capabilities
- Insider tips on selecting technologies that satisfy both compliance and budget constraints
- How Ottawa County slashed manual log review time while meeting stringent CJIS and IRS compliance requirements
- Zingerman’s secret sauce for protecting customer data during holiday rushes without breaking the bank
This talk is ideal for IT and security leaders at Michigan businesses of all sizes looking to enhance their security capabilities without breaking the bank or burning out their teams.
11:00 amNetworking BreakRegistration Level:- Open Sessions
11:00 am - 11:10 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:10 amSocial Engineering: Training the Human FirewallTeam Leader of Information Security, GarminRegistration Level:- Conference Pass
11:10 am - 11:55 amLocation / Room: AmethystPhishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.
11:10 amSecurity and AI: Is Your Data Ready?Principal Solution Engineer, SentinelOneRegistration Level:- Open Sessions
11:10 am - 11:55 amLocation / Room: JadeLet’s cut through the hype and talk about what AI is going to require in order to add value. The goal of this session is to arm you with questions to ask of your favorite vendors to better understand what readiness and reality looks like. The session will cover ingest, data normalization, schemas, performance, and then tie it back to down-to-earth expectations around what AI can do (now), and what it will probably do (soon).
11:10 am[Panel] Unveiling the Threat Landscape and Unmasking Digital VillainsDirector of Incident Detection Engineering, BlumiraDirector of Industrial Security, Waterfall Security SolutionsSr. Threat Researcher, ProofpointCISO, Plante MoranRegistration Level:- Open Sessions
11:10 am - 11:55 amLocation / Room: EmeraldIn the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.
Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.
Our panel provides a comprehensive overview of the current threat landscape.
12:00 pm[Lunch Keynote] The State of Cybersecurity in the State of MichiganCIO, State of MichiganRegistration Level:- Open Sessions
12:00 pm - 12:45 pmLocation / Room: Keynote TheaterIn this enlightening keynote session, State CIO Laura Clark provides unique insights into cybersecurity initiatives, challenges, successes, and future direction across Michigan’s diverse landscape of government agencies, critical infrastructure, and public services. Drawing from her extensive experience leading Michigan’s IT and security efforts, Clark offers valuable lessons learned and best practices that can be applied across various sectors and regions. Gain a deeper understanding of how a large, diverse state tackles complex cybersecurity challenges and looks to capitalize on opportunities.12:00 pmAdvisory Council Roundtable Lunch (VIP / Invite only)The Surprising List of CISO Top ConcernsSr. Manager, IT Security, BorgWarnerRegistration Level:- VIP / Exclusive
12:00 pm - 12:45 pmLocation / Room: PearlModerated discussion for SecureWorld Advisory Council members. By invite only.
Taking a cross-section of recent surveys (ISC2 , Dark Reading, PwC), arguably the top CISO concerns—not “priorities” but “concerns”—are third-party security risks, data manipulation, and burnout. Together, these represent the true CISO-level risks, compared to what’s in the news on a daily basis: AI, ransomware, supply chain and insider risks, cyber warfare, nation-state actors, etc. In this private, closed-door discussion, we challenge whether these three concerns are a correct and complete list, and discuss how/why they differ from those other top CISO priorities. The goal is to walk away with a new-look “to-do list” for your job versus the one with which you walked in.
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:15 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pmSecuring Autonomous Vehicles: Unveiling Emerging Threats from Technological Advances and Effective Mitigation StrategiesCybersecurity and Compliance Engineer, May MobilityRegistration Level:- Conference Pass
1:15 pm - 2:00 pmLocation / Room: AmethystAmidst the dynamic cybersecurity landscape, technological advancements intersect with increasingly sophisticated threat actors, from individual hackers to coordinated cybercriminal groups, including Advanced Persistent Threat (APT) actors. With expanding vehicle autonomy, connectivity, and AI, vulnerabilities intensify, demanding a nuanced understanding of emerging threats posed by adept adversaries, particularly APT groups, from a technical viewpoint.This presentation delves deeply into analyzing advanced threat actors’ methodologies, intricate tools, and multifaceted attack vectors, emphasizing APT groups’ strategies. Highlighting the significance of robust governance, risk management, and compliance (GRC) strategies, it underscores their role in fortifying defenses against evolving threats, including APT-driven attacks. Join us for comprehensive insights into APT threat actors and effective GRC strategies, bolstering your cybersecurity posture against sophisticated challenges – whether you’re securing autonomous vehicles or other critical systems within your organization.1:15 pmMind the Gap: Why Modern Vulnerability Management Demands More than Scan-and-PatchTechnical Director, Skybox SecurityRegistration Level:- Open Sessions
1:15 pm - 2:00 pmLocation / Room: JadeToo many vulnerability management programs operate on incomplete or out-of-date scan data. What’s more, this data is rarely if ever correlated to the importance of the asset or its exposure to potential attack across the network.
To have a real impact on lowering your risk of cyberattack, a modern vulnerability management program needs to provide you with an up-to-the-minute view of all the vulnerabilities in the estate, immediate insights into those that matter to your organization, and how to remediate them. All without waiting for the next patch cycle.
In this session, you will learn:
- How the visibility of your assets, networks, business, and security data impacts vulnerability risk.
- What scanners miss in discovery and prioritization, and how to fill in the gaps.
- How to reduce the scan-and-patch lag from weeks to hours.
This session explores how modern vulnerability management helps you to centralize and analyze data from the entire attack surface, prioritize those threats that represent the highest risk to you, and act more quickly to remediate those vulnerabilities most likely to be used in a cyberattack.
1:15 pm[Panel] Elevating Security Through Threat Intelligence, Cloud Resilience, and AI InnovationsStrategic Evangelist, VaronisDirector of Information Security & Regulatory Compliance, ETSField CTO, MimecastIT GRC and Cybersecurity ProfessionalRegistration Level:- Open Sessions
1:15 pm - 2:00 pmLocation / Room: EmeraldStaying ahead requires a proactive and multifaceted approach in an era of increasingly sophisticated cyberattacks. This expert panel will explore how organizations can elevate their cybersecurity posture by leveraging advanced threat intelligence, building cloud resilience, and integrating AI-driven innovations.
Discover how threat intelligence is evolving to offer more predictive and actionable insights, how cloud resilience strategies are vital for safeguarding critical infrastructure, and how cutting-edge AI tools can automate detection, response, and even decision-making in the fight against emerging threats.
Join us for an in-depth discussion on how these critical components work together to form a stronger, smarter, and more adaptive security ecosystem.
2:00 pmNetworking BreakRegistration Level:- Open Sessions
2:00 pm - 2:10 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:10 pmPrivacy for Security Professionals: Protecting Data in a Time of UncertaintyMember, Data Privacy & Cybersecurity, Clark Hill LawRegistration Level:- Conference Pass
2:10 pm - 2:55 pmLocation / Room: JadeIt feels like every day a new privacy law is enacted by the states, new regulations are issued by federal regulators, and then those regulations are overturned by the courts once challenged. This session explores how businesses can roll out sound data privacy practices in a time of so much legal uncertainty.
2:10 pmRevving up Security in the Automotive IndustryCISO, BorgWarnerSr. Manager, IT Security, BorgWarnerRegistration Level:- Conference Pass
2:10 pm - 2:55 pmLocation / Room: AmethystCome witness and be a part of this collaborative discussion on the automotive industry and what security practitioners are doing to defend against the newest risks facing manufacturers, suppliers, and all of those who are connected to our industry. Juman and Ryan walk us through the challenges, risk, and threats, but also will call upon those in the audience for ideas and support as we work collaboratively to help secure our industry.
2:10 pmISSA Motor City Chapter Meeting (Open to all attendees)Cybersecurity from the FBI's PerspectiveSpecial Agent, FBIRegistration Level:- Open Sessions
2:10 pm - 2:55 pmLocation / Room: EmeraldAs the lead federal agency for investigating cyber attacks, the FBI provides unique insights into the evolving threat landscape and the collaborative approach required to combat sophisticated cybercriminals. In this session hosted by the ISSA Motor City Chapter, an experienced FBI special agent shares the bureau’s perspective on the most pressing cyber threats, the critical role of public-private partnerships, and the investigative techniques used to track down and disrupt cyber adversaries. Gain a better understanding of the FBI’s cybersecurity initiatives and how organizations can work effectively with federal law enforcement to enhance their overall security posture.
3:00 pmNetworking Break and Dash for PrizesRegistration Level:- Open Sessions
3:00 pm - 3:30 pmLocation / Room: Exhibitor HallVisit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.
Participating sponsors will announce their Dash for Prizes winners. Must be present to win.
3:00 pmHappy HourRegistration Level:- Open Sessions
3:00 pm - 3:45 pmLocation / Room: Exhibitor HallJoin your peers for conversation and complimentary beverages. This is a great opportunity to network with other security professionals from the area and discuss the hot topics from the day.
3:30 pm[Closing Keynote] Drag Racing & Cybersecurity: The CrossoverAssociate CISO, St. Luke's University Health NetworkRegistration Level:- Open Sessions
3:30 pm - 4:15 pmLocation / Room: Keynote TheaterYou’d be amazed what you can learn from everyday hobbies or obstacles to help you become a better practitioner. Krista Arndt shares a very personal story of survival after a bad drag racing accident in 2015. It was a life-altering experience and provided perspective on her personal and professional life that drives her every day as a loving mom and wife, volunteer, and successful CISO.
- Arista NetworksBooth: 130
Arista Networks was founded to pioneer and deliver software-driven cloud networking solutions for large data center storage and computing environments. Arista’s award-winning platforms, ranging in Ethernet speeds from 10 to 100 gigabits per second, redefine scalability, agility and resilience. Arista has shipped more than 15 million cloud networking ports worldwide with CloudVision and EOS, an advanced network operating system. Committed to open standards, Arista is a founding member of the 25/50GbE consortium. Arista Networks products are available worldwide directly and through partners.
- BlumiraBooth: 340
Blumira’s cloud SIEM platform offers both automated threat detection and response, enabling organizations of any size to more efficiently defend against cybersecurity threats in near real-time. It eases the burden of alert fatigue, complexity of log management and lack of IT visibility.
Blumira’s cloud SIEM can be deployed in hours with broad integration coverage across cloud, endpoint protection, firewall and identity providers including Azure, Office 365, G Suite, Crowdstrike, Okta, Palo Alto, Cisco FTD and many others.
- Canary TrapBooth: 330
Canary Trap is a recognized industry leader in offensive security, security advisory and assessment services. Founded by ethical hackers and certified security experts who share in the common goal of protecting organizations from becoming a victim of the next cyber-attack.
Canary Trap combines human expertise with sophisticated tools and, where appropriate, threat intelligence to ensure a thorough, in-depth approach to all security testing and assessments.
- Cato NetworksBooth: 120
Cato Networks pioneered the convergence of networking and security into the cloud. Aligned with Gartner’s Secure Access Service Edge (SASE) and Security Service Edge (SSE) frameworks, Cato’s vision is to deliver a next generation secure network architecture that eliminates the complexity, costs, and risks associated with legacy IT approaches based on disjointed point solutions. With Cato, organizations securely and optimally connect any user to any application anywhere on the globe. Our cloud-native architecture enables Cato to rapidly deploy new capabilities and maintain optimum security posture, without any effort from the IT teams. With Cato, your IT organization and your business are ready for whatever comes next. For more information, visit https://www.catonetworks.com.
- Cloud Security Alliance DetroitBooth: n/a
- Critical StartBooth: 250
Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.
- CyeraBooth: 370
Cyera is the data security company that gives businesses context and control over their most valuable asset: data. As a pioneer in Data Security Posture Management, Cyera instantly provides companies visibility over their sensitive data, context over the risk it represents and their security exposure, and automated remediation to reduce the attack surface and ensure operational resilience. We are redefining the way companies secure their data. Learn more at cyera.io.
- InfraGard MichiganBooth: 140
InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. With thousands of vetted members nationally, InfraGard’s membership includes business executives, entrepreneurs, military and government officials, computer professionals, academia and state and local law enforcement; each dedicated to contributing industry specific insight and advancing national security.
- ISACA DetroitBooth: 360
Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Detroit area.
- ISC2 Greater DetroitBooth: 170
ISC2 is consists of over 80,000 members worldwide. Our chapter program provides members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resource and educational programs to keep our members informed of the latest advances in technology and techniques. The Greater Detroit chapter was been established in 2012 to help bring together local professionals. Our members consist of ISC2 credentialed professionals who hold either a SSCP, CAP, CSSLP, and/or a CISSP or advanced concentration certification.
- ISSA Motor CityBooth: 110
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals. The Motor City chapter is located in the automotive capital of the United States, Detroit, MI. Our chapter is committed to educating, consulting, advising, and overall improving information security for our technology infrastructures.
- Keep Aware, Inc.Booth: 210
Keep Aware is a pioneer in human-centric browser security. Its platform eliminates the browser blind spot, ensuring complete visibility of browser activity and providing robust protection against known and unknown people-targeted attacks, including credential phishing, spoofing, social engineering, and malicious extensions. Keep Aware combines the analysis of how information is presented to people, and how they interact with it, to create a human-centric solution that prevents threats at the point-of-click. It leverages advanced user behavior analytics to assess risk, identify threats, and respond in real time to any attack. The powerful, lightweight solution seamlessly integrates into industry-standard browsers, protecting employees without disrupting workflow.
- MimecastBooth: 275
Mimecast empowers our customers to help mitigate risk and manage complexities across a threat landscape driven by cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today.
- National Cybersecurity AllianceBooth: 100
Our alliance stands for the safe and secure use of all technology. We encourage everyone to do their part to prevent digital wrongdoing of any kind. We build strong partnerships, educate and inspire all to take action to protect ourselves, our families, organizations and nations. Only together can we realize a more secure, interconnected world.
- NexumBooth: 290
Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio, and Wisconsin, as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.
- ProofpointBooth: 270
Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.
Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.
- Pure Storage, Inc.Booth: 265
Pure Storage is pioneering a new class of enterprise storage that has been designed from the ground up to take full advantage of flash memory. The company’s products accelerate random I/O-intensive applications like server virtualization, desktop virtualization (VDI), database (OLTP, rich analytics/OLAP, SQL, NoSQL), and cloudcomputing.
Pure Storage makes it cost-effective to broadly deploy flash within the data center, enabling organizations to manage growth within existing power and space constraints. Launching later this year, the company’s products are in private beta with select customers. Pure Storage is funded by Greylock Partners and Sutter Hill Ventures.
- SentinelOneBooth: 260
SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.
- Skybox SecurityBooth: 200
Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.
- VaronisBooth: 310
Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.
- Waterfall SecurityBooth: 320
Waterfall Security’s technology represents an evolutionary alternative to firewalls. Our innovative, patented Unidirectional Security Gateway solutions enable safe and reliable IT/OT integration, data sharing, cloud services, and all required connectivity for industrial control systems and critical infrastructures. Waterfall Security’s products dramatically reduce the cost and complexity of regulatory compliance with NERC CIP, NRC, NIST, CFATS, ANSSI and others.
Waterfall products enable external parties, HQ, engineering, contractors and vendors, cloud services, and others to have access to operational information, while keeping the industrial control systems safe and secure. Our purpose-built hardware based security is enhanced by off-the-shelf software with a multitude of interfaces to widest range of industrial systems, protocols, databases and IT solutions in the market.
Waterfall has a growing list of customers worldwide, including national infrastructures throughout North America, Europe, Asia and the Middle-East in power plants, nuclear plants, on/off-shore platforms, refineries, manufacturing plants, utility companies plus many more. Our strategic partners are multinational conglomerates and integrators in manufacturing, automation and other parallel industries.
- WiCyS Michigan AffiliateBooth: 300
The Michigan WiCyS Affiliate is a part of Women in Cybersecurity (WiCyS), an international organization that connects women in cybersecurity from academia, research, and industry. The affiliate’s mission is to support WiCyS’s global goal of advancing, retaining, and recruiting women in cybersecurity. The affiliate also aims to create a community of professional women who share similar passions and missions.
- Glen Sorensen, InstructorvCISO & Managing Director, Cyber Risk Opportunities LLC
Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.
Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.
- Bob Bacigal, ModeratorAVP, Information Security Services, Amerisure Insurance
Bob Bacigal is the Assistant Vice President of Information Security at Amerisure Insurance. He has over 30 years of experience in information security management, risk management, incident response, disaster recovery, and business continuity planning. Prior to joining Amerisure, he held security management positions with Great Lakes BanCorp, the Federal Reserve Bank of Chicago, and Delphi Corporation. Bob is an active member of the InfoSec community and has served as President and Chairman of the InfraGard Michigan Members Alliance (IMMA) and is currently serving on its Board of Directors. He is an active member of the State of Michigan CSO Kitchen Cabinet, Detroit CISO Executive Council Governing Body, and the SecureWorld Detroit Advisory Council. Bacigal earned his bachelor’s degree in Criminology form Eastern Michigan University and is both a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM).
- Lisa PlaggemierExecutive Director, National Cybersecurity Alliance
Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.
- Karla Thomas, HostBoard Member, InfraGard Michigan Members Alliance
After holding leadership positions in IT and cybersecurity for well over 20 years, Karla Thomas now focuses on consulting and board involvement. In addition to being on the InfraGard board, she is an active member of the CXO Xchange board and the CyberRisk Alliance Michigan chapter, as well as other advisory boards.
- Tim HearlSpecial Agent, Active Shooter Coordinator, FBI Detroit
• 28 Years in Chicago and Detroit Divisions
• Criminal & Counterterrorism Investigations
• SWAT Team member & Sniper Team Leader
• Firearms Instructor
• Tactical Instructor
• Active Shooter Coordinator
• Civilian Response Training - ASAPP/CRASE
• Law Enforcement Response Training - ALERRT - Tamara Shoemaker, HostPresident, Michigan WiCyS Regional Affiliate
Tamara’s primary mission is to address the shortage of specifically educated and trained cybersecurity professionals across Michigan. She focuses on K-12 Education with the CyberPatriot Program and Recruiting, Retaining, and the Advancement of Women leading the Michigan WiCyS Affiliate’s programs.
She has facilitated the MCISSE Center’s unique engagement in cybersecurity teaching at the middle and high school level, and through innovative cybersecurity summer camps. In conjunction with this program, she created a digital badging system to further motivate and distinguish Michigan CyberPatriot participation, which is the first of its kind in the nation. She and her husband, Dan Shoemaker, published a groundbreaking book for Secondary school teachers entitled “Teaching Cybersecurity” with CRC Press.
In June, women from across Michigan stood up the Michigan WiCyS Affiliate and Tamara is leading that charge as President. WiCyS is a global Association that promotes Recruiting, Retaining, and Advancing Women in Cybersecurity, which fits seamlessly into Tamara’s life’s work. She encourages you all to get in the GAME, volunteer, and help ensure we can all properly retire someday!
- Ahmeed AhmeedCyber & Information Security Director, Inteva Products
Ahmeed is the Director of Cyber and Information Security at Inteva Products, a global Tier-I automotive supplier. In his role, he oversees three key areas: Cyber Defense, Information Security, and Data Privacy (with a particular focus on privacy requirements for the company’s EU entities). His strategic oversight and leadership ensures the organization’s cybersecurity program alignment with the business.
With over 20 years of experience across various sectors such as telecommunications, education, and manufacturing, Ahmeed brings a wealth of knowledge to his position. He holds a bachelor’s degree in Computer and Control Engineering and an MBA from Central Michigan University, along with several professional certifications.
- Janette BarrettoGlobal IT Security Governance Manager, Yazaki North America
As a cybersecurity leader, Janette drives global cybersecurity and information security programs, ensuring enterprise-wide protection and compliance with evolving regulations. Her curiosity fuels her passion for learning and staying ahead in the field.
Collaboration is key to success, whether working with C-suite executives, peers, or cross-functional teams to drive major security initiatives.
- Mo WehbiVP, Information Security & PMO, Penske Automotive Group
As the VP of Information Security & PMO within the IT department at Penske Automotive Group, Mo oversees the implementation and governance of cybersecurity and IT service management best practices across the organization. He has over 18 years of experience in leading and managing complex IT projects, portfolios, and programs, as well as ensuring compliance, data security, and risk management for multiple business units and stakeholders.
He is also an active board member and speaker at various professional associations and forums, such as ISACA, Cloud Security Alliance, and Cybersecurity Collaboration Forum, where he shares his insights and expertise on emerging trends and challenges in the cybersecurity and IT services. His specialties include Risk Management, Information Security Management, Compliance, Data Security, Project Management, Portfolio Management, Program Management, Mergers, Acquisitions and Divestitures, Organization Management, Change Management, and IT Management.
- Daniel AyalaChief Security & Trust Officer, Dotmatics
Daniel Ayala (@buddhake) is the Chief Security & Trust Officer at Dotmatics, providers of technology solutions for scientific R&D. Throughout his nearly 30 year career, he has led security, privacy and compliance groups in banking and financial services, pharmaceutical, information, higher education, research and library organisations around the world, and both writes and speaks regularly on the topics of security, privacy, data ethics, and compliance. Daniel is also the co-host of The Great Security Debate Podcast (@securtydebate).
- Emily BurkeVP, Human Resources, Nuspire
- Kristie PfosiSr. Director, Enterprise Security (CISO), Delta Faucet Company
Kristie Pfosi stands at the forefront of one of automotive’s greatest challenges: cybersecurity. A well-respected policy maker and program manager with deep technology expertise, Kristie has been a champion for best practices in cybersecurity for over a decade as a technical intelligence officer at the CIA and as an OEM employee, most notably helping FCA shore up their cybersecurity practice after one of their vehicles was infamously hacked. Her wide-ranging background in automotive also includes designing minivan seats, developing advanced service diagnostic tools, and working on internal combustion engine technology at companies like Magna and MAHLE Powertrain.
Today she is responsible for creating and implementing processes and methodologies for global incident responses, vulnerability management, and risk assessments at Mitsubishi Electric Automotive America. Her work also involves developing and integrating cybersecurity protection into advanced vehicle electronics with a focus on defense-in-depth and next-generation security.
Kristie holds two bachelor degrees in Mechanical Engineering and Electrical Engineering from the General Motors Institute (Kettering University), and has experience in all phases of the product development lifecycle—from advanced R&D, through product development and launch, to post-production operations and aftermarket service.
- Maria Graham, ModeratorCo-Founder, Mind Over Cyber
Maria is a highly experienced cybersecurity account executive with over a decade of experience in the industry. Her approach to leadership is centered around human relationships and leveraging human capital as a part of her sales process. She is an enthusiastic champion of her clients and focuses on solving their problems, rather than just hitting sales targets. She is also the Co-Founder of Mind Over Cyber, a 501c3 nonprofit focused on bringing mindfulness and mental well being to cybersecurity defenders.
Maria is always striving to think outside the box, approach situations with integrity, and maintain a constant curiosity to learn. She enjoys networking and building her tribe. She also knows that while work is important, being a wife and mother to her two daughters and instilling these values in them is the most important thing to her. - Nathan HammesConsulting Field Solutions Architect, Pure Storage
Nate Hammes is a Field Solutions Architect for Pure Storage, responsible for driving Cyber Resiliency through Pure and Alliance vendor solutions. Nate has over 25 years of experience, from end user to IT Architect (with 15 of those years in technical pre-sales roles) in areas including Cyber Resilience, data protection, storage, virtualization and data center infrastructures. Nate joined Pure Storage in August 2023.
- Matthew WarnerCTO & Co-Founder, Blumira
Matthew Warner is the Chief Technology Officer and co-founder of Blumira, bringing nearly two decades of cybersecurity experience to the company. Prior to founding Blumira, Matthew served as Director of Security Services at NetWorks Group, an MSSP focused on compliance and ethical hacking.
Seeing a gap in the market, Matthew developed a threat detection and response platform designed specifically for SMBs that was easy to use and cost-effective. The success of this technology led him to found Blumira and focus on scaling the platform.
Passionate about cybersecurity education, Matthew frequently shares practical advice to help resource-constrained SMBs improve their security through webinars, articles, podcasts and more. His genuine desire to help SMBs, often the most vulnerable to cyberattacks, strengthen their security posture shines through.
Matthew’s leadership and innovative problem-solving were recognized in 2022 when he received the CTO of the Year award from the Globee Cybersecurity Global Excellence Awards. He was specifically honored for his notable research uncovering additional Log4j vulnerabilities and contributions to Blumira’s 2022 State of Threat Detection and Response Report.
- Reanna SchultzTeam Leader of Information Security, Garmin
Reanna Schultz is from Kansas City, MO, and attended the University of Central Missouri (UCM). She graduated in 2018 with her Bachelor of Science in Cybersecurity: Secure Software Development and in 2020 for Master of Science in Cybersecurity: Information Assurance. While being in the industry, Reanna has been exposed to numerous SANS hosted classes. Reanna volunteers as a National Cyber League coach and provides her industry expertise by doing guest speaker talks for numerous colleges and high schools across the Midwest to STEM students. Reanna currently works as a Team Lead at Garmin and directly reports out of their SOC.
- Shane HarschPrincipal Solution Engineer, SentinelOne
Shane Harsch is a Principal Solution Engineer at SentinelOne, a SANS Instructor, and an Adjunct Instructor at the University of Michigan with more than 25 years of experience in military, manufacturing, consulting, and professional services. He is a commissioned officer in the U.S. Army (MI), holds degrees in business (MBA) and computational linguistics (BA), and maintains the following certifications: GCIA, GCIH, GCED, CISSP, CTIA.
- Amanda BerlinDirector of Incident Detection Engineering, Blumira
Amanda Berlin is the Director of Incident Detection Engineering at Blumira, bringing nearly two decades of experience to her position. At Blumira she leads a team of incident detection engineers who are responsible for creating new detections based on threat intelligence and research for the Blumira platform.An accomplished author, speaker, and podcaster, Amanda is known for her ability to communicate complex technical concepts in a way that is accessible and engaging for audiences of all backgrounds. She co-authored an O’Reilly Media book "Defensive Security Handbook: Best Practices for Securing Infrastructure," a comprehensive guide for starting an InfoSec program from the ground up. Amanda is also the CEO and co-founder of Mental Health Hackers, a non-profit organization that aims to raise awareness about mental health issues in the cybersecurity community. Through Mental Health Hackers, Amanda is working to break down the stigma surrounding mental health and create a supportive community for cybersecurity professionals.
- Rees Machtemes, P.EngDirector of Industrial Security, Waterfall Security Solutions
Rees is the lead threat researcher for the annual Waterfall / ICSStrive OT Threat Report and writes frequently on the topic of OT / ICS cybersecurity. Being solutions-focused, he champions INL’s Cyber-Informed Engineering program and regularly provides advice and commentary to government agencies and standards bodies issuing OT security guidance.
Rees is a professional engineer with 15 years of industry experience in power generation and transmission substation automation, food and beverage plant automation, public and government telecom, data centres and IT support. He holds a B.Sc. in Electrical Engineering from the University of Alberta. - Jared PeckSr. Threat Researcher, Proofpoint
Jared Peck is a Senior Threat Researcher for the Field Facing Threat Research Team at Proofpoint where he focuses on Latin American malware and phishing research as well as communicating threats and the threat landscape to customers. Prior to joining Proofpoint, Jared spent eight years at a Fortune 500 financial services company in several roles including Senior Cyber Threat Intelligence Analyst. Before changing careers to information security, Jared worked in the emergency services field for over 15 years as a firefighter and paramedic.
- Mike Reterstorf, ModeratorCISO, Plante Moran
Mike Reterstorf is the Chief Information Security Officer at Plante Moran, a 100-year-old global Tax, Audit, and Wealth Management firm based in Southfield, Michigan. Mike has over 25 years of professional technical experience covering time in application development, system architecture, and most recently over a decade in Cybersecurity. Through his career, Mike has developed extensive experience in a number of areas including hospitality, automotive, critical infrastructure, and finance. Mike has a Bachelor of Science in History and Computer Science and a Master of Science in Computer Information Systems from the University of Michigan as well as a CISSP from ISC2.
- Laura ClarkCIO, State of Michigan
Laura Clark serves as the chief information officer (CIO) for the State of Michigan, directing the state’s technology and security efforts. As deputy director for the Michigan Department of Technology, Management & Budget (DTMB), she also oversees operations for the department, which provides information technology, business, and administrative services to state employees and stakeholders, as well as Michigan residents, visitors, and businesses.
During her 20-year career in public service, Clark has embraced a hands-on, adaptable approach to leadership. Since being appointed as CIO by Gov. Gretchen Whitmer, she has helped the State of Michigan achieve success through many initiatives, such as the launch of the award-winning Michigan Secure mobile app and successfully securing $20 million in critical cybersecurity funding from the Michigan Legislature for statewide security enhancements.
In her day-to-day work, Clark values the contributions of every person on DTMB’s 5,000 member team and has the unique ability to connect her sense of purpose and service with the overall work and mission of directing the State of Michigan’s technology and security efforts. She leads by example, seeking out opportunities that will allow those around her to succeed. Throughout these efforts, Clark’s compassion, patience, experience, and skills as are helping DTMB and the entire state forge a successful path into the digital future.
- Ryan Mostiller, ModeratorSr. Manager, IT Security, BorgWarner
Ryan Mostiller is a security leader in the Metro Detroit community, currently serving as the Security Operations Manager for BorgWarner. After more than a decade in both technical and management roles in security, Ryan enjoys any opportunity to engage with fellow practitioners and share learnings. Ryan has worked across various industries and within several Fortune 500 companies, most recently in the automotive industry.
Ryan has a Masters in IT Management from Oakland University and bachelors in Information Technology, along with security certifications from GIAC. You may have seen other presentations that Ryan has created and presented at, including SecureWorld, GrrCON, ISC2, and Evanta. Ryan has also developed and teaches an OU Executive MBA course at Oakland University titled "Cybersecurity for Executives."
- Hemanth TadepalliCybersecurity and Compliance Engineer, May Mobility
Hemanth Tadepalli is a Cybersecurity Compliance Engineer at May Mobility, excelling in the realm of autonomous transportation services. With a rich professional background spanning roles at AlixPartners, Mandiant, Google, and SensCy, he specializes in ensuring compliance with stringent standards like ISO 27001, SOC 2, ISO/SAE 21434, and others. Hemanth co-founded MYCAP (Michigan Young Cybersecurity Analysts and Professionals), fostering budding talents in the cybersecurity domain. Appointed by the Michigan Department of State in 2022, he served on the Collegiate Advisory Task Force, determined and implemented recommendations to improve voter education and engagement among universities across the state of Michigan. The task force played an important role in election security, integrity, and combatting the result of misinformation being spread.
Hemanth has presented at the Detroit Automotive Cybersecurity Conference and various other prominent industry events, showcasing his expertise and thought leadership. He holds a Computer Science degree with a cybersecurity concentration and minors in Pre-Law, Innovation, and Entrepreneurship from Kettering University. Currently pursuing a Master's in Cybersecurity at the University of California, Berkeley, he continues to drive innovation and excellence in the cybersecurity landscape.
- Jessie GibbonsTechnical Director, Skybox Security
Jessie Gibbons is a dynamic IT professional specializing in cybersecurity, with a strong focus on partner and account management. With over twenty years of experience, he has excelled in nurturing strategic partnerships and managing key client accounts within the cybersecurity sector. Leveraging his expertise, Jessie has successfully cultivated collaborative relationships with industry-leading organizations, driving mutual growth and success.
- Steven F. FoxDirector of Information Security & Regulatory Compliance, ETS
Creating value-add business outcomes through security and privacy design is the core of my professional mission. I prioritize understanding my clients’ organizational goals and culture to ensure their infrastructure and processes reflect their ethos. As an IT-to-business translator with extensive technical and business advisory experience, I have successfully led audits testing controls from standards such as NIST CSF, ISO 27001, GDPR, and PCI-DSS. My contributions to the security community include publications in ISSA Journal and CSOonline, and presentations at RSA Conference, Blackhat Executive Summit, and DefCon. As a member of the SecureWorld Expo Advisory Committee, I remain actively engaged in advancing the field of cybersecurity.
- Brandon ReidField CTO, Mimecast
Field Chief Technology Officer with more than 15 years' experience designing, deploying, and selling enterprise technology solutions. Currently helping enterprises secure their email, brand, and reduce risk.
- Mary Rowley, ModeratorIT GRC and Cybersecurity Professional
Mary’s several years of leadership experience encompasses many areas of cybersecurity with a focus on IT risk management, IT audit, security awareness training, vulnerability management and incident response. Her extensive information security background includes working at Henry Ford Health System, Comerica Bank, WorkForce Software, Learning Care Group and most recently, Raytheon Technologies, where she continues to build and mature the company’s Cyber 3rd party risk program. Mary is a graduate from Walsh College with a Master’s degree in Business Information Technology, Information Assurance and holds several certifications including CISSP, CISA and CRISC.
- Myriah V. Jaworski, Esq., CIPP/US, CIPP/EMember, Data Privacy & Cybersecurity, Clark Hill Law
Myriah Jaworski is a Member, Data Privacy and Cybersecurity, at Clark Hill Law. She represents clients in data breach actions, technology disputes, and in the defense of consumer class actions and related regulatory investigations stemming from alleged privacy torts and violations of the TCPA, BIPA, IRPA, and other state and federal privacy laws. Myriah also works with clients to devise and implement privacy and security compliance programs and to evaluate and implement new technologies, including enterprise-wide AI and machine learning tools. She is also been recognized as a Super Lawyer® for her Civil Litigation practice in 2018, 2019, 2020, and 2021.
- Juman Doleh-AlomaryCISO, BorgWarner
Juman Doleh-Alomary is BorgWarner's Chief Information Security Officer and an active volunteer board member of the ISACA Detroit Chapter. With over 15 years of experience in security, audit, investigation, compliance, and privacy policy/standards,
Juman most recently held the position of Director of Cybersecurity GRC at Little Caesar's Enterprises serving the Ilitch holdings portfolio of companies. Her prior positions include Director of IT Audit at Wayne State University and a significant tenure in IT and Risk Management at Ford Motor Company.
A leader within the ISACA community, Juman has held various roles, including past president and, notably, chair of the IIA/ISACA Spring Conference, which achieved a record attendance. She is active volunteer with Michigan Council of Women in Technology (MCWT), Women Security Alliance (WomSA), and on the advisory board of Women in Cyber (WiCyS) Michigan.
An alumnus of the University of Michigan, she holds both a bachelor’s and a master’s degree, complemented by an impressive suite of certifications: CISA, CISM, CRISC, CDPSE, and ISO 27001.
- Ryan MostillerSr. Manager, IT Security, BorgWarner
Ryan Mostiller is a security leader in the Metro Detroit community, currently serving as the Security Operations Manager for BorgWarner. After more than a decade in both technical and management roles in security, Ryan enjoys any opportunity to engage with fellow practitioners and share learnings. Ryan has worked across various industries and within several Fortune 500 companies, most recently in the automotive industry.
Ryan has a Masters in IT Management from Oakland University and bachelors in Information Technology, along with security certifications from GIAC. You may have seen other presentations that Ryan has created and presented at, including SecureWorld, GrrCON, ISC2, and Evanta. Ryan has also developed and teaches an OU Executive MBA course at Oakland University titled "Cybersecurity for Executives."
- Ben SimonSpecial Agent, FBI
- Happy Hour
- Krista ArndtAssociate CISO, St. Luke's University Health Network
Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.
Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.
When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes