- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Thursday, October 8, 20208:00 amExecutive Roundtable [VIP invite only]Discussion topic: NOW What Are You Including in Your Incident Response Plan?Professor and Director, Graduate Program, University of Detroit MercyRegistration Level:
- VIP / Exclusive
8:00 am - 8:45 amThis session is for Advisory Council members only.
The current global threat landscape has shifted dramatically in the past several months due to the COVID-19 pandemic. Security professionals are being tasked with keeping the company’s data safe with an influx of remote workers that we’ve never had to account for. Inevitably something is going to happen. An incident WILL arise. You may have had a great plan in the past, and you probably continuously tested it. But have you tested it now that the IT and InfoSec departments are separated and the employees are everywhere? In either case, it’s time to reevaluate your Incident Response plan to accommodate for this unprecedented shift.
8:30 amExhibitor Hall openRegistration Level:- Open Sessions
8:30 am - 9:00 amLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
9:00 am[Opening Keynote] The Resilient Enterprise: Securing the Virtual WorkforceChief Risk Officer & CISO, PaycorRegistration Level:- Open Sessions
9:00 am - 9:45 amThroughout the course of 2020, organizations have seen a transformational shift in the way that businesses operate. As we adapt to new realities, digital transformation has been accelerated in many areas, including how we protect our information assets. From entirely new threats to exacerbating existing threats, Information Security teams are at the forefront of enabling businesses to operate efficiently and securely in the new virtual-first world. We’ll deep dive into considerations that your organization should be making in technology, process, and policy as you work to secure your virtual workforce.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amPractical Considerations When Verifying Your Vendors' Cybersecurity ControlsSr. Director, Client Security, Equifax CanadaRegistration Level:- Open Sessions
10:00 am - 10:30 amAs businesses grow, it becomes increasingly cheaper, more convenient, and more efficient to rely on third parties to take on certain business functions. However, the security of your organization’s assets is only as strong as the weakest link in your vendor chain.
Embracing the “trust-but-verify” approach, this session offers helpful tips and areas to focus on when validating your vendors’ cybersecurity controls.
Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)
10:00 amA Hitchhiker’s Guide to the 2020 National/Industry/Cloud Exposure Report (NICER)Sr. Director, Chief Security Data Scientist, Rapid7Director of Research, Rapid7Registration Level:- Open Sessions
10:00 am - 10:30 amRapid7 has built upon four years of work measuring the internet for National Exposure Index (NEI) and Industry Cyber Exposure (ICER) reports to create the most comprehensive, modern atlas of internet-facing services to date. This session will provide an overview of the findings, including a comparison of the internet pre- and post-pandemic, along with a guide for how to digest the 150-page deep dive into 24 critical internet protocols and services.
10:00 amCybercrime: What Is the State of Support for Consumer and SMB Victims?CEO & President, Cybercrime Support NetworkDetective First Lieutenant, Commander, Michigan Cyber Command Center (MC3), Michigan State PoliceRegistration Level:- Open Sessions
10:00 am - 10:30 amHow can you support your end users if they are a victim of cybercrime in their personal lives? What kind of resources are available to help SMBs report cybercrime, recover, and reinforce their security? Cybercrime Support Network is the leading public-private partnership serving the victims and coordinating federal, state, and local resources.
Join Kristin Judge and James Ellis of Cybercrime Support Network as we explore the current state of cybercrime reporting and recovery, work being done on common language for cybercrime among law enforcement, and a national pilot to build a reporting and information sharing program to capture threats facing consumers and SMBs.
10:00 am[Panel] Data Threats in the CloudVP, Global Field CISO Team, FortinetSales Engineer, FireMonSolutions Engineer, OktaRegistration Level:- Open Sessions
10:00 am - 10:30 amWe all know that COVID-19 has forced us into the cloud. We had to, to keep the economy and business going. The cloud can be a wonderful tool for organizations to thrive in, but there are many threats and pitfalls that should be addressed. Do you know what services your staff bought? Did anyone review the terms and conditions? How are you handling identity in the cloud? Is a Zero Trust mindset working in the cloud? Our panelists will dive into the threats to be prepared for and some you might not be aware of!
10:30 amNetworking BreakRegistration Level:- Open Sessions
10:30 am - 10:45 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:45 amApproaches to Justifying Cybersecurity Projects and SpendChief Information Security & Privacy Officer, WorkForce SoftwareRegistration Level:- Open Sessions
10:45 am - 11:15 amFeel like you’re not getting enough funding for your security projects or program? Learn to stack the deck in your favor by following four basic rules. Lots of examples will be presented!
10:45 amNavigating Maze: Can You Recover from Ransomware?IT Director & CISO, Maple Reinders GroupRegistration Level:- Open Sessions
10:45 am - 11:15 amOne-fifth of companies have been hit with ransomware, and yet most companies still rely on hoping they won’t be hit rather than addressing shortcomings and following best practices. The industry has said for years that “it is not if, but when you will be breached,” so let’s set some goals and follow some simple steps to at least make ourselves a less desirable target than the companies that are “giving in.” If we agree that protection is not a guarantee, then we must also accept that recovery is CRITICAL and that the work starts now.
Presentation Level:
GENERAL (InfoSec best practices, trends, solutions, etc.)10:45 amBeing Our Own Worst Enemy: Sloppy IT Causing Security IncidentsSr. Manager, IT Security, BorgWarnerRegistration Level:- Open Sessions
10:45 am - 11:15 amIT and the IT Security Team have put in countless controls and tools to protect the enterprise, but are their daily operations and practices causing security incidents? Are the ones with the most privilege the most successful targets in the environment? This topic will shift the focus on the care given to staying safe by the ones who are keeping the environment safe. Don’t be the one who causes the next security incident!
10:45 am[Panel] Remote Workforce: Lessons LearnedSr. Director, Product Management, IvantiDirector of Information Security and Research, AutomoxDirector of Solution Architecture, Perimeter 81Registration Level:- Open Sessions
10:45 am - 11:15 amCompanies had no real choice as we all moved to the “new normal” and a fledgling at home workforce due to the coronavirus outbreak. If you stop and think about it, it was quite the feat—a massive cloud migration the likes of which had never been seen before. Now that things are somewhat settled into a pattern, what are you discovering that should have been done differently? Realizing that a lot of the same things need to be done? How is the network perimeter now? How many devices are suddenly on your networks? IoT devices from the remote workers piggybacking on the home connections? What are the legal challenges now (think reasonable security)? Join us for a panel discussion of security experts.
11:15 amNetworking BreakRegistration Level:- Open Sessions
11:15 am - 11:30 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:30 amThe Changing Landscape of Cybercrime and Its ImpactToronto Police Service, Cybercrime Unit (Ret.); Founder, KONCYBER & RB-Cyber Assurance; RCMP Contractor/InstructorRegistration Level:- Open Sessions
11:30 am - 12:15 pmThe average loss from a bank robbery is about $3,000. The average loss from a successful Business Email Compromise (BEC) attack is nearly $130,000. Numbers like that show why BEC and other cyber crimes are rampant and on the rise—and every type of organization is at risk.
Join Kenrick Bagnall, Detective Constable of Toronto Police Service’s Coordinated Cyber Centre (C3), as he shares true crime examples of emerging cyber threats impacting both Canada and the U.S., as well as some of the challenges that are inherent in this space.Kenrick will share insight into how the Toronto Police Service Cybercrime Unit is evolving to better support the community it serves. He will also discuss industry best practices that can help organizations prepare to face and respond to inevitable predatory cyber threats.
The key audience take away will be how to avoid complacency when it comes to defense against cyber threats and to always have a response plan that is current, robust, tested, and involves law enforcement in the process.
11:30 amDeveloping an Effective Security Awareness ProgramManager of Knowledge Services, Cadre Information SecurityRegistration Level:- Open Sessions
11:30 am - 12:15 pmSecurity Awareness is well known for being the “best bang for the buck” out of all the risk mitigation techniques, but is it really? For Security Awareness to be effective, it must change the behaviors of employees and ideally lead to a mature security culture in your organization. Many programs that do not use adult education techniques and neuroscience fail to achieve behavior change—and can even make things worse. Once employees start to have a negative impression about information security, feel helpless, or begin to consider remediation as punitive, great damage has been done to the security culture and this can be difficult to reverse.
This fun presentation will help you to gain an understanding about effective Security Awareness program creation and implementation, as well as to build buy-in for a mature security culture.
11:30 amDetect Everything: Bringing Google Scale Threat Detection to Your SOCHead of Customer Experience Engineering, ChronicleChief Product Officer, CyCognitoRegistration Level:- Open Sessions
11:30 am - 12:15 pmSkillful threat detection and investigation starts with a diverse hub of security telemetry to draw from. The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place, and perform investigations in seconds. Join this session to learn all about what’s new in Chronicle and see it in action with a live demo.
11:30 am[Panel] No Perimeter: Security in the CloudVP, Infrastructure Strategies, Trend MicroGrowth Technologies Evangelist, Check Point Software TechnologiesCTO, RedSeal NetworksSr. Sales Engineer, Arctic Wolf NetworksProfessional Sales Engineer, Alert LogicRegistration Level:- Open Sessions
11:30 am - 12:15 pmWorldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.
12:15 pmNetworking BreakRegistration Level:- Open Sessions
12:15 pm - 12:30 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:30 pmSecurity for, from, and with Machine Learning and Artificial Intelligence TechnologiesDirector of Information Security, NFIRegistration Level:- Open Sessions
12:30 pm - 1:00 pmAs companies look to increase their operational efficiencies and competitive advantage, many are turning to machine learning (ML) and artificial intelligence (AI) to make better decisions faster. With this shift comes new challenges for businesses and security professionals to ensure these technologies remain effective, safe, unbiased, and ethical. Additionally, as AI and ML become more accessible to the masses, there is a growing risk that these technologies could be leveraged to launch sophisticated attacks. In this presentation, we will explore emerging threats related to AI and ML, as well as how security leaders can utilize these emerging technologies to better defend their organizations and respond to sophisticated attacks.
Presentation Level: MANAGERIAL (security and business leaders)12:30 pmThe Paradigm Shift: HIPAA, PCI-DSS, Home, and WorkExecutive Director, Information Security & Compliance, Indiana University HealthRegistration Level:- Open Sessions
12:30 pm - 1:00 pmMuch of the security training that we have put in place has assumed that the large majority of employees would be working at their desk in an office building. In the space of several weeks, that completely changed. The bulk of healthcare workforces now work from home. This has changed the security paradigm, as many healthcare providers based their security around the office. This requires healthcare providers to change security awareness training to refocus on what can be done given the new environment. This session will cover what your organization needs to address in awareness training for work-from-home staff in healthcare, specifically covering HIPAA, printing, home networks, split tunneling, Payment Card Industry – Data Security Standards (PCI-DSS), phishing, and scams.
12:30 pmHow an XDR Approach Helps Speed Response and Improve MITRE ATT&CK CoverageVP, Strategy, Trend MicroRegistration Level:- Open Sessions
12:30 pm - 1:00 pmXDR is an emerging industry approach that extends EDR’s insight to a broad range of sources (endpoint, servers, network, email; and more). Learn how the XDR approach takes advantage of detailed activity telemetry (not just alerts) from its sources, enabling more meaningful correlation and enabling rapid detection of subtle chains of malicious activity. Higher-fidelity correlated detections mean that alert volumes decrease, enabling faster response. See how network and email telemetry help XDR expand your coverage of MITRE’s ATT&CK frameworks, without resorting to painstaking manual correlation across security toolsets.
12:30 pmCybersecurity in Canada: The Evolution of Legal Trends & How to RespondPartner and Head of Technology, Co-Chair Data Protection, Privacy and Cybersecurity, Norton Rose Fulbright Canada LLPRegistration Level:- Open Sessions
12:30 pm - 1:00 pmAs cybersecurity and privacy laws evolve, there is a growing need to stay abreast of the changing regulations and compliance obligations. This session will provide an overview of recent legal developments in Canada and best practices for addressing these regulatory changes within your organization.
We will explore:- Recent cybersecurity and privacy legal developments in Canada
- Governance-related best practices for responding to these new developments
- Best practices for managing vendors
- Making strategic decisions regarding cyber insurance
Presentation Level:GENERAL (InfoSec best practices, trends, solutions, etc.)
1:00 pmNetworking BreakRegistration Level:- Open Sessions
1:00 pm - 1:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pmWhen Cyberattacks Get PhysicalCISO, Analytics 4 LifeRegistration Level:- Open Sessions
1:15 pm - 1:45 pmAdvancements in technology, especially over the past decade, have resulted in a significant increase in the number of connected devices worldwide. While there are plenty of conversations on cybersecurity of connected devices, they are mainly around data protection and privacy issues. The fact of the matter is, a percentage of these cyberattacks can cause physical harm to humans. Although this issue is important, it does not often get the attention it deserves.
This presentation focuses on a few cyberattack scenarios on connected devices which may pose safety risks for the user/operator, including: medical devices, connected cars, and car wash systems.
1:15 pmHey, Information Security: Be Part of the Digital Transformation or Be Left Behind!Director, Information Security Education & Consulting, Harvard UniversityRegistration Level:- Open Sessions
1:15 pm - 1:45 pm“Digital transformation” (Dx) as a buzzword may be approaching the end of its life, but the fundamental concept—continuously improving the use of technology and data to provide value to customers—is real and critical to the survival of businesses. If information security teams don’t evolve to deliver the same Dx value and benefits to our organizations, then we risk losing our “customers” to intentional circumvention or preference for shadow IT providers. Make sure your information security team provides the core Dx attributes to your organization to cultivate value, loyalty, and trust. Join this session to learn how you can:
• Embed security into your culture, technologies and processes
• Empower innovation and expedite time-to-market through consistent security risk governance
• Assess the impacts, goals and methods of likely cyber attacks and incidents
• Align IT and security professionals with business objectives and risk tolerance
• Prepare now for effective detection and response to reduce business impacts of incidentsPresentation level: MANAGERIAL (security and business leaders)
1:15 pmThe DoD’s Cybersecurity Maturity Model Certification (CMMC) Is Coming – Are You Ready?Treasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation BodyRegistration Level:- Open Sessions
1:15 pm - 1:45 pmSupply chain risks are at the top of everyone’s mind today, and the US Department of Defense (DoD) is no different. That is why the DoD created its Cybersecurity Maturity Model Certification (CMMC). CMMC is a five level, third-party validated maturity certification. CMMC includes both technical and process/procedural requirements. Organizations in the Defense Supply Chain will be required to obtain CMMC certification before contract award. Requests for Proposals (RFPs) containing CMMC requirements are expected in October 2020. This session provides an overview of CMMC and the corresponding industry-led ecosystem that is being created, spearheaded by the CMMC Accreditation Body (CMMC-AB).
Presentation Level: MANAGERIAL (security and business leaders)1:15 pm[Panel] Threat Landscape in Flux: Emerging ThreatsPrincipal Solution Engineer, SentinelOneSr. Technical Product Manager, ArmisChannel Sales Engineer, CybereasonRegistration Level:1:15 pm - 1:45 pmThe attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.
1:45 pmNetworking BreakRegistration Level:- Open Sessions
1:45 pm - 2:00 pmLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pm[Closing Keynote] The New National Cyber Power Index: Which Nations Are Truly the Most Powerful in Cyber?Cyber Fellow, Harvard Kennedy School, Belfer Center for Science and International AffairsRegistration Level:- Open Sessions
2:00 pm - 2:45 pmThink you know which countries are the most powerful in the cyber realm? You may have some surprises coming. Julia Voo and her fellow researchers just published a first-of-its-kind ranking called the National Cyber Power Index (NCPI). The research ranks cyber superpowers on a “whole of country approach,” measuring government strategies, capabilities for defense and offense, resource allocation, the private sector, workforce, and innovation. And its assessment is both a measurement of proven power and potential. Julia will unpack key findings, including areas where the U.S. and Canada are ranked lower than countries like Russia and China. Following this presentation and fireside chat, you may view cyber power in a brand new light.
- Alert LogicBooth:
Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.
- AmeriNetBooth:
AmeriNet is a total solutions provider of networking, business collaboration, storage and security products. Our strength is derived from a combination of technical and engineering experience and product excellence. We partner with industry-leading manufacturers of technology. These partnerships allow us to provide comprehensive solutions in Security, Cloud, LAN/WAN Switching and Routing, Network Management and Diagnostics, Unified Communications, Wireless, and Storage solutions. Together we will deploy the right solutions and technology to ensure the continued success of day-to-day operations and objectives of our customers. For more information, visit https://www.amerinet.com/about-us.
- Arctic Wolf NetworksBooth:
Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.
- Armis, IncBooth:
Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.
- AutomoxBooth:
Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.
- Cincinnati Tri-State ASISBooth:
The Cincinnati Tri-State Chapter and its members are committed to not only their own professional careers, but the security industry as a whole. The chapter promotes networking, education, and friendship with those in the fields of security and law enforcement. Our membership is comprised of professionals that work in different aspects of security and law enforcement.
If you are interested in joining ASIS, the Cincinnati Chapter, or attending a meeting to see what we are all about please contact us to find out more information. We look forward to hearing from you and growing with you professionally!
- Cadre Information SecurityBooth:
Data and network security is a critical element for any business, but it is not enough to win. To win, cybersecurity must be viewed through the prism of business process management, align with capabilities and core competencies of the business and be optimized to minimize or eliminate the friction. For more than 25 years, Cadre Information Security enables operationally obsessed, mid-market companies to lower their costs, gain more control and increase the velocity and impact of the efforts. For more information, visit www.cadre.net
- Check Point Software TechnologiesBooth:
Check Point Software Technologies is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.
- Canadian Cyber Threat Exchange (CCTX)Booth:
The CCTX was created to build a secure Canada where all organizations, both private and public, collaborate to reduce cyber security risks. We do this in two ways.
First, through the CCTX Data Exchange we gather, enrich, analyze and share cyber threat information across business sectors and from other Canadian and international cyber threat sharing hubs. And we provide actionable cyber threat intelligence with a Canadian focus.
Second, our CCTX Collaboration Centre is a unique forum for cyber professionals to solve problems by exchanging best practices, techniques and insights.
- Checkmarx Inc.Booth:
Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.
- Chronicle SecurityBooth:
Cybercrime now affects billions of people globally, and the organizations responsible for protecting critical information and systems need more help to keep up. Cybersecurity needed a moonshot.
Chronicle was born in 2016 as a project within X, Alphabet’s moonshot factory. As an Alphabet company, we bring unique resources and talent to the goal of giving enterprises, and the people within them, the tools to win the fight against cybercrime.
We see a future where enterprise security teams can find and stop cyberattacks before they cause harm. By applying planet-scale computing and analytics to security operations, we provide the tools teams need to secure their networks and their customers’ data. We turn the advantage to the forces of good.
- Cincinnati Networking Professionals AssociationBooth:
Established in 1991, the non-profit Network Professional Association (NPA) is a professional association for computer network professionals. Members adhere to a code-of ethics, demonstrate continual professional development and knowledge, adhere to the latest best practice standards, and strive for continual growth. International awards for professionalism honor individuals for outstanding achievements and meeting the values of professionalism.
The NPA offers a Certified Network Professional CNP credential and provides advocacy for workers in the field. Members receive a certificate of membership, quarterly journal publications, chapters and programs, and opportunities to volunteer and publish.
- CobaltBooth:
Cobalt’s Pentest as a Service (PtaaS) platform is modernizing traditional pentesting. By combining a SaaS platform with an exclusive community of testers, we deliver the real-time insights you need to remediate risk quickly and innovate securely.
- CorelightBooth:
Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com
- Cybercrime Support NetworkBooth:
Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.
- ECTFBooth:
As a result of the amalgamation of advanced technology and the Internet, both the quantity and sophistication of cybercrimes targeting U.S. financial institutions and critical infrastructure have increased. Today, criminal trends show an increased use of phishing emails, account takeovers, malicious software, hacking attacks and network intrusions resulting in significant data breaches. To protect the nation’s financial infrastructure from cyber and financial criminals, the Secret Service has adopted a multipronged approach.
- EC-CouncilBooth:
International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.
- FireMonBooth:
FireMon is the only agile network security policy platform for hybrid cloud enterprises. FireMon delivers persistent network security for multi-cloud environments through a powerful fusion of real-time asset visibility, compliance and automation. Since creating the first-ever network security policy management solution, FireMon has delivered command and control over complex network security infrastructures for more than 1,700 customers located in nearly 70 countries around the world. For more information, visit www.firemon.com.
- FortinetBooth:
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.
- Global Cyber AllianceBooth:
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org
- GigamonBooth: w/ AmeriNet
Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realize the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, nine of the 10 largest mobile network providers, and hundreds of governments and educational organizations worldwide. To learn more, please visit gigamon.com.
- InfraGard CincinnatiBooth:
The mission of the InfraGard Cincinnati Members Alliance is to increase the security of the United States’ national infrastructure through information exchange, education, outreach, and similar efforts. To accomplish our goal, we strive to maintain a close working relationship between federal agencies such as the Federal Bureau of Investigation and the Department of Homeland Security, law enforcement agencies, subject matter experts such as cybersecurity and physical security professionals, industry-specific experts, and numerous other professionals.
- ISACA CincinnatiBooth:
The Greater Cincinnati ISACA® Chapter is a not-for-profit professional association serving the information technology audit, security, and control community. We support the areas of Cincinnati & Dayton, Ohio and Northern Kentucky. The chapter consists of over 450 professionals that represent a cross-section of the public, private, and not-for-profit business sectors at all levels within those industries.
Purpose: To promote the education of individuals for the improvement and development of their capabilities relating to the auditing of and/or management consulting in the field of Information Technology audit and control.
- ISACA TorontoBooth:
The ISACA Toronto Chapter, with 2800 plus members, is the largest chapter in Canada and the 5th largest in the world. As of 2017, it will have existed in the Toronto information systems audit, control and governance community for 40 years, and is one of the most active ISACA chapters serving IT Governance, Risk, Audit, and Security professionals.
The aim of the Chapter is to sponsor local educational seminars and workshops, conducts regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the Greater Toronto Area.
ISACA (previously the Information Systems Audit and Control Association) is a worldwide association of IS governance professionals. The association currently focuses on assurance, security, and governance and provides globally recognized certification in assurance (Certified Information Systems Auditor), security (Certified Information Security Manager), and governance (Certified in the Governance of Enterprise IT).
- ISC2 Cincinnati Tri-State ChapterBooth:
Follow us on Twitter: https://twitter.com/Cinci_Tri_ISC2
- ISC2 TorontoBooth:
Founded in 2013, the ISC2 Toronto Chapter is an official chapter of ISC2. Based in Toronto, our purpose is to provide educational opportunities for management, operational and technical aspects of the information security field, and to support the mission of ISC2.
- ISSA Greater Cincinnati ChapterBooth:
The Greater Cincinnati Information Systems Security Association is a non-profit group dedicated to providing educational and networking opportunities to promote the exchange of ideas, knowledge, and member’s growth within the information security profession. The Greater Cincinnati Chapter will host monthly meetings with a variety of security professionals. Please check our events page for further information on upcoming events.
- IvantiBooth:
Ivanti Supply Chain helps organizations leverage modern technology in the warehouse and across the supply chain to improve delivery without modifying backend systems. The company also unifies IT and Security Operations to better manage and secure the digital workplace. From PCs to mobile devices, VDI and the data center, Ivanti discovers IT assets on-premises and in the cloud, improves IT service delivery, and reduces risk with insights and automation. Ivanti is headquartered in Salt Lake City, Utah and has offices all over the world.
- Leading Cyber Ladies – Toronto ChapterBooth:
Leading Cyber Ladies is a global non-profit organization who focuses on bringing more women into the cyber field through educational cybersecurity sessions, mentorship, speaking opportunities, networking and career opportunities through close partnership with the business sector and other groups in the cybersecurity community.
While we are focusing on educating women, we are welcoming everyone, all genders and identities! Here we support each other in a friendly and encouraging environment. We are proud to partner with many sponsor companies across Toronto to bring our events to the community free of charge. Join our Meetup group for details on upcoming events!
We are proud to partner with many sponsor companies across Toronto to bring our events to the community free of charge. Join our Meetup group for details on upcoming events!
Learn more about LCL here: https://leadingcyberladies.com
- MalwarebytesBooth:
Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise endpoint orchestration across siloed IT and Security organizations, simplifying security management and making responses effective. Malwarebytes makes endpoints resilient so workplaces can protect and remediate, and employees can regain control of their digital lives. Visit us at www.malwarebytes.com/business.
- OktaBooth:
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- OWASP CincinnatiBooth:
OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas.
The Cincinnati chapter leads are Andy Willingham and Allison Shubert. Chapter meetings are free and open to anyone interested in information security, risk management, data protection and application security.
- OWASP TorontoBooth:
The Toronto area chapter of The Open Web Application Security Project. Our core purpose: Be the thriving global community that drives visibility and evolution in the safety and security of the world’s software.
- Perimeter 81Booth:
Perimeter 81 is an Israeli cloud and network security company that develops secure remote networks, based on the zero trust architecture, for organizations. Its technology replaces legacy security appliances like VPNs and firewalls.
- Rapid7Booth:
Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.
- RSA a Dell Technologies CompanyBooth:
RSA Business-Driven Security™ solutions provide organizations with a unified approach to managing digital risk that hinges on integrated visibility, automated insights and coordinated actions. With solutions for rapid detection and response, user access control, consumer fraud protection, and integrated risk management, RSA customers can thrive and continuously adapt to transformational change.
- SonatypeBooth:
Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally
- TASKBooth:
Toronto’s Security User Group TASK (Toronto Area Security Klatch) provides a forum for experts to encourage discussion and share expertise in understanding the latest trends and security threats facing computer networks, systems and data.
Our membership includes Information Security practitioners, managers, network administrators, students, and anyone who is interested in learning more about securing information.
We meet to discuss issues that we all share in common, including:
- New technologies and products that impact information security
- Emerging threats, and the vulnerabilities being exploited
- Managing security
- New laws and regulations
- TechTargetBooth:
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- The CircuitBooth:
Our goal is to deliver education and informational programs; enable members to connect and foster collaboration between IT solution and service providers, corporate IT departments, the individuals within these organizations and the businesses that support them.
- ThreatConnectBooth:
Designed by analysts but built for the team, ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. To learn more about our TIP and SOAR solutions, visit www.ThreatConnect.com.
- Trend MicroBooth:
Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.
- Women in CyberSecurity (WiCyS)Booth:
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Women Who Code TorontoBooth:
Our mission is to inspire women to excel in technology careers. We envision a world where women are proportionally represented as technical leaders, executives, founders, VCs, board members, and software engineers.
- Daniel ShoemakerProfessor and Director, Graduate Program, University of Detroit Mercy
Daniel P. Shoemaker, PhD, is a Full Professor and Director of the Graduate Program in Cybersecurity at the University of Detroit Mercy, where he has worked for over 35 years. He has retired from his administrative position as Department Chair, PI for the NSA Center and Subject Matter Expert for DHS and NIST. He is enjoying more time with his students and writing. He has published over 200 cybersecurity papers and articles as well as this list of books:
• Cybersecurity “The Essential Body of Knowledge”
• “The CSSLP Certification All-in-One Exam Guide”
• Cybersecurity “Engineering a More Secure Software Organization”
• “A Guide to the National Initiative for Cybersecurity Education (NICE) Framework: The Complete Guide to Cybersecurity Risk & Controls in Cyber Security”
• ”Implementing Cybersecurity: A Guide to the NIST Risk Management Framework”,
• “Supply Chain Risk Management: Applying Secure Acquisition Principles to Ensure a Trusted Product”
• “How to Build A Cyber Resilient Organization”
• “The Complete Guide to Cybersecurity Risks and Controls”
• Information Assurance for the Enterprise: A Roadmap to Information Security”
• “The Cybersecurity Body of Knowledge”
• “The ACM/IEEE/AIS/IFIP Recommendations for a Complete Curriculum in Cybersecurity” - Adam LeisringChief Risk Officer & CISO, Paycor
Adam is the Chief Information Security Officer for Paycor, one of the largest independently held Human Capital Management companies in America. He oversees Information Security for Paycor’s 1,400 associates, as well as Paycor’s 30,000 clients of their award-winning SaaS product. In past positions, he has served in leadership roles including Technical Services and Operations, Enterprise Architecture, and Software Engineering. Adam holds CISSP and CISM certifications, as well as a Master’s Certificate in Corporate Information Security. Adam is a volunteer in ISC(2)'s Safe and Secure Online program, which spreads security awareness to children at local schools. He also plays jazz trumpet in non-profit “Jump and Jive” big band in Cincinnati, donating proceeds to area schools for music education.
- Arif HameedSr. Director, Client Security, Equifax Canada
Arif Hameed is Senior Director at Equifax, where he leads a team that handles client cybersecurity due diligence activities including questionnaires, audits, remediation support, security schedules, etc. Prior to his role at Equifax, he worked at two of the largest banks in Canada in Security Advisory, IT Risk, Third Party Cyber Risk, and IT Audit.
- Bob RudisSr. Director, Chief Security Data Scientist, Rapid7
Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is currently [Master] Chief Data Scientist at Rapid7, where he specializes in research on internet-scale exposure. He was formerly a Security Data Scientist & Managing Principal at Verizon, overseeing the team that produces the annual Data Breach Investigations Report. Bob is a serial tweeter (@hrbrmstr), avid blogger (rud.is), R (#rstats) avunculur, author (Data-Driven Security), speaker, and regular contributor to the open source community.
- Tod BeardsleyDirector of Research, Rapid7
Tod Beardsley is the director of research at Rapid7. He has over 20 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and IT Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the myriad security research programs and initiatives at Rapid7. He can be uniquely identified at https://keybase.io/todb.
- Moderator: Kristin JudgeCEO & President, Cybercrime Support Network
Kristin Judge founded the nonprofit Cybercrime Support Network in 2017 to be a voice for cybercrime victims. She's a national speaker, sharing cybersecurity best practices with elected officials, businesses, and consumers. She's appeared on the C-SPAN Network and local news outlets, and been called on by numerous technology publications, to share advice for online safety. Previously at MS-ISAC and National Cyber Security Alliance, she worked as a "technology interpreter" helping nontechnical people become more secure. Kristin was an SC Media "Women in IT Security Influencer" in 2017, and authored the LinkedIn course, "Cybersecurity for Small and Medium Businesses: Essential Training."
- James EllisDetective First Lieutenant, Commander, Michigan Cyber Command Center (MC3), Michigan State Police
Detective First Lieutenant Jim Ellis is the commander of the Michigan State Police Cyber Section within the Intelligence Operations Division. He leads a cyber team of 56 MSP members located at 7 offices throughout Michigan. He has oversight over the Michigan Cyber Command Center (MC3), Computer Crimes Unit (CCU), and the Michigan region of the Internet Crimes Against Children Task Force (ICAC) that consists of an additional 55 affiliate law enforcement agency members throughout Michigan.
MSP Cyber specializes in high tech criminal investigations of all types, complex network intrusions, forensic data recovery, in addition to proactive cyber investigations involving the online exploitation of children. MSP Cyber is also heavily involved in evidential forensic data recovery services, public awareness, and law enforcement outreach, education, and training opportunities.
He is currently active on the board of directors with the Michigan Healthcare Cybersecurity Council, the Cybercrime Support Network, including being a member of the Michigan Governors Cybersecurity Advisory Council in addition to participating with many other cybersecurity related organizations and groups throughout Michigan and the US. D/F/Lt. Ellis is a 25-year member of the MSP and earned his Bachelor of Science degree and holds multiple cyber security industry certifications in addition to a Certified Information Systems Security Professional (CISSP).
- Michael Muha, PhD, CISSP, CISM, CIPM, Certified GDPR PractitionerChief Information Security & Privacy Officer, WorkForce Software
Mike drove the global expansion of WorkForce Software’s cloud-based workforce management products from one data center to eight across the US, Europe, Canada, and Australia, and directed all compliance efforts (starting with SAS 70 and moving onto SOC 1, ISAE 3402, SOC 2, ISO 27001 certification, and EU-US Privacy Shield certification). Having led the company’s GDPR journey, he’s currently implementing a “Personal Information Management System” and additional global security controls to protect company and customer data.
- Kevin DreyerIT Director & CISO, Maple Reinders Group
Kevin Dreyer is an IT Director and CISO with over 25 years of industry experience for a General Contractor securing a national network and its 400 users across a hybrid cloud infrastructure. He fell in love with computers at age 12 when a cousin introduced him to programming, and has never looked back. Having dropped out of college due to the lures of the darker side of computer security, he has spent his adult life working on the defensive side while finishing a college diploma and working on certifications from IBM, Cisco, Novell, Microsoft, Mile2, and finally CISSP about two years ago.
- Ryan MostillerSr. Manager, IT Security, BorgWarner
Ryan Mostiller is a security leader in the Metro Detroit community, currently serving as the Security Operations Manager for BorgWarner. After more than a decade in both technical and management roles in security, Ryan enjoys any opportunity to engage with fellow practitioners and share learnings. Ryan has worked across various industries and within several Fortune 500 companies, most recently in the automotive industry.
Ryan has a Masters in IT Management from Oakland University and bachelors in Information Technology, along with security certifications from GIAC. You may have seen other presentations that Ryan has created and presented at, including SecureWorld, GrrCON, ISC2, and Evanta. Ryan has also developed and teaches an OU Executive MBA course at Oakland University titled "Cybersecurity for Executives."
- Chris GoettlSr. Director, Product Management, Ivanti
Chris Goettl is the Director of Product Management for security products at Ivanti. Chris has over 15 years of experience working in IT, where he supports and implements security solutions for Ivanti customers and guides the security strategy and vision for Ivanti security products. He is also a security evangelist speaking at security events globally where he gives guidance around modern cyber threats and how to combat them effectively. Chris hosts a monthly webinar focusing on Patch Tuesday and security vulnerabilities, and frequently blogs about security topics. You can find contributed articles as well as commentary from Chris in notable security news sources like SC Magazine, Redmond Magazine, ComputerWorld, ThreatPost, Help Net Security, and more.
- Christopher HassDirector of Information Security and Research, Automox
Chris Hass is an extremely driven and proven information security professional with extensive experience in Malware Reverse Engineering, Threat Intelligence, and Offensive Security Operations. In his current role, Chris serves as Director of Information Security and Research at Automox. In addition to being a former cybersecurity analyst for the NSA, he also served as a principal research engineer at LogRhythm and helped fight off malware authors using AI/ML at Cylance. His unique experience makes him adept at understanding today's current threat landscape, and works passionately to secure Automox and its customers from today's cyber attacks.
- Sivan TehilaDirector of Solution Architecture, Perimeter 81
Sivan Tehila is the Director of Solution Architecture at Perimeter 81, a leading Secure Access Service Edge (SASE) provider, and a cybersecurity expert with over 14 years of industry experience. Sivan served in the IDF as an Intelligence Officer and then in various field positions, including Information Security Officer, CISO of the Research and Analysis Division, and Head of the Information Security Department of the Intelligence Corps. After being honorably discharged as Captain, Sivan joined the Israeli defense technology company, RAFAEL, as an Information Security Officer and worked as a cybersecurity consultant for the Israel Railways. For the past two years, Sivan has dedicated herself to promoting women in cybersecurity and founded the Cyber Ladies community in NYC. She is also an Adjunct Professor of Cybersecurity at Yeshiva University.
- Kenrick BagnallToronto Police Service, Cybercrime Unit (Ret.); Founder, KONCYBER & RB-Cyber Assurance; RCMP Contractor/Instructor
Kenrick Bagnall has 17 years of law enforcement experience, the last eight of which were in the Coordinated Cyber Centre (C3) as a Cybercrime Investigator. Prior to law enforcement, he spent two decades working in the Information Technology industry primarily in the financial services sector. During this time, he spent twelve years in Bermuda where he was a Senior Network Analyst for the Bank of Butterfield, then an IT Manager for FLAG Telecom and then Senior Vice President of Information Technology for CAPITAL G Bank (now Clarien Bank) before returning to Canada in 2005. Kenrick is also a cybersecurity instructor, writer, and host of the KONCYBER podcast.
- Tim O'ConnorManager of Knowledge Services, Cadre Information Security
Tim O’Connor works for Cadre Information Security as the lead of knowledge services and vCISO team member. He is a professional public speaker, has been working in IT for 20+ years and holds a number of certifications including PCI-QSA, CISA, CISSP, CTT+, MCSE, CISSO, CWNE, Security+ and CISSM. Tim has authored over a dozen books, has written for a number of publications and is certified as a commercial rotorcraft pilot and flight instructor. His principle hobbies include antique motorcycles, astrophotography, mentalism, and doing science outreach.
- Ansh PatnaikChief Product Officer, CyCognito
Ansh Patnaik, Chief Product Officer, has over 20 years of cross functional experience in cybersecurity and data analytics. Most recently, Ansh was Director, Cloud Security Products for Google Cloud Platform, and Chief Product Officer for Chronicle, prior to the acquisition of Chronicle by Google. Previously, he was VP of Product Management at Oracle Cloud where he defined and launched their security analytics cloud service offering. Ansh has held product management, product marketing and sales engineering leadership roles at several market leading software companies including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec).
- William J. Malik, CISAVP, Infrastructure Strategies, Trend Micro
William Malik helps clients structure their IT environments to minimize the loss, alternation, or inadvertent exposure of sensitive information. His information technology career spans over four decades. Prior to Trend Micro, he worked at Gartner for twelve years where he led the information security strategies service and the application integration and middleware strategies service. Before Gartner, William was CTO of Waveset, an identity management vendor. He also co-authored the Cobit version 3 standard. In addition, he spent 12 years at IBM, where he worked in MVS development, testing, and business planning. William is a Certified Information Systems Auditor (CISA).
- Grant AsplundGrowth Technologies Evangelist, Check Point Software Technologies
For more than 20 years, Grant Asplund has been sharing his insights on how businesses can best protect themselves from sophisticated cyber-attacks in an increasingly complex world. As Check Point’s chief evangelist, he travels the world enthralling audiences with his passionate and relational storytelling at conferences like RSA and Next100 CIOs and numerous media interviews. Grant’s wide range of cyber security experience informs his talks, having served in diverse roles ranging from sales, marketing, business development, and senior management for Dome 9, Blue Coat Systems, Neustar, and Altor Networks. As CEO of MetaInfo, he led its acquisition by Neustar. Grant is the host of the CISO Secrets podcast (cp.buzzsprout.com) and the Talking Cloud Podcast (www.talkingcloudpodcast.com) on Cloud security.
- Mike LloydCTO, RedSeal Networks
Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.
Dr. Mike Lloyd holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.
- Joshua CloudDirector of Information Security, NFI
Joshua Cloud is currently serving as the director of information security for NFI. He has over 20 years of infrastructure and security leadership experience spanning professional services, manufacturing, retail, and logistics industries in countries all over the world. Cloud is a transformational security leader with a business focus who evangelizes the value of pragmatic cyber risk management and executive alignment. He currently leads a team of security professionals at the new NFI headquarters on the Camden, NJ, waterfront.
- Mitchell ParkerExecutive Director, Information Security & Compliance, Indiana University Health
- Eric SkinnerVP, Strategy, Trend Micro
Eric Skinner is VP of Market Strategy at Trend Micro, helping shape Trend’s solution offerings, growth plans and go-to-market approach. Previously at Trend Micro, Eric has been responsible for global product marketing. Prior to Trend Micro, Eric held senior management positions in a health care mobile startup and at digital identity solutions provider Entrust (where he was CTO and VP Product Management). Eric’s experience covers advanced threat detection, endpoint and mobile security, detection & response approaches, machine learning as applied to cyber-security, and identity / authentication technologies. Eric is based in Ottawa, Canada.
- Imran AhmadPartner and Head of Technology, Co-Chair Data Protection, Privacy and Cybersecurity, Norton Rose Fulbright Canada LLP
Imran Ahmad is the Canadian head of our technology sector and Canadian co-head of our information governance, privacy and cybersecurity practice. He is based in our Toronto and Montreal offices and is recognized as a leading cybersecurity lawyer by several legal directories.
Imran advises clients across all industries on a wide array of technology-related matters, including outsourcing, cloud computing, SaaS, strategic alliances, technology development, system procurement and implementation, technology licensing and transfer, distribution, open source software, and electronic commerce.
As part of his cybersecurity practice, Imran works very closely with clients to develop and implement practical strategies related to cyber threats and data breaches. He advises on legal risk assessments, compliance, due diligence and risk allocation advice, security, and data breach incident preparedness and response.
In addition, Imran often acts as "breach counsel" in the event of a cybersecurity incident, such as a data or privacy breach, and has extensive experience in managing complex security incidents and cross-border breaches. He also provides representation in the event of an investigation, an enforcement action or a litigation.
Imran is the author of Canada's first legal incident preparation and response handbook titled Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management (LexisNexis, August 2017). Imran is the author of Canada's first legal incident preparation and response handbook titled Cybersecurity in Canada: A Guide to Best Practices, Planning, and Management (2nd Edition) (LexisNexis, March 2021).
In his privacy law practice, he advises clients on compliance with all Canadian federal and provincial privacy and data management laws. He has a particular focus on cross-border data transfer issues and enterprise-wide governance programs related to privacy and information governance. Imran is the former chair of the Privacy and Access to Information Section of the Ontario Bar Association.
Imran is an adjunct professor at the University of Toronto's Faculty of Law, where he teaches cybersecurity and privacy law.
- Adel DaneshCISO, Analytics 4 Life
Adel Danesh has over 20 years of experience in IT and information security. Over the course of his professional career, he has been holding information security leadership roles in various organizations and spearheaded mission critical security and infrastructure projects. In his current job, Adel is a CISO at Analytics For Life, a medical research firm that is developing an innovative medical device for diagnosis of cardiovascular diseases. He is leading the information security program which is aimed at implementing cybersecurity best practices in the design and operation of the medical device as well as protecting the organization against cyberattacks . Adel is the first elected president of (ISC)2 Toronto Chapter. The chapter has grown exponentially since it’s inception in 2012 and now has over 1500 members. Adel also has written articles that are published in a renowned information security magazine.
- Sandy SilkDirector, Information Security Education & Consulting, Harvard University
Sandy Silk is the Director of Information Security Education and Consulting at Harvard University, Founder of Cyber Risk and Resilience Consulting, and a member of the Board of Advisors for the MS in Information Security Leadership at Brandeis University. She excels at bringing together executive leaders, business teams, and IT professionals to align cyber risk management with strategic priorities and culture, risk tolerance levels, and positive customer experience. Sandy is also involved in several WIT organizations and programs. Her prior information security career included positions with Fidelity Investments, Bose Corporation, and Wellington Management Company.
- James GoepelTreasurer and Member, Board of Directors, Cybersecurity Maturity Model Certification (CMMC) Accreditation Body
James Goepel is Treasurer and Member, Board of Directors for the CMMC-AB. He is also an adjunct professor of Cybersecurity at Drexel University and CEO of Fathom Cyber, a trusted agent for senior management and developer of defensible cybersecurity strategies. Jim earned his BSECE from Drexel and his JD and LLM degrees from George Mason University. He worked in the IT and security industries for nearly two decades, including as a Network Administrator for the US House of Representatives and as a lawyer and technologist for a wide range of cybersecurity companies, including system developers, research institutions, and software vendors.
- Shane HarschPrincipal Solution Engineer, SentinelOne
Shane Harsch is a Principal Solution Engineer at SentinelOne, a SANS Instructor, and an Adjunct Instructor at the University of Michigan with more than 25 years of experience in military, manufacturing, consulting, and professional services. He is a commissioned officer in the U.S. Army (MI), holds degrees in business (MBA) and computational linguistics (BA), and maintains the following certifications: GCIA, GCIH, GCED, CISSP, CTIA.
- Adam GatesChannel Sales Engineer, Cybereason
With over 25 years of experience in technology, Adam Gates serves as a technical member of Cybereason Sales Engineering Team providing support for customers and partners in North America. Prior to Cybereason, Adam has held various senior system engineering positions and consulting roles at Dell, Microsoft, IBM, Atos, Malwarebytes, and Mimecast. Adam lives in Dallas, TX, with his teenage son and squirrel obsessed Golden Retriever who has 28 dog years in perimeter security experience.
- Julia VooCyber Fellow, Harvard Kennedy School, Belfer Center for Science and International Affairs
Julia Voo is a Cyber Fellow and leads the team behind Belfer's National Cyber Power Index. She was formerly the Research Director for the China Cyber Policy Initiative.
Her areas of research concern geotech strategy including the Digital Silk Road, industrial policy, and technical standards for strategic technologies.
Voo has research affiliations with the Future of Humanity Institute (Oxford), the Hague Program for Cyber Norms (Leiden) and the China-Africa Research Initiative (Johns Hopkins).
A 2019 graduate of Harvard Kennedy School's mid-career Master in Public Administration program, Julia served earlier at the British Embassy in Beijing where she covered China's cyber and artificial intelligence policy from a commercial perspective, technical standards, and other trade policy issues. She lived in Beijing for seven years with stints at the EU Delegation to China, Carnegie-Tsinghua Centre for Global Policy, and she has spent time at the UK's Cabinet Office.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes