- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, June 12, 20248:30 amExhibitor Hall openRegistration Level:
- Open Sessions
8:30 am - 3:00 pmLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
9:00 amLeading with Empathy and Grace: Secrets to Developing High-Performing TeamsCISO, TrinseoRegistration Level:- Open Sessions
9:00 am - 9:45 amSession description to come.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amInsider Threat Actors & Artificial IntelligenceSr. Director, Cyber Security, Acumatica, Inc.Registration Level:- Open Sessions
10:00 am - 10:45 amThreat methods and controls utilized for the corporate workforce that now expands beyond the office building and into remote locations is not as comprehensive and effective for those who are typically in the office. The intent of employees may not be malicious but rather inherent to poor practices; however, there are those who happen to begin unintentional but gradually become the intentional insider threat.
This presentation is designed to help individuals identify how seemingly “innocent” activity can make them an insider threat, and how to identify behavioral elements utilizing a number of security solutions. Through live demonstrations, we will show how “everyday activities” can result in higher risk to the company.
Objectives:
- Learn the methodologies utilized by individuals within the organization that would be considered insider threat activity.
- Learn how to identify system and user-based behavioral indicators.
- Learn which existing or enhanced security layer can provide insider threat profile data.
Take-Aways:
- How to identify business processes which can contribute to intentional or unintentional insider threats.
- Enhance procedures required to identify insider threat exposures.
- Enhance awareness training to include additional methods of insider threat.
- Enhance existing physical and digital security layers to better identify specific insider threat activity.
10:00 amThe Scams Affecting Your End-UsersDirector & Helpline Manager, The Cyber HelplineRegistration Level:- Open Sessions
10:00 am - 10:45 amSession description to come.
10:00 amIt's Never Too Early to Start Planning for Cybersecurity Awareness MonthSr. Information Security Analyst, LPL FinancialRegistration Level:- Open Sessions
10:00 am - 10:45 amCybersecurity Awareness Month occurs every October, but it’s never too early to start thinking about ways you can offer fun, valuable events for employees. Join this session to learn more about ways you can make this year’s cybersecurity awareness month the best one yet!
10:45 amNetworking BreakRegistration Level:- Open Sessions
10:45 am - 11:00 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:00 amA Path to Cyber Maturity Using CIS ControlsCISO, Dorf Nelson & Zauderer LLPExecutive Vice President & General Manager, Center for Internet SecurityRegistration Level:- Open Sessions
11:00 am - 11:45 amThis presentation, led by Curtis Dukes and Chirag Arora, focuses on the strategic implementation and benefits of the CIS Controls framework and enterprise security controls. It outlines the importance of cybersecurity maturity through structured assessments and the use of CIS Controls to enhance organizational security posture. Key topics include the integration of the CIS Controls ecosystem, the role of gap analysis in developing security maturity roadmaps, and the utility of the CIS Controls Self-Assessment Tool (CSAT) for continuous improvement. Additionally, the presentation emphasizes how enterprise security controls, aligned with industry standards, can identify, assess, and mitigate security risks, enhancing overall risk management. The deck also highlights real-world applications and the incentivization of best practices to achieve robust cyber defense mechanisms.
11:00 amThreat Modeling 101: Star Wars EditionSr. Security Software Engineer, MicrosoftRegistration Level:- Open Sessions
11:00 am - 11:45 am“Help me, Obi-Wan Kenobi. You’re my only hope.” Using threat models is like getting the blueprint for the Death Star. They allow you to plan for potential scenarios or ambush attacks from stormtroopers with impossibly bad aim. Understanding the possible risks ensures your entire team will make it out of the garbage compactor and back to the Millennium Falcon.
These ARE the droids you’re looking for….
Fellow Rebels will gain an understanding of how to threat model, the risks and rewards, resources, and a demonstration of how to utilize threat modeling using the Death Star as a source!
11:00 am[Panel] Achieving Continuous Compliance: How to Make IT Work for Your OrganizationvCISO, Cyber Risk Opportunities LLCSenior Counsel, Constangy, Brooks, Smith & PropheteProduct Evangelist, AutomoxResearch Security Officer, Massachusetts Institute of TechnologyRegistration Level:- Open Sessions
11:00 am - 11:45 amSession description to come.
11:45 amNetworking BreakRegistration Level:- Open Sessions
11:45 am - 12:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pmPig Butchering, BEC, and Artificial Intelligence: What the Secret Service Wants You to KnowFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret ServiceRegistration Level:- Open Sessions
12:00 pm - 12:45 pmSession description to come.
12:00 pmUnpacking Third-Party Risk Management EssentialsSecurity GRC Lead, PlaidRegistration Level:- Open Sessions
12:00 pm - 12:45 pmThird-Party Risk Management (TPRM) is an essential component of contemporary business operations, pivotal in managing security risks associated with vendors and partners. However, the complexity of TPRM can be daunting due to the diverse nature of risks and the need for cross-functional collaboration, including the rise in supply chain attacks. This presentation proposes a multifaceted approach to simplify TPRM, thereby boosting return on investment and enhancing security postures. We will also discuss some recent supply chain attacks and strategies to reduce such risks.
12:00 pmWhat Should Security at a Cloud Company Look Like?Deputy CISO, Guidewire SoftwareRegistration Level:- Open Sessions
12:00 pm - 12:45 pmThe evolution and set up of a security function has been traditionally defined by the software development lifecycle or well known maturity models. There are various security frameworks and industry standards that can be referenced to understand how an organization performs its security functions, however, they are seldom described from the perspective of a customer. Transparency into the cloud provider’s security functions builds customer trust, and understanding those functions helps customers to effectively perform their functions as defined in the provider’s shared responsibility model. In this session, learn how a cloud provider should describe its security functions so they are easily understood and related to by their customers.
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:00 pmSEC Disclosure Update: What You Really Need to Know Now!VP, Litigation and Enforcement, Woodruff SawyerRegistration Level:- Open Sessions
1:00 pm - 1:45 pmSession description to come.
1:00 pmGuardians of the Ballot Box: Cybersecurity in ElectionsCybersecurity and Compliance Engineer, May MobilityRegistration Level:- Open Sessions
1:00 pm - 1:45 pmIn this presentation, we address the critical challenge of defending electoral processes against targeted campaigns, elections and social engineering tactics. As elections increasingly become targets for cyber interference, safeguarding against these threats is paramount. We examine how campaigns and elections are targeted by malicious actors, aiming to disrupt democratic practices and sway voter sentiment.
Through case studies and real-world examples, we illustrate the impact of social engineering on constituents, highlighting how misinformation and manipulation tactics can influence voter behavior and swing election outcomes. We also discuss strategies to prevent and mitigate these threats, including robust cybersecurity measures, public awareness campaigns, and enhanced education on recognizing and combating social engineering tactics.
By understanding the tactics used by malicious actors and implementing proactive defenses, we can better protect the integrity of electoral processes and ensure that voters are empowered to make informed decisions. Join us as we explore practical steps to defend against targeted campaigns and safeguard the democratic process.
1:00 pmThreat Briefing: Newest Observed TTPs in the WildSr. Threat Researcher, SplunkSr. Principal Threat Researcher, SplunkRegistration Level:- Open Sessions
1:00 pm - 1:45 pmOngoing geopolitical conflicts continue to give rise to new variants of malicious payloads and new Tactics and Techniques have been observed.
To help SOC teams defend against these threats, the Splunk Threat Research Team will showcase the entire exploitation sequence starting from the execution of the latest remote access trojans (RATs), to destructive payloads and post-exploitation techniques.
Join this session to learn more about:
- Current geopolitical threats and related campaigns
- Remote access trojan IOCs and related Splunk detections
- The latest post-exploitation techniques and related security content to enhance your defenses
- Best practices for operationalizing the new TTP Detections into your SOC
1:45 pmNetworking BreakRegistration Level:- Open Sessions
1:45 pm - 2:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pmCyber Intel BriefingCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)Registration Level:- Open Sessions
2:00 pm - 2:45 pmSession description to come.
2:00 pm[Panel] Investigating Digital Executive ProtectionFirst Female White House CIO, CEO of Fortalice Solutions, and 2019 Woman Cybersecurity Leader of the YearAssociate Director, Digital Intelligence, Fortalice Solutions, LLCPartner & Chief Strategy Officer, Fortalice Solutions, LLCRegistration Level:- Open Sessions
2:00 pm - 2:45 pmSession description to come.
- AutomoxBooth:
Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.
- Google CloudBooth:
Google Cloud Security provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.
- SplunkBooth:
Splunk helps build a safer and more resilient digital world. Organizations trust Splunk to prevent security, infrastructure and application incidents from becoming major issues, absorb shocks from digital disruptions and accelerate digital transformation.
- Tammy KlotzCISO, Trinseo
Tammy Klotz is a vibrant and accomplished executive with over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. She offers keen expertise in navigating mergers, acquisitions, and divestitures within both publicly-traded and privately-held companies and is seasoned in security, risk, and compliance leadership. Tammy brings a dynamic and positive approach to problem solving, excelling in simplifying intricate IT and cybersecurity concepts and facilitating pragmatic, non-technical dialogues that resonate with business executives. She is recognized as a strong, knowledgeable, thoughtful security executive who excels in public speaking and thought leadership, striving to empower others through knowledge sharing.
- Mike MuscatellSr. Director, Cyber Security, Acumatica, Inc.
Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.
- Charlotte HooperDirector & Helpline Manager, The Cyber Helpline
Charlotte is the Helpline Manager at The Cyber Helpline and has supported thousands of victims of cybercrime and online harm, specializing in cyberstalking and technology-facilitated intimate partner violence. On top of her role at The Cyber Helpline, Charlotte has a first-class degree in Policing and Criminal Justice and a masters degree in Cybercrime Investigation. Charlotte delivers cybercrime related training sessions around the world for police forces, victim support charities and private organizations. Her areas of expertise include: Cybercrime investigations, cybercrime law enforcement & regulation, open-source intelligence, cyberstalking & online harassment, the cybercrime & online harm threat landscape and the impact of cybercrime on victims.
For more, read our interview with Charlotte here: https://www.secureworld.io/industry-news/what-is-the-cyber-helpline
- Michael TerrySr. Information Security Analyst, LPL Financial
- Chirag AroraCISO, Dorf Nelson & Zauderer LLP
Chirag Arora, an esteemed Cyber Security Executive Advisor and CISO at Dorf Nelson & Zauderer LLP in New York, is widely acclaimed for his outstanding contributions to the cybersecurity domain. With a distinguished career spanning more than 15 years, Mr. Arora has garnered numerous awards and accolades for his exemplary leadership and expertise in fortifying cybersecurity programs for global enterprises. His profound knowledge and research focus on Cyber Governance have positioned him as a trailblazer in the industry. Chirag's extensive experience includes conducting security gap assessments based on CIS Critical Controls, NIST CSF 2.0, and ISO 27001 frameworks, further solidifying his reputation as a cybersecurity thought leader. With an unwavering commitment to excellence, Chirag Arora continues to spearhead innovations and advancements in cybersecurity practices, ensuring the resilience and security of organizations worldwide.
- Curtis DukesExecutive Vice President & General Manager, Center for Internet Security
- Audrey LongSr. Security Software Engineer, Microsoft
Audrey Long is a Senior Security Software Engineer at Microsoft. She is passionate about making security accessible both to software engineers and as a career for girls in STEM. She holds DoD secret clearance and a Master of Science degree in Cyber Security from Johns Hopkins University.
- Kip BoylevCISO, Cyber Risk Opportunities LLC
Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.
- Allison K. Prout, Esq.Senior Counsel, Constangy, Brooks, Smith & Prophete
Allison Prout is Senior Counsel at Constangy, where she represents clients, including SaaS providers, data aggregators, and healthcare-covered entities, in complex technology transactions with a specialized focus on data privacy and security contractual requirements. She develops and implements contracting procedures for clients, including international businesses that span multiple legal jurisdictions. With business goals in mind, Allison also works with clients to develop data security and privacy programs to address compliance with data protection regulations, including the GDPR, CCPA, and other state, federal, and global privacy laws.
- David van HeerdenProduct Evangelist, Automox
David has worked as an IT professional in Asset/Fund Management, property development, hospitality, entertainment, and now tech. His passion is to help people solve problems with technology that is easy to use, easy to manage and to have fun along the way. He is spending his time at Automox as the IT Operations Manager and Product evangelist, and continues to achievement hunt in baldur’s gate, cities skylines, and TFT.
- Roy Wattanasin, ModeratorResearch Security Officer, Massachusetts Institute of Technology
Roy Wattanasin is an information security professional. Additionally, Roy is an avid speaker who has spoken at many conferences and webinars. Roy also enjoys data forensics & incident response and building security in. He is heavily involved with many computer security groups including OWASP Boston, ISSA and the local communities. Roy is also a member of multiple advisory groups. He was an adjunct instructor at Brandeis University as part of the Health and Medical Informatics and is also the co-founder of that program. He is credited for bringing back the Security BSides Boston conference (setting the standards) and enjoys seeing it grow each year and being successful with its new team members.
- Stephen DoughertyFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.
- Kenneth MorasSecurity GRC Lead, Plaid
Kenneth Moras is a recognized leader in the cybersecurity Governance, Risk, and Compliance (GRC) space, with extensive experience in building GRC teams from the ground up at Plaid and scaling large GRC programs at notable organizations such as Meta and Adobe. His expertise also extends to cybersecurity consulting for Fortune 500 companies during his tenure at KPMG. He holds various certifications, including CISSP, CISA, ISO 27001 LA, CDPSE, CEH, CHFI, and CCNA. Kenneth enjoys staying up-to-date with offensive strategies used by attackers and building proactive risk management programs that serve as business enablers.
- Akshay ShettyDeputy CISO, Guidewire Software
Akshay Shetty has been working within the security domain for more than 14 years. A security professional by chance, he has graduated to being passionate about it, having successfully created, scaled, and optimized security programs within various stages of their maturity journey. Akshay has prior Big 4 security consulting experience, and has led security programs at Autodesk and Salesforce in the past, as well.
- Hemanth TadepalliCybersecurity and Compliance Engineer, May Mobility
Hemanth Tadepalli is a Cybersecurity Compliance Engineer at May Mobility, excelling in the realm of autonomous transportation services. With a rich professional background spanning roles at AlixPartners, Mandiant, Google, and SensCy, he specializes in ensuring compliance with stringent standards like ISO 27001, SOC 2, ISO/SAE 21434, and others. Hemanth co-founded MYCAP (Michigan Young Cybersecurity Analysts and Professionals), fostering budding talents in the cybersecurity domain. Appointed by the Michigan Department of State in 2022, he served on the Collegiate Advisory Task Force, determined and implemented recommendations to improve voter education and engagement among universities across the state of Michigan. The task force played an important role in election security, integrity, and combatting the result of misinformation being spread.
Hemanth has presented at the Detroit Automotive Cybersecurity Conference and various other prominent industry events, showcasing his expertise and thought leadership. He holds a Computer Science degree with a cybersecurity concentration and minors in Pre-Law, Innovation, and Entrepreneurship from Kettering University. Currently pursuing a Master's in Cybersecurity at the University of California, Berkeley, he continues to drive innovation and excellence in the cybersecurity landscape.
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
- VJ ViswanathanFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)
VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.
With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.
VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.
VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.
- Theresa PaytonFirst Female White House CIO, CEO of Fortalice Solutions, and 2019 Woman Cybersecurity Leader of the Year
Payton is the cybersecurity expert that organizations turn to for discreet help during data breaches and to improve IT systems and strategies. She made history as the first female to serve as White House Chief Information Officer and currently helps organizations in both the public and private sectors protect their most valuable resources.
Managing cybersecurity risk is what Payton knows and does best. Before overseeing IT operations as CIO for President George W. Bush and his administration, she held executive roles in banking technology for two of the country’s top financial institutions. After serving in the White House, she went on to co-found Dark3, a cybersecurity product company, and Fortalice Solutions, a world-class cybersecurity consulting firm ranked a Top 5 Most Innovative Cybersecurity Company in Northern Virginia, Maryland and Washington, D.C.
Named one of the Top 25 Most Influential People in Security by Security Magazine, Payton was also featured in the book 100 Fascinating Women Fighting Cybercrime and honored as the 2019 Woman Cybersecurity Leader of the Year. Business Insider named her one of the top 50 Cybersecurity Leaders of 2020, CISO Magazine named her Cybersecurity Crusader of the Year in 2020, and Awards Magazine named her one of the Top 50 Women in Tech in 2021. She is the author of several publications on IT strategy and cybersecurity, including Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth, released in 2020. Cyber Security Experts named her one of the 100 Most Influential People in Cyber Security in 2021.
- Julie MeunierAssociate Director, Digital Intelligence, Fortalice Solutions, LLC
- Melissa O'LearyPartner & Chief Strategy Officer, Fortalice Solutions, LLC
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes