- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Thursday, September 23, 20218:00 amExhibitor Hall openRegistration Level:
- Open Sessions
8:00 am - 9:00 amLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:00 amAdvisory Council RoundtableTopic: Stepping into the BreachAVP, Information Security, Amerisure InsuranceRegistration Level:- VIP / Exclusive
8:00 am - 8:50 amThis session is for SecureWorld Advisory Council members by invite only. The discussion, moderated by Bob Bacigal, will cover Cyber Incident Response:
- Cyber Incident Response Plans
- Response Teams
- Cyber Insurance
- Playbooks
- Tabletop Exercises
- After Action Reviews
8:15 amInfraGard Michigan Chapter MeetingSr. Business Consultant, Cybersecurity, Honeywell Building SolutionsTechnical Leader, Cyber Threat Intelligence, Ford Motor Company; President, Michigan InfraGard Members AllianceSpecial Agent and Private Sector Coordinator, FBIVP & CISO, Lear Corporation; Board Member, Michigan InfraGard Members AllianceManager, Cyber Security Nuclear Fleet, Exelon GenerationRegistration Level:- Open Sessions
8:15 am - 9:00 amThis session is open to all attendees. We welcome members and prospective members interested in the InfraGard Michigan Members Alliance. This meeting will consist of a “Fireside Chat” with Board Members, Infrastructure Section Chiefs, and our partners at the FBI.
AGENDA:
8:15-8:30 a.m.
Chris Christensen our VP will Open our session with a short slide presentation from the national office.8:30-8:55 a.m.
Stephanie Scheuermann our President, Earl Duby, Nathan Faith, and Michael Glennon will have a roundtable discussion about what InfraGard the information sharing association is all about.8:55 a.m.
Chris Christensen will close the meeting.9:00 am[Keynote] Ransomware as an Evolution of CybercrimeAssistant Director, Office of Investigations, United States Secret ServiceRegistration Level:- Open Sessions
9:00 am - 9:45 amThe U.S. Secret Service has observed a marked uptick in the frequency, sophistication, and destructiveness of ransomware attacks against U.S. organizations. While this surge is due to a number of complex and interrelated factors, there are some key drivers of this cyberthreat that should be understood. Join this fireside chat with one of the leaders of the U.S. Secret Service to explore the origins of ransomware, how it continues to evolve, and steps that both the private and public sector can take right now to mitigate this risk.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amModern Cyber ResilienceCISO, The Kraft Heinz CompanyAmericas CISO, JLLChief Security Officer & Technology Lead, Trexin GroupRegistration Level:- Open Sessions
10:00 am - 10:30 am10:00 amManual Processes, Be Gone: The Future of Third-Party Risk ManagementCISO, Reciprocity, IncVice President, Reciprocity, IncRegistration Level:- Open Sessions
10:00 am - 10:30 amWhether a start-up or an enterprise, you are probably working with multiple vendors, using their software and reliant on their systems. Yet while these external vendors provide invaluable services, they also introduce significant risk to your company’s information security.
How do you know if your vendors are meeting required contractual, security, and privacy obligations?
If you don’t have processes in place to assess the risks these third parties pose, then your answer is most likely you don’t. And this is critical: You need to know the risks of working with third parties and that you can trust them—because if they go down, your business may, too.
Assessing risk, however, can be incredibly complex. Traditional risk management approaches that rely on manual processes, spreadsheets and even survey methods don’t scale well and are not automated enough. And they certainly can’t support a third-party vendor network once it reaches a certain size: spreadsheets and email folders become overwhelming, ad hoc processes and reporting cycles create confusion, and manual reviews lead to missed issues and trends. In fact, the more successful an organization is—and the more third-party vendors they work with—the more automation and continuous monitoring are required.
Reciprocity works with companies of all sizes to help streamline and improve third-party risk management. Join Reciprocity CISO Scott McCormick and VP Rob Ellis as they walk you through:
- Examples of vulnerabilities and common attack techniques
- Steps to mature your third-party risk management program
- How to implement automation and make your program more proactive (or continuous)
- A case study detailing how ZenGRC helped Conversica drastically improve its compliance and risk posture, resulting in 60 saved days and $80k in hard savings
10:00 amHow IoT Devices Are Driving Cyber RiskVice President, Strategy & Risk, RiskRecon, a Mastercard companyRegistration Level:- Open Sessions
10:00 am - 10:30 amIn the new digital transformation age, companies are more susceptible to exposing their data to the internet. A recent research study conducted by RiskRecon and the Cyentia Institute found that firms with IoT devices exposed to the internet have a 62% higher prevalence of cyber risk issues and 86% of security findings related to IoT devices are rated as critical.
Learn how you can protect your organization from these IoT threats, and how to utilize continuous monitoring data to ensure that your vendors are not exposing their IoT devices to the internet, leaving you just as vulnerable.
10:00 amInformation Protection and Cloud Security OverviewSr. Director, Enterprise Security Strategy, ProofpointRegistration Level:- Open Sessions
10:00 am - 10:30 amData Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations—especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021?
10:30 amNetworking BreakRegistration Level:- Open Sessions
10:30 am - 10:45 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:45 amPolicies, Standards, Processes: Using a Free CSF to Create IS Policy DocumentsInformation Security Control Assurance Manager , ExperianRegistration Level:- Open Sessions
10:45 am - 11:15 amRunning an information security organization is often very reactive. As you fight your way through the jungle of chaos, you realize that you need rules, regulations, and controls to build a fortress to shelter your valuables against risks and threats. But how do you begin to get and keep everything under control? With your information security policy documents, of course. Creating usable policy documents is very tricky if you don’t know where to start or how to make them meaningful and enforceable. In this session:
- We will discuss the differences between a policy, standard, process, and guideline.
- You will receive an overview of how to use the free version of the HITRUST CSF to create Information Security policy documents.
- We will view a sample of a policy and standard created from the free version of the HITRUST CSF.
10:45 amReducing Complexity While Increasing Data Protection in Financial ServicesVP, Security and Privacy, PKWARERegistration Level:- Open Sessions
10:45 am - 11:15 amFinancial service firms have a responsibility to provide fool-proof security to instill faith in customers, and send a strong message that combating threats is a prime objective. They cannot afford to be complacent, especially when the majority of information produced or utilized in financial services is private and sensitive, not to mention highly regulated. All this adds up to make cybersecurity vital to business.
Building sustainable ongoing security starts with all-inclusive optics into the sensitivity of data and automated organization-wide control of it. Organizations can assemble all this with multiple solutions, but doing so is time-consuming, expensive, and can be fraught with integration woes.
There’s a better way. This session takes a deep dive into reducing complexity in sensitive and private data protection, including:
- How to dig deep across the enterprise into every place sensitive data may be stored, from data lakes to endpoint devices
- The benefit of automatic policy-specific remediation, including masking, redaction, deletion, and encryption
- How to scale data protection and compliance as data volumes increase
10:45 amApplication Security: A Multi-Pronged ApproachSecurity Solutions Architect, RadwareRegistration Level:- Open Sessions
10:45 am - 11:15 amIf you’re reading this, it’s probably because you’ve been responsible at some level, or at some point in time, for protecting your enterprise applications. We are all aware that applications are subject to attackers’ attempts to either take an application offline or exfiltrate data from the application for sale on the Dark Web. So, how can you prevent application downtime or data exfiltration? Join us to look at the state of the art technologies used to prevent the most advanced attacks.
10:45 amThe Value of Continuous Security ValidationTechnical Director, AttackIQRegistration Level:- Open Sessions
10:45 am - 11:15 amWith cyber threats on the rise and the abundance of security controls and capabilities out there, how do you gain confidence in your ability to protect critical assets? Testing. Continuous validation of your controls and their capabilities. Let’s talk about how that looks and why it works.
11:15 amNetworking BreakRegistration Level:- Open Sessions
11:15 am - 11:30 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:30 amShow Off the Skeletons in Your ClosetSr. Manager, IT Security, BorgWarnerRegistration Level:- Open Sessions
11:30 am - 12:00 pmBlue Teams and cyber defenders do a great job at securing 95% of their assets, but everyone has skeletons in their closet—the legacy machines, unpatched software, and other security risks. Instead of pretending they don’t exist, let’s discuss how we can lead with this information to best secure the environment. Everyone has weaknesses; it’s time to highlight them and plan accordingly. We can all help each other in this process.
This is an action-oriented presentation that will help any defender identify, discover, and document their worst security issues and how to communicate the issues effectively to all levels of management. Once identified, now let’s address how to secure them as best as possible, especially when killing them is not an option.
Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)
11:30 amGetting Ahead of the Ransomware Operations Life CycleDirector, Strategic Threat Advisory Group, CrowdStrikeRegistration Level:- Open Sessions
11:30 am - 12:00 pmJoin this session to learn about CrowdStrike’s most current understanding regarding the ever-prevalent ransomware threat and our observations around how the ransomware ecosystem has evolved over the last couple of years. Attendees of this session will benefit from the unique insights into the associated enablers of ransomware, including associated initial access techniques, ransomware-related business models, and our newest data around monetization schemes being leveraged by the eCrime extortion community. Lastly, CrowdStrike will close by proposing actionable recommendations that organizations can undertake in order to harden their cybersecurity environment against the ransomware threat.
Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)
11:30 amA Critical Look at the Security Posture of the Fortune 500Sr. Director, Chief Security Data Scientist, Rapid7Registration Level:- Open Sessions
11:30 am - 12:00 pmThe global pandemic has brought many changes to the IT landscape of corporations across the globe. To see how this has impacted the “best of the best,” Rapid7 Labs has reprised its seminal industry cyber exposure research from 2018 to see how the security posture of Fortune 500 organizations has evolved (or devolved), and to present solid advice to CISOs and practitioners looking to improve their cybersecurity practices.
11:30 amThe Implementation Journey of Zero Trust and SASE: Realizing the BenefitsVP, CSO - Cloud Security Transformation, NetskopeRegistration Level:- Open Sessions
11:30 am - 12:00 pmMost organizations have a hybrid implementation of cloud and on-prem services. With the rapid adoption of business digitalization and expanding remote work force, how do we consolidate controls and enhance the security of the systems?
In this hybrid mode, enterprises need speed, visibility, security, and reliability without compromise. Enter the secure access service edge, better known as SASE. It’s inevitable that SASE implementations and Zero Trust implementations will provide a more comprehensive security capability to truly support digital transformation. How can your organization best position itself for the transition?
In this session, James Christianson will discuss:
· How to migrate your security controls to take advantage of SASE
· Reducing cost while increasing your security posture
· Implementing a road map for SASE / Zero Trust12:00 pmNetworking BreakRegistration Level:- Open Sessions
12:00 pm - 12:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:15 pmStrategies for Client Cybersecurity AssuranceSr. Director, Client Security, Equifax CanadaRegistration Level:- Open Sessions
12:15 pm - 1:00 pm12:15 pm[Panel] Cloud: Power and PerilSr. Director, Enterprise Security Strategy, ProofpointCISO of North America, CheckmarxPrincipal Cloud Architect, Sales Engineering, GigamonDirector of Information Security and Research, AutomoxRegistration Level:- Open Sessions
12:15 pm - 1:00 pmWe are making history now, in the cloud. Organizations are utilizing cloud at record levels, revealing its power like never before. However, much of this shift was forced, and fast, which increased risk. And attackers are shifting, too. Join this panel as we unpack the power of the cloud and also its peril: current challenges, threats, and pitfalls.
12:15 pm[Panel] It's a Zero Trust WorldVice President of Security, Code42Global Principal Engineer, CorelightVP, Product Marketing, Encryption, Thales GroupRegistration Level:- Open Sessions
12:15 pm - 1:00 pmWe used to go by the “trust but verify” philosophy, but that didn’t exactly secure the enterprise. It’s time to take a more proactive approach. The Zero Trust concept isn’t new, but it seems to address many of the current security and privacy needs of companies. This panel will highlight the pitfalls, wins, and what you need to know to live and work in a Zero Trust world.
12:15 pmExecutive RoundtableTopic: Security Breach InsuranceChief Information Security & Privacy Officer, WorkForce SoftwareRegistration Level:- VIP / Exclusive
12:15 pm - 1:00 pmDiscussion forum for executive leaders and SecureWorld Advisory Council members (10-15, invite only). Moderated by Michael Muha.
Cyberattacks are now the norm, and companies have become more vulnerable to them. There are more attacks, and attacks are more severe. Cyber insurance is one of the tools that some of us are using to respond and recover from cyberattacks. This roundtable asks participants to discuss their experiences:
• Who owns cyber insurance in your organization?
• Has security been involved in the process?
• Has it been hard to renew your cyber insurance this year?
• Have you taken advantage of the cyber insurance vendor’s “preferred vendor list”?
• Have you put a breach coach and incident response team on retainer?
• Have you reviewed your Incident Response plan with the breach coach? Did they help you create a better plan?
• What was your experience doing tabletop with your cyber insurance contacts?
• If you had an incident, how easy was it to communicate with your cyber insurance carrier and/or broker, breach coach, IT team? Did they hinder or enhance your response?1:00 pmNetworking BreakRegistration Level:- Open Sessions
1:00 pm - 1:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pmDemystifying Data Science for Modern Cyber OperationsPrincipal Cybersecurity Researcher, General Electric Gas PowerRegistration Level:- Open Sessions
1:15 pm - 2:00 pmWith the explosion of connected devices, manual review of security events isn’t keeping pace (and hasn’t for a while). Data analytics is not a new concept to cybersecurity, and nearly all vendors proclaim its virtues. Then why do cyber professionals avoid unlocking the potential of data science techniques in daily operations?
This presentation tackles the fundamentals of data acquisition, graph analytics, artificial intelligence, and machine learning. Sound complicated? Don’t worry! This presentation isn’t for PhDs, it’s for real-world cyber operators. Practical examples in threat hunting, attack modeling, intelligence mapping, and event detection with open source tools included! Key takeaways will include:
- How data science skills and techniques will further your career as a cyber operations professional
- An introduction to the fundamentals of data science, including data acquisition, graph analytics, artificial intelligence, and machine learning
- How to apply data science techniques to real-world cyber operations
- An introduction to open source tools for network graphing and AI-enabled threat modeling
Presentation level: TECHNICAL (deeper dive including TTPs)
1:15 pmBuild vs. Buy: Advantages of a Pre-Built SolutionSr. Product Marketing Manager, OktaRegistration Level:- Open Sessions
1:15 pm - 2:00 pmIn this session, John Wilke will guide you through the advantages of a pre-built identity solution. He will review how identity used to be a cost center but now is viewed as a business enabler and strategic initiative. He will also help you compare the options when looking to build out a modern identity solution.
1:15 pmA Proven Approach to Embed Security into DevOpsPrincipal Security SME, Horizon3.aiRegistration Level:- Open Sessions
1:15 pm - 2:00 pmThe shift towards DevOps makes it clear that organizations are adopting this model to facilitate the practice of automating development, delivery, and deployment of mission-critical software. While the traditional idea of a software release dissolves into a continuous cycle of service and delivery improvements, organizations find that their conventional approaches to application security are having a difficult time adapting to DevOps, since security if often viewed as an inhibitor to this new approach.
Join Stephen Gates, Checkmarx SME, where you’ll:
- Discover the six proven steps of embedding software security into DevOps.
- Learn how to ensure vulnerabilities and run-time risks are identified and remediated early in development.
- Explore the benefits of AppSec integration and automation into the tooling your developers use.
- Hear about new AppSec awareness and training approaches to improve developer secure coding skills.
1:15 pm[Panel] Ransomware: Myths, Pitfalls, and New InsightsVP & CISO, ZscalerPrincipal Security Strategist, SynopsysInformation Security Manager, Cobalt.ioDirector, Threat Hunting Operations, ReversingLabsSVP, Counter Adversary Operations, CrowdStrikeRegistration Level:- Open Sessions
1:15 pm - 2:00 pmOne thing we have learned over the past 18 months is that ransomware is very lucrative. Backups and cyber insurance have you covered, right? Not so fast. Misinformation abounds around digital extortion. Join our panel of experts as they unpack some of the myths and pitfalls around ransomware and offer valuable insight on how to keep your company out of the headlines!
2:00 pmNetworking BreakRegistration Level:- Open Sessions
2:00 pm - 2:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:15 pm[Closing Keynote] 2022 and Beyond Cyber PrioritiesCIO, State of MichiganCISO, Illinois Department of Innovation & Technology (DoIT)CISO, MeritorCSO, Security Mentor; Former CISO, State of MichiganRegistration Level:- Open Sessions
2:15 pm - 3:00 pm
- AttackIQBooth:
AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to identify security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat Informed Defense.
- AutomoxBooth:
Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.
- Checkmarx Inc.Booth:
Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.
- CobaltBooth:
Cobalt’s Pentest as a Service (PtaaS) platform is modernizing traditional pentesting. By combining a SaaS platform with an exclusive community of testers, we deliver the real-time insights you need to remediate risk quickly and innovate securely.
- Code42Booth:
Code42 is the leader in insider risk detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data from insider threats while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.
- CorelightBooth:
Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com
- CrowdStrikeBooth:
CrowdStrike sets the standard for cybersecurity in the cloud era. The CrowdStrike Falcon® platform protects and enables the people, processes, and technologies that drive modern enterprise, delivering superior protection, better performance, reduced complexity, and immediate time-to-value. CrowdStrike secures the most critical areas of enterprise risk—endpoints and cloud workloads, identity, and data—to keep organizations ahead of today’s adversaries and stop breaches.
- Cybercrime Support NetworkBooth:
Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.
- CybereasonBooth:
Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.
- Domino’sBooth:
Domino’s Pizza, which began in 1960 as a single store location in Ypsilanti, MI, has had a lot to celebrate lately. We’re a reshaped, reenergized brand of honesty, transparency, and accountability—not to mention, great food! In the rise to becoming a true technology leader, the brand is now consistently one of the top five companies in online transactions, and 65% of our sales in the U.S. are taken through digital channels. The brand continues to “deliver the dream” to local business owners, 90% of which started as delivery drivers and pizza makers in our stores. That’s just the tip of the iceberg… or as we might say, one slice of the pie! If this sounds like a brand you’d like to be a part of, consider joining our team!
- GigamonBooth:
Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realize the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, nine of the 10 largest mobile network providers, and hundreds of governments and educational organizations worldwide. To learn more, please visit gigamon.com.
- InfraGard MichiganBooth:
InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. With thousands of vetted members nationally, InfraGard’s membership includes business executives, entrepreneurs, military and government officials, computer professionals, academia and state and local law enforcement; each dedicated to contributing industry specific insight and advancing national security.
- ISACA Chicago ChapterBooth:
Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the metro Chicago area.
Chapter meetings are generally held the third Thursday of each month at The Conference Center at One North Wacker (1 N. Wacker Drive, 2nd Floor, Chicago, Illinois 60606)
Please check our web site from time to time for the most up-to-date listing of chapter related events and training opportunities.
- ISC2Booth:
ISC2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, ISC2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation, The Center for Cyber Safety and Education™.
- ISSA Motor CityBooth:
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals. The Motor City chapter is located in the automotive capital of the United States, Detroit, MI. Our chapter is committed to educating, consulting, advising, and overall improving information security for our technology infrastructures.
- ISSA Chicago ChapterBooth:
The Chicago Chapter of the Information Systems Security Association (ISSA) has a mission to offer a stimulating combination of discussion forums, hands-on learning, CISSP certification training, conferences, and other events which are designed to enhance understanding and awareness of information security issues for information security professionals.
Whether you are exploring a career in cybersecurity, honing your technical expertise or an established security executive, the ISSA offers you a network of 10,000 colleagues worldwide to support you in managing technology risk and protecting critical information and infrastructure. Enhance your professional stature, expand your peer network and achieve your personal career goals. Your local chapter and ISSA International will provide you with a wealth of resources to keep you current with industry trends and developments in our ever-evolving field.
- NetskopeBooth:
The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.
- OktaBooth:
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- PKWAREBooth:
PKWARE protects the world’s data with smart encryption software and solutions. In use by more than 35,000 customers, including government agencies and global corporations, PKWARE’s easy-to-use security armors data itself and eliminates vulnerabilities wherever data is used, shared or stored.
PKWARE offers the only data discovery and protection solution that locates and secures sensitive data to minimize organizational risks and costs, regardless of device or environment. Our software enables visibility and control of personal data, even in complex environments, making PKWARE a global leader in data discovery, security, and compliance.
- ProofpointBooth:
Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.
Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.
- RadwareBooth:
Radware® (NASDAQ: RDWR) is a global leader of cybersecurity and application delivery solutions for physical, cloud and software-defined data centers (SDDC). Our award-winning solutions portfolio secures the digital experience by providing infrastructure, application and corporate IT protection, and availability services to enterprises globally. Our solutions are deployed by, among others, enterprise customers, carriers, and cloud service providers.
- Rapid7Booth:
Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.
- ReciprocityBooth:
ZenGRC enables companies to track, manage, and assess information security compliance and remediate risk from one consolidated, easy-to-use, lightweight platform. We are making an inefficient system more efficient, delivering amazing value at a reasonable price, and are helping businesses adapt to a changing world.
Our platform streamlines evidence collection, simplifies audits, manages vendor risk, and is a single source of truth that allows control consolidation across multiple compliance standards.
As regulations become more complicated, ZenGRC is becoming a crucial tool for any information security department to have.
- ReversingLabsBooth:
ReversingLabs automatically detects and analyzes sophisticated file-based threats built to evade security controls from development to the SOC. Our hybrid-cloud Titanium Platform verifies binaries at the speed, accuracy, and scale required for software development, third-party software acceptance, and security operations teams to take confident action. Learn more at www.reversinglabs.com.
- RiskReconBooth:
RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
enabling organizations to efficiently operate scalable, third-party risk management programs for
dramatically better risk outcomes. Request a demo to learn more about our solution. - SailPointBooth:
SailPoint, the leader in enterprise identity governance, brings the Power of Identity to customers around the world. SailPoint’s open identity platform gives organizations the power to enter new markets, scale their workforces, embrace new technologies, innovate faster and compete on a global basis. As both an industry pioneer and market leader in identity governance, SailPoint delivers security, operational efficiency and compliance to enterprises with complex IT environments. SailPoint’s customers are among the world’s largest companies in a wide range of industries.
- SynopsysBooth:
Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
- TechTargetBooth:
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- ThalesBooth:
As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.
- Women in CyberSecurity (WiCyS)Booth:
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Bob BacigalAVP, Information Security, Amerisure Insurance
Bob Bacigal is the Assistant Vice President of Information Security at Amerisure Insurance. He has over 30 years of experience in information security management, risk management, incident response, disaster recovery, and business continuity planning. Prior to joining Amerisure, he held security management positions with Great Lakes BanCorp, the Federal Reserve Bank of Chicago, and Delphi Corporation. Bob is an active member of the InfoSec community and has served as President and Chairman of the InfraGard Michigan Members Alliance (IMMA) and is currently serving on its Board of Directors. He is an active member of the State of Michigan CSO Kitchen Cabinet, Detroit CISO Executive Council Governing Body, and the SecureWorld Detroit Advisory Council. Bacigal earned his bachelor’s degree in Criminology form Eastern Michigan University and is both a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM).
- Chris ChristensenSr. Business Consultant, Cybersecurity, Honeywell Building Solutions
Chris Christensen is the Cybersecurity Business Consultant for Honeywell Building Solutions (Americas) and specializes in securing Operational Technology (OT) and Industrial Control Systems (ICS) Chris passionately believes that cybersecurity is everyone's shared responsibility and through awareness, education, accountability and positive reinforcement, everyone in an organization can work together to create a safer workplace and more secure society at large. Prior to joining Honeywell Chris worked in several high profile functions managing special projects in the State of Michigan where he served on the Homeland Security Advisory Council and the Homeland Security Preparedness Committee. He was responsible for crafting the first Cyber Disruption Response Plan for the State of Michigan which is still in use today. Chris is on the board of the Michigan InfraGard, he has Bachelor’s Degree from the University of Utah and a Juris Doctorate from Thomas M. Cooley Law School.
- Stephanie ScheuermannTechnical Leader, Cyber Threat Intelligence, Ford Motor Company; President, Michigan InfraGard Members Alliance
- Michael R. GlennonSpecial Agent and Private Sector Coordinator, FBI
- Earl DubyVP & CISO, Lear Corporation; Board Member, Michigan InfraGard Members Alliance
- Jeremy C. SheridanAssistant Director, Office of Investigations, United States Secret Service
Jeremy Sheridan is the Assistant Director of the Office of Investigations at the United States Secret Service. In this role, he leads more than 160 Secret Service field offices and directs the Secret Service's network of Cyber Fraud Task Forces (CFTFs) in their investigations of sophisticated computer and financial crimes. He also works to ensure the global network of field offices and task forces effectively detect and arrest those who are engaging in the criminal violations the Secret Service is authorized to investigate, while fully supporting diverse protective requirements across the world.
- Ricardo LafosseCISO, The Kraft Heinz Company
Ricardo Lafosse is responsible for IT risk governance, software and product security, incident management, technical disaster recovery, and determining enterprise-wide security policies and procedures. Lafosse regularly presents on security topics at global conferences, including Defcon, MirCon, and ISACA CACS. Lafosse has more than 15 years of experience in information security for the government, finance, legal, and healthcare. Lafosse holds a Master’s in Information Assurance from the Iowa State University. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) designations.
- Michael BoucherAmericas CISO, JLL
- Glenn KapetanskyChief Security Officer & Technology Lead, Trexin Group
Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.
Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).
- Jonathan EhretVice President, Strategy & Risk, RiskRecon, a Mastercard company
Jonathan has been a third-party risk practitioner since 2004. He is co-founder and former president of the Third-Party Risk Association. He has deep experience building and running third-party risk programs in finance and healthcare. He started with RiskRecon in April, 2020.
- Mike StacySr. Director, Enterprise Security Strategy, Proofpoint
Mike works with customers and oversees technical strategy for areas which include cloud security, advanced email defense, SOAR, browsing security, and SDP. Prior to joining Proofpoint, Mike held numerous technical leadership and product strategy roles across a variety of solutions.
- Marcia MangoldInformation Security Control Assurance Manager , Experian
Marcia has spent the past 17+ years using her abilities to be a business enabler for IT and IS, and has worked for several organizations, including IBM, GE, and Blue Cross Blue Shield of Michigan. Marcia focuses on Information Security awareness training, risk, and policy lifecycle management. Marcia is a Certified Information Systems Security Professional (CISSP), a founding board meeting of the local (ISC)2 chapter, a proud member of the Michigan InfraGard chapter, and a board member of ISSA. In addition, Marcia was a contributing NIST Big Data Public Working Group member for the Special Publication (NIST SP) - 1500-4, Big Data Interoperability Framework: Volume 4, Security and Privacy.
- Chris PinVP, Security and Privacy, PKWARE
Chris Pin serves as PKWARE’s VP, Security and Privacy. In this role, Chris drives value and awareness for all PKWARE customers regarding the various challenges that both privacy and security regulations bring to the data-driven world. He works closely with all customers and potential customers to help them better understand how PKWARE solutions best fit into their environments and processes. He also works very closely with many other departments such as Sales, Marketing, Partners, and Product to help build brand awareness and product insights.
With over 15 years of experience, Chris’s career began at the Pentagon where he supported the Army Headquarters as a Systems Engineer. Following his tenure at the Pentagon, he transitioned into global architecture and engineering for SOCOM, focusing on global networks and security. This is where he developed a deep understanding of what it takes to operate global networks at scale while ensuring the best security and privacy without jeopardizing the end-user experience.
Prior to joining PKWARE as part of the Dataguise acquisition, Chris spent four years at Costco leading the data center migration of the e-commerce domain before transitioning into Privacy and Compliance where he was a PCI-ISA and assisted through yearly PCI assessments. Most notably, Chris also led Costco’s GDPR and CCPA efforts on a global scale, working with teams across the company, Infosec, development, policy, legal, employee education, change review, marketing, HR, buyers, and more.
Chris has a CIPM certification and studied Aviation Management at Dowling College. When not working, he enjoys spending time with family, flying drones, kayaking, and adventuring the Pacific Northwest.
- James McGrilSecurity Solutions Architect, Radware
James is a Security Solutions Architect and one of Radware’s thought leaders in Network and Application Security. He's been with Radware for nearly 10 years. James is a self-described geek and enjoys learning about application security and building web applications using the latest technologies. In his off time, James enjoys hiking, surfing, and playing guitar.
- Cory SutliffTechnical Director, AttackIQ
Practice Lead for Technical Account Management at AttackIQ. Cory has 20+ years' experience in IT focusing on security, seven+ years with the DoD. He has spent the last two years at AttackIQ delivering Security Optimization (BAS).
- Ryan MostillerSr. Manager, IT Security, BorgWarner
Ryan Mostiller is a security leader in the Metro Detroit community, currently serving as the Security Operations Manager for BorgWarner. After more than a decade in both technical and management roles in security, Ryan enjoys any opportunity to engage with fellow practitioners and share learnings. Ryan has worked across various industries and within several Fortune 500 companies, most recently in the automotive industry.
Ryan has a Masters in IT Management from Oakland University and bachelors in Information Technology, along with security certifications from GIAC. You may have seen other presentations that Ryan has created and presented at, including SecureWorld, GrrCON, ISC2, and Evanta. Ryan has also developed and teaches an OU Executive MBA course at Oakland University titled "Cybersecurity for Executives."
- Jason RiveraDirector, Strategic Threat Advisory Group, CrowdStrike
Jason Rivera has over 15 years of experience innovating at the intersection of security operations and technology. He was a former Intelligence Officer/Captain in the U.S. Army, had assignments with the National Security Agency (NSA) and U.S. Cyber Command (USCYBERCOM), and served in combat tours overseas. He has experience in the private sector and built threat intelligence and cybersecurity programs for large Fortune 500 companies and U.S. government agencies. He received his M.A. in Security Studies from Georgetown University, M.A. in Economics from the University of Oklahoma, and his B.A. in Political Science & Economics from the University of Nevada, Las Vegas.
- Bob RudisSr. Director, Chief Security Data Scientist, Rapid7
Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is currently [Master] Chief Data Scientist at Rapid7, where he specializes in research on internet-scale exposure. He was formerly a Security Data Scientist & Managing Principal at Verizon, overseeing the team that produces the annual Data Breach Investigations Report. Bob is a serial tweeter (@hrbrmstr), avid blogger (rud.is), R (#rstats) avunculur, author (Data-Driven Security), speaker, and regular contributor to the open source community.
- James ChristiansenVP, CSO - Cloud Security Transformation, Netskope
James Christiansen is Netskope’s vice president of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients understand the challenges and solutions of cloud deployments by helping drive thought leadership in cloud security transformation.
James brings extensive expertise as a global leader in information security. Prior to joining Netskope, he was vice president CISO at Teradata where he led the global security, physical, and information security teams. Previously, James was vice president of information risk management at Optiv, chief information risk officer for Evantix, and CISO at Experian Americas, General Motors, and Visa International.
As a sought-after expert speaker on security, James has been featured at numerous prestigious events, including the Business Roundtable, Research Board, American Bar Association, American Banker, the RSA Conference, BankInfoSecurity, ISSA, ISACA, HIMSS, and MIS Training Institute. He has also been featured in The New York Times and quoted as an expert in USA Today, The Wall Street Journal, Reuters, United States Cybersecurity Magazine, Bloomberg, and Healthcare IT News.
James is a patent inventor and has received three innovation awards in cyber security, GRC, and cloud computing. He is the author of the Internet Survival Series and contributing author of CISO Essentials, as well as numerous industry papers.
- Arif HameedSr. Director, Client Security, Equifax Canada
Arif Hameed is Senior Director at Equifax, where he leads a team that handles client cybersecurity due diligence activities including questionnaires, audits, remediation support, security schedules, etc. Prior to his role at Equifax, he worked at two of the largest banks in Canada in Security Advisory, IT Risk, Third Party Cyber Risk, and IT Audit.
- Mike StacySr. Director, Enterprise Security Strategy, Proofpoint
Mike works with customers and oversees technical strategy for areas which include cloud security, advanced email defense, SOAR, browsing security, and SDP. Prior to joining Proofpoint, Mike held numerous technical leadership and product strategy roles across a variety of solutions.
- Peter ChestnaCISO of North America, Checkmarx
Pete Chestna serves as the CISO of North America at Checkmarx, where he provides customers and prospects with practical advice for building successful application security programs. Bringing more than 15 years of direct AppSec practitioner experience, Pete has held roles ranging from developer and development leader to his most recent position as the Global Head of AppSec for the Bank of Montreal.
Over the years, Pete has led organizational transformations from Waterfall to Agile to DevOps and from monolith to microservice architectures. He is certified as both a scrum master and product owner. Stemming from his experience as both an avid practitioner and consultant, Pete has spoken internationally at numerous prominent security and developer conferences including DevOpsDays, All Day DevOps, OWASP AppSec, and DevSecCon.
Pete has been granted three patents. He enjoys whiskey tourism, astronomy model rocketry, and listening to Rush in his spare time.
- Joey PeloquinPrincipal Cloud Architect, Sales Engineering, Gigamon
Joey Peloquin is an information and cyber security veteran, evolving over the years to specialize in multiple domains, including network, application, mobile, and for the last seven years, cloud security and architecture. Joey has held a variety of leadership roles over his career including security product ownership, head of consulting services at firms such as FishNet Security and GuidePoint Security, and head of cloud security operations and global incident response at Citrix. Joey has been active in the security community, publishing original research in publications such as Hakin9 magazine and speaking at conferences such as AWS re:Invent, BSides, and RVAsec.
- Christopher HassDirector of Information Security and Research, Automox
Chris Hass is an extremely driven and proven information security professional with extensive experience in Malware Reverse Engineering, Threat Intelligence, and Offensive Security Operations. In his current role, Chris serves as Director of Information Security and Research at Automox. In addition to being a former cybersecurity analyst for the NSA, he also served as a principal research engineer at LogRhythm and helped fight off malware authors using AI/ML at Cylance. His unique experience makes him adept at understanding today's current threat landscape, and works passionately to secure Automox and its customers from today's cyber attacks.
- Tommy ToddVice President of Security, Code42
Tommy Todd is Vice President of Security at Code42 with over 20 years of cybersecurity experience, primarily focused on data privacy and data protection strategies. Prior to Code42, Tommy served in security roles at Symantec, Ionic Security, and Optiv, as well as many other firms. Throughout his career, he has acted as a leader, mentor, engineer, architect, and consultant to solve difficult data protection challenges. Tommy is passionate about data—both consumer and commercial—and strives to improve the security posture in organizations he works with.
- Alex KirkGlobal Principal Engineer, Corelight
Alex Kirk is an open source security veteran, with a combined 17 years at Sourcefire, Cisco, Tenable, and now Corelight, where he serves as Global Principal for Suricata. Formerly a malware zookeeper and IDS signature writer, today he spends his time helping SOC analysts and advising on security policy for government agencies, universities, and large corporations around the world.
- Krishna KsheerabdhiVP, Product Marketing, Encryption, Thales Group
Krishna has more than 25 years of experience leading Engineering and Business Strategy teams, including evaluating and integrating several key Thales acquisitions. Krishna has a Ph.D. in Computer Science and has worked on various topics, from compilers for supercomputers to operating systems for smart cards, leading skunkworks innovation projects to corporate entrepreneurship initiatives and M&A. He is currently responsible for marketing Thales’ Encryption products.
- Michael Muha, PhD, CISSP, CISM, CIPM, Certified GDPR PractitionerChief Information Security & Privacy Officer, WorkForce Software
Mike drove the global expansion of WorkForce Software’s cloud-based workforce management products from one data center to eight across the US, Europe, Canada, and Australia, and directed all compliance efforts (starting with SAS 70 and moving onto SOC 1, ISAE 3402, SOC 2, ISO 27001 certification, and EU-US Privacy Shield certification). Having led the company’s GDPR journey, he’s currently implementing a “Personal Information Management System” and additional global security controls to protect company and customer data.
- Michael SchladtPrincipal Cybersecurity Researcher, General Electric Gas Power
Mike Schladt, CISSP, GREM, is an information security researcher and engineer with over 12 years' experience performing malware analysis, reverse engineering, digital forensics, and incident response. Previous roles include leading malware analysis at the USAF National Air and Space Intelligence Center, as well as heading the development of endpoint detection technologies for a cybersecurity startup. For the past seven years, Mike has been the technical lead of the GE Gas Power cyber operations team, where his duties have included managing incident response, threat hunting, attack surface analysis, and offensive security research.
- John M. WilkeSr. Product Marketing Manager, Okta
John Wilke is a Senior Product Marketing Manager at Okta who is currently focused on aligning the impact of Okta's SaaS solutions with the core business goals of Okta's most strategic customers. He was previously responsible for the expansion of Okta's Business Value team for the West Coast and Asia Pacific regions.
- Stephen GatesPrincipal Security SME, Horizon3.ai
Stephen Gates brings more than 15 years of information security experience to his role as Principal Security SME at Horizon3.ai. He is a subject matter expert with an extensive hands-on background in security and is a well-known writer, blogger, presenter, and published author who is dedicated to conveying facts, figures, and information that brings awareness to the security issues all organizations face.
- Sam CurryVP & CISO, Zscaler
Sam Curry has over 25 years of IT security industry experience. Curry served as CTO and CSO at Arbor Networks, where he was responsible for the development and implementation of Arbor’s technology, security, and innovation roadmap. Previously, he spent more than seven years at RSA (the Security Division of EMC) in a variety of senior management positions, including CSO and Chief Technology in addition to SVP of Product Management and Product Marketing, including RSA Labs. Curry has also held senior roles at Microstrategy, CA, and McAfee.
- Tim MackeyPrincipal Security Strategist, Synopsys
Tim Mackey is a principal security strategist within the Synopsys CyRC (Cybersecurity Research Center). He joined Synopsys as part of the Black Duck Software acquisition where he worked to bring integrated security scanning technology to Red Hat OpenShift and the Kubernetes container orchestration platforms. As a security strategist, Tim applies his skills in distributed systems engineering, mission critical engineering, performance monitoring, large-scale data center operations, and global data privacy regulations to customer problems. He takes the lessons learned from those activities and delivers talks globally at well-known events such as RSA, Black Hat, Open Source Summit, KubeCon, OSCON, DevSecCon, DevOpsCon, Red Hat Summit, and Interop. Tim is also an O'Reilly Media published author and has been covered in publications around the globe including USA Today, Fortune, NBC News, CNN, Forbes, Dark Reading, TEISS, InfoSecurity Magazine, and The Straits Times. Follow Tim at @TimInTech on Twitter and at mackeytim on LinkedIn.
- Alex JonesInformation Security Manager, Cobalt.io
Alex Jones is an Information Security professional with eight plus years of direct security and compliance experience. He also has an extensive background in media, audio, and communications prior to working in the security field. He is currently the Information Security Manager for the leading Pentest as a Service Company, Cobalt.io. Prior to joining Cobalt, Alex has led security and compliance initiatives at Hudson’s Bay Company, Gainsight, Express Scripts and Cognizant.
- Matt DowningDirector, Threat Hunting Operations, ReversingLabs
Matt is Director of Threat Hunting Operations at ReversingLabs where he helps to operationalize the implementation of ReversingLabs tools and massive dataset to help make networks more secure. Matt is a dedicated blue teamer and threat hunter. Prior to his role at ReversingLabs, Matt held many roles supporting threat research and security operations.
- Adam MeyersSVP, Counter Adversary Operations, CrowdStrike
As CrowdStrike’s Senior Vice President of Counter Adversary Operations, Adam Meyers leads the Threat Intelligence line of business for the company. Meyers directs a geographically dispersed team of cyber threat experts tracking criminal, state-sponsored, and nationalist cyber adversary groups across the globe and producing actionable intelligence to protect customers. He oversees the development and deployment of AI, machine learning, reverse engineering, natural language processing, and other technologies to detect suspicious and malicious cyber behavior and stop increasingly sophisticated adversaries. Meyers’ work in combining human intelligence and intelligence derived from technology continues to transform cybersecurity.
Meyers works closely with other departments within CrowdStrike to ensure the smooth and speedy integration of intelligence into CrowdStrike’s entire lineup of products and services. His team brings unprecedented insights into the activities of cyber threat actors, providing strategic and technical guidance to Fortune 100 businesses, major financial institutions, key government agencies, and other CrowdStrike customers. SC Magazine recently honored CrowdStrike’s record of achievement under Meyers with the 2019 Trust Award for Best Threat Intelligence Technology. Almost every week you will see Myers commenting on recent cyber threats and cyber attacks in leading broadcast, print, and online media.
Adam earned a Bachelor of Arts degree from the George Washington University where he studied Political Science, and Computer Science.
- Laura ClarkCIO, State of Michigan
Laura Clark serves as the chief information officer (CIO) for the State of Michigan, directing the state’s technology and security efforts. As deputy director for the Michigan Department of Technology, Management & Budget (DTMB), she also oversees operations for the department, which provides information technology, business, and administrative services to state employees and stakeholders, as well as Michigan residents, visitors, and businesses.
During her 20-year career in public service, Clark has embraced a hands-on, adaptable approach to leadership. Since being appointed as CIO by Gov. Gretchen Whitmer, she has helped the State of Michigan achieve success through many initiatives, such as the launch of the award-winning Michigan Secure mobile app and successfully securing $20 million in critical cybersecurity funding from the Michigan Legislature for statewide security enhancements.
In her day-to-day work, Clark values the contributions of every person on DTMB’s 5,000 member team and has the unique ability to connect her sense of purpose and service with the overall work and mission of directing the State of Michigan’s technology and security efforts. She leads by example, seeking out opportunities that will allow those around her to succeed. Throughout these efforts, Clark’s compassion, patience, experience, and skills as are helping DTMB and the entire state forge a successful path into the digital future.
- Adam FordCISO, Illinois Department of Innovation & Technology (DoIT)
- Bridget KravchenkoCISO, Meritor
Bridget Kravchenko is the Senior Director, Chief Information Security Officer for Meritor, responsible for information security, IT risk, and compliance globally. She has responsibility for developing a strategic security plan, security metrics, security programs, risk management, and incident response.
Bridget has served in a CISO or equivalent role for the last nine years across multiple industries, including manufacturing, healthcare, and government. She has served on the Michigan InfraGard Board for the past six years and she is always looking for opportunities to support the cybersecurity community.
She is a CyberPatriot coach for the Michigan Bloomfield Hills, High School. She is a living Kidney Donor and celebrates 16 years for her Dad's new kidney. She is a proud Mother of an Eagle Scout, with hopefully a second Eagle Scout coming soon.
- Dan LohrmannCSO, Security Mentor; Former CISO, State of Michigan
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker, and author. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington D.C. to Moscow. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader. In 2017, Dan was awarded the cybersecurity breakthrough CISO of the year for global security products and services companies.
He led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO), and Chief Information Security Officer (CISO) roles in Michigan.
Dan currently serves as the CSO and Chief Strategist for Security Mentor, Inc., where he leads the development and implementation of Security Mentor’s industry-leading cyber training, consulting, and workshops for end-users, managers, and executives in the public and private sectors. He has advised senior leaders at the White House, National Governor’s Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses, and non-profit institutions.
Dan has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
He is the author of two books: "Virtual Integrity: Faithfully Navigating the Brave New Web" and "BYOD For You: The Guide to Bring Your Own Device to Work." He is the co-author of the upcoming (November 2021) Wiley book, "Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering from the Inevitable."
Dan holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes