googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, August 23, 2023
    10:30 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 4:00 pm
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    11:00 am
    [Keynote] That Moment When You Realize There Is Nowhere Left to Hide
    • session level icon
    speaker photo
    CISO and Senior Director, Boom Supersonic
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:45 am

    We’ve connected everything, everywhere, all the time, so how DO we more efficiently interact with a digital realm that continually measures our pulse in the real world? Let’s talk about some attack vectors that I’ve spent the last few years researching and helping others work on. And then let’s talk about what we CAN do about things. You’ll never look at your lights the same way again.

    11:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:45 am - 12:00 pm
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    12:00 pm
    Building a Sustainable Cybersecurity Program
    • session level icon
    speaker photo
    Director, Cyber Security Global Alliance
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm

    Join us for a dynamic session on “Building a Sustainable Cybersecurity Program” where we explore the significance of sustainable cybersecurity and its benefits. Discover real-life examples and best practices from various industries, showcasing successful integration of sustainable cybersecurity practices. Gain insights into the challenges of implementation and strategies to overcome them. Explore the policies and regulations that promote sustainable cybersecurity and understand their impact. Walk away with a comprehensive summary and actionable steps to create a resilient cybersecurity program for long-term success. Don’t miss this opportunity to safeguard your organization’s critical assets in an ever-evolving digital landscape.

    12:00 pm
    Managing Smart Buildings Service Provider Fragmentation
    • session level icon
    speaker photo
    Director, Operational Technology Risk Assessment, Michael Baker International
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm

    Building control systems have been around since the late 1970s. These systems were digitally controlled and proprietary. The building staff could run the building, but the logic/programming required the system service provider’s knowledge to maintain. Over time, the building staff’s reliance on the service provider grew to the point that the service provider not only has unrestricted local access but also unrestricted remote access. And in most cases, the service provider provides and controls remote access. When you take this into account and multiply it by the number of building control systems per building, the number of service provider technicians that currently have access, and former employees that possibly have access, and then multiply this by the number of buildings owned, this number can be huge. Now take into consideration that most of the service providers are not bound to cybersecurity service provider agreements. These buildings are a high degree of risk exposure for building owners.

    Learning Objectives:

    • Participants will be exposed to the current state of the building control system cybersecurity.
    • Participants will be walked through some real-world examples of results when service provider management does not exist and/or breaks down.
    • Participants will learn the basic concepts of managing service providers using ISA 62443.
    12:00 pm
    Secure by Default: Evolving Security Expectations
    • session level icon
    speaker photo
    CISO, Automox
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm

    CISA recently released their paper on “Secure by Design, Secure by Default” software that has support from seven major governments. It is meant to make significant, achievable improvements in software security. We will discuss the Secure by Default concept, why it is important, and what customers and vendors can do about it today.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:00 pm

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:00 pm
    I Can See Clearly Now, the Threats Are Gone
    • session level icon
    speaker photo
    Executive Director, Americas Region, CREST
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:45 pm

    Zero Trust is considered by many to be a marketing buzzword, but what it really alludes to is having good, basic cybersecurity hygiene. It’s what any cybersecurity professional worth their salt has been doing, and does, daily. Ransomware, phishing, and BEC grab the headlines, but your run-of-the-mill cyberattacks can’t be ignored because of the shiny new thing garnering all the attention.

    The CISO is like a musical conductor that must pay attention to all the resources at his or her disposal—be it people, tools, technologies, systems, and more. How is the organization handling security awareness training? What about staffing shortages affecting the organization, or even the vendors with which CISOs and their teams work?

    Join this session to hear insights and takeaways on the state of the information security profession today, including tips for seeing clearly and staying ahead of threats.

    1:00 pm
    A Proactive Approach to Incident Response for OT
    • session level icon
    speaker photo
    Technical Leader on the ICS/OT Security Consulting team, Mandiant (now part of Google Cloud)
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:45 pm

    With a marked increase RaaS, APT, and nation-state sponsored attacks in the industrial cybersecurity sector over the last 18 months, it is more critical than ever for organizations to build effective incident response capabilities for their Operational Technology (OT) and Industrial Control Systems (ICS) environments.

    Often when the OT process is down, so is the revenue stream. The pressure to get back operational is high. Having a solid practiced plan, the right tools in place, and an effective decision-making process are critical to restoring production.

    1:00 pm
    Cybersecurity Jobs Data: What Jobs Are Steady, and Which Are Volatile?
    • session level icon
    speaker photo
    Founder and CEO, CyberSN and Secure Diversity
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:45 pm

    Are you interested in the state of cybersecurity jobs in our current economy? In this discussion, we will dive into the latest data on cybersecurity job trends in the U.S over the past 6 months. With an average of 190,000 cybersecurity jobs posted each month, this comprehensive data set will provide valuable insights into the ever-evolving world of cybersecurity.

    1:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:00 pm

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:00 pm
    Identity Management and the Pain of Privilege
    • session level icon
    Live Zoom Session
    speaker photo
    VP, Cybersecurity Strategy, CyberFOX
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    We have an identity crisis. According to the Verizon Data Breach Investigation Report, over 90% of successful Windows breaches occur due to users having privileged access. And yet, according to Microsoft, this is a decades old problem that has still not yet been solved. One of the most effective solutions to this challenge lies in following best practice for identity management, including removing Local Admin rights from all end users. However, this can be challenging as it may result in end-users becoming frustrated when they need to request updates. In this educational and thought-provoking session, CyberFOX Vice President Wes Spencer will outline the problem and the path to success around identity management.

    2:00 pm
    Social Engineering: Training the Human Firewall
    • session level icon
    speaker photo
    Team Leader of Information Security, Garmin
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    Phishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.

    2:00 pm
    Mitigating Data Privacy and Cybersecurity Risk Throughout the Supply Chain
    • session level icon
    speaker photo
    Data Privacy & Cybersecurity Attorney, Constangy, Brooks, Smith & Prophete, LLP
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    Attendees will walk away with a practical understanding of how to involve key stakeholders at various points in the compliance program development process and the importance of third-party risk management concerning the overall data security and compliance culture within an organization.

    Businesses are increasingly built on a complex spiderweb of third-party providers that access a business’s systems, data, and other critical operations. This includes all manufacturing companies that rely on third parties—such as service providers, SAAS vendors, or contractors—to manage data and sensitive operations. Organizations typically have limited control over third parties, limited transparency into their security practices, and limited availability or resources to track third-party security upgrades. As owners and managers of portions of critical infrastructure, it is important for these companies to evaluate the current threat landscape and shift perspective on cyber threats from “if” to “when” as they examine preparedness, protocols, and employee education throughout upstream, midstream, and downstream operations.

    Mitigating data privacy, cybersecurity, and technology risk throughout the supply chain should be a priority for organizations, and our presentation will touch on key considerations for third-party management, including due diligence, contractual terms, and ongoing compliance.

    2:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:45 pm - 3:00 pm

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    3:00 pm
    Why Third-Party Cyber Risk Should Be Manufacturing's Top Priority
    • session level icon
    speaker photo
    Partner, Data Privacy & Cybersecurity, Clark Hill PLC
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    Third-party cyber risk is a pressing concern for manufacturers. 70% have experienced breaches stemming from overprivileged vendor access, making them ripe targets for ransomware. This session will explore the brand, operational, and legal dangers of poor vendor management. It will provide best practices for securing third parties, including thorough vetting, access controls, and monitoring of privileged sessions. With third-party reliance increasing, manufacturers must make securing vendor access a top priority to minimize cyber risk.

    3:00 pm
    Tackling the Unique, Cybersecurity Challenges of the OT World
    • session level icon
    speaker photo
    Cybersecurity Consultant, WSP USA
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    An overview of the Cybersecurity vulnerabilities commonly seen within OT or Industrial Control System (ICS) networks, as well as the techniques that can be used to mitigate risk. The vulnerability focused topics include the common infiltration/disruption methods (attack vectors) and the common targets within OT environments (attack surfaces). Remediation topics include discussions on RMF processes, cyber threat modeling, and secure network design from an OT perspective. This presentation prioritizes explaining the common attack vectors and surfaces that WSP USA sees in industry, as well as the typical recommendations to harder OT networks against intrusion.

    3:00 pm
    Building Cyber Resilience for Automated Factory-Floor Environments
    • session level icon
    speaker photo
    Director, Cyber Protection, Acronis
    speaker photo
    Sr. Director, Enterprise Sales, Acronis
    speaker photo
    Solutions Architect, Acronis
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm

    Keeping the production line running is the number one driver of profitability in manufacturing. Any interruption can lead to unfulfilled orders, angry customers, and supply chain disruptions. Every minute of downtime—especially of the computers that control operational technology (OT)—is money pouring onto the floor. Cybercriminals love to target manufacturers with ransomware, knowing the stakes are high and the victims are likely to pay quickly. So building a defense against ransomware is essential, but not sufficient by itself.

    Building cyber resilience into factory floor operations requires a broader view of the risks to OT: not just cyberattacks, but also hardware failures, software bugs, human errors, even natural disasters. Yes, you need to fend off ransomware attacks, but you also need to recover quickly and reliably when an OT outage occurs for any reason.

    Join Acronis for this session which explores potential sources of factory floor downtime with a focus on OT control computers, examines both defense and recovery strategies for these failures, and digs into case studies of manufacturers that have successfully built true cyber resilience into their OT environments.

    3:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:00 pm

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    4:00 pm
    Cyber-Enabled Fraud and Business Email Compromise in 2023
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 4:45 pm

    The presentation will cover the Secret Service’s view on current cybercrime trends to include the emergence of AI/ML in the cybercrime world. Investigator Dougherty will frame it in the lens of BEC (Business Email Compromise) and discuss the new and emerging advancements cybercriminals are using to victimize businesses in 2023 and beyond. Investigator Dougherty may even share a a deepfake of himself.

    4:00 pm
    A Whole Lotta BS (Behavioral Science) About Cybersecurity
    • session level icon
    speaker photo
    Executive Director, National Cybersecurity Alliance
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 4:45 pm

    Let’s be honest: people can frustrate us. They don’t always do the things we’d like, and they often do some things we’d rather they didn’t. New research from the National Cybersecurity Alliance reveals insights about the public’s attitudes and beliefs about security.  We’ll explore the 2022 “Oh Behave! Cybersecurity Attitudes and Behaviors Report,” and some of the findings may surprise you! We’ll also give you practical, actionable advice on how you can better communicate to influence the behavior change you want to see.

     

    4:00 pm
    Cyber Intel Briefing: Manufacturing
    • session level icon
    speaker photo
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
    speaker photo
    Founding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 4:45 pm

    Session description to come.

Exhibitors
  • Acronis
    Booth:

    Acronis unifies data protection and cybersecurity, delivering cyber protection that solves safety, accessibility, privacy, authenticity, and security (SAPAS) challenges.

    Acronis offers antivirus, backup, disaster recovery, endpoint protection management solutions, and award-winning AI-based antimalware and blockchain-based data authentication technologies through service provider and IT professional deployment models. These solutions protect data, applications, and systems in any environment.

  • Automox
    Booth:

    Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.

  • CyberFOX
    Booth:

    CyberFOX is a global cybersecurity solutions provider focused on privileged access management (PAM) and password management for managed service providers (MSPs) and IT Pros. Its flagship products—Password Boss for password management and AutoElevate for PAM—supply critical elements of a comprehensive security strategy. The ability to mitigate risks by controlling user access to critical information strengthens MSPs and IT department’s security defenses. Prioritizing cybersecurity best practices as a company allows CyberFOX to make complex security simple while providing affordable and efficient solutions.

  • Mandiant, now part of Google Cloud
    Booth:

    Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Chris Roberts
    CISO and Senior Director, Boom Supersonic

    Chris is the CISO for Boom Supersonic and works as an advisor for several entities and organizations around the globe. His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Over the years, he's founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration, and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)

    Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by several European entities.)

    He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also gotten a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 15 years. (To interesting effect.)

    Chris has led or been involved in information security assessments and engagements for the better part of 25 years and has a wealth of experience with regulations such as GLBA, GDPR, HIPAA, HITECH, FISMA, and NERC/FERC. He has also worked with government, state, and federal authorities on standards such as CMS, ISO, CMMC, and NIST.

    Chris has been credentialed in many of the top IT and information security disciplines and as a CyberSecurity advocate and passionate industry voice, he is regularly featured in national newspapers, television news, industry publications and several documentaries. He can typically be found waving arms on a stage somewhere on this planet…or hacking into whatever’s taken his fancy… (Cows and camels being two of the more bizarre things, we’ll ignore things in space for now.)

    As one of the well-known hackers and researchers, Chris is routinely invited to speak at industry conferences. CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, Wall Street Journal, and numerous others have covered him in the media.

    And worst case, to jog the memory, Chris was the researcher who gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that allowed the exploitation of attacks against flight control system.

  • speaker photo
    Changiz Sadr
    Director, Cyber Security Global Alliance

    Changiz Sadr is an accomplished Telecommunications Engineer, licensed Professional Engineer in Ontario, and a distinguished Fellow of Engineers Canada. With a strong background in Communications Infrastructure Engineering and Cybersecurity, he has made significant contributions to the field throughout his career. Changiz holds prominent positions within the industry, currently serving on the Board of Directors of the Cyber Security Global Alliance (CGSA) and as an Engineer-In-Residence (EIR) Advisory Board member for Engineers of Tomorrow. He has also been appointed to prestigious roles on the Canadian Engineering Qualifications Board and the Board of Engineers Canada.

  • speaker photo
    Fred Gordy
    Director, Operational Technology Risk Assessment, Michael Baker International

    Fred Gordy is a nationally recognized thought leader, speaker, and expert in building systems cybersecurity specializing in organizational and technical vulnerabilities. He has over 20 years of industry experience including information technology and building controls systems. Fred has been the Chairperson of the Cyber Security Committee for the InsideIQ 55 international member companies, Security Steering Committee Member for S.E.A.T. (Sports & Entertainment Alliance in Technology), founding member of Cyber Security for Control Systems Association International (CS2AI), past president and current president emeritus the Atlanta CS2AI Chapter.

  • speaker photo
    Jason Kikta
    CISO, Automox

    Jason Kikta is the Chief Information Security Officer at Automox. He previously served for over 20 years in the United States Marine Corps, which included seven years at U.S. Cyber Command designing and managing the national counter-APT and counter-ransomware missions.

  • speaker photo
    Tom Brennan
    Executive Director, Americas Region, CREST

    Tom Brennan is the CIO of the national law firm Mandelbaum Barrett PC and leads the U.S. arm of CREST International. In this role, he works with government and commercial organizations to optimize the value of CREST as a cybersecurity accreditation body and industry standards advocate, particularly for companies in the Cybersecurity & Infrastructure Security Agency’s 16 critical infrastructure sectors which are vital to U.S. security, national economy, and public health and safety. As CREST USA Chairman, Brennan spearheads strategic plans for CREST USA’s organizational growth while also serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protection worldwide.

    As a proud U.S. Marine veteran, Brennan became involved with CREST International in 2016 while serving the Global Board of Directors for the Open Web Application Security Project (OWASP). Seeing similar goals, he became more active in the CREST organization and was nominated to lead the organization’s U.S. Advisory in 2019. Over his career, Brennan has amassed security expertise across the cybersecurity spectrum, including penetration testing, vulnerability assessment, application security, threat intelligence, and more. In addition to being CREST USA Chairman, he is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the information services advisory Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.

  • speaker photo
    Chris Sistrunk
    Technical Leader on the ICS/OT Security Consulting team, Mandiant (now part of Google Cloud)

    Chris Sistrunk is Technical Leader on the Mandiant ICS/OT Security Consulting team at Mandiant (now part of Google Cloud) focusing on helping protect and secure critical infrastructure around the world for over 9 years. Before Mandiant, Sistrunk was a Senior Engineer at Entergy for over 11 years where he was a subject matter expert for Transmission and Distribution SCADA systems. Sistrunk was awarded Energy Sector Security Professional of the Year in 2014. He is a Senior Member of the IEEE and is a registered Professional Engineer in Louisiana. He founded BSidesJackson, co-founded the BEER-ISAC, and helped organize the ICS Village at DEF CON 22. He holds BS electrical engineering and MS engineering and technology management degrees from Louisiana Tech University.

  • speaker photo
    Deidre Diamond
    Founder and CEO, CyberSN and Secure Diversity

    Deidre Diamond is the founder and CEO of CyberSN, the largest cybersecurity talent acquisition technology and services firm in the U.S., transforming job searching and hiring for the cybersecurity industry. Standardizing all cybersecurity job functions into a common taxonomy of 45 roles, the CyberSN platform allows professionals to make anonymous, public profiles that match with employer-posted job descriptions using the same taxonomy. This innovation is disruptive and solves a serious national security issue. Deidre’s leadership style combines 25 years of experience working in technology and staffing, her love of the cybersecurity community, and a genuine enthusiasm for people. She has led large-scale sales and operations and built high-performance teams at Rapid7 and Motion Recruitment prior to founding her own organizations. She believes a company-culture established on ‘anything is possible’ attitudes and open communication frameworks, along with positive energy, career advancement, and kindness, enables her teams to have fun at work and reach beyond peak performance. She also encourages the use of EQ (Emotional Intelligence) skills: self-awareness, self-regulation, motivation, social skills, and empathy. Deidre has also founded SecureDiversity.org, a non-profit organization working to raise awareness for, and increase the hiring of, women and underrepresented humans in the cybersecurity workforce. She has also spoken at some of the biggest tech summits, conferences, and podcasts in the world including ISC2 Congress, RSA, ISSA International, and Hacker Halted.

  • speaker photo
    Wes Spencer
    VP, Cybersecurity Strategy, CyberFOX

    Wes Spencer is a nationally recognized technology innovator and co-founder of multiple cybersecurity companies including Perch Security which was successfully acquired in 2020. He has numerous awards including the 2020 Cybersecurity Educator of the Year by the Cybersecurity Excellence Awards. Wes has been featured in The Wall Street Journal, Pro Publica, Dark Reading, and many other outlets. He is the Vice President and Channel Chief for FifthWall Solutions, one of the nation’s largest insurance brokers focusing exclusively on cybersecurity insurance. Wes is also the co-host of the CyberCall with over 5,000 MSP weekly listeners.

  • speaker photo
    Reanna Schultz
    Team Leader of Information Security, Garmin

    Reanna Schultz is from Kansas City, MO, and attended the University of Central Missouri (UCM). She graduated in 2018 with her Bachelor of Science in Cybersecurity: Secure Software Development and in 2020 for Master of Science in Cybersecurity: Information Assurance. While being in the industry, Reanna has been exposed to numerous SANS hosted classes. Reanna volunteers as a National Cyber League coach and provides her industry expertise by doing guest speaker talks for numerous colleges and high schools across the Midwest to STEM students. Reanna currently works as a Team Lead at Garmin and directly reports out of their SOC.

  • speaker photo
    Dafina Buçaj
    Data Privacy & Cybersecurity Attorney, Constangy, Brooks, Smith & Prophete, LLP

    Dafina Buçaj counsels and advises Octillo clients on the development and implementation of enterprise-wide data security and privacy programs and regulatory compliance under federal, state, and international privacy regulations. Her practice includes helping organizations build out data privacy and security regulatory assessments, information privacy and security protocols and policies, external policies, data collection, vendor risk assessments, contract development and review, and threat mitigation plans. With a global perspective, Dafina also helps organizations address compliance with number global regulations, including the GDPR, PIPIEDA, CASL, POPIA, LGDP, PIPL, and other emerging privacy and security laws.

  • speaker photo
    Melissa Ventrone
    Partner, Data Privacy & Cybersecurity, Clark Hill PLC

    Melissa Ventrone focuses her practice on class action privacy litigation, privacy breach response (pre- and post-event), payment card industry (PCI) standards and investigation, and advising clients in identifying, evaluating and managing first- and third-party data privacy and security risks. Melissa has represented numerous clients in litigation and arbitration, including in disputes related to privacy, invasion of privacy, contracts, consumer fraud, statutory claims and other matters, using her strong organizational and advocacy skills to obtain the best results for her clients.

    Melissa frequently advises clients on compliance with regulations and state, federal and international law. She serves as the leader of Thompson Coburn's breach response team, quickly bringing lawyers, clients, and forensic and breach response vendors together to enhance response time and effectiveness. Melissa has handled numerous breaches for small and large corporations, including merchants, financial institutions, medical providers and educational institutions, successfully reducing public and regulatory scrutiny and protecting her clients’ reputations.

    Melissa was featured in the March 1, 2013, Chicago Lawyers Inspiring Innovators series, and was recently quoted in Dark Reading, How to Cushion the Impact of a Security Breach. She is a frequent speaker on data privacy and security, cyber liability and breach response.

  • speaker photo
    David Mau
    Cybersecurity Consultant, WSP USA
  • speaker photo
    James Slaby
    Director, Cyber Protection, Acronis

    James R. Slaby is the Director of Cyber Protection at Acronis. Previously, Slaby was an industry analyst covering cybersecurity, cloud computing and networking at Forrester Research, HFS Research, Yankee Group and The Info Pro. He has also held solutions, vertical, product and campaign marketing roles at tech security and networking vendors including Sonus, Acme Packet, Bay Networks and Motorola.

  • speaker photo
    Ryan Davis
    Sr. Director, Enterprise Sales, Acronis

    Ryan brings over a decade of storage and data management experience to Acronis leading a commercial enterprise sales organization. Acronis’ enterprise sales team is focused on helping organizations improve their business continuity plans and reduce cyber exposure in historically difficult computing areas such as the edge, endpoints, industrial automation, and R&D labs. Ryan began his sales career selling knives door to door and holds a BS in Sales & Business Marketing from Western Michigan University.

  • speaker photo
    J.D. Perham
    Solutions Architect, Acronis

    With five+ years of experience as a sales engineer with Acronis, John currently works with some of the company’s largest enterprise customers, helping them develop, deploy, and maintain software to ensure system uptime and business continuity. John’s expertise also includes working with smaller to medium businesses so he understands the complexity of needs that can range from various customer deployments.

  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Lisa Plaggemier
    Executive Director, National Cybersecurity Alliance

    Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

  • speaker photo
    Col. Cedric Leighton
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC

    Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

  • speaker photo
    VJ Viswanathan
    Founding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)

    VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.

    With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.

    VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.

    VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes